Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2021
Exécuté par Christine (administrateur) sur DESKTOP-4E30QAT (Gigabyte Tecohnology Co., Ltd. H61M-DS2V) (21-12-2021 15:36:04)
Exécuté depuis D:\Mes Données\Desktop
Profils chargés: Christine
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1415 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation -> Microsoft® Corporation) C:\Program Files (x86)\Microsoft Works\WkCalRem.exe
(Microsoft Corporation -> Microsoft® Corporation) C:\Program Files (x86)\Microsoft Works\WksCal.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <42>
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(NortonLifeLock Inc. -> Broadcom) C:\Program Files\Norton Security\Engine\22.21.10.40\NortonSecurity.exe <2>
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.21.10.40\nsWscSvc.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\CCleaner\CCleaner64.exe
(THE NIELSEN COMPANY (US), LLC -> The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter6\NielsenOnline64.exe
(THE NIELSEN COMPANY (US), LLC -> The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe <2>
(THE NIELSEN COMPANY (US), LLC -> The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
(UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory) C:\Program Files\BOINC\boinc.exe
(UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory) C:\Program Files\BOINC\boincmgr.exe
(UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory) C:\Program Files\BOINC\boinctray.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [824240 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe" (Pas de fichier)
HKLM\...\Run: [boinctray] => C:\Program Files\BOINC\boinctray.exe [70472 2020-09-02] (UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory)
HKLM\...\Run: [boincmgr] => C:\Program Files\BOINC\boincmgr.exe [8281416 2020-09-02] (UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5052648 2020-03-31] (Acronis International GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [441448 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [NielsenOnline] => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe [460160 2021-08-27] (THE NIELSEN COMPANY (US), LLC -> The Nielsen Company)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [Fichier non signé]
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\" (Pas de fichier)
HKU\S-1-5-21-3911643055-33977892-3237656246-1001\...\Run: [MediaDico9] => C:\Program Files (x86)\Micro Application\9 DICOS Indispensables\LanceMediaDICO9.exe [199168 2002-04-09] (L'Aventure Multimedia) [Fichier non signé]
HKU\S-1-5-21-3911643055-33977892-3237656246-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Pas de fichier)
HKU\S-1-5-21-3911643055-33977892-3237656246-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG -> Nero AG)
HKU\S-1-5-21-3911643055-33977892-3237656246-1001\...\Run: [CCleaner Smart Cleaning] => C:\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3911643055-33977892-3237656246-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\boinc.scr [957256 2020-09-02] (UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory)
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP1100LM: C:\WINDOWS\system32\HP1100LM.DLL [288768 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wkcalrem.LNK [2020-06-04]
ShortcutTarget: wkcalrem.LNK -> C:\Program Files (x86)\Microsoft Works\WkCalRem.exe (Microsoft Corporation -> Microsoft® Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {12743E8A-1ECD-4878-BE54-22C2601EE13B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-31] (HP Inc. -> HP Inc.)
Task: {28B4EA8D-627B-49BC-A745-6C231162767F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {34B40372-C5AB-40D5-A0F4-1857EE95D897} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {5A0E07C1-F16F-4FB1-8F4A-386D6A630645} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.21.10.40\WSCStub.exe [646520 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {64065D7B-E46B-43A2-B12F-99287C112EB8} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6C39DBFA-FE61-47B1-86D1-6CB41721B2E1} - System32\Tasks\CCleaner Update => C:\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {709984DD-79E4-4E9C-9BA2-0CA0428E6209} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.10.40\SymErr.exe [108752 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {714333C9-559E-4DA1-8CBF-B6346992B156} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {72123D02-73A8-4D8D-A382-1DE302D22B88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {7FEA5AAE-77E8-4E3F-9DC5-34353778F039} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.21.10.40\SymErr.exe [108752 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {8DCE1174-2B43-42A6-A73C-A707FBC989DD} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2352488 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {BBEF1566-031B-4847-8FAF-852373958D6E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [238968 2019-06-14] (HP Inc. -> HP Inc.)
Task: {CF38BDEA-A991-49FE-A4CC-12537070737C} - System32\Tasks\CCleanerSkipUAC - Christine => C:\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DDD6BA05-60A6-4434-8216-DDDA73006750} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.21.10.40\SymErr.exe [108752 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {EF8A7AFD-FD6A-4541-B39D-155A0127CD86} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{e0beeebe-74a7-4974-90c1-6b29f937ca9f}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Edge:
=======
DownloadDir: D:\Mes Données\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Christine\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-09]
Edge Extension: (Nielsen Netsight) - C:\Users\Christine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bpgmmbefnahabhcchpfkobeindpppflc [2021-10-25]
Edge HKLM\...\Edge\Extension: [bpgmmbefnahabhcchpfkobeindpppflc]
Edge HKLM-x32\...\Edge\Extension: [bpgmmbefnahabhcchpfkobeindpppflc]
FireFox:
========
FF DefaultProfile: 6ve06xcy.default
FF ProfilePath: C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\6ve06xcy.default [2021-12-21]
FF DownloadDir: D:\Mes Données\Desktop
FF Homepage: Mozilla\Firefox\Profiles\6ve06xcy.default -> hxxps://webmail.sfr.fr/fr_FR/main.html#inbox
FF Notifications: Mozilla\Firefox\Profiles\6ve06xcy.default -> hxxps://mail.google.com; hxxps://www.coronavirus-statistiques.com; hxxps://forums.commentcamarche.net; hxxps://vivelaliberte.soforums.com
FF Extension: (RealityMeter) - C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\6ve06xcy.default\Extensions\{5b677552-55af-45ae-854c-bb64198e4fde}.xpi [2021-09-12] [UpdateUrl:hxxps://cdn.rmprod.zone/browserextensions/firefox/updates.json]
FF Extension: (Nielsen Netsight) - C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\6ve06xcy.default\Extensions\{75148987-0f86-477f-963f-d0b98644cf08}.xpi [2021-10-15] [UpdateUrl:hxxps://netsight-releases-prod-blue.nielsennetsight.com/firefoxextension/updates.json]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [] [non signé]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-01] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10341560 2020-03-31] (Acronis International GmbH -> )
S2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1254784 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6383744 2020-06-04] (Acronis International GmbH -> )
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [126880 2012-08-31] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-03] (Malwarebytes Inc -> Malwarebytes)
S2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1918976 2020-03-31] (Acronis International GmbH -> )
R2 NielsenUpdate; C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [4831104 2021-08-27] (THE NIELSEN COMPANY (US), LLC -> The Nielsen Company)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG -> Nero AG)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.21.10.40\NortonSecurity.exe [343336 2021-10-29] (NortonLifeLock Inc. -> Broadcom)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.21.10.40\nsWscSvc.exe [1059176 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S2 PLFlash DeviceIoControl Service; C:\WINDOWS\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Fichier non signé]
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7395256 2020-03-31] (Acronis International GmbH -> )
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13147152 2020-08-19] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7095824 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AppObserver; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter6\appobserver64.sys [33864 2021-08-27] (The Nielsen Company -> The Nielsen Company)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.20.2.57\Definitions\BASHDefs\20211215.011\BHDrvx64.sys [2018784 2021-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\ccSetx64.sys [192256 2021-10-29] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [509904 2021-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145376 2021-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [687768 2020-06-04] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2020-06-04] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.20.2.57\Definitions\IPSDefs\20211217.061\IDSvia64.sys [1480144 2021-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-03] (Malwarebytes Inc -> Malwarebytes)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R1 nnfwdk; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter6\nnfwdk64.sys [48192 2021-08-27] (The Nielsen Company -> The Nielsen Company)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\nsvst.sys [56080 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\SRTSP64.SYS [892600 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\SRTSPX64.SYS [48824 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\SYMEFASI64.SYS [2030792 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\SymELAM.sys [31984 2021-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [93152 2021-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.20.2.57\SymPlatform\SymEvnt.sys [712432 2021-07-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\Ironx64.SYS [319152 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\symnets.sys [575344 2021-10-29] (Symantec Corporation -> Symantec Corporation)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [883256 2020-06-04] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [171968 2020-06-04] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [693768 2020-06-04] (Acronis International GmbH -> Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [330176 2020-06-04] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2020-06-04] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-11-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435424 2021-11-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-06] (Microsoft Windows -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\wpCtrlDrv.sys [1015760 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-21 15:35 - 2021-12-21 15:36 - 000000000 ____D C:\FRST
2021-12-20 10:21 - 2021-12-20 10:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2021-12-20 10:11 - 2021-12-21 11:59 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-12-16 19:07 - 2021-12-16 19:07 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-16 15:20 - 2021-12-16 15:20 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-16 15:20 - 2021-12-16 15:20 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-16 15:20 - 2021-12-16 15:20 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-16 15:20 - 2021-12-16 15:20 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-16 15:02 - 2021-12-16 15:02 - 000000000 ___HD C:\$WinREAgent
2021-12-15 11:40 - 2021-12-15 11:40 - 503181050 _____ C:\WINDOWS\MEMORY.DMP
2021-12-15 11:40 - 2021-12-15 11:40 - 000000000 ____D C:\WINDOWS\Minidump
2021-12-15 11:40 - 2021-12-15 11:40 - 000000000 _____ C:\WINDOWS\Minidump\121521-20234-01.dmp
2021-12-11 12:49 - 2021-12-11 12:49 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3911643055-33977892-3237656246-1001
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-21 15:38 - 2021-11-07 09:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2021-12-21 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-21 15:24 - 2020-05-28 15:50 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-21 15:23 - 2020-06-02 11:12 - 000000000 ____D C:\Users\Christine\AppData\LocalLow\Mozilla
2021-12-21 15:22 - 2021-02-28 12:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-21 15:22 - 2020-06-04 08:15 - 000000000 ____D C:\ProgramData\BOINC
2021-12-21 12:03 - 2020-05-28 15:52 - 000000000 ____D C:\CCleaner
2021-12-21 11:59 - 2021-02-28 12:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-21 11:59 - 2021-02-28 12:26 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-21 11:59 - 2020-05-28 15:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-21 11:59 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-12-21 11:53 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-21 11:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-21 11:48 - 2021-02-28 12:34 - 000004182 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FD34F435-A507-4383-82FB-F474D25DE7E7}
2021-12-21 11:44 - 2021-10-09 14:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-12-21 11:41 - 2020-06-04 14:20 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-20 11:45 - 2020-06-04 15:33 - 000000000 ____D C:\Users\Christine\AppData\Local\CrashDumps
2021-12-20 09:50 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-12-18 09:41 - 2021-02-28 12:36 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-18 09:41 - 2019-12-07 15:49 - 000791756 _____ C:\WINDOWS\system32\perfh00C.dat
2021-12-18 09:41 - 2019-12-07 15:49 - 000149922 _____ C:\WINDOWS\system32\perfc00C.dat
2021-12-18 09:41 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-18 09:31 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-18 08:55 - 2020-07-14 08:01 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-17 10:14 - 2020-05-28 15:49 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-12-17 09:55 - 2021-02-28 12:26 - 000458592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-16 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-16 15:26 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-15 19:02 - 2021-02-28 12:28 - 000000000 ____D C:\Users\Christine
2021-12-15 12:01 - 2021-02-28 12:34 - 000003908 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-12-15 11:34 - 2020-05-28 16:25 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-15 11:34 - 2020-05-28 16:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-13 03:02 - 2020-06-04 08:38 - 000000000 ____D C:\ProgramData\Norton
2021-12-09 12:47 - 2021-02-28 12:34 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3911643055-33977892-3237656246-1001
2021-12-09 12:47 - 2021-02-28 12:28 - 000002429 _____ C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-09 09:49 - 2021-03-04 10:45 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d70dc57bf165b8
2021-12-09 09:49 - 2021-02-28 12:34 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-01 10:24 - 2020-06-04 15:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2021-12-01 10:09 - 2021-03-16 09:25 - 000000000 ____D C:\Users\Christine\AppData\LocalLow\Norton
==================== Fichiers à la racine de certains dossiers ========
2020-06-04 15:35 - 2020-06-04 15:35 - 000000000 _____ () C:\Users\Christine\AppData\Roaming\wklnhst.dat
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================