Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Exécuté par Christine (administrateur) sur DESKTOP-4E30QAT (Gigabyte Tecohnology Co., Ltd. H61M-DS2V) (30-12-2021 09:51:51)
Exécuté depuis D:\Mes Données\Desktop
Profils chargés: Christine
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1415 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation -> Microsoft® Corporation) C:\Program Files (x86)\Microsoft Works\WkCalRem.exe
(Microsoft Corporation -> Microsoft® Corporation) C:\Program Files (x86)\Microsoft Works\WksCal.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <39>
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\CCleaner\CCleaner64.exe
(Prolific Technology Inc.) [Fichier non signé] C:\Windows\SysWOW64\IoctlSvc.exe
(THE NIELSEN COMPANY (US), LLC -> The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter6\NielsenOnline64.exe
(THE NIELSEN COMPANY (US), LLC -> The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe <2>
(THE NIELSEN COMPANY (US), LLC -> The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
(UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory) C:\Program Files\BOINC\boinc.exe
(UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory) C:\Program Files\BOINC\boincmgr.exe
(UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory) C:\Program Files\BOINC\boinctray.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [824240 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe" (Pas de fichier)
HKLM\...\Run: [boinctray] => C:\Program Files\BOINC\boinctray.exe [70472 2020-09-02] (UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory)
HKLM\...\Run: [boincmgr] => C:\Program Files\BOINC\boincmgr.exe [8281416 2020-09-02] (UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5052648 2020-03-31] (Acronis International GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [441448 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [NielsenOnline] => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe [460160 2021-08-27] (THE NIELSEN COMPANY (US), LLC -> The Nielsen Company)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [Fichier non signé]
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\" (Pas de fichier)
HKU\S-1-5-21-3911643055-33977892-3237656246-1001\...\Run: [MediaDico9] => C:\Program Files (x86)\Micro Application\9 DICOS Indispensables\LanceMediaDICO9.exe [199168 2002-04-09] (L'Aventure Multimedia) [Fichier non signé]
HKU\S-1-5-21-3911643055-33977892-3237656246-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Pas de fichier)
HKU\S-1-5-21-3911643055-33977892-3237656246-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG -> Nero AG)
HKU\S-1-5-21-3911643055-33977892-3237656246-1001\...\Run: [CCleaner Smart Cleaning] => C:\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3911643055-33977892-3237656246-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\boinc.scr [957256 2020-09-02] (UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory)
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP1100LM: C:\WINDOWS\system32\HP1100LM.DLL [288768 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wkcalrem.LNK [2020-06-04]
ShortcutTarget: wkcalrem.LNK -> C:\Program Files (x86)\Microsoft Works\WkCalRem.exe (Microsoft Corporation -> Microsoft® Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {12743E8A-1ECD-4878-BE54-22C2601EE13B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-31] (HP Inc. -> HP Inc.)
Task: {28B4EA8D-627B-49BC-A745-6C231162767F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {34B40372-C5AB-40D5-A0F4-1857EE95D897} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {64065D7B-E46B-43A2-B12F-99287C112EB8} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6C39DBFA-FE61-47B1-86D1-6CB41721B2E1} - System32\Tasks\CCleaner Update => C:\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {714333C9-559E-4DA1-8CBF-B6346992B156} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {72123D02-73A8-4D8D-A382-1DE302D22B88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {77F504E5-25D1-4104-B1F4-157F98041055} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {BBEF1566-031B-4847-8FAF-852373958D6E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [238968 2019-06-14] (HP Inc. -> HP Inc.)
Task: {CF38BDEA-A991-49FE-A4CC-12537070737C} - System32\Tasks\CCleanerSkipUAC - Christine => C:\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EF8A7AFD-FD6A-4541-B39D-155A0127CD86} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{e0beeebe-74a7-4974-90c1-6b29f937ca9f}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Edge:
=======
DownloadDir: D:\Mes Données\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\Christine\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-27]
Edge Extension: (Nielsen Netsight) - C:\Users\Christine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bpgmmbefnahabhcchpfkobeindpppflc [2021-10-25]
Edge HKLM\...\Edge\Extension: [bpgmmbefnahabhcchpfkobeindpppflc]
Edge HKLM-x32\...\Edge\Extension: [bpgmmbefnahabhcchpfkobeindpppflc]
FireFox:
========
FF DefaultProfile: 6ve06xcy.default
FF ProfilePath: C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\6ve06xcy.default [2021-12-30]
FF DownloadDir: D:\Mes Données\Desktop
FF Homepage: Mozilla\Firefox\Profiles\6ve06xcy.default -> hxxps://webmail.sfr.fr/fr_FR/main.html#inbox
FF Notifications: Mozilla\Firefox\Profiles\6ve06xcy.default -> hxxps://mail.google.com; hxxps://www.coronavirus-statistiques.com; hxxps://forums.commentcamarche.net; hxxps://vivelaliberte.soforums.com
FF Extension: (RealityMeter) - C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\6ve06xcy.default\Extensions\{5b677552-55af-45ae-854c-bb64198e4fde}.xpi [2021-09-12] [UpdateUrl:hxxps://cdn.rmprod.zone/browserextensions/firefox/updates.json]
FF Extension: (Nielsen Netsight) - C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\6ve06xcy.default\Extensions\{75148987-0f86-477f-963f-d0b98644cf08}.xpi [2021-10-15] [UpdateUrl:hxxps://netsight-releases-prod-blue.nielsennetsight.com/firefoxextension/updates.json]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [] [non signé]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-01] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10341560 2020-03-31] (Acronis International GmbH -> )
S2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1254784 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6383744 2020-06-04] (Acronis International GmbH -> )
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [126880 2012-08-31] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-12-23] (Malwarebytes Inc -> Malwarebytes)
S2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1918976 2020-03-31] (Acronis International GmbH -> )
R2 NielsenUpdate; C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [4831104 2021-08-27] (THE NIELSEN COMPANY (US), LLC -> The Nielsen Company)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG -> Nero AG)
R2 PLFlash DeviceIoControl Service; C:\WINDOWS\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Fichier non signé]
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7395256 2020-03-31] (Acronis International GmbH -> )
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13147152 2020-08-19] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7095824 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-24] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AppObserver; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter6\appobserver64.sys [33864 2021-08-27] (The Nielsen Company -> The Nielsen Company)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [687768 2020-06-04] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2020-06-04] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-23] (Malwarebytes Inc -> Malwarebytes)
S3 MpKsl3b850504; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7BBFB944-7D06-462B-B191-A71403A07904}\MpKslDrv.sys [134376 2021-12-26] (Microsoft Windows -> Microsoft Corporation)
R3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R1 nnfwdk; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter6\nnfwdk64.sys [48192 2021-08-27] (The Nielsen Company -> The Nielsen Company)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [883256 2020-06-04] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [171968 2020-06-04] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [693768 2020-06-04] (Acronis International GmbH -> Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [330176 2020-06-04] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2020-06-04] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-24] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-24] (Microsoft Windows -> Microsoft Corporation)
S3 nsvst_NGC; \SystemRoot\System32\drivers\NGCx64\16150B0.02E\nsvst.sys [X]
S3 SymEvnt; \??\C:\Program Files\Norton Security\NortonData\22.20.2.57\SymPlatform\SymEvnt.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-30 09:50 - 2021-12-30 09:52 - 000000000 ____D C:\FRST
2021-12-28 12:03 - 2021-12-28 12:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2021-12-26 19:29 - 2021-12-26 19:29 - 000000000 ____D C:\Users\Christine\AppData\Local\Norton
2021-12-23 19:04 - 2021-12-23 19:04 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2
2021-12-23 18:47 - 2021-12-23 18:47 - 000000000 ____D C:\ProgramData\UCheck
2021-12-23 16:40 - 2021-12-23 16:40 - 000000000 ____D C:\KPRM
2021-12-23 16:10 - 2021-12-23 16:10 - 000000000 _____ C:\Users\Christine\AppData\Roaming\wklnhst.dat
2021-12-23 16:06 - 2021-12-28 18:17 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-12-23 16:04 - 2021-12-28 18:17 - 000000000 ____D C:\Users\Christine\AppData\Roaming\PDFsam Enhanced 7
2021-12-23 16:02 - 2021-12-23 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFsam Basic
2021-12-23 16:02 - 2021-12-23 16:02 - 000000000 ____D C:\Program Files (x86)\PDFsam Basic
2021-12-23 16:01 - 2021-12-23 16:02 - 000000000 ____D C:\ProgramData\PDFsam Basic
2021-12-20 10:11 - 2021-12-21 11:59 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-12-16 19:07 - 2021-12-16 19:07 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-16 15:20 - 2021-12-16 15:20 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-16 15:20 - 2021-12-16 15:20 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-16 15:20 - 2021-12-16 15:20 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-16 15:20 - 2021-12-16 15:20 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-16 15:02 - 2021-12-16 15:02 - 000000000 ___HD C:\$WinREAgent
2021-12-15 11:40 - 2021-12-15 11:40 - 503181050 _____ C:\WINDOWS\MEMORY.DMP
2021-12-15 11:40 - 2021-12-15 11:40 - 000000000 ____D C:\WINDOWS\Minidump
2021-12-15 11:40 - 2021-12-15 11:40 - 000000000 _____ C:\WINDOWS\Minidump\121521-20234-01.dmp
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-30 09:48 - 2020-05-28 15:50 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-30 09:47 - 2020-06-02 11:12 - 000000000 ____D C:\Users\Christine\AppData\LocalLow\Mozilla
2021-12-30 09:45 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-30 09:42 - 2020-05-28 15:52 - 000000000 ____D C:\CCleaner
2021-12-30 09:40 - 2020-06-04 08:15 - 000000000 ____D C:\ProgramData\BOINC
2021-12-30 09:39 - 2021-02-28 12:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-30 09:39 - 2021-02-28 12:26 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-30 09:39 - 2020-06-04 08:38 - 000000000 ____D C:\ProgramData\Norton
2021-12-30 09:39 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-12-30 09:36 - 2020-06-04 08:40 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2021-12-30 09:08 - 2021-02-28 12:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-30 08:27 - 2021-02-28 12:34 - 000004182 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FD34F435-A507-4383-82FB-F474D25DE7E7}
2021-12-28 11:36 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-12-26 19:47 - 2020-06-04 09:10 - 000000000 ____D C:\Program Files\Common Files\AV
2021-12-26 19:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-26 19:17 - 2020-05-28 15:10 - 000000000 ____D C:\ProgramData\Packages
2021-12-26 19:17 - 2020-05-28 14:54 - 000000000 ____D C:\Users\Christine\AppData\Local\Packages
2021-12-26 19:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-25 18:50 - 2020-06-04 15:33 - 000000000 ____D C:\Users\Christine\AppData\Local\CrashDumps
2021-12-24 16:38 - 2020-05-28 14:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-12-24 16:06 - 2020-05-28 15:49 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-12-24 10:38 - 2021-03-16 09:25 - 000000000 ____D C:\Users\Christine\AppData\LocalLow\Norton
2021-12-24 09:50 - 2020-05-28 15:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-23 18:56 - 2020-06-03 16:40 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-12-23 18:56 - 2020-06-03 16:38 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-12-23 18:56 - 2020-06-03 16:30 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-12-23 18:55 - 2020-06-03 16:30 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-12-23 18:55 - 2020-06-03 16:30 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-12-23 18:55 - 2020-06-03 16:30 - 000000000 ____D C:\Program Files\Malwarebytes
2021-12-23 18:55 - 2020-05-28 15:50 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-12-23 18:55 - 2020-05-28 15:50 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2021-12-23 16:11 - 2021-03-15 15:53 - 000000000 ____D C:\Users\Christine\AppData\Roaming\Auslogics
2021-12-23 16:11 - 2021-03-15 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2021-12-22 18:12 - 2020-06-13 09:46 - 000000000 ____D C:\Users\Christine\AppData\LocalLow\Temp
2021-12-21 11:44 - 2021-10-09 14:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-12-21 11:41 - 2020-06-04 14:20 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-18 09:41 - 2021-02-28 12:36 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-18 09:41 - 2019-12-07 15:49 - 000791756 _____ C:\WINDOWS\system32\perfh00C.dat
2021-12-18 09:41 - 2019-12-07 15:49 - 000149922 _____ C:\WINDOWS\system32\perfc00C.dat
2021-12-18 09:41 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-18 09:31 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-18 08:55 - 2020-07-14 08:01 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-17 09:55 - 2021-02-28 12:26 - 000458592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-16 15:26 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-15 19:02 - 2021-02-28 12:28 - 000000000 ____D C:\Users\Christine
2021-12-15 12:01 - 2021-02-28 12:34 - 000003908 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-12-15 11:34 - 2020-05-28 16:25 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-15 11:34 - 2020-05-28 16:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-09 09:49 - 2021-03-04 10:45 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d70dc57bf165b8
2021-12-09 09:49 - 2021-02-28 12:34 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-01 10:24 - 2020-06-04 15:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
==================== Fichiers à la racine de certains dossiers ========
2021-12-23 16:10 - 2021-12-23 16:10 - 000000000 _____ () C:\Users\Christine\AppData\Roaming\wklnhst.dat
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Christine (administrateur) sur DESKTOP-4E30QAT (Gigabyte Tecohnology Co., Ltd. H61M-DS2V) (30-12-2021 09:51:51)
Exécuté depuis D:\Mes Données\Desktop
Profils chargés: Christine
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1415 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation -> Microsoft® Corporation) C:\Program Files (x86)\Microsoft Works\WkCalRem.exe
(Microsoft Corporation -> Microsoft® Corporation) C:\Program Files (x86)\Microsoft Works\WksCal.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <39>
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\CCleaner\CCleaner64.exe
(Prolific Technology Inc.) [Fichier non signé] C:\Windows\SysWOW64\IoctlSvc.exe
(THE NIELSEN COMPANY (US), LLC -> The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter6\NielsenOnline64.exe
(THE NIELSEN COMPANY (US), LLC -> The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe <2>
(THE NIELSEN COMPANY (US), LLC -> The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
(UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory) C:\Program Files\BOINC\boinc.exe
(UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory) C:\Program Files\BOINC\boincmgr.exe
(UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory) C:\Program Files\BOINC\boinctray.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [824240 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe" (Pas de fichier)
HKLM\...\Run: [boinctray] => C:\Program Files\BOINC\boinctray.exe [70472 2020-09-02] (UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory)
HKLM\...\Run: [boincmgr] => C:\Program Files\BOINC\boincmgr.exe [8281416 2020-09-02] (UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5052648 2020-03-31] (Acronis International GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [441448 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [NielsenOnline] => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe [460160 2021-08-27] (THE NIELSEN COMPANY (US), LLC -> The Nielsen Company)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [Fichier non signé]
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\" (Pas de fichier)
HKU\S-1-5-21-3911643055-33977892-3237656246-1001\...\Run: [MediaDico9] => C:\Program Files (x86)\Micro Application\9 DICOS Indispensables\LanceMediaDICO9.exe [199168 2002-04-09] (L'Aventure Multimedia) [Fichier non signé]
HKU\S-1-5-21-3911643055-33977892-3237656246-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Pas de fichier)
HKU\S-1-5-21-3911643055-33977892-3237656246-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG -> Nero AG)
HKU\S-1-5-21-3911643055-33977892-3237656246-1001\...\Run: [CCleaner Smart Cleaning] => C:\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3911643055-33977892-3237656246-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\boinc.scr [957256 2020-09-02] (UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory)
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP1100LM: C:\WINDOWS\system32\HP1100LM.DLL [288768 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wkcalrem.LNK [2020-06-04]
ShortcutTarget: wkcalrem.LNK -> C:\Program Files (x86)\Microsoft Works\WkCalRem.exe (Microsoft Corporation -> Microsoft® Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {12743E8A-1ECD-4878-BE54-22C2601EE13B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-31] (HP Inc. -> HP Inc.)
Task: {28B4EA8D-627B-49BC-A745-6C231162767F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {34B40372-C5AB-40D5-A0F4-1857EE95D897} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {64065D7B-E46B-43A2-B12F-99287C112EB8} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6C39DBFA-FE61-47B1-86D1-6CB41721B2E1} - System32\Tasks\CCleaner Update => C:\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {714333C9-559E-4DA1-8CBF-B6346992B156} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {72123D02-73A8-4D8D-A382-1DE302D22B88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {77F504E5-25D1-4104-B1F4-157F98041055} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {BBEF1566-031B-4847-8FAF-852373958D6E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [238968 2019-06-14] (HP Inc. -> HP Inc.)
Task: {CF38BDEA-A991-49FE-A4CC-12537070737C} - System32\Tasks\CCleanerSkipUAC - Christine => C:\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EF8A7AFD-FD6A-4541-B39D-155A0127CD86} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{e0beeebe-74a7-4974-90c1-6b29f937ca9f}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Edge:
=======
DownloadDir: D:\Mes Données\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\Christine\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-27]
Edge Extension: (Nielsen Netsight) - C:\Users\Christine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bpgmmbefnahabhcchpfkobeindpppflc [2021-10-25]
Edge HKLM\...\Edge\Extension: [bpgmmbefnahabhcchpfkobeindpppflc]
Edge HKLM-x32\...\Edge\Extension: [bpgmmbefnahabhcchpfkobeindpppflc]
FireFox:
========
FF DefaultProfile: 6ve06xcy.default
FF ProfilePath: C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\6ve06xcy.default [2021-12-30]
FF DownloadDir: D:\Mes Données\Desktop
FF Homepage: Mozilla\Firefox\Profiles\6ve06xcy.default -> hxxps://webmail.sfr.fr/fr_FR/main.html#inbox
FF Notifications: Mozilla\Firefox\Profiles\6ve06xcy.default -> hxxps://mail.google.com; hxxps://www.coronavirus-statistiques.com; hxxps://forums.commentcamarche.net; hxxps://vivelaliberte.soforums.com
FF Extension: (RealityMeter) - C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\6ve06xcy.default\Extensions\{5b677552-55af-45ae-854c-bb64198e4fde}.xpi [2021-09-12] [UpdateUrl:hxxps://cdn.rmprod.zone/browserextensions/firefox/updates.json]
FF Extension: (Nielsen Netsight) - C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\6ve06xcy.default\Extensions\{75148987-0f86-477f-963f-d0b98644cf08}.xpi [2021-10-15] [UpdateUrl:hxxps://netsight-releases-prod-blue.nielsennetsight.com/firefoxextension/updates.json]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [] [non signé]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-01] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10341560 2020-03-31] (Acronis International GmbH -> )
S2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1254784 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6383744 2020-06-04] (Acronis International GmbH -> )
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [126880 2012-08-31] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-12-23] (Malwarebytes Inc -> Malwarebytes)
S2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1918976 2020-03-31] (Acronis International GmbH -> )
R2 NielsenUpdate; C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [4831104 2021-08-27] (THE NIELSEN COMPANY (US), LLC -> The Nielsen Company)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG -> Nero AG)
R2 PLFlash DeviceIoControl Service; C:\WINDOWS\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Fichier non signé]
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7395256 2020-03-31] (Acronis International GmbH -> )
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13147152 2020-08-19] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7095824 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-24] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AppObserver; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter6\appobserver64.sys [33864 2021-08-27] (The Nielsen Company -> The Nielsen Company)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [687768 2020-06-04] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2020-06-04] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-23] (Malwarebytes Inc -> Malwarebytes)
S3 MpKsl3b850504; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7BBFB944-7D06-462B-B191-A71403A07904}\MpKslDrv.sys [134376 2021-12-26] (Microsoft Windows -> Microsoft Corporation)
R3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R1 nnfwdk; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter6\nnfwdk64.sys [48192 2021-08-27] (The Nielsen Company -> The Nielsen Company)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [883256 2020-06-04] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [171968 2020-06-04] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [693768 2020-06-04] (Acronis International GmbH -> Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [330176 2020-06-04] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2020-06-04] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-24] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-24] (Microsoft Windows -> Microsoft Corporation)
S3 nsvst_NGC; \SystemRoot\System32\drivers\NGCx64\16150B0.02E\nsvst.sys [X]
S3 SymEvnt; \??\C:\Program Files\Norton Security\NortonData\22.20.2.57\SymPlatform\SymEvnt.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-30 09:50 - 2021-12-30 09:52 - 000000000 ____D C:\FRST
2021-12-28 12:03 - 2021-12-28 12:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2021-12-26 19:29 - 2021-12-26 19:29 - 000000000 ____D C:\Users\Christine\AppData\Local\Norton
2021-12-23 19:04 - 2021-12-23 19:04 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2
2021-12-23 18:47 - 2021-12-23 18:47 - 000000000 ____D C:\ProgramData\UCheck
2021-12-23 16:40 - 2021-12-23 16:40 - 000000000 ____D C:\KPRM
2021-12-23 16:10 - 2021-12-23 16:10 - 000000000 _____ C:\Users\Christine\AppData\Roaming\wklnhst.dat
2021-12-23 16:06 - 2021-12-28 18:17 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-12-23 16:04 - 2021-12-28 18:17 - 000000000 ____D C:\Users\Christine\AppData\Roaming\PDFsam Enhanced 7
2021-12-23 16:02 - 2021-12-23 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFsam Basic
2021-12-23 16:02 - 2021-12-23 16:02 - 000000000 ____D C:\Program Files (x86)\PDFsam Basic
2021-12-23 16:01 - 2021-12-23 16:02 - 000000000 ____D C:\ProgramData\PDFsam Basic
2021-12-20 10:11 - 2021-12-21 11:59 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-12-16 19:07 - 2021-12-16 19:07 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-16 15:20 - 2021-12-16 15:20 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-16 15:20 - 2021-12-16 15:20 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-16 15:20 - 2021-12-16 15:20 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-16 15:20 - 2021-12-16 15:20 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-16 15:02 - 2021-12-16 15:02 - 000000000 ___HD C:\$WinREAgent
2021-12-15 11:40 - 2021-12-15 11:40 - 503181050 _____ C:\WINDOWS\MEMORY.DMP
2021-12-15 11:40 - 2021-12-15 11:40 - 000000000 ____D C:\WINDOWS\Minidump
2021-12-15 11:40 - 2021-12-15 11:40 - 000000000 _____ C:\WINDOWS\Minidump\121521-20234-01.dmp
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-30 09:48 - 2020-05-28 15:50 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-30 09:47 - 2020-06-02 11:12 - 000000000 ____D C:\Users\Christine\AppData\LocalLow\Mozilla
2021-12-30 09:45 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-30 09:42 - 2020-05-28 15:52 - 000000000 ____D C:\CCleaner
2021-12-30 09:40 - 2020-06-04 08:15 - 000000000 ____D C:\ProgramData\BOINC
2021-12-30 09:39 - 2021-02-28 12:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-30 09:39 - 2021-02-28 12:26 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-30 09:39 - 2020-06-04 08:38 - 000000000 ____D C:\ProgramData\Norton
2021-12-30 09:39 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-12-30 09:36 - 2020-06-04 08:40 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2021-12-30 09:08 - 2021-02-28 12:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-30 08:27 - 2021-02-28 12:34 - 000004182 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FD34F435-A507-4383-82FB-F474D25DE7E7}
2021-12-28 11:36 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-12-26 19:47 - 2020-06-04 09:10 - 000000000 ____D C:\Program Files\Common Files\AV
2021-12-26 19:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-26 19:17 - 2020-05-28 15:10 - 000000000 ____D C:\ProgramData\Packages
2021-12-26 19:17 - 2020-05-28 14:54 - 000000000 ____D C:\Users\Christine\AppData\Local\Packages
2021-12-26 19:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-25 18:50 - 2020-06-04 15:33 - 000000000 ____D C:\Users\Christine\AppData\Local\CrashDumps
2021-12-24 16:38 - 2020-05-28 14:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-12-24 16:06 - 2020-05-28 15:49 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-12-24 10:38 - 2021-03-16 09:25 - 000000000 ____D C:\Users\Christine\AppData\LocalLow\Norton
2021-12-24 09:50 - 2020-05-28 15:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-23 18:56 - 2020-06-03 16:40 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-12-23 18:56 - 2020-06-03 16:38 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-12-23 18:56 - 2020-06-03 16:30 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-12-23 18:55 - 2020-06-03 16:30 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-12-23 18:55 - 2020-06-03 16:30 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-12-23 18:55 - 2020-06-03 16:30 - 000000000 ____D C:\Program Files\Malwarebytes
2021-12-23 18:55 - 2020-05-28 15:50 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-12-23 18:55 - 2020-05-28 15:50 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2021-12-23 16:11 - 2021-03-15 15:53 - 000000000 ____D C:\Users\Christine\AppData\Roaming\Auslogics
2021-12-23 16:11 - 2021-03-15 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2021-12-22 18:12 - 2020-06-13 09:46 - 000000000 ____D C:\Users\Christine\AppData\LocalLow\Temp
2021-12-21 11:44 - 2021-10-09 14:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-12-21 11:41 - 2020-06-04 14:20 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-18 09:41 - 2021-02-28 12:36 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-18 09:41 - 2019-12-07 15:49 - 000791756 _____ C:\WINDOWS\system32\perfh00C.dat
2021-12-18 09:41 - 2019-12-07 15:49 - 000149922 _____ C:\WINDOWS\system32\perfc00C.dat
2021-12-18 09:41 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-18 09:31 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-18 08:55 - 2020-07-14 08:01 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-17 09:55 - 2021-02-28 12:26 - 000458592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-16 15:26 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-15 19:02 - 2021-02-28 12:28 - 000000000 ____D C:\Users\Christine
2021-12-15 12:01 - 2021-02-28 12:34 - 000003908 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-12-15 11:34 - 2020-05-28 16:25 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-15 11:34 - 2020-05-28 16:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-09 09:49 - 2021-03-04 10:45 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d70dc57bf165b8
2021-12-09 09:49 - 2021-02-28 12:34 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-01 10:24 - 2020-06-04 15:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
==================== Fichiers à la racine de certains dossiers ========
2021-12-23 16:10 - 2021-12-23 16:10 - 000000000 _____ () C:\Users\Christine\AppData\Roaming\wklnhst.dat
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================