Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2022
Exécuté par Ousmane BARRY (administrateur) sur DESKTOP-8N1F197 (HP HP Laptop 15-da0xxx) (29-06-2022 18:47:22)
Exécuté depuis C:\Users\Ousmane BARRY\Downloads
Profils chargés: Ousmane BARRY
Plate-forme: Microsoft Windows 11 Pro Version 21H2 22000.675 (X64) Langue: Anglais (États-Unis) -> Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\RealTimeProtector.exe
(C:\Program Files\Restoro\bin\RestoroProtection.exe ->) (Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroService.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.305.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\102.0.1245.44\msedgewebview2.exe <6>
(C:\Users\Ousmane BARRY\AppData\Roaming\uTorrent Web\utweb.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\Ousmane BARRY\AppData\Roaming\uTorrent Web\helper\helper.exe
(C:\Users\Ousmane BARRY\Downloads\FRST64.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2204.12.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <3>
(explorer.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\Ousmane BARRY\AppData\Roaming\uTorrent Web\utweb.exe
(explorer.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <13>
(explorer.exe ->) (Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroApp.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Ousmane BARRY\AppData\Local\Microsoft\OneDrive\22.111.0522.0002\Microsoft.SharePoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Ousmane BARRY\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Power Software Ltd) [Fichier non signé] C:\Program Files\PowerISO\PWRISOVM.EXE
(services.exe ->) (Conexant Systems LLC -> Conexant Systems LLC.) C:\Windows\System32\CxAudioSvc.exe
(services.exe ->) (Conexant Systems LLC -> Synaptics Incorporated.) C:\Windows\System32\SynAudSrv.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82419944dda69b12\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_3ad50285c3647623\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_3ad50285c3647623\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\Temp\DEL4BCE.tmp
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\Temp\DEL9CA3.tmp
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_7c484f80872e1cd8\jhi_service.exe
(services.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bb0c442560f99618\RtkAudUService64.exe <2>
(services.exe ->) (Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroProtection.exe
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(svchost.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.305.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bb0c442560f99618\RtkAudUService64.exe [1253232 2021-03-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Restoro] => C:\Program Files\Restoro\bin\RestoroApp.exe [477728 2022-03-23] (Restoro Ltd -> Restoro) <==== ATTENTION
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [441856 2017-10-24] (Power Software Ltd) [Fichier non signé]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1264594311-2122945503-3650374047-1001\...\Run: [MicrosoftEdgeAutoLaunch_3A22FE1C1615022485990EE31AE33484] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-06-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1264594311-2122945503-3650374047-1001\...\Run: [utweb] => C:\Users\Ousmane BARRY\AppData\Roaming\uTorrent Web\utweb.exe [6282784 2022-03-25] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1264594311-2122945503-3650374047-1001\...\Run: [Advanced SystemCare] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [5348480 2022-05-06] (IObit CO., LTD -> IObit)
HKU\S-1-5-21-1264594311-2122945503-3650374047-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1264594311-2122945503-3650374047-1001\...\MountPoints2: G - "G:\setup.exe"
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {10EE5B00-CCFF-41D8-9F25-986132AB942C} - System32\Tasks\GoogleUpdateTaskMachineQQ => powershell -EncodedCommand "PAAjAGsAdwB5ACMAPgAgAFMAdABhAHIAdAAtAFAAcgBvAGMAZQBzAHMAIAAtAEYAaQBsAGUAUABhAHQAaAAgACcAQwA6AFwAUAByAG8AZwByAGEAbQAgAEYAaQBsAGUAcwBcAEcAbwBvAGcAbABlAFwAQwBoAHIAbwBtAGUAVQBwAGQAYQB0AGUAcwBcAHUAcABkAGEAdABlAHIALgBlAHgAZQAnACAALQBWAGUAcgBiACAAUgB1AG4AQQBzACAAPAAjAG4AeQBwACMAPgA=" <==== ATTENTION
Task: {16893D8E-4E44-4FB1-8B8C-202EF1685D6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {26007125-A801-4290-86BA-3C202AEEABBB} - System32\Tasks\Window Update => C:\Users\Ousmane BARRY\AppData\Local\Updates\Run.vbs [1015 2022-05-09] () [Fichier non signé]
Task: {31A22674-3198-4BFB-B4F8-61EBB2BF6FBF} - System32\Tasks\Windows Service Task => C:\Users\Ousmane BARRY\AppData\Local\Updates\WindowsService.exe [5581312 2022-05-11] () [Fichier non signé]
Task: {3B2CA7A5-81C9-4A85-A181-D02E59D0198A} - System32\Tasks\ASC_SkipUac_Ousmane BARRY => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [10952256 2022-06-22] (IObit CO., LTD -> IObit)
Task: {4CB4F91E-10BC-4E10-B854-58F5FA41AEB7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C48803E-CFB9-4668-9F99-348724FFFAA4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {74A5ACE9-FE82-457E-956F-8BE1E9A96889} - System32\Tasks\Sump Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\sump.exe [1792904 2022-06-25] (IObit CO., LTD -> IObit)
Task: {B055651A-8944-42E1-8763-E64DD2094A15} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [5467264 2022-05-12] (IObit CO., LTD -> IObit)
Task: {B9715495-7812-499E-9B1C-648810D5B512} - System32\Tasks\Uninstaller_SkipUac_Ousmane_BARRY => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [7527496 2022-05-05] (IObit CO., LTD -> IObit)
Task: {BBC6179D-05CA-41AF-B119-092767538811} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FE81DCF7-6923-4C19-B242-07567795C241} - System32\Tasks\Driver Booster SkipUAC (Ousmane BARRY) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [8644096 2022-06-08] (IObit) [Fichier non signé]
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{958d0059-40d5-4d21-8b68-4f6165b90d51}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ousmane BARRY\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-29]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2022-06-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2022-06-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2019-03-14] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @java.com/DTPlugin,version=11.331.2 -> C:\Program Files (x86)\Java\jre1.8.0_331\bin\dtplugin\npDeployJava1.dll [2022-06-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.331.2 -> C:\Program Files (x86)\Java\jre1.8.0_331\bin\plugin2\npjp2.dll [2022-06-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdvancedSystemCareService15; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1300096 2022-04-20] (IObit CO., LTD -> IObit)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158744 2022-02-10] (IObit CO., LTD -> IObit)
R2 RestoroActiveProtection; C:\Program Files\Restoro\bin\RestoroProtection.exe [9310216 2021-02-07] (Restoro Ltd -> Restoro) <==== ATTENTION
S4 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6207672 2022-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
U3 WaaSMedicSvc; %systemroot%\system32\WaasMedicSvc.dll [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AscFileControl; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileControl.sys [40920 2021-07-07] (IObit CO., LTD -> IObit)
R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [47904 2022-03-23] (IObit CO., LTD -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [46552 2021-07-07] (IObit CO., LTD -> IObit)
R3 cpuz150; C:\Windows\temp\cpuz150\cpuz150_x64.sys [44832 2022-06-25] (CPUID S.A.R.L.U. -> CPUID)
S3 Hsp; C:\Windows\System32\drivers\Hsp.sys [111960 2022-06-13] (Microsoft Windows -> Microsoft Corporation)
R3 iobit_monitor_server2021; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [33256 2021-08-11] (IObit CO., LTD -> IObit)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
S3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
S3 MpKsl2cbb48e6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{27D990BB-2A04-4BFB-9CFA-BEA6B3F119F9}\MpKslDrv.sys [137464 2022-06-18] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl92803c27; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{27D990BB-2A04-4BFB-9CFA-BEA6B3F119F9}\MpKslDrv.sys [137464 2022-06-18] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsla5b9372b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{27D990BB-2A04-4BFB-9CFA-BEA6B3F119F9}\MpKslDrv.sys [137464 2022-06-18] (Microsoft Windows -> Microsoft Corporation)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_d2a498d51a4f7bec\rtcx21x64.sys [409000 2021-06-01] (Realtek Semiconductor Corp. -> Realtek)
S4 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2022-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S4 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [443664 2022-06-13] (Microsoft Windows -> Microsoft Corporation)
S4 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90384 2022-06-13] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
S3 rt68cx21; \SystemRoot\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_3ae4233b59b42991\rt68cx21x64.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Exécuté par Ousmane BARRY (administrateur) sur DESKTOP-8N1F197 (HP HP Laptop 15-da0xxx) (29-06-2022 18:47:22)
Exécuté depuis C:\Users\Ousmane BARRY\Downloads
Profils chargés: Ousmane BARRY
Plate-forme: Microsoft Windows 11 Pro Version 21H2 22000.675 (X64) Langue: Anglais (États-Unis) -> Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\RealTimeProtector.exe
(C:\Program Files\Restoro\bin\RestoroProtection.exe ->) (Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroService.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.305.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\102.0.1245.44\msedgewebview2.exe <6>
(C:\Users\Ousmane BARRY\AppData\Roaming\uTorrent Web\utweb.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\Ousmane BARRY\AppData\Roaming\uTorrent Web\helper\helper.exe
(C:\Users\Ousmane BARRY\Downloads\FRST64.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2204.12.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <3>
(explorer.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\Ousmane BARRY\AppData\Roaming\uTorrent Web\utweb.exe
(explorer.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <13>
(explorer.exe ->) (Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroApp.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Ousmane BARRY\AppData\Local\Microsoft\OneDrive\22.111.0522.0002\Microsoft.SharePoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Ousmane BARRY\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Power Software Ltd) [Fichier non signé] C:\Program Files\PowerISO\PWRISOVM.EXE
(services.exe ->) (Conexant Systems LLC -> Conexant Systems LLC.) C:\Windows\System32\CxAudioSvc.exe
(services.exe ->) (Conexant Systems LLC -> Synaptics Incorporated.) C:\Windows\System32\SynAudSrv.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82419944dda69b12\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_3ad50285c3647623\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_3ad50285c3647623\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\Temp\DEL4BCE.tmp
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\Temp\DEL9CA3.tmp
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_7c484f80872e1cd8\jhi_service.exe
(services.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bb0c442560f99618\RtkAudUService64.exe <2>
(services.exe ->) (Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroProtection.exe
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(svchost.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.305.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bb0c442560f99618\RtkAudUService64.exe [1253232 2021-03-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Restoro] => C:\Program Files\Restoro\bin\RestoroApp.exe [477728 2022-03-23] (Restoro Ltd -> Restoro) <==== ATTENTION
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [441856 2017-10-24] (Power Software Ltd) [Fichier non signé]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1264594311-2122945503-3650374047-1001\...\Run: [MicrosoftEdgeAutoLaunch_3A22FE1C1615022485990EE31AE33484] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-06-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1264594311-2122945503-3650374047-1001\...\Run: [utweb] => C:\Users\Ousmane BARRY\AppData\Roaming\uTorrent Web\utweb.exe [6282784 2022-03-25] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1264594311-2122945503-3650374047-1001\...\Run: [Advanced SystemCare] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [5348480 2022-05-06] (IObit CO., LTD -> IObit)
HKU\S-1-5-21-1264594311-2122945503-3650374047-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1264594311-2122945503-3650374047-1001\...\MountPoints2: G - "G:\setup.exe"
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {10EE5B00-CCFF-41D8-9F25-986132AB942C} - System32\Tasks\GoogleUpdateTaskMachineQQ => powershell -EncodedCommand "PAAjAGsAdwB5ACMAPgAgAFMAdABhAHIAdAAtAFAAcgBvAGMAZQBzAHMAIAAtAEYAaQBsAGUAUABhAHQAaAAgACcAQwA6AFwAUAByAG8AZwByAGEAbQAgAEYAaQBsAGUAcwBcAEcAbwBvAGcAbABlAFwAQwBoAHIAbwBtAGUAVQBwAGQAYQB0AGUAcwBcAHUAcABkAGEAdABlAHIALgBlAHgAZQAnACAALQBWAGUAcgBiACAAUgB1AG4AQQBzACAAPAAjAG4AeQBwACMAPgA=" <==== ATTENTION
Task: {16893D8E-4E44-4FB1-8B8C-202EF1685D6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {26007125-A801-4290-86BA-3C202AEEABBB} - System32\Tasks\Window Update => C:\Users\Ousmane BARRY\AppData\Local\Updates\Run.vbs [1015 2022-05-09] () [Fichier non signé]
Task: {31A22674-3198-4BFB-B4F8-61EBB2BF6FBF} - System32\Tasks\Windows Service Task => C:\Users\Ousmane BARRY\AppData\Local\Updates\WindowsService.exe [5581312 2022-05-11] () [Fichier non signé]
Task: {3B2CA7A5-81C9-4A85-A181-D02E59D0198A} - System32\Tasks\ASC_SkipUac_Ousmane BARRY => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [10952256 2022-06-22] (IObit CO., LTD -> IObit)
Task: {4CB4F91E-10BC-4E10-B854-58F5FA41AEB7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C48803E-CFB9-4668-9F99-348724FFFAA4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {74A5ACE9-FE82-457E-956F-8BE1E9A96889} - System32\Tasks\Sump Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\sump.exe [1792904 2022-06-25] (IObit CO., LTD -> IObit)
Task: {B055651A-8944-42E1-8763-E64DD2094A15} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [5467264 2022-05-12] (IObit CO., LTD -> IObit)
Task: {B9715495-7812-499E-9B1C-648810D5B512} - System32\Tasks\Uninstaller_SkipUac_Ousmane_BARRY => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [7527496 2022-05-05] (IObit CO., LTD -> IObit)
Task: {BBC6179D-05CA-41AF-B119-092767538811} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FE81DCF7-6923-4C19-B242-07567795C241} - System32\Tasks\Driver Booster SkipUAC (Ousmane BARRY) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [8644096 2022-06-08] (IObit) [Fichier non signé]
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{958d0059-40d5-4d21-8b68-4f6165b90d51}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ousmane BARRY\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-29]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2022-06-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2022-06-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2019-03-14] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @java.com/DTPlugin,version=11.331.2 -> C:\Program Files (x86)\Java\jre1.8.0_331\bin\dtplugin\npDeployJava1.dll [2022-06-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.331.2 -> C:\Program Files (x86)\Java\jre1.8.0_331\bin\plugin2\npjp2.dll [2022-06-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdvancedSystemCareService15; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1300096 2022-04-20] (IObit CO., LTD -> IObit)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158744 2022-02-10] (IObit CO., LTD -> IObit)
R2 RestoroActiveProtection; C:\Program Files\Restoro\bin\RestoroProtection.exe [9310216 2021-02-07] (Restoro Ltd -> Restoro) <==== ATTENTION
S4 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6207672 2022-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
U3 WaaSMedicSvc; %systemroot%\system32\WaasMedicSvc.dll [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AscFileControl; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileControl.sys [40920 2021-07-07] (IObit CO., LTD -> IObit)
R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [47904 2022-03-23] (IObit CO., LTD -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [46552 2021-07-07] (IObit CO., LTD -> IObit)
R3 cpuz150; C:\Windows\temp\cpuz150\cpuz150_x64.sys [44832 2022-06-25] (CPUID S.A.R.L.U. -> CPUID)
S3 Hsp; C:\Windows\System32\drivers\Hsp.sys [111960 2022-06-13] (Microsoft Windows -> Microsoft Corporation)
R3 iobit_monitor_server2021; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [33256 2021-08-11] (IObit CO., LTD -> IObit)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
S3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
S3 MpKsl2cbb48e6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{27D990BB-2A04-4BFB-9CFA-BEA6B3F119F9}\MpKslDrv.sys [137464 2022-06-18] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl92803c27; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{27D990BB-2A04-4BFB-9CFA-BEA6B3F119F9}\MpKslDrv.sys [137464 2022-06-18] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsla5b9372b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{27D990BB-2A04-4BFB-9CFA-BEA6B3F119F9}\MpKslDrv.sys [137464 2022-06-18] (Microsoft Windows -> Microsoft Corporation)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_d2a498d51a4f7bec\rtcx21x64.sys [409000 2021-06-01] (Realtek Semiconductor Corp. -> Realtek)
S4 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2022-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S4 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [443664 2022-06-13] (Microsoft Windows -> Microsoft Corporation)
S4 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90384 2022-06-13] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
S3 rt68cx21; \SystemRoot\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_3ae4233b59b42991\rt68cx21x64.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)