Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2020
Exécuté par Estelle (administrateur) sur NEO17C-4WH500 (Thomson NEO17C.4WH500) (13-12-2020 13:00:40)
Exécuté depuis C:\Users\Estelle\Desktop
Profils chargés: Estelle
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ICEpower a/s -> ICEpower a/s) C:\Windows\System32\ICEsoundService64.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.7.913.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.7.913.0\CCleanerBrowserCrashHandler64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2020-03-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [AirBackupHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe
HKU\S-1-5-21-1423560274-1372257107-856294686-1001\...\Run: [Chromium] => "c:\users\estelle\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-1423560274-1372257107-856294686-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1423560274-1372257107-856294686-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1423560274-1372257107-856294686-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1423560274-1372257107-856294686-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1423560274-1372257107-856294686-1001\...\Run: [SuuntolinkLauncher] => C:\Users\Estelle\AppData\Local\Suuntolink\app-3.0.2\resources\app\LaunchAgents\SuuntolinkLauncher.exe [838768 2020-06-08] (Suunto Oy -> )
HKU\S-1-5-21-1423560274-1372257107-856294686-1001\...\Run: [EC6697E8B480BEDC77E3028091F799ECEC08B782._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-1423560274-1372257107-856294686-1001\...\Run: [CCleanerBrowserAutoLaunch_5765494E612D5F80CAA1804CCEC671E4] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\Installer\chrmstp.exe [2020-11-24] (Piriform Software Ltd -> Piriform Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {2E8263AA-3CE2-4E57-9441-7558DCCEC7E4} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32624 2020-09-28] (Microsoft Corporation -> Microsoft)
Task: {30493B65-64CB-4E28-8EF8-BF97C3799764} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3B2A8DE5-CC3A-46BC-BFD5-61C0E386C8E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4F2FC497-DF11-442A-9A4B-5E21D6C01B0F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5583D8BA-DDA7-4C79-A491-144A5336F789} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200416 2020-07-24] (Piriform Software Ltd -> Piriform Software)
Task: {7526476D-84A1-4008-9742-6E7B601C64DC} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {79083648-2864-4E0E-A475-9FCEEF1640BA} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2434424 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {7CA2A462-4754-442A-933C-7E3E967C3F69} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-1423560274-1372257107-856294686-1001Core => C:\Users\Estelle\AppData\Local\BraveSoftware\Update\BraveUpdate.exe
Task: {9630E73A-23EB-4FDA-82DD-9B34D7D4650C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1910136 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {A43C013A-B6D4-43D8-86EB-47655EFAC9DF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {AB1FBCC7-971C-4584-92F5-77A2D301348E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B41A6078-3C61-41E2-AFEF-7A0B73F36BC3} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-1423560274-1372257107-856294686-1001UA => C:\Users\Estelle\AppData\Local\BraveSoftware\Update\BraveUpdate.exe
Task: {B48B4D65-1207-49C0-BDB8-0AE77B8E587E} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {BAE832A7-5147-4CC5-BD96-01EC3F87637F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C1130A56-F0D6-420D-A59C-2BEBE5C731CB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {C7DA846A-36CB-49E0-B0D2-EBC8A2828B62} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200416 2020-07-24] (Piriform Software Ltd -> Piriform Software)
Task: {EAB9D86D-68DD-4C40-A6BA-47FEF6E26CE6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{01ec18d6-58df-4030-b8d9-33b214aead3b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{30d9580f-aa63-4bf5-a7d0-0611e5a330d3}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{949c0cb5-c939-4275-a173-6a123c8a4943}: [DhcpNameServer] 192.168.199.1
Edge:
======
Edge Notifications: HKU\S-1-5-21-1423560274-1372257107-856294686-1001 -> hxxps://telecharger-youtube-mp3.com
Edge DefaultProfile: Default
Edge Profile: C:\Users\Estelle\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-13]
FireFox:
========
FF DefaultProfile: alf6hzap.default
FF ProfilePath: C:\Users\Estelle\AppData\Roaming\Mozilla\Firefox\Profiles\alf6hzap.default [2020-12-13]
FF ProfilePath: C:\Users\Estelle\AppData\Roaming\Mozilla\Firefox\Profiles\snr2wo29.default-release [2020-12-13]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.913.0\npCCleanerBrowserUpdate3.dll [2020-07-24] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.913.0\npCCleanerBrowserUpdate3.dll [2020-07-24] (Piriform Software Ltd -> Piriform Software)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200416 2020-07-24] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\elevation_service.exe [1348304 2020-11-12] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200416 2020-07-24] (Piriform Software Ltd -> Piriform Software)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-13] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2523448 2020-12-10] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3478336 2020-12-10] (Electronic Arts, Inc. -> Electronic Arts)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-13] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-13] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 tpfilter; C:\WINDOWS\System32\drivers\tpfilter.sys [25928 2015-10-29] (BYD precision manufacture company -> TP Microelectronic)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-13] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
S3 HidEventFilter; \SystemRoot\System32\drivers\HidEventFilter.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-12-13 13:00 - 2020-12-13 13:02 - 000015019 _____ C:\Users\Estelle\Desktop\FRST.txt
2020-12-13 12:59 - 2020-12-13 13:01 - 000000000 ____D C:\FRST
2020-12-13 12:54 - 2020-12-13 12:54 - 000020013 _____ C:\Users\Estelle\Desktop\ZHPCleaner (S).html
2020-12-13 12:54 - 2020-12-13 12:54 - 000010075 _____ C:\Users\Estelle\Desktop\ZHPCleaner (S).txt
2020-12-13 12:46 - 2020-12-13 12:48 - 000000000 ____D C:\Users\Estelle\Desktop\photos
2020-12-13 12:45 - 2020-12-13 12:45 - 002286592 _____ (Farbar) C:\Users\Estelle\Desktop\FRST64.exe
2020-12-13 12:34 - 2020-12-13 12:54 - 000000000 ____D C:\Users\Estelle\AppData\Roaming\ZHP
2020-12-13 12:34 - 2020-12-13 12:34 - 000000884 _____ C:\Users\Estelle\Desktop\ZHPCleaner.lnk
2020-12-13 12:34 - 2020-12-13 12:34 - 000000000 ____D C:\Users\Estelle\AppData\Local\ZHP
2020-12-13 12:23 - 2020-12-13 12:23 - 003339136 _____ (Nicolas Coolman) C:\Users\Estelle\Desktop\ZHPCleaner.exe
2020-12-13 12:05 - 2020-12-13 12:07 - 000000000 ____D C:\AdwCleaner
2020-12-13 12:04 - 2020-12-13 12:04 - 008447152 _____ (Malwarebytes) C:\Users\Estelle\Downloads\adwcleaner_8.0.8.exe
2020-12-13 12:03 - 2020-12-13 12:03 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-13 12:03 - 2020-12-13 12:03 - 000002000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-13 12:03 - 2020-12-13 12:00 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-13 11:51 - 2020-12-13 12:41 - 000000000 ____D C:\Users\Estelle\AppData\LocalLow\Mozilla
2020-12-13 11:51 - 2020-12-13 11:51 - 000000000 ____D C:\Users\Estelle\AppData\Roaming\Mozilla
2020-12-13 11:50 - 2020-12-13 12:42 - 000000000 ____D C:\ProgramData\Mozilla
2020-12-13 11:50 - 2020-12-13 11:50 - 000000972 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-12-13 11:50 - 2020-12-13 11:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-12-13 11:50 - 2020-12-13 11:50 - 000000000 ____D C:\Users\Estelle\AppData\Local\Mozilla
2020-12-13 11:50 - 2020-12-13 11:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-12-13 11:50 - 2020-12-13 11:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-13 11:47 - 2020-12-13 11:47 - 000334104 _____ (Mozilla) C:\Users\Estelle\Downloads\Firefox Installer.exe
2020-12-13 11:02 - 2020-12-13 11:02 - 000000000 ____D C:\Users\Estelle\Intel
2020-12-12 23:48 - 2020-12-12 23:48 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-12 23:48 - 2020-12-12 23:48 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-12 23:48 - 2020-12-12 23:48 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-12 23:48 - 2020-12-12 23:48 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-12-12 23:47 - 2020-12-12 23:47 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-12 23:46 - 2020-12-12 23:46 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-12 23:46 - 2020-12-12 23:46 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-12 23:45 - 2020-12-12 23:45 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-12 23:45 - 2020-12-12 23:45 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-10 14:23 - 2020-12-10 14:24 - 000005709 _____ C:\Users\Estelle\Downloads\justificatif_reglement_avis_33337387133011.pdf
2020-11-24 18:25 - 2020-12-13 11:25 - 000000000 ____D C:\Users\Estelle\AppData\Roaming\NCH Software
2020-11-24 18:22 - 2020-12-08 22:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2020-11-24 18:22 - 2020-11-24 19:51 - 000000000 ____D C:\ProgramData\NCH Software
2020-11-24 18:21 - 2020-11-24 18:21 - 001405016 _____ (NCH Software) C:\Users\Estelle\Downloads\pixsetup.exe
2020-11-24 17:01 - 2020-11-24 17:01 - 000109143 _____ C:\Users\Estelle\Downloads\WhatsApp Image 2020-11-24 at 16.58.17.jpeg
2020-11-21 18:37 - 2020-12-13 11:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-20 18:57 - 2020-11-20 18:57 - 006737408 _____ C:\Users\Estelle\Downloads\OBDuCAN_2.52.msi
2020-11-20 18:57 - 2020-11-20 18:57 - 000002699 _____ C:\Users\Public\Desktop\OBDuCAN.lnk
2020-11-20 18:57 - 2020-11-20 18:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBDuCAN®
2020-11-20 18:35 - 2020-11-20 18:35 - 000001535 _____ C:\Users\Estelle\Desktop\b-mes42 - Raccourci.lnk
2020-11-19 18:38 - 2020-11-20 18:54 - 000000000 ____D C:\Program Files (x86)\Multiecuscan
2020-11-19 18:34 - 2020-11-19 18:34 - 000000000 ____D C:\Users\Estelle\AppData\Roaming\WinRAR
2020-11-19 18:34 - 2020-11-19 18:34 - 000000000 ____D C:\Users\Estelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-11-19 18:34 - 2020-11-19 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-11-19 18:34 - 2020-11-19 18:34 - 000000000 ____D C:\Program Files\WinRAR
2020-11-19 18:33 - 2020-11-19 18:33 - 003330432 _____ (Alexander Roshal) C:\Users\Estelle\Downloads\winrar-x64-591fr.exe
2020-11-19 18:31 - 2020-11-19 18:32 - 063700603 _____ C:\Users\Estelle\Downloads\MultiEcuScan v4.2.rar
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-12-13 12:31 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-13 12:21 - 2018-07-21 01:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-13 12:17 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-13 12:12 - 2020-03-23 15:21 - 000000000 ____D C:\Program Files\CCleaner
2020-12-13 12:10 - 2019-01-06 18:54 - 000000000 __SHD C:\Users\Estelle\IntelGraphicsProfiles
2020-12-13 12:09 - 2020-04-21 12:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-13 12:09 - 2019-01-17 20:22 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-13 12:09 - 2018-07-21 01:43 - 000000000 __SHD C:\Intel
2020-12-13 12:08 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-13 12:03 - 2020-06-15 05:48 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-13 12:03 - 2020-03-23 16:03 - 000001988 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-13 12:03 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-13 12:01 - 2020-04-21 12:44 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-13 12:00 - 2020-03-23 16:02 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-13 11:56 - 2019-04-15 19:01 - 000000000 ____D C:\Program Files (x86)\Google
2020-12-13 11:53 - 2019-04-15 19:01 - 000000000 ____D C:\Users\Estelle\AppData\Local\Google
2020-12-13 11:45 - 2019-01-06 21:11 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-12-13 11:42 - 2020-04-21 12:30 - 001771410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-13 11:42 - 2019-03-19 13:00 - 000793190 _____ C:\WINDOWS\system32\perfh00C.dat
2020-12-13 11:42 - 2019-03-19 13:00 - 000150222 _____ C:\WINDOWS\system32\perfc00C.dat
2020-12-13 11:42 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-12-13 11:37 - 2018-07-21 01:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-13 11:36 - 2019-01-06 18:54 - 000000000 ___RD C:\Users\Estelle\3D Objects
2020-12-13 11:35 - 2020-04-21 12:09 - 000438160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-13 11:34 - 2020-05-11 12:36 - 000000000 ____D C:\Program Files (x86)\iMobie
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-13 11:29 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-13 11:29 - 2019-01-06 18:54 - 000000000 ____D C:\Users\Estelle\AppData\Local\Packages
2020-12-13 11:25 - 2020-04-21 12:18 - 000000000 ____D C:\Users\Estelle
2020-12-13 11:25 - 2018-07-21 01:51 - 000000000 ____D C:\Program Files (x86)\REALTEK
2020-12-13 11:23 - 2018-07-21 01:50 - 000000000 ____D C:\ProgramData\Intel
2020-12-13 11:23 - 2018-07-21 01:44 - 000000000 ____D C:\Program Files (x86)\Intel
2020-12-13 11:23 - 2018-07-21 01:41 - 000000000 ____D C:\Program Files\Intel
2020-12-13 11:22 - 2018-07-21 01:40 - 000000000 ____D C:\ProgramData\Package Cache
2020-12-13 11:20 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-12-13 11:18 - 2019-01-06 19:10 - 000000000 ___RD C:\Users\Estelle\OneDrive
2020-12-13 11:15 - 2018-07-21 02:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-12-13 10:57 - 2020-03-30 19:26 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-12-13 10:55 - 2020-04-21 12:44 - 000004176 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{9926FD6E-26F9-474B-B6CF-2977DB2E8C7F}
2020-12-13 10:50 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-13 10:44 - 2020-04-21 12:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-12 23:56 - 2019-01-06 19:13 - 000000000 ____D C:\Users\Estelle\AppData\Roaming\Origin
2020-12-12 23:38 - 2020-10-25 13:58 - 000002896 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2020-12-12 23:38 - 2020-10-25 13:58 - 000002374 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2020-12-12 23:38 - 2020-10-25 13:58 - 000002370 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-12-12 23:38 - 2020-09-27 11:09 - 000003562 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-12 23:38 - 2020-09-27 11:09 - 000003338 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-12 23:38 - 2020-04-21 12:44 - 000003570 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2020-12-12 23:38 - 2020-04-21 12:44 - 000003346 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2020-12-12 23:38 - 2020-04-21 12:44 - 000002622 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2020-12-12 23:38 - 2020-04-21 12:44 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-12-12 23:37 - 2020-04-21 12:44 - 000003542 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-1423560274-1372257107-856294686-1001UA
2020-12-12 23:37 - 2020-04-21 12:44 - 000003274 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-1423560274-1372257107-856294686-1001Core
2020-12-12 23:37 - 2020-04-21 12:44 - 000003104 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2020-12-12 18:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-12 17:10 - 2020-09-27 11:09 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-10 15:11 - 2019-01-07 14:48 - 000001450 _____ C:\Users\Public\Desktop\Les Sims 4.lnk
2020-12-10 14:44 - 2019-01-06 19:49 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-12-10 14:44 - 2019-01-06 19:13 - 000000000 ____D C:\ProgramData\Origin
2020-12-10 14:43 - 2019-01-06 19:44 - 000000000 ____D C:\Program Files (x86)\Origin
2020-12-10 14:43 - 2019-01-06 19:13 - 000000000 ____D C:\Users\Estelle\AppData\Local\Origin
2020-11-24 16:41 - 2020-03-23 15:25 - 000002392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2020-11-24 16:41 - 2020-03-23 15:25 - 000002357 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2020-11-24 16:41 - 2020-03-23 15:24 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2020-11-24 16:34 - 2020-05-11 12:20 - 000000000 ___RD C:\Users\Estelle\iCloudDrive
2020-11-22 11:12 - 2019-01-07 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Sims 4
2020-11-20 18:57 - 2020-07-28 17:27 - 000000000 ____D C:\Program Files (x86)\OBDuCAN
2020-11-20 18:38 - 2019-08-29 16:44 - 000000000 ____D C:\Users\Estelle\AppData\Local\CrashDumps
==================== Fichiers à la racine de certains dossiers ========
2019-02-21 12:11 - 2020-03-18 12:56 - 000000037 _____ () C:\Users\Estelle\AppData\Roaming\WB.CFG
2020-03-26 16:40 - 2020-03-26 16:40 - 000000000 _____ () C:\Users\Estelle\AppData\Local\{4D6E41EE-7572-4161-980A-2D1CAF34B836}
2020-03-26 16:40 - 2020-03-26 16:40 - 000000000 _____ () C:\Users\Estelle\AppData\Local\{995C2362-2277-4EC1-AE52-8B0EC7D4A4AF}
==================== SigCheckExt =========================
2018-07-21 01:51 - 2018-07-18 11:06 - 000002584 _____ C:\WINDOWS\PidVid_List.dll
2018-07-21 01:51 - 2018-07-18 11:07 - 000051168 _____ C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8814ae_new.dll
2018-07-21 01:51 - 2018-07-18 11:07 - 000044632 _____ C:\WINDOWS\rtl8821c_mp_chip_bt40_fw_asic_rom_patch_new.dll
2020-10-25 13:58 - 2020-12-12 23:38 - 000002896 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2020-10-25 13:58 - 2020-12-12 23:38 - 000002374 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2020-10-25 13:58 - 2020-12-12 23:38 - 000002370 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-12-13 12:45 - 2020-12-13 12:45 - 002286592 _____ (Farbar) C:\Users\Estelle\Desktop\FRST64.exe
2020-12-13 12:23 - 2020-12-13 12:23 - 003339136 _____ (Nicolas Coolman) C:\Users\Estelle\Desktop\ZHPCleaner.exe
2019-01-17 20:31 - 2019-01-17 20:31 - 133043370 _____ C:\Users\Estelle\Downloads\installer_openoffice-win32.exe
2019-04-06 16:27 - 2019-04-06 16:28 - 004559312 _____ (KantarWorldpanel, Inc. ) C:\Users\Estelle\Downloads\pcclicker_V1 (1).exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Estelle (administrateur) sur NEO17C-4WH500 (Thomson NEO17C.4WH500) (13-12-2020 13:00:40)
Exécuté depuis C:\Users\Estelle\Desktop
Profils chargés: Estelle
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ICEpower a/s -> ICEpower a/s) C:\Windows\System32\ICEsoundService64.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.7.913.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.7.913.0\CCleanerBrowserCrashHandler64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2020-03-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [AirBackupHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe
HKU\S-1-5-21-1423560274-1372257107-856294686-1001\...\Run: [Chromium] => "c:\users\estelle\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-1423560274-1372257107-856294686-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1423560274-1372257107-856294686-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1423560274-1372257107-856294686-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1423560274-1372257107-856294686-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1423560274-1372257107-856294686-1001\...\Run: [SuuntolinkLauncher] => C:\Users\Estelle\AppData\Local\Suuntolink\app-3.0.2\resources\app\LaunchAgents\SuuntolinkLauncher.exe [838768 2020-06-08] (Suunto Oy -> )
HKU\S-1-5-21-1423560274-1372257107-856294686-1001\...\Run: [EC6697E8B480BEDC77E3028091F799ECEC08B782._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-1423560274-1372257107-856294686-1001\...\Run: [CCleanerBrowserAutoLaunch_5765494E612D5F80CAA1804CCEC671E4] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\Installer\chrmstp.exe [2020-11-24] (Piriform Software Ltd -> Piriform Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {2E8263AA-3CE2-4E57-9441-7558DCCEC7E4} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32624 2020-09-28] (Microsoft Corporation -> Microsoft)
Task: {30493B65-64CB-4E28-8EF8-BF97C3799764} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3B2A8DE5-CC3A-46BC-BFD5-61C0E386C8E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4F2FC497-DF11-442A-9A4B-5E21D6C01B0F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5583D8BA-DDA7-4C79-A491-144A5336F789} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200416 2020-07-24] (Piriform Software Ltd -> Piriform Software)
Task: {7526476D-84A1-4008-9742-6E7B601C64DC} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {79083648-2864-4E0E-A475-9FCEEF1640BA} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2434424 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {7CA2A462-4754-442A-933C-7E3E967C3F69} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-1423560274-1372257107-856294686-1001Core => C:\Users\Estelle\AppData\Local\BraveSoftware\Update\BraveUpdate.exe
Task: {9630E73A-23EB-4FDA-82DD-9B34D7D4650C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1910136 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {A43C013A-B6D4-43D8-86EB-47655EFAC9DF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {AB1FBCC7-971C-4584-92F5-77A2D301348E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B41A6078-3C61-41E2-AFEF-7A0B73F36BC3} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-1423560274-1372257107-856294686-1001UA => C:\Users\Estelle\AppData\Local\BraveSoftware\Update\BraveUpdate.exe
Task: {B48B4D65-1207-49C0-BDB8-0AE77B8E587E} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {BAE832A7-5147-4CC5-BD96-01EC3F87637F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C1130A56-F0D6-420D-A59C-2BEBE5C731CB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {C7DA846A-36CB-49E0-B0D2-EBC8A2828B62} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200416 2020-07-24] (Piriform Software Ltd -> Piriform Software)
Task: {EAB9D86D-68DD-4C40-A6BA-47FEF6E26CE6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{01ec18d6-58df-4030-b8d9-33b214aead3b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{30d9580f-aa63-4bf5-a7d0-0611e5a330d3}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{949c0cb5-c939-4275-a173-6a123c8a4943}: [DhcpNameServer] 192.168.199.1
Edge:
======
Edge Notifications: HKU\S-1-5-21-1423560274-1372257107-856294686-1001 -> hxxps://telecharger-youtube-mp3.com
Edge DefaultProfile: Default
Edge Profile: C:\Users\Estelle\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-13]
FireFox:
========
FF DefaultProfile: alf6hzap.default
FF ProfilePath: C:\Users\Estelle\AppData\Roaming\Mozilla\Firefox\Profiles\alf6hzap.default [2020-12-13]
FF ProfilePath: C:\Users\Estelle\AppData\Roaming\Mozilla\Firefox\Profiles\snr2wo29.default-release [2020-12-13]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.913.0\npCCleanerBrowserUpdate3.dll [2020-07-24] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.913.0\npCCleanerBrowserUpdate3.dll [2020-07-24] (Piriform Software Ltd -> Piriform Software)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200416 2020-07-24] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\elevation_service.exe [1348304 2020-11-12] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200416 2020-07-24] (Piriform Software Ltd -> Piriform Software)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-13] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2523448 2020-12-10] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3478336 2020-12-10] (Electronic Arts, Inc. -> Electronic Arts)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-13] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-13] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 tpfilter; C:\WINDOWS\System32\drivers\tpfilter.sys [25928 2015-10-29] (BYD precision manufacture company -> TP Microelectronic)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-13] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
S3 HidEventFilter; \SystemRoot\System32\drivers\HidEventFilter.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-12-13 13:00 - 2020-12-13 13:02 - 000015019 _____ C:\Users\Estelle\Desktop\FRST.txt
2020-12-13 12:59 - 2020-12-13 13:01 - 000000000 ____D C:\FRST
2020-12-13 12:54 - 2020-12-13 12:54 - 000020013 _____ C:\Users\Estelle\Desktop\ZHPCleaner (S).html
2020-12-13 12:54 - 2020-12-13 12:54 - 000010075 _____ C:\Users\Estelle\Desktop\ZHPCleaner (S).txt
2020-12-13 12:46 - 2020-12-13 12:48 - 000000000 ____D C:\Users\Estelle\Desktop\photos
2020-12-13 12:45 - 2020-12-13 12:45 - 002286592 _____ (Farbar) C:\Users\Estelle\Desktop\FRST64.exe
2020-12-13 12:34 - 2020-12-13 12:54 - 000000000 ____D C:\Users\Estelle\AppData\Roaming\ZHP
2020-12-13 12:34 - 2020-12-13 12:34 - 000000884 _____ C:\Users\Estelle\Desktop\ZHPCleaner.lnk
2020-12-13 12:34 - 2020-12-13 12:34 - 000000000 ____D C:\Users\Estelle\AppData\Local\ZHP
2020-12-13 12:23 - 2020-12-13 12:23 - 003339136 _____ (Nicolas Coolman) C:\Users\Estelle\Desktop\ZHPCleaner.exe
2020-12-13 12:05 - 2020-12-13 12:07 - 000000000 ____D C:\AdwCleaner
2020-12-13 12:04 - 2020-12-13 12:04 - 008447152 _____ (Malwarebytes) C:\Users\Estelle\Downloads\adwcleaner_8.0.8.exe
2020-12-13 12:03 - 2020-12-13 12:03 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-13 12:03 - 2020-12-13 12:03 - 000002000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-13 12:03 - 2020-12-13 12:00 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-13 11:51 - 2020-12-13 12:41 - 000000000 ____D C:\Users\Estelle\AppData\LocalLow\Mozilla
2020-12-13 11:51 - 2020-12-13 11:51 - 000000000 ____D C:\Users\Estelle\AppData\Roaming\Mozilla
2020-12-13 11:50 - 2020-12-13 12:42 - 000000000 ____D C:\ProgramData\Mozilla
2020-12-13 11:50 - 2020-12-13 11:50 - 000000972 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-12-13 11:50 - 2020-12-13 11:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-12-13 11:50 - 2020-12-13 11:50 - 000000000 ____D C:\Users\Estelle\AppData\Local\Mozilla
2020-12-13 11:50 - 2020-12-13 11:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-12-13 11:50 - 2020-12-13 11:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-13 11:47 - 2020-12-13 11:47 - 000334104 _____ (Mozilla) C:\Users\Estelle\Downloads\Firefox Installer.exe
2020-12-13 11:02 - 2020-12-13 11:02 - 000000000 ____D C:\Users\Estelle\Intel
2020-12-12 23:48 - 2020-12-12 23:48 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-12 23:48 - 2020-12-12 23:48 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-12 23:48 - 2020-12-12 23:48 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-12 23:48 - 2020-12-12 23:48 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-12 23:48 - 2020-12-12 23:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-12-12 23:47 - 2020-12-12 23:47 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-12 23:46 - 2020-12-12 23:46 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-12 23:46 - 2020-12-12 23:46 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-12 23:45 - 2020-12-12 23:45 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-12 23:45 - 2020-12-12 23:45 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-10 14:23 - 2020-12-10 14:24 - 000005709 _____ C:\Users\Estelle\Downloads\justificatif_reglement_avis_33337387133011.pdf
2020-11-24 18:25 - 2020-12-13 11:25 - 000000000 ____D C:\Users\Estelle\AppData\Roaming\NCH Software
2020-11-24 18:22 - 2020-12-08 22:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2020-11-24 18:22 - 2020-11-24 19:51 - 000000000 ____D C:\ProgramData\NCH Software
2020-11-24 18:21 - 2020-11-24 18:21 - 001405016 _____ (NCH Software) C:\Users\Estelle\Downloads\pixsetup.exe
2020-11-24 17:01 - 2020-11-24 17:01 - 000109143 _____ C:\Users\Estelle\Downloads\WhatsApp Image 2020-11-24 at 16.58.17.jpeg
2020-11-21 18:37 - 2020-12-13 11:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-20 18:57 - 2020-11-20 18:57 - 006737408 _____ C:\Users\Estelle\Downloads\OBDuCAN_2.52.msi
2020-11-20 18:57 - 2020-11-20 18:57 - 000002699 _____ C:\Users\Public\Desktop\OBDuCAN.lnk
2020-11-20 18:57 - 2020-11-20 18:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBDuCAN®
2020-11-20 18:35 - 2020-11-20 18:35 - 000001535 _____ C:\Users\Estelle\Desktop\b-mes42 - Raccourci.lnk
2020-11-19 18:38 - 2020-11-20 18:54 - 000000000 ____D C:\Program Files (x86)\Multiecuscan
2020-11-19 18:34 - 2020-11-19 18:34 - 000000000 ____D C:\Users\Estelle\AppData\Roaming\WinRAR
2020-11-19 18:34 - 2020-11-19 18:34 - 000000000 ____D C:\Users\Estelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-11-19 18:34 - 2020-11-19 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-11-19 18:34 - 2020-11-19 18:34 - 000000000 ____D C:\Program Files\WinRAR
2020-11-19 18:33 - 2020-11-19 18:33 - 003330432 _____ (Alexander Roshal) C:\Users\Estelle\Downloads\winrar-x64-591fr.exe
2020-11-19 18:31 - 2020-11-19 18:32 - 063700603 _____ C:\Users\Estelle\Downloads\MultiEcuScan v4.2.rar
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-12-13 12:31 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-13 12:21 - 2018-07-21 01:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-13 12:17 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-13 12:12 - 2020-03-23 15:21 - 000000000 ____D C:\Program Files\CCleaner
2020-12-13 12:10 - 2019-01-06 18:54 - 000000000 __SHD C:\Users\Estelle\IntelGraphicsProfiles
2020-12-13 12:09 - 2020-04-21 12:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-13 12:09 - 2019-01-17 20:22 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-13 12:09 - 2018-07-21 01:43 - 000000000 __SHD C:\Intel
2020-12-13 12:08 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-13 12:03 - 2020-06-15 05:48 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-13 12:03 - 2020-03-23 16:03 - 000001988 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-13 12:03 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-13 12:01 - 2020-04-21 12:44 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-13 12:00 - 2020-03-23 16:02 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-13 11:56 - 2019-04-15 19:01 - 000000000 ____D C:\Program Files (x86)\Google
2020-12-13 11:53 - 2019-04-15 19:01 - 000000000 ____D C:\Users\Estelle\AppData\Local\Google
2020-12-13 11:45 - 2019-01-06 21:11 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-12-13 11:42 - 2020-04-21 12:30 - 001771410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-13 11:42 - 2019-03-19 13:00 - 000793190 _____ C:\WINDOWS\system32\perfh00C.dat
2020-12-13 11:42 - 2019-03-19 13:00 - 000150222 _____ C:\WINDOWS\system32\perfc00C.dat
2020-12-13 11:42 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-12-13 11:37 - 2018-07-21 01:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-13 11:36 - 2019-01-06 18:54 - 000000000 ___RD C:\Users\Estelle\3D Objects
2020-12-13 11:35 - 2020-04-21 12:09 - 000438160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-13 11:34 - 2020-05-11 12:36 - 000000000 ____D C:\Program Files (x86)\iMobie
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-13 11:31 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-13 11:29 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-13 11:29 - 2019-01-06 18:54 - 000000000 ____D C:\Users\Estelle\AppData\Local\Packages
2020-12-13 11:25 - 2020-04-21 12:18 - 000000000 ____D C:\Users\Estelle
2020-12-13 11:25 - 2018-07-21 01:51 - 000000000 ____D C:\Program Files (x86)\REALTEK
2020-12-13 11:23 - 2018-07-21 01:50 - 000000000 ____D C:\ProgramData\Intel
2020-12-13 11:23 - 2018-07-21 01:44 - 000000000 ____D C:\Program Files (x86)\Intel
2020-12-13 11:23 - 2018-07-21 01:41 - 000000000 ____D C:\Program Files\Intel
2020-12-13 11:22 - 2018-07-21 01:40 - 000000000 ____D C:\ProgramData\Package Cache
2020-12-13 11:20 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-12-13 11:18 - 2019-01-06 19:10 - 000000000 ___RD C:\Users\Estelle\OneDrive
2020-12-13 11:15 - 2018-07-21 02:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-12-13 10:57 - 2020-03-30 19:26 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-12-13 10:55 - 2020-04-21 12:44 - 000004176 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{9926FD6E-26F9-474B-B6CF-2977DB2E8C7F}
2020-12-13 10:50 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-13 10:44 - 2020-04-21 12:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-12 23:56 - 2019-01-06 19:13 - 000000000 ____D C:\Users\Estelle\AppData\Roaming\Origin
2020-12-12 23:38 - 2020-10-25 13:58 - 000002896 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2020-12-12 23:38 - 2020-10-25 13:58 - 000002374 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2020-12-12 23:38 - 2020-10-25 13:58 - 000002370 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-12-12 23:38 - 2020-09-27 11:09 - 000003562 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-12 23:38 - 2020-09-27 11:09 - 000003338 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-12 23:38 - 2020-04-21 12:44 - 000003570 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2020-12-12 23:38 - 2020-04-21 12:44 - 000003346 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2020-12-12 23:38 - 2020-04-21 12:44 - 000002622 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2020-12-12 23:38 - 2020-04-21 12:44 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-12-12 23:37 - 2020-04-21 12:44 - 000003542 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-1423560274-1372257107-856294686-1001UA
2020-12-12 23:37 - 2020-04-21 12:44 - 000003274 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-1423560274-1372257107-856294686-1001Core
2020-12-12 23:37 - 2020-04-21 12:44 - 000003104 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2020-12-12 18:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-12 17:10 - 2020-09-27 11:09 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-10 15:11 - 2019-01-07 14:48 - 000001450 _____ C:\Users\Public\Desktop\Les Sims 4.lnk
2020-12-10 14:44 - 2019-01-06 19:49 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-12-10 14:44 - 2019-01-06 19:13 - 000000000 ____D C:\ProgramData\Origin
2020-12-10 14:43 - 2019-01-06 19:44 - 000000000 ____D C:\Program Files (x86)\Origin
2020-12-10 14:43 - 2019-01-06 19:13 - 000000000 ____D C:\Users\Estelle\AppData\Local\Origin
2020-11-24 16:41 - 2020-03-23 15:25 - 000002392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2020-11-24 16:41 - 2020-03-23 15:25 - 000002357 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2020-11-24 16:41 - 2020-03-23 15:24 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2020-11-24 16:34 - 2020-05-11 12:20 - 000000000 ___RD C:\Users\Estelle\iCloudDrive
2020-11-22 11:12 - 2019-01-07 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Sims 4
2020-11-20 18:57 - 2020-07-28 17:27 - 000000000 ____D C:\Program Files (x86)\OBDuCAN
2020-11-20 18:38 - 2019-08-29 16:44 - 000000000 ____D C:\Users\Estelle\AppData\Local\CrashDumps
==================== Fichiers à la racine de certains dossiers ========
2019-02-21 12:11 - 2020-03-18 12:56 - 000000037 _____ () C:\Users\Estelle\AppData\Roaming\WB.CFG
2020-03-26 16:40 - 2020-03-26 16:40 - 000000000 _____ () C:\Users\Estelle\AppData\Local\{4D6E41EE-7572-4161-980A-2D1CAF34B836}
2020-03-26 16:40 - 2020-03-26 16:40 - 000000000 _____ () C:\Users\Estelle\AppData\Local\{995C2362-2277-4EC1-AE52-8B0EC7D4A4AF}
==================== SigCheckExt =========================
2018-07-21 01:51 - 2018-07-18 11:06 - 000002584 _____ C:\WINDOWS\PidVid_List.dll
2018-07-21 01:51 - 2018-07-18 11:07 - 000051168 _____ C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8814ae_new.dll
2018-07-21 01:51 - 2018-07-18 11:07 - 000044632 _____ C:\WINDOWS\rtl8821c_mp_chip_bt40_fw_asic_rom_patch_new.dll
2020-10-25 13:58 - 2020-12-12 23:38 - 000002896 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2020-10-25 13:58 - 2020-12-12 23:38 - 000002374 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2020-10-25 13:58 - 2020-12-12 23:38 - 000002370 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-12-13 12:45 - 2020-12-13 12:45 - 002286592 _____ (Farbar) C:\Users\Estelle\Desktop\FRST64.exe
2020-12-13 12:23 - 2020-12-13 12:23 - 003339136 _____ (Nicolas Coolman) C:\Users\Estelle\Desktop\ZHPCleaner.exe
2019-01-17 20:31 - 2019-01-17 20:31 - 133043370 _____ C:\Users\Estelle\Downloads\installer_openoffice-win32.exe
2019-04-06 16:27 - 2019-04-06 16:28 - 004559312 _____ (KantarWorldpanel, Inc. ) C:\Users\Estelle\Downloads\pcclicker_V1 (1).exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================