Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018
Exécuté par LtSmith (administrateur) sur DESKTOP-C54JPK3 (14-04-2019 06:04:34)
Exécuté depuis C:\Users\LtSmith\Desktop
Profils chargés: LtSmith (Profils disponibles: LtSmith)
Platform: Windows 10 Pro Version 1803 17134.523 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Arcai.com) C:\Program Files (x86)\arcai.com\aips.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Everything\Everything.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\UCBrowser\Application\UCService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.4-0\MsMpEng.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.4-0\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.19011.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Users\LtSmith\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileCoAuth.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12093.3.37141.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
() C:\Program Files (x86)\Bible Verse\verse.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
() C:\laragon\laragon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files (x86)\UCBrowser\Application\7.0.185.1002\UCAgent.exe
() C:\Program Files (x86)\arcai.com\netcut_windows.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
() C:\Program Files (x86)\Everything\Everything.exe
() C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.15.1001.0_x64__8wekyb3d8bbwe\GameBar.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-03-02] (IDT, Inc.)
HKLM-x32\...\Run: [Everything] => C:\Program Files (x86)\Everything\Everything.exe [1668200 2018-02-09] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-03-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499640 2017-03-28] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2014-10-08] (Power Software Ltd)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [125872 2018-11-21] (VMware, Inc.)
HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4042808 2019-04-05] (Tonec Inc.)
HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\Run: [uTorrent] => C:\Users\LtSmith\AppData\Roaming\uTorrent\uTorrent.exe [1987512 2018-07-08] (BitTorrent Inc.)
HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7722600 2018-07-08] (Lavasoft)
HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\Run: [SpeedConnectStartUp] => [X]
HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\MountPoints2: {53eb696d-a2c7-11e8-8295-a0481cd1f7d3} - "G:\Setup.exe" /s
HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\MountPoints2: {53eb6a11-a2c7-11e8-8295-a0481cd1f7d3} - "F:\Setup.exe" /s
Startup: C:\Users\LtSmith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Bible Verse.lnk [2018-06-29]
ShortcutTarget: Bible Verse.lnk -> C:\Program Files (x86)\Bible Verse\verse.exe ()
Startup: C:\Users\LtSmith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\laragon.lnk [2018-07-12]
ShortcutTarget: laragon.lnk -> C:\laragon\laragon.exe ()
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings)
ProxyEnable: [S-1-5-21-3198773003-2009487275-3018560174-1001] => Proxy est activé.
ProxyServer: [S-1-5-21-3198773003-2009487275-3018560174-1001] => http=127.0.0.1:8080;https=127.0.0.1:8080
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{3825c21c-30fd-4d6a-b492-61cfd35d9284}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6b198d74-39f8-4867-ba9d-ce095d7c8f8a}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{d45f618a-86e5-4634-a674-d5362d5ef967}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ebb6a973-d35f-4b43-8de4-f60aac379daf}: [DhcpNameServer] 192.168.137.1
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-3198773003-2009487275-3018560174-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__180708__yaie&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-11-21] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-06-29] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2018-06-30] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-06-29] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2018-06-30] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-11-21] (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-06-29] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-06-29] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\LtSmith\AppData\Roaming\Mozilla\Firefox\Profiles\sshuako0.default-1535645859375 [2019-04-14]
FF NetworkProxy: Mozilla\Firefox\Profiles\sshuako0.default-1535645859375 -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\sshuako0.default-1535645859375 -> Disabled: _omMembers_@screenwatch.yournewtab.com
FF NewTabOverride: Mozilla\Firefox\Profiles\sshuako0.default-1535645859375 -> Disabled: {230a5283-ab42-49a2-8860-b06d797917c7}
FF NewTabOverride: Mozilla\Firefox\Profiles\sshuako0.default-1535645859375 -> Disabled: _omMembers_@screenwatch.yournewtab.com
FF Extension: (Screen Watch) - C:\Users\LtSmith\AppData\Roaming\Mozilla\Firefox\Profiles\sshuako0.default-1535645859375\Extensions\_omMembers_@screenwatch.yournewtab.com.xpi [2018-12-04]
FF Extension: (SocialNewPages) - C:\Users\LtSmith\AppData\Roaming\Mozilla\Firefox\Profiles\sshuako0.default-1535645859375\Extensions\{230a5283-ab42-49a2-8860-b06d797917c7}.xpi [2019-04-10]
FF Extension: (Viewer Plus) - C:\Users\LtSmith\AppData\Roaming\Mozilla\Firefox\Profiles\sshuako0.default-1535645859375\Extensions\{880cacfe-5793-4346-89ce-fbbd368d394c}.xpi [2019-04-05]
FF Extension: (PrincipalInterceptor) - C:\Users\LtSmith\AppData\Roaming\Mozilla\Firefox\Profiles\sshuako0.default-1535645859375\Extensions\{c65b18e1-cd3d-4773-a901-15a0753e7d81}.xpi [2019-04-10]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\LtSmith\AppData\Roaming\Mozilla\Firefox\Profiles\sshuako0.default-1535645859375\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-10]
FF Extension: (Firefox Monitor) - C:\Users\LtSmith\AppData\Roaming\Mozilla\Firefox\Profiles\sshuako0.default-1535645859375\features\{972d01e3-481e-41cd-bf90-19bf44dda8fb}\fxmonitor@mozilla.org.xpi [2019-04-12]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2019-03-22] [Legacy]
FF HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2019-03-19]
FF HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\LtSmith\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\LtSmith\AppData\Roaming\IDM\idmmzcc5 [2019-04-11] [Legacy] [non signé]
FF HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2018-06-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2018-06-30] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-06-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-06-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-29] (Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-29] (Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\LtSmith\AppData\Local\Google\Chrome\User Data\Default [2019-03-21]
CHR Extension: (Docs) - C:\Users\LtSmith\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-15]
CHR Extension: (Google Drive) - C:\Users\LtSmith\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-15]
CHR Extension: (YouTube) - C:\Users\LtSmith\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-15]
CHR Extension: (Adobe Acrobat – Créer un fichier PDF) - C:\Users\LtSmith\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-07-15]
CHR Extension: (IDM Integration Module) - C:\Users\LtSmith\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-07-15]
CHR Extension: (Gmail) - C:\Users\LtSmith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-15]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-04-04]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-03-28]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-04-04]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021056 2016-03-03] (Adobe Systems, Incorporated)
R2 AIPS; C:\Program Files (x86)\arcai.com\aips.exe [2677760 2018-05-11] (Arcai.com) [Fichier non signé]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2776664 2015-08-15] (Microsoft Corporation)
R2 Everything; C:\Program Files (x86)\Everything\Everything.exe [1668200 2018-02-09] ()
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe [1268720 2019-04-03] (Google Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [359856 2015-07-25] (Intel Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-03-02] (IDT, Inc.) [Fichier non signé]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
R2 UCBrowserSvc; C:\Program Files (x86)\UCBrowser\Application\UCService.exe [656784 2018-01-02] () <==== ATTENTION
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15446960 2018-11-21] ()
S2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25704 2018-07-08] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\NisSrv.exe [3856504 2019-04-09] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MsMpEng.exe [113992 2019-04-09] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-11] (Microsoft Corporation)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3354384 2018-03-05] (Intel Corporation)
R3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 qcusbnet; C:\WINDOWS\System32\drivers\mfusbnet.sys [162816 2014-07-26] (QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\mfusbser.sys [124416 2014-07-17] (Wireless Device)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1024392 2018-06-29] (Realtek )
S3 smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [152064 2018-04-12] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-02-01] (Apple, Inc.) [Fichier non signé]
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-11] (Microsoft Corporation)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [92040 2018-06-22] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-09] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [343520 2019-04-09] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [68576 2019-04-09] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-04-14 06:04 - 2019-04-14 06:04 - 000023195 _____ C:\Users\LtSmith\Desktop\FRST.txt
2019-04-12 23:03 - 2019-04-12 23:03 - 000000003 _____ C:\Users\LtSmith\Downloads\document(1).pdf
2019-04-12 11:46 - 2013-03-02 00:20 - 002193920 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2019-04-12 11:46 - 2013-03-02 00:20 - 000674304 ____N (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2019-04-11 11:37 - 2019-04-11 12:11 - 000000000 ____D C:\Users\LtSmith\Downloads\Microsoft Office 2010 Proffesional
2019-04-11 07:37 - 2019-04-11 07:37 - 000001082 _____ C:\Users\LtSmith\Desktop\Internet Download Manager.lnk
2019-04-11 07:25 - 2019-04-11 07:28 - 011398550 _____ C:\Users\LtSmith\Downloads\IDM 6.32 Build 9 with Patch [32bit + 64bit] [CrackingPatching].zip
2019-04-11 07:20 - 2019-04-11 07:20 - 000000000 _____ C:\Users\LtSmith\Downloads\Microsoft Office 2010 Service Pack 1.exe
2019-04-10 20:12 - 2019-04-10 20:12 - 000000003 _____ C:\Users\LtSmith\Downloads\document.pdf
2019-04-10 16:55 - 2019-04-13 17:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-08 23:49 - 2019-04-09 15:06 - 385579008 _____ C:\Users\LtSmith\Downloads\debian-9.8.0-amd64-DVD-3.iso
2019-04-05 10:24 - 2019-04-05 10:29 - 000000000 ____D C:\Users\LtSmith\Downloads\[ OxTorrent.com ] PNL - Deux Frères
2019-04-04 11:41 - 2018-12-20 10:05 - 000229296 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2019-04-01 08:26 - 2019-04-01 08:26 - 000045798 _____ C:\Users\LtSmith\Downloads\dossier-M5JOQXJN_DAHOUE_KOFFI-SM4IG1-418.pdf
2019-04-01 08:25 - 2019-04-01 08:25 - 000045768 _____ C:\Users\LtSmith\Downloads\dossier-M5JOQXJN_DAHOUE_KOFFI-SM4IF8-418.pdf
2019-04-01 08:19 - 2019-04-01 08:20 - 000045751 _____ C:\Users\LtSmith\Downloads\dossier-M5JOQXJN_DAHOUE_KOFFI-SL3IG8-318.pdf
2019-03-30 18:48 - 2019-03-30 18:48 - 000834262 _____ C:\Users\LtSmith\Downloads\FORMULAIRE-BOURSE-QUEBEC.pdf
2019-03-30 18:16 - 2019-03-30 18:16 - 001709474 _____ C:\Users\LtSmith\Downloads\FORMULAIRE-BOURSE-DEXEMPTION.pdf
2019-03-26 22:07 - 2019-03-27 00:59 - 1709140400 _____ C:\Users\LtSmith\Downloads\[OxTorrent.com] Captain.Marvel.2019.TRUEFRENCH.TS.XViD-NOUGATiNE.avi
2019-03-22 17:39 - 2019-03-22 17:39 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2019-03-22 16:53 - 2019-03-22 16:53 - 000088835 _____ C:\Users\LtSmith\Downloads\Demande d'admission(1).pdf
2019-03-22 16:24 - 2019-03-22 16:24 - 000116268 _____ C:\Users\LtSmith\Downloads\FinRapEtuEtaCte.pdf
2019-03-22 16:15 - 2019-03-22 16:59 - 000087534 _____ C:\Users\LtSmith\Downloads\Demande d'admission.pdf
2019-03-21 22:08 - 2019-03-21 22:08 - 000568057 _____ C:\Users\LtSmith\Downloads\imm5257b_1.pdf
2019-03-21 22:07 - 2019-03-21 22:07 - 001713693 _____ C:\Users\LtSmith\Downloads\imm5645f.pdf
2019-03-21 22:07 - 2019-03-21 22:07 - 000598328 _____ C:\Users\LtSmith\Downloads\imm1294f.pdf
2019-03-21 15:36 - 2019-04-14 05:52 - 000004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{18110D6F-C073-4FAB-BD4B-D54824E2D3AF}
2019-03-21 08:48 - 2019-03-21 08:48 - 000373571 _____ C:\Users\LtSmith\Guide 5269 – Présenter une demande de permis d’études - Canada.ca.pdf
2019-03-20 21:11 - 2019-03-20 21:11 - 000041599 _____ C:\Users\LtSmith\Downloads\4786743_Annie_SEGBE WOLEDZI.pdf
2019-03-20 17:51 - 2019-03-20 17:51 - 002070156 _____ C:\Users\LtSmith\Downloads\Formulaire de demande d'admission - UQAC(1).pdf
2019-03-20 15:12 - 2019-03-20 15:12 - 000097536 _____ C:\Users\LtSmith\relevé_bac_annie.pdf
2019-03-20 15:11 - 2019-03-20 15:11 - 000327893 _____ C:\Users\LtSmith\copie_naissance.pdf
2019-03-20 15:02 - 2019-03-20 15:03 - 002070156 _____ C:\Users\LtSmith\Downloads\Formulaire de demande d'admission - UQAC.pdf
2019-03-20 14:22 - 2019-03-20 14:22 - 001218329 _____ C:\Users\LtSmith\bulletin_classe_1ere_D.zip
2019-03-20 14:22 - 2019-03-20 14:22 - 000684198 _____ C:\Users\LtSmith\bulletin_3eme_trimestre_TerminaleD.zip
2019-03-20 14:22 - 2019-03-20 14:22 - 000522160 _____ C:\Users\LtSmith\bulletin_1er_trimestre_classe_premiereD.zip
2019-03-20 12:35 - 2019-03-20 12:35 - 000510720 _____ C:\Users\LtSmith\Downloads\Formulaire de demande d'admission à UQO - Tous les cycles.pdf
2019-03-20 10:13 - 2019-03-20 10:13 - 000259703 _____ C:\Users\LtSmith\attestation_licence_1.pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-04-14 06:01 - 2018-08-30 21:09 - 000000000 ____D C:\FRST
2019-04-14 05:55 - 2018-04-11 23:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-14 05:48 - 2018-07-15 06:24 - 000000328 _____ C:\WINDOWS\Tasks\UCBrowserUpdaterCore.job
2019-04-14 05:48 - 2018-06-29 22:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-13 17:41 - 2018-06-29 23:07 - 000000000 ____D C:\Users\LtSmith\AppData\LocalLow\Mozilla
2019-04-13 17:38 - 2019-02-04 14:08 - 000000000 ____D C:\ProgramData\VMware
2019-04-13 17:38 - 2018-08-30 12:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-13 17:38 - 2018-07-08 09:11 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-04-13 17:38 - 2018-07-07 14:12 - 000000000 __SHD C:\Users\LtSmith\IntelGraphicsProfiles
2019-04-13 17:38 - 2018-06-29 22:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-13 17:37 - 2018-06-30 00:04 - 000000000 ____D C:\Users\LtSmith\AppData\Local\Everything
2019-04-13 17:37 - 2018-06-29 22:57 - 000000000 ____D C:\Users\LtSmith\AppData\Roaming\DMCache
2019-04-13 17:37 - 2018-06-29 22:55 - 000000000 ____D C:\Users\LtSmith\AppData\Roaming\Everything
2019-04-13 17:37 - 2018-04-11 21:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-13 14:26 - 2018-06-29 23:04 - 000000000 ____D C:\Users\LtSmith\AppData\Roaming\AIMP3
2019-04-12 11:52 - 2018-04-11 23:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-12 11:50 - 2018-06-29 22:41 - 001685172 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-12 11:50 - 2018-04-12 16:19 - 000757292 _____ C:\WINDOWS\system32\perfh00C.dat
2019-04-12 11:50 - 2018-04-12 16:19 - 000142954 _____ C:\WINDOWS\system32\perfc00C.dat
2019-04-12 11:49 - 2018-08-30 12:52 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-04-12 11:45 - 2018-06-29 22:56 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2019-04-12 11:43 - 2018-07-08 15:19 - 000000000 ____D C:\Users\LtSmith\AppData\Roaming\qBittorrent
2019-04-11 10:37 - 2018-06-29 22:57 - 000000000 ____D C:\Users\LtSmith\AppData\Roaming\IDM
2019-04-11 07:33 - 2018-07-12 17:09 - 000000000 ____D C:\Users\LtSmith\AppData\Local\CrashDumps
2019-04-11 07:28 - 2018-06-29 22:57 - 000000000 ____D C:\Users\LtSmith\Downloads\Compressed
2019-04-10 18:39 - 2018-04-11 23:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-10 16:59 - 2018-07-15 12:58 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-09 19:13 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-09 18:16 - 2018-06-29 22:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-03-31 20:44 - 2018-07-15 06:24 - 000000492 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job
2019-03-29 06:23 - 2018-07-15 12:57 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-29 06:23 - 2018-07-15 12:57 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-26 21:36 - 2018-06-29 22:46 - 000000000 ____D C:\Users\LtSmith
2019-03-26 21:24 - 2018-07-15 06:24 - 000003532 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdater
2019-03-25 18:12 - 2018-07-25 10:45 - 000000000 ____D C:\Users\LtSmith\Desktop\BUREAU
2019-03-25 17:42 - 2018-06-29 22:57 - 000000000 ____D C:\Users\LtSmith\Downloads\Video
2019-03-25 17:29 - 2018-06-29 22:47 - 000000000 ____D C:\Users\LtSmith\AppData\Local\Packages
2019-03-23 10:42 - 2019-01-28 22:56 - 000000000 ____D C:\Users\LtSmith\Downloads\Telegram Desktop
2019-03-22 17:39 - 2018-06-29 22:47 - 000000000 ____D C:\Users\LtSmith\AppData\Roaming\Adobe
2019-03-22 16:45 - 2018-06-29 23:25 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2019-03-22 16:45 - 2018-06-29 23:25 - 000002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2019-03-22 16:45 - 2018-06-29 23:25 - 000002126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2019-03-21 14:36 - 2018-12-17 22:25 - 000000123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\netcut.url
2019-03-21 14:36 - 2018-12-17 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\netcut
2019-03-21 14:36 - 2018-12-17 22:25 - 000000000 ____D C:\Program Files (x86)\WinPcap
2019-03-21 14:36 - 2018-12-17 22:25 - 000000000 ____D C:\Program Files (x86)\arcai.com
2019-03-21 09:54 - 2018-07-25 17:08 - 000000000 ____D C:\Users\LtSmith\Desktop\S7
2019-03-21 07:01 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
==================== Fichiers à la racine de certains dossiers =======
2018-07-08 09:15 - 2018-07-08 09:15 - 000000000 ____D () C:\ProgramData\BatteryOptimizer.exe
Certains fichiers dans TEMP:
====================
2019-02-10 04:03 - 2019-02-10 04:03 - 005098612 _____ () C:\Users\LtSmith\AppData\Local\Temp\setup.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2018-06-29 22:27
==================== Fin de FRST.txt ============================
Exécuté par LtSmith (administrateur) sur DESKTOP-C54JPK3 (14-04-2019 06:04:34)
Exécuté depuis C:\Users\LtSmith\Desktop
Profils chargés: LtSmith (Profils disponibles: LtSmith)
Platform: Windows 10 Pro Version 1803 17134.523 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Arcai.com) C:\Program Files (x86)\arcai.com\aips.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Everything\Everything.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\UCBrowser\Application\UCService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.4-0\MsMpEng.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.4-0\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.19011.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Users\LtSmith\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileCoAuth.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12093.3.37141.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
() C:\Program Files (x86)\Bible Verse\verse.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
() C:\laragon\laragon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files (x86)\UCBrowser\Application\7.0.185.1002\UCAgent.exe
() C:\Program Files (x86)\arcai.com\netcut_windows.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
() C:\Program Files (x86)\Everything\Everything.exe
() C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.15.1001.0_x64__8wekyb3d8bbwe\GameBar.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-03-02] (IDT, Inc.)
HKLM-x32\...\Run: [Everything] => C:\Program Files (x86)\Everything\Everything.exe [1668200 2018-02-09] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-03-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499640 2017-03-28] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2014-10-08] (Power Software Ltd)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [125872 2018-11-21] (VMware, Inc.)
HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4042808 2019-04-05] (Tonec Inc.)
HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\Run: [uTorrent] => C:\Users\LtSmith\AppData\Roaming\uTorrent\uTorrent.exe [1987512 2018-07-08] (BitTorrent Inc.)
HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7722600 2018-07-08] (Lavasoft)
HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\Run: [SpeedConnectStartUp] => [X]
HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\MountPoints2: {53eb696d-a2c7-11e8-8295-a0481cd1f7d3} - "G:\Setup.exe" /s
HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\MountPoints2: {53eb6a11-a2c7-11e8-8295-a0481cd1f7d3} - "F:\Setup.exe" /s
Startup: C:\Users\LtSmith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Bible Verse.lnk [2018-06-29]
ShortcutTarget: Bible Verse.lnk -> C:\Program Files (x86)\Bible Verse\verse.exe ()
Startup: C:\Users\LtSmith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\laragon.lnk [2018-07-12]
ShortcutTarget: laragon.lnk -> C:\laragon\laragon.exe ()
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings)
ProxyEnable: [S-1-5-21-3198773003-2009487275-3018560174-1001] => Proxy est activé.
ProxyServer: [S-1-5-21-3198773003-2009487275-3018560174-1001] => http=127.0.0.1:8080;https=127.0.0.1:8080
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{3825c21c-30fd-4d6a-b492-61cfd35d9284}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6b198d74-39f8-4867-ba9d-ce095d7c8f8a}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{d45f618a-86e5-4634-a674-d5362d5ef967}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ebb6a973-d35f-4b43-8de4-f60aac379daf}: [DhcpNameServer] 192.168.137.1
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-3198773003-2009487275-3018560174-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__180708__yaie&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-11-21] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-06-29] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2018-06-30] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-06-29] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2018-06-30] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-11-21] (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-06-29] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-06-29] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\LtSmith\AppData\Roaming\Mozilla\Firefox\Profiles\sshuako0.default-1535645859375 [2019-04-14]
FF NetworkProxy: Mozilla\Firefox\Profiles\sshuako0.default-1535645859375 -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\sshuako0.default-1535645859375 -> Disabled: _omMembers_@screenwatch.yournewtab.com
FF NewTabOverride: Mozilla\Firefox\Profiles\sshuako0.default-1535645859375 -> Disabled: {230a5283-ab42-49a2-8860-b06d797917c7}
FF NewTabOverride: Mozilla\Firefox\Profiles\sshuako0.default-1535645859375 -> Disabled: _omMembers_@screenwatch.yournewtab.com
FF Extension: (Screen Watch) - C:\Users\LtSmith\AppData\Roaming\Mozilla\Firefox\Profiles\sshuako0.default-1535645859375\Extensions\_omMembers_@screenwatch.yournewtab.com.xpi [2018-12-04]
FF Extension: (SocialNewPages) - C:\Users\LtSmith\AppData\Roaming\Mozilla\Firefox\Profiles\sshuako0.default-1535645859375\Extensions\{230a5283-ab42-49a2-8860-b06d797917c7}.xpi [2019-04-10]
FF Extension: (Viewer Plus) - C:\Users\LtSmith\AppData\Roaming\Mozilla\Firefox\Profiles\sshuako0.default-1535645859375\Extensions\{880cacfe-5793-4346-89ce-fbbd368d394c}.xpi [2019-04-05]
FF Extension: (PrincipalInterceptor) - C:\Users\LtSmith\AppData\Roaming\Mozilla\Firefox\Profiles\sshuako0.default-1535645859375\Extensions\{c65b18e1-cd3d-4773-a901-15a0753e7d81}.xpi [2019-04-10]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\LtSmith\AppData\Roaming\Mozilla\Firefox\Profiles\sshuako0.default-1535645859375\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-10]
FF Extension: (Firefox Monitor) - C:\Users\LtSmith\AppData\Roaming\Mozilla\Firefox\Profiles\sshuako0.default-1535645859375\features\{972d01e3-481e-41cd-bf90-19bf44dda8fb}\fxmonitor@mozilla.org.xpi [2019-04-12]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2019-03-22] [Legacy]
FF HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2019-03-19]
FF HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\LtSmith\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\LtSmith\AppData\Roaming\IDM\idmmzcc5 [2019-04-11] [Legacy] [non signé]
FF HKU\S-1-5-21-3198773003-2009487275-3018560174-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2018-06-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2018-06-30] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-06-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-06-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-29] (Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-29] (Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\LtSmith\AppData\Local\Google\Chrome\User Data\Default [2019-03-21]
CHR Extension: (Docs) - C:\Users\LtSmith\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-15]
CHR Extension: (Google Drive) - C:\Users\LtSmith\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-15]
CHR Extension: (YouTube) - C:\Users\LtSmith\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-15]
CHR Extension: (Adobe Acrobat – Créer un fichier PDF) - C:\Users\LtSmith\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-07-15]
CHR Extension: (IDM Integration Module) - C:\Users\LtSmith\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-07-15]
CHR Extension: (Gmail) - C:\Users\LtSmith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-15]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-04-04]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-03-28]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-04-04]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021056 2016-03-03] (Adobe Systems, Incorporated)
R2 AIPS; C:\Program Files (x86)\arcai.com\aips.exe [2677760 2018-05-11] (Arcai.com) [Fichier non signé]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2776664 2015-08-15] (Microsoft Corporation)
R2 Everything; C:\Program Files (x86)\Everything\Everything.exe [1668200 2018-02-09] ()
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe [1268720 2019-04-03] (Google Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [359856 2015-07-25] (Intel Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-03-02] (IDT, Inc.) [Fichier non signé]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
R2 UCBrowserSvc; C:\Program Files (x86)\UCBrowser\Application\UCService.exe [656784 2018-01-02] () <==== ATTENTION
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15446960 2018-11-21] ()
S2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25704 2018-07-08] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\NisSrv.exe [3856504 2019-04-09] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MsMpEng.exe [113992 2019-04-09] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-11] (Microsoft Corporation)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3354384 2018-03-05] (Intel Corporation)
R3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 qcusbnet; C:\WINDOWS\System32\drivers\mfusbnet.sys [162816 2014-07-26] (QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\mfusbser.sys [124416 2014-07-17] (Wireless Device)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1024392 2018-06-29] (Realtek )
S3 smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [152064 2018-04-12] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-02-01] (Apple, Inc.) [Fichier non signé]
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-11] (Microsoft Corporation)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [92040 2018-06-22] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-09] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [343520 2019-04-09] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [68576 2019-04-09] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-04-14 06:04 - 2019-04-14 06:04 - 000023195 _____ C:\Users\LtSmith\Desktop\FRST.txt
2019-04-12 23:03 - 2019-04-12 23:03 - 000000003 _____ C:\Users\LtSmith\Downloads\document(1).pdf
2019-04-12 11:46 - 2013-03-02 00:20 - 002193920 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2019-04-12 11:46 - 2013-03-02 00:20 - 000674304 ____N (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2019-04-11 11:37 - 2019-04-11 12:11 - 000000000 ____D C:\Users\LtSmith\Downloads\Microsoft Office 2010 Proffesional
2019-04-11 07:37 - 2019-04-11 07:37 - 000001082 _____ C:\Users\LtSmith\Desktop\Internet Download Manager.lnk
2019-04-11 07:25 - 2019-04-11 07:28 - 011398550 _____ C:\Users\LtSmith\Downloads\IDM 6.32 Build 9 with Patch [32bit + 64bit] [CrackingPatching].zip
2019-04-11 07:20 - 2019-04-11 07:20 - 000000000 _____ C:\Users\LtSmith\Downloads\Microsoft Office 2010 Service Pack 1.exe
2019-04-10 20:12 - 2019-04-10 20:12 - 000000003 _____ C:\Users\LtSmith\Downloads\document.pdf
2019-04-10 16:55 - 2019-04-13 17:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-08 23:49 - 2019-04-09 15:06 - 385579008 _____ C:\Users\LtSmith\Downloads\debian-9.8.0-amd64-DVD-3.iso
2019-04-05 10:24 - 2019-04-05 10:29 - 000000000 ____D C:\Users\LtSmith\Downloads\[ OxTorrent.com ] PNL - Deux Frères
2019-04-04 11:41 - 2018-12-20 10:05 - 000229296 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2019-04-01 08:26 - 2019-04-01 08:26 - 000045798 _____ C:\Users\LtSmith\Downloads\dossier-M5JOQXJN_DAHOUE_KOFFI-SM4IG1-418.pdf
2019-04-01 08:25 - 2019-04-01 08:25 - 000045768 _____ C:\Users\LtSmith\Downloads\dossier-M5JOQXJN_DAHOUE_KOFFI-SM4IF8-418.pdf
2019-04-01 08:19 - 2019-04-01 08:20 - 000045751 _____ C:\Users\LtSmith\Downloads\dossier-M5JOQXJN_DAHOUE_KOFFI-SL3IG8-318.pdf
2019-03-30 18:48 - 2019-03-30 18:48 - 000834262 _____ C:\Users\LtSmith\Downloads\FORMULAIRE-BOURSE-QUEBEC.pdf
2019-03-30 18:16 - 2019-03-30 18:16 - 001709474 _____ C:\Users\LtSmith\Downloads\FORMULAIRE-BOURSE-DEXEMPTION.pdf
2019-03-26 22:07 - 2019-03-27 00:59 - 1709140400 _____ C:\Users\LtSmith\Downloads\[OxTorrent.com] Captain.Marvel.2019.TRUEFRENCH.TS.XViD-NOUGATiNE.avi
2019-03-22 17:39 - 2019-03-22 17:39 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2019-03-22 16:53 - 2019-03-22 16:53 - 000088835 _____ C:\Users\LtSmith\Downloads\Demande d'admission(1).pdf
2019-03-22 16:24 - 2019-03-22 16:24 - 000116268 _____ C:\Users\LtSmith\Downloads\FinRapEtuEtaCte.pdf
2019-03-22 16:15 - 2019-03-22 16:59 - 000087534 _____ C:\Users\LtSmith\Downloads\Demande d'admission.pdf
2019-03-21 22:08 - 2019-03-21 22:08 - 000568057 _____ C:\Users\LtSmith\Downloads\imm5257b_1.pdf
2019-03-21 22:07 - 2019-03-21 22:07 - 001713693 _____ C:\Users\LtSmith\Downloads\imm5645f.pdf
2019-03-21 22:07 - 2019-03-21 22:07 - 000598328 _____ C:\Users\LtSmith\Downloads\imm1294f.pdf
2019-03-21 15:36 - 2019-04-14 05:52 - 000004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{18110D6F-C073-4FAB-BD4B-D54824E2D3AF}
2019-03-21 08:48 - 2019-03-21 08:48 - 000373571 _____ C:\Users\LtSmith\Guide 5269 – Présenter une demande de permis d’études - Canada.ca.pdf
2019-03-20 21:11 - 2019-03-20 21:11 - 000041599 _____ C:\Users\LtSmith\Downloads\4786743_Annie_SEGBE WOLEDZI.pdf
2019-03-20 17:51 - 2019-03-20 17:51 - 002070156 _____ C:\Users\LtSmith\Downloads\Formulaire de demande d'admission - UQAC(1).pdf
2019-03-20 15:12 - 2019-03-20 15:12 - 000097536 _____ C:\Users\LtSmith\relevé_bac_annie.pdf
2019-03-20 15:11 - 2019-03-20 15:11 - 000327893 _____ C:\Users\LtSmith\copie_naissance.pdf
2019-03-20 15:02 - 2019-03-20 15:03 - 002070156 _____ C:\Users\LtSmith\Downloads\Formulaire de demande d'admission - UQAC.pdf
2019-03-20 14:22 - 2019-03-20 14:22 - 001218329 _____ C:\Users\LtSmith\bulletin_classe_1ere_D.zip
2019-03-20 14:22 - 2019-03-20 14:22 - 000684198 _____ C:\Users\LtSmith\bulletin_3eme_trimestre_TerminaleD.zip
2019-03-20 14:22 - 2019-03-20 14:22 - 000522160 _____ C:\Users\LtSmith\bulletin_1er_trimestre_classe_premiereD.zip
2019-03-20 12:35 - 2019-03-20 12:35 - 000510720 _____ C:\Users\LtSmith\Downloads\Formulaire de demande d'admission à UQO - Tous les cycles.pdf
2019-03-20 10:13 - 2019-03-20 10:13 - 000259703 _____ C:\Users\LtSmith\attestation_licence_1.pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-04-14 06:01 - 2018-08-30 21:09 - 000000000 ____D C:\FRST
2019-04-14 05:55 - 2018-04-11 23:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-14 05:48 - 2018-07-15 06:24 - 000000328 _____ C:\WINDOWS\Tasks\UCBrowserUpdaterCore.job
2019-04-14 05:48 - 2018-06-29 22:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-13 17:41 - 2018-06-29 23:07 - 000000000 ____D C:\Users\LtSmith\AppData\LocalLow\Mozilla
2019-04-13 17:38 - 2019-02-04 14:08 - 000000000 ____D C:\ProgramData\VMware
2019-04-13 17:38 - 2018-08-30 12:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-13 17:38 - 2018-07-08 09:11 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-04-13 17:38 - 2018-07-07 14:12 - 000000000 __SHD C:\Users\LtSmith\IntelGraphicsProfiles
2019-04-13 17:38 - 2018-06-29 22:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-13 17:37 - 2018-06-30 00:04 - 000000000 ____D C:\Users\LtSmith\AppData\Local\Everything
2019-04-13 17:37 - 2018-06-29 22:57 - 000000000 ____D C:\Users\LtSmith\AppData\Roaming\DMCache
2019-04-13 17:37 - 2018-06-29 22:55 - 000000000 ____D C:\Users\LtSmith\AppData\Roaming\Everything
2019-04-13 17:37 - 2018-04-11 21:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-13 14:26 - 2018-06-29 23:04 - 000000000 ____D C:\Users\LtSmith\AppData\Roaming\AIMP3
2019-04-12 11:52 - 2018-04-11 23:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-12 11:50 - 2018-06-29 22:41 - 001685172 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-12 11:50 - 2018-04-12 16:19 - 000757292 _____ C:\WINDOWS\system32\perfh00C.dat
2019-04-12 11:50 - 2018-04-12 16:19 - 000142954 _____ C:\WINDOWS\system32\perfc00C.dat
2019-04-12 11:49 - 2018-08-30 12:52 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-04-12 11:45 - 2018-06-29 22:56 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2019-04-12 11:43 - 2018-07-08 15:19 - 000000000 ____D C:\Users\LtSmith\AppData\Roaming\qBittorrent
2019-04-11 10:37 - 2018-06-29 22:57 - 000000000 ____D C:\Users\LtSmith\AppData\Roaming\IDM
2019-04-11 07:33 - 2018-07-12 17:09 - 000000000 ____D C:\Users\LtSmith\AppData\Local\CrashDumps
2019-04-11 07:28 - 2018-06-29 22:57 - 000000000 ____D C:\Users\LtSmith\Downloads\Compressed
2019-04-10 18:39 - 2018-04-11 23:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-10 16:59 - 2018-07-15 12:58 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-09 19:13 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-09 18:16 - 2018-06-29 22:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-03-31 20:44 - 2018-07-15 06:24 - 000000492 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job
2019-03-29 06:23 - 2018-07-15 12:57 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-29 06:23 - 2018-07-15 12:57 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-26 21:36 - 2018-06-29 22:46 - 000000000 ____D C:\Users\LtSmith
2019-03-26 21:24 - 2018-07-15 06:24 - 000003532 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdater
2019-03-25 18:12 - 2018-07-25 10:45 - 000000000 ____D C:\Users\LtSmith\Desktop\BUREAU
2019-03-25 17:42 - 2018-06-29 22:57 - 000000000 ____D C:\Users\LtSmith\Downloads\Video
2019-03-25 17:29 - 2018-06-29 22:47 - 000000000 ____D C:\Users\LtSmith\AppData\Local\Packages
2019-03-23 10:42 - 2019-01-28 22:56 - 000000000 ____D C:\Users\LtSmith\Downloads\Telegram Desktop
2019-03-22 17:39 - 2018-06-29 22:47 - 000000000 ____D C:\Users\LtSmith\AppData\Roaming\Adobe
2019-03-22 16:45 - 2018-06-29 23:25 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2019-03-22 16:45 - 2018-06-29 23:25 - 000002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2019-03-22 16:45 - 2018-06-29 23:25 - 000002126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2019-03-21 14:36 - 2018-12-17 22:25 - 000000123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\netcut.url
2019-03-21 14:36 - 2018-12-17 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\netcut
2019-03-21 14:36 - 2018-12-17 22:25 - 000000000 ____D C:\Program Files (x86)\WinPcap
2019-03-21 14:36 - 2018-12-17 22:25 - 000000000 ____D C:\Program Files (x86)\arcai.com
2019-03-21 09:54 - 2018-07-25 17:08 - 000000000 ____D C:\Users\LtSmith\Desktop\S7
2019-03-21 07:01 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
==================== Fichiers à la racine de certains dossiers =======
2018-07-08 09:15 - 2018-07-08 09:15 - 000000000 ____D () C:\ProgramData\BatteryOptimizer.exe
Certains fichiers dans TEMP:
====================
2019-02-10 04:03 - 2019-02-10 04:03 - 005098612 _____ () C:\Users\LtSmith\AppData\Local\Temp\setup.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2018-06-29 22:27
==================== Fin de FRST.txt ============================