Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13-09-2021
Exécuté par MLM (administrateur) sur DESKTOP-THTCG4Q (ASUSTeK COMPUTER INC. X555LJ) (13-09-2021 21:20:12)
Exécuté depuis C:\Users\MLM\Desktop
Profils chargés: MLM
Platform: Windows 10 Home Version 21H1 19043.1165 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUS Cloud Corporation) [Fichier non signé] C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
(ASUS) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\MLM\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.8.559\ASUSWSLoader.exe [62944 2016-05-04] (ASUS Cloud Corporation -> )
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-24] (Canon Inc. -> CANON INC.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1086236518-3958456705-3750095893-1001\...\Run: [Screenpresso] => C:\Users\MLM\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [16882416 2021-08-21] (Learnpulse SAS -> Learnpulse)
HKU\S-1-5-21-1086236518-3958456705-3750095893-1001\...\RunOnce: [TrackerUpdate] => C:\ProgramData\Tracker Software\TrackerUpdate\TrackerUpdate.exe [4475648 2019-01-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Windows x64\Print Processors\Canon MG5200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAE.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5200 series: C:\Windows\system32\CNMLMAE.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\93.0.4577.63\Installer\chrmstp.exe [2021-09-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2019-09-13]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {04440C40-B87C-491D-A281-CB0183B47033} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0F71139B-44DA-4814-95B3-36544058B19C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [505200 2015-05-29] (Dropbox, Inc -> )
Task: {15190CB0-B852-4477-92C3-3B552B693862} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4630208 2016-11-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
Task: {16C0F2CB-05FF-42DC-B079-DCDC8E771142} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [427880 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {20BD997C-2015-4475-859F-D6B1194E829A} - System32\Tasks\G2MUploadTask-S-1-5-21-1086236518-3958456705-3750095893-1001 => C:\Users\MLM\AppData\Local\GoToMeeting\19796\g2mupload.exe [31176 2021-06-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {256B72EB-7ACF-4E7A-A3DC-970AB58273E9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {26FBC271-BD93-446B-ACCE-13B366041B93} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {2B87FDF9-B9DF-4CD4-9DF1-50FBE78A69CE} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1618080 2015-05-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé]
Task: {37E4C0E4-34CA-4E3F-9D02-4B03D0B6CE83} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {47B485D9-1AC5-4DE9-BEE0-A56921B2021A} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [461160 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {480E2289-AB45-4176-8439-BB82B351FD94} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {4F456AB7-0FD3-4CE2-A42A-0B3EB3AF9A35} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55296 2015-08-25] (ASUS) [Fichier non signé]
Task: {549B0984-3F98-43E1-872C-19FF1F87B768} - System32\Tasks\G2MUpdateTask-S-1-5-21-1086236518-3958456705-3750095893-1001 => C:\Users\MLM\AppData\Local\GoToMeeting\19796\g2mupdate.exe [31176 2021-06-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {881CFDA3-2378-480A-835F-403821347930} - System32\Tasks\Avast SecureLine VPN Update => c:\program files\avast software\secureline\vpnupdate.exe [1390472 2019-10-24] (AVAST Software s.r.o. -> AVAST Software)
Task: {8DFA9105-25D8-41D1-BB8B-67A631CD95DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9601F50A-EB44-4F6E-9791-B0A54F9312BC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-20] (Google Inc -> Google Inc.)
Task: {BE23F7FF-B30B-414B-839E-82A99DE4C677} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C1F9E405-8D0F-4923-B35D-3F0A8E78419D} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-07-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {C9DE66AE-A2B1-4241-A44C-E865F3A212BA} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {CC15E264-6A8D-4FCE-8061-2388A33EA734} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-20] (Google Inc -> Google Inc.)
Task: {D5BC8E92-0FD9-4370-99A1-3C6D29CADFA9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {EF521D5F-6866-4533-9BFD-B57262D8A7FB} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18416 2015-12-14] (ASUSTeK Computer Inc. -> AsusTek)
Task: {F602FF01-6920-41EE-84AF-9BDFB7BE34BC} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16165632 2015-07-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {FC9382A0-978E-4997-9D4D-4811313FCE6D} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1086236518-3958456705-3750095893-1001.job => C:\Users\MLM\AppData\Local\GoToMeeting\19796\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1086236518-3958456705-3750095893-1001.job => C:\Users\MLM\AppData\Local\GoToMeeting\19796\g2mupload.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{99b94e0c-9dc4-4fb0-9ba3-30e8db1b91b6}: [DhcpNameServer] 192.168.40.1
Tcpip\..\Interfaces\{fe811b09-cd6b-49f8-9df7-d79435fc9331}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\MLM\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\MLM\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-13]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\MLM\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-09-13]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-11-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-11-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-09-24] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-09-24] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-09-24] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-09-24] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-09-24] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1086236518-3958456705-3750095893-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-11-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR Profile: C:\Users\MLM\AppData\Local\Google\Chrome\User Data\Default [2021-09-13]
CHR DownloadDir: C:\Users\MLM\Downloads
CHR HomePage: Default -> hxxp://r.orange.fr/r/Ohome_accueil
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Slides) - C:\Users\MLM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\MLM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\MLM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\MLM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-20]
CHR Extension: (Recherche Google) - C:\Users\MLM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-20]
CHR Extension: (Adobe Acrobat) - C:\Users\MLM\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-09-07]
CHR Extension: (Google Docs hors connexion) - C:\Users\MLM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-23]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\MLM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-27]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\MLM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\MLM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [Fichier non signé]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUSTeK Computer Inc. -> ASUS)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357864 2020-08-31] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7785656 2021-09-13] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-24] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl4b1329a3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{33D25854-8444-4EE2-9B54-623EC901E0F4}\MpKslDrv.sys [130296 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-09-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [433384 2021-09-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-09-13 21:18 - 2021-09-13 21:18 - 002303488 _____ (Farbar) C:\Users\MLM\Desktop\FRST64.exe
2021-09-13 19:34 - 2021-09-13 19:34 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-08-30 20:07 - 2021-08-30 20:11 - 000132802 _____ C:\Users\MLM\Downloads\Gestion de la relation citoyen de votre ville - Nouvelle demande.pdf
2021-08-26 12:15 - 2021-08-26 12:15 - 000001903 _____ C:\Users\MLM\Desktop\Mes demarches de recherche d emploi sur les 12 derniers mois.xlsx - Raccourci.lnk
2021-08-17 09:31 - 2021-08-17 09:31 - 000000000 ____D C:\AvayaWorkplaceWindows-3.18.0.64.6

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-09-13 21:22 - 2021-06-25 15:33 - 000026240 _____ C:\Users\MLM\Desktop\FRST.txt
2021-09-13 21:21 - 2021-06-25 15:32 - 000000000 ____D C:\FRST
2021-09-13 21:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-13 21:13 - 2015-12-20 19:31 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-13 21:12 - 2020-07-27 22:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-13 21:12 - 2015-12-20 19:14 - 000000165 _____ C:\Users\MLM\AppData\Roaming\sp_data.sys
2021-09-13 20:31 - 2020-06-14 18:56 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-13 20:31 - 2020-06-14 18:56 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-13 20:31 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-13 20:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-13 19:37 - 2016-02-22 10:38 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2021-09-13 19:34 - 2017-07-18 14:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-09-13 19:34 - 2015-12-20 19:14 - 000000000 __SHD C:\Users\MLM\IntelGraphicsProfiles
2021-09-13 19:33 - 2020-07-27 22:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-13 19:33 - 2020-07-27 22:10 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-13 19:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-09-13 19:33 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-09-13 19:33 - 2017-07-18 14:34 - 000000000 ____D C:\ProgramData\NVIDIA
2021-09-13 11:36 - 2021-06-24 20:53 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-09-13 11:36 - 2021-06-24 20:53 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-09-13 11:35 - 2021-06-24 20:53 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-09-13 11:31 - 2020-07-27 22:25 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-13 11:31 - 2019-12-07 16:49 - 000794488 _____ C:\WINDOWS\system32\perfh00C.dat
2021-09-13 11:31 - 2019-12-07 16:49 - 000150602 _____ C:\WINDOWS\system32\perfc00C.dat
2021-09-13 11:31 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-11 21:30 - 2020-07-27 22:51 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-11 09:21 - 2018-06-29 19:14 - 000000000 ____D C:\Users\MLM\AppData\Local\CrashDumps
2021-09-08 11:54 - 2020-11-15 18:22 - 000000000 ____D C:\Users\MLM\AppData\Roaming\Foxit Software
2021-09-08 10:38 - 2020-07-27 22:51 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1086236518-3958456705-3750095893-1001
2021-09-08 10:38 - 2020-07-27 22:14 - 000002417 _____ C:\Users\MLM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-05 22:10 - 2021-01-24 12:13 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-04 14:42 - 2018-06-09 17:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-31 09:29 - 2020-01-29 20:32 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-08-18 18:32 - 2020-03-17 19:31 - 000000000 ____D C:\Users\MLM\AppData\Local\GoToMeeting
2021-08-18 10:24 - 2020-07-27 22:51 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-18 10:24 - 2020-07-27 22:51 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-17 01:22 - 2021-01-24 12:13 - 000740168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-08-17 01:22 - 2021-01-24 12:13 - 000486728 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-08-14 00:34 - 2020-07-27 22:11 - 000472672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-14 00:30 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-14 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-14 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-14 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-14 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-14 00:29 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-14 00:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-14 00:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-14 00:29 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing

==================== Fichiers à la racine de certains dossiers ========

2020-11-15 18:16 - 2020-11-15 18:18 - 100112808 _____ (Foxit Software Inc. ) C:\Users\MLM\FoxitReader101_L10N_Setup_Prom.exe
2019-03-08 19:58 - 2019-03-08 19:58 - 065142628 _____ (Inkscape project) C:\Users\MLM\inkscape-0.92.2-x86.exe
2019-03-23 19:18 - 2019-03-23 19:18 - 012698720 _____ (Learnpulse) C:\Users\MLM\Screenpresso.exe
2020-04-19 15:30 - 2020-04-18 16:23 - 069917744 _____ (Skype Technologies S.A.) C:\Users\MLM\Skype-8.59.0.77.exe
2015-12-20 19:14 - 2021-09-13 21:12 - 000000165 _____ () C:\Users\MLM\AppData\Roaming\sp_data.sys
2017-07-15 13:51 - 2017-07-15 13:51 - 000119506 _____ () C:\Users\MLM\AppData\Local\ars.cache
2017-07-15 13:52 - 2017-07-15 13:52 - 000349464 _____ () C:\Users\MLM\AppData\Local\census.cache
2019-03-24 19:30 - 2019-03-24 19:30 - 000003584 _____ () C:\Users\MLM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-15 13:26 - 2017-07-15 13:26 - 000000036 _____ () C:\Users\MLM\AppData\Local\housecall.guid.cache
2019-03-23 19:34 - 2019-03-23 19:34 - 000004096 ____H () C:\Users\MLM\AppData\Local\keyfile3.drm
2019-03-09 15:25 - 2019-03-09 15:25 - 000000820 _____ () C:\Users\MLM\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================