Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92792 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Infected [Closed]

Farbar Recovery Scan Tool

  • This topic is locked This topic is locked
3 replies to this topic

#1 BCDboy

BCDboy

    New Member

  • New Member
  • Pip
  • 1 posts

Posted 12 June 2020 - 05:14 AM

Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Exécuté par tomporaire (administrateur) sur TOMPORAIRE-PC (Hewlett-Packard HP EliteBook 8440p) (12-06-2020 10:43:14)
Exécuté depuis C:\Users\tomporaire\Desktop
Profils chargés: tomporaire
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" -- "%1")
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processus (Avec liste blanche) =================
 
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Alexandre Coelho) [Fichier non signé] C:\Users\tomporaire\Desktop\Windows_Repair_Toolbox.exe
(Ashampoo GmbH & Co. KG -> ) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTuner2.exe
(Ashampoo GmbH & Co. KG -> ) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTunerService.exe
(Ashampoo GmbH & Co. KG -> ) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\WO16.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe <14>
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\BraveCrashHandler64.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avpui.exe
(Li Yongfa -> Lifsoft,INC) C:\Program Files (x86)\AutoPowerOn\WinScheduler.exe
(LSI Corporation -> LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\msoia.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Smadsoft) [Fichier non signé] C:\Program Files (x86)\SMADAV\SMΔRTP.exe
(TEFINCOM S.A. -> NordVPN) C:\Program Files (x86)\NordVPN\NordVPN.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Tonec Inc.) [Fichier non signé] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Zainuddin Nafarin -> Smadav Software) C:\Program Files (x86)\SMADAV\SmadavProtect64.exe
 
==================== Registre (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
 
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [489472 2000-01-01] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTuner2.exe [4507552 2019-02-18] (Ashampoo GmbH & Co. KG -> )
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SMΔRT-Protection] => C:\Program Files (x86)\Smadav\SMΔRTP.exe [1920080 2020-06-06] (Smadsoft) [Fichier non signé]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5641776 2020-05-29] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [NoDriveAutoRun-] 0
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun-] 0
HKU\S-1-5-21-1355259030-146301216-2603353483-1000\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [1844688 2020-05-28] (TEFINCOM S.A. -> NordVPN)
HKU\S-1-5-21-1355259030-146301216-2603353483-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3948600 2018-07-09] (Tonec Inc.) [Fichier non signé]
HKU\S-1-5-21-1355259030-146301216-2603353483-1000\...\Policies\Explorer: [NoDriveAutoRun-] 0
HKU\S-1-5-21-1355259030-146301216-2603353483-1000\...\Policies\Explorer: [NoDriveTypeAutoRun-] 0
HKU\S-1-5-21-1355259030-146301216-2603353483-1000\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1355259030-146301216-2603353483-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1355259030-146301216-2603353483-1000\...\Policies\Explorer\DisallowRun: [1] Mshta.exe
HKU\S-1-5-21-1355259030-146301216-2603353483-1000\...\Policies\Explorer\DisallowRun: [2] powershell.exe
HKU\S-1-5-21-1355259030-146301216-2603353483-1000\...\Policies\Explorer\DisallowRun: [3] bitsadmin.exe
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\SYSTEM32\AdobePDF.dll [65488 2020-05-29] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\81.1.9.80\Installer\chrmstp.exe [2020-06-11] (Brave Software, Inc.) [Fichier non signé]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Tâches planifiées (Avec liste blanche) ============
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
Task: {058F79A2-D825-4A9F-A417-07134B172E8C} - \AutoKMS -> Pas de fichier <==== ATTENTION
Task: {081CE037-A9B8-4DC7-8FB4-CE8AD50B0258} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24608104 2020-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {155B08F2-A9C2-403F-B390-46659DF6CCDE} - \Microsoft\Windows\End Of Support\Notify2 -> Pas de fichier <==== ATTENTION
Task: {2AEABD39-39D4-4D3F-B3D3-F03D4D2F2066} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24608104 2020-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {3597D7C2-40C0-42A2-958A-696C915837F7} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [10652600 2019-02-13] (Tilf AB -> Dll-FIles.Com)
Task: {650E947F-B10C-4D0B-BAD4-07E84FD43B81} - \Microsoft\Windows\End Of Support\Notify1 -> Pas de fichier <==== ATTENTION
Task: {76C0520C-59A9-4CC0-A23F-9121B42AD7F2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158536 2020-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B1B6C38-0E8F-4C77-8387-6116BB840C2D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-11] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7C4D4F56-5D02-40B6-8147-DCA9C5AD41B5} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {A8EF0B2E-D3A3-45EC-AA51-DEE29A252E78} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158240 2020-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5F81993-A1AE-435D-91E7-51699C52AA80} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158240 2020-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB6726F9-A38B-4D2E-B01E-EB17BC689B7B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-06-11] (Adobe Inc. -> Adobe Systems)
Task: {BFE0142C-69EC-4D9F-9964-5EA5653DA08D} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [10652600 2019-02-13] (Tilf AB -> Dll-FIles.Com)
Task: {C6888314-E1B3-44F6-BF2B-CF9833801FB0} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {C8377396-D343-410D-9902-D49B40144A2C} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [10652600 2019-02-13] (Tilf AB -> Dll-FIles.Com)
Task: {D8AA8CA0-5574-479C-9346-AB6CED428618} - System32\Tasks\smadav => C:\Program Files (x86)\Smadav\SMΔRTP.exe [1920080 2020-06-06] (Smadsoft) [Fichier non signé]
Task: {DCB8A5F6-2FB8-4A5A-B17F-82879555ACA3} - System32\Tasks\{EB602AE6-566A-4DEF-8199-80A9516605B4} => C:\Program Files (x86)\NordVPN\NordVPN.exe [1844688 2020-05-28] (TEFINCOM S.A. -> NordVPN)
Task: {E1B3500B-ECE6-4C96-84FB-119559214879} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158536 2020-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {E8CA4BDE-3D0E-47ED-988F-24AF3AF1FECD} - \Games\UpdateCheck_S-1-5-21-1355259030-146301216-2603353483-1000 -> Pas de fichier <==== ATTENTION
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
 
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
 
==================== Internet (Avec liste blanche) ====================
 
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
 
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Pas de fichier 
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Pas de fichier 
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Pas de fichier 
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Pas de fichier 
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29EA74A5-1FD4-45EC-BE15-9CA169D93D28}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{29EA74A5-1FD4-45EC-BE15-9CA169D93D28}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{71FD8026-D474-45CA-B975-6C86A8A67D93}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1355259030-146301216-2603353483-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-06-19] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\IEExt\ie_plugin.dll [2020-06-06] (Kaspersky Lab -> AO Kaspersky Lab)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2020-05-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-06-19] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\IEExt\ie_plugin.dll [2020-06-06] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2020-05-30] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\IEExt\ie_plugin.dll [2020-06-06] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\IEExt\ie_plugin.dll [2020-06-06] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-1355259030-146301216-2603353483-1000 -> Pas de nom - {C500C267-63BF-451F-8797-4D720C9A2ED9} -  Pas de fichier
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-05-30] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-05-29]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-02-16] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-02-16] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-05-29] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
 
==================== Services (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2000-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-16] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-16] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11111280 2020-05-07] (Microsoft Corporation -> Microsoft Corporation)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\DfsdkS.exe [406016 2020-06-11] (mst software GmbH, Germany) [Fichier non signé]
S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [244176 2020-05-28] (TEFINCOM S.A. -> )
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2020-06-11] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [271360 2000-01-01] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28672 2013-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WO_LiveService2; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTunerService.exe [308128 2019-02-18] (Ashampoo GmbH & Co. KG -> )
 
===================== Pilotes (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [43320 2011-05-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1212416 2000-01-01] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2018-09-07] (AVAST Software s.r.o. -> The OpenVPN Project)
S3 avgTap; C:\Windows\System32\DRIVERS\avgTap.sys [54888 2018-09-05] (AVG Technologies CZ, s.r.o. -> The OpenVPN Project)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [30008 2011-05-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531584 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79768 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145504 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [251800 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [633600 2020-04-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1217792 2020-04-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [998296 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [79760 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [211048 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [232344 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab)
R2 LiveTuner2PM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTuner64.sys [14320 2019-02-18] (Ashampoo GmbH & Co. KG -> )
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw01.sys [11534096 2015-05-04] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 nlwt; C:\Windows\System32\DRIVERS\nlwt.sys [29888 2020-04-24] (TEFINCOM S.A. -> WireGuard LLC)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 RICOH SmartCard Reader; C:\Windows\System32\DRIVERS\rismcx64.sys [59008 2009-07-20] (Microsoft Windows Hardware Compatibility Publisher -> RICOH Company, Ltd.)
R2 rimmptsk; C:\Windows\System32\DRIVERS\rimmpx64.sys [67584 2009-06-25] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 rismcx64; C:\Windows\System32\DRIVERS\rismcx64.sys [59008 2009-07-20] (Microsoft Windows Hardware Compatibility Publisher -> RICOH Company, Ltd.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1803904 2010-06-03] (SONIX TECHNOLOGY CO. , LTD -> )
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [515584 2000-01-01] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [35592 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [35768 2019-07-02] (ProtonVPN AG -> The OpenVPN Project)
U5 vsock; C:\Windows\System32\Drivers\vsock.sys [103736 2019-08-14] (VMware, Inc. -> VMware, Inc.)
U1 aswbdisk; pas de ImagePath
U4 npcap_wifi; pas de ImagePath
 
==================== NetSvcs (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
 
==================== Un mois (créés) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
 
2020-06-12 09:58 - 2020-06-12 10:10 - 000026103 _____ C:\Users\tomporaire\Desktop\Addition.txt
2020-06-12 09:47 - 2020-06-12 10:54 - 000025017 _____ C:\Users\tomporaire\Desktop\FRST.txt
2020-06-12 09:47 - 2020-06-12 09:47 - 002289152 _____ (Farbar) C:\Users\tomporaire\Desktop\FRST64.exe
2020-06-12 08:24 - 2020-06-12 08:24 - 000069904 _____ C:\Users\tomporaire\AppData\Local\GDIPFONTCACHEV1.DAT
2020-06-12 06:35 - 2020-06-12 06:35 - 000002039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-06-11 21:30 - 2020-06-11 21:31 - 000314880 _____ (Alexandre Coelho) C:\Users\tomporaire\Desktop\updater.exe
2020-06-11 21:30 - 2020-05-01 23:15 - 000000000 ____D C:\Users\tomporaire\Desktop\Final Tests
2020-06-11 21:30 - 2020-05-01 23:15 - 000000000 ____D C:\Users\tomporaire\Desktop\files
2020-06-11 21:30 - 2020-05-01 23:15 - 000000000 ____D C:\Users\tomporaire\Desktop\custom
2020-06-11 21:30 - 2020-05-01 23:14 - 001820672 _____ (Alexandre Coelho) C:\Users\tomporaire\Desktop\Windows_Repair_Toolbox.exe
2020-06-11 21:30 - 2020-04-04 13:46 - 000000401 _____ C:\Users\tomporaire\Desktop\Windows_Repair_Toolbox.exe.config
2020-06-11 20:54 - 2020-06-11 20:54 - 000000000 ____D C:\Users\tomporaire\AppData\Local\mbam
2020-06-11 20:02 - 2020-06-11 20:04 - 000322584 _____ C:\Windows\system32\FNTCACHE.DAT
2020-06-11 16:35 - 2020-06-11 20:09 - 000003112 _____ C:\Windows\system32\Tasks\RDReminder
2020-06-11 16:35 - 2020-06-11 20:03 - 000000302 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
2020-06-11 16:35 - 2020-06-11 20:03 - 000000286 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2020-06-11 16:35 - 2020-06-11 16:35 - 000003062 _____ C:\Windows\system32\Tasks\DLL-Files.Com Fixer_Updates
2020-06-11 16:35 - 2020-06-11 16:35 - 000003048 _____ C:\Windows\system32\Tasks\DLL-Files.Com Fixer_MONTHLY
2020-06-11 16:35 - 2020-06-11 16:35 - 000001094 _____ C:\Users\Public\Desktop\Dll-Files Fixer.lnk
2020-06-11 16:35 - 2020-06-11 16:35 - 000001094 _____ C:\ProgramData\Desktop\Dll-Files Fixer.lnk
2020-06-11 16:35 - 2020-06-11 16:35 - 000000000 ____D C:\Users\tomporaire\AppData\Roaming\dll-files.com
2020-06-11 16:35 - 2020-06-11 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2020-06-11 16:35 - 2020-06-11 16:35 - 000000000 ____D C:\Program Files (x86)\Dll-Files.com Fixer
2020-06-11 13:20 - 2020-06-11 13:20 - 000000000 ____D C:\Program Files\Malwarebytes
2020-06-11 13:20 - 2020-06-11 13:20 - 000000000 ____D C:\Malwarebytes
2020-06-11 12:38 - 2020-06-11 12:38 - 001728127 _____ C:\Users\tomporaire\Desktop\Autoruns.zip
2020-06-11 12:05 - 2020-06-11 12:05 - 000012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2020-06-11 11:15 - 2020-06-11 13:10 - 000000000 ____D C:\Program Files (x86)\UnHackMe
2020-06-11 11:08 - 2020-06-11 12:07 - 000000000 ____D C:\ProgramData\HitmanPro
2020-06-11 09:51 - 2020-06-11 10:31 - 000000107 _____ C:\Windows\directx.sys
2020-06-11 09:47 - 2020-06-11 09:47 - 000000000 __SHD C:\Users\tomporaire\AppData\Roaming\WinSl
2020-06-11 09:45 - 2020-06-11 09:45 - 000000000 ____D C:\Users\tomporaire\AppData\Local\Iheb_Briki
2020-06-11 09:44 - 2020-06-11 10:42 - 000000000 __SHD C:\ProgramData\Synaptics
2020-06-11 09:44 - 2020-06-11 09:44 - 000000000 ____D C:\Users\tomporaire\AppData\Local\SkinSoft
2020-06-09 17:25 - 2020-06-09 17:25 - 000000000 ____D C:\Users\tomporaire\AppData\Roaming\Neos Eureka S.r.l
2020-06-07 13:34 - 2020-06-07 13:34 - 000000000 ____D C:\Users\tomporaire\AppData\Roaming\RenewedVision
2020-06-07 13:28 - 2020-06-07 13:28 - 000000000 ____D C:\ProgramData\Renewed Vision
2020-06-07 13:27 - 2020-06-07 13:39 - 000000000 ____D C:\Program Files (x86)\Renewed Vision
2020-06-07 13:24 - 2020-06-07 13:24 - 000000000 ____D C:\Users\tomporaire\AppData\Local\Apple
2020-06-07 13:23 - 2020-06-07 13:23 - 000000000 ____D C:\ProgramData\Apple
2020-06-07 10:16 - 2020-06-07 11:15 - 000016512 _____ C:\Windows\SysWOW64\antimalware.unwanted_products.product_registry.kvdb-wal
2020-06-07 10:16 - 2020-06-07 10:16 - 000032768 _____ C:\Windows\SysWOW64\antimalware.unwanted_products.product_registry.kvdb-shm
2020-06-07 10:16 - 2020-06-07 10:16 - 000032768 _____ C:\Windows\SysWOW64\antimalware.unwanted_products.browser_extension_registry.kvdb-shm
2020-06-07 10:16 - 2020-06-07 10:16 - 000032768 _____ C:\Windows\SysWOW64\antimalware.patch_management.product_registry.kvdb-shm
2020-06-07 10:16 - 2020-06-07 10:16 - 000012288 _____ C:\Windows\SysWOW64\antimalware.unwanted_products.product_registry.kvdb
2020-06-07 10:16 - 2020-06-07 10:16 - 000012288 _____ C:\Windows\SysWOW64\antimalware.unwanted_products.browser_extension_registry.kvdb
2020-06-07 10:16 - 2020-06-07 10:16 - 000012288 _____ C:\Windows\SysWOW64\antimalware.patch_management.product_registry.kvdb
2020-06-07 10:16 - 2020-06-07 10:16 - 000000000 _____ C:\Windows\SysWOW64\antimalware.unwanted_products.browser_extension_registry.kvdb-wal
2020-06-07 10:16 - 2020-06-07 10:16 - 000000000 _____ C:\Windows\SysWOW64\antimalware.patch_management.product_registry.kvdb-wal
2020-06-07 07:48 - 2020-06-07 07:48 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2020-06-07 04:48 - 2020-06-07 04:48 - 000622364 _____ C:\Users\tomporaire\Downloads\Trademark Licensing_ The Problem of Adequate Control.pdf
2020-06-07 01:13 - 2016-05-12 15:18 - 000090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2020-06-06 23:53 - 2020-06-06 23:53 - 000000000 ____D C:\Users\Default\AppData\Local\Kaspersky Lab
2020-06-06 23:53 - 2020-06-06 23:53 - 000000000 ____D C:\Users\Default User\AppData\Local\Kaspersky Lab
2020-06-06 23:42 - 2020-06-06 23:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2020-06-06 23:42 - 2020-06-06 09:11 - 000002119 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2020-06-06 23:42 - 2020-06-06 09:11 - 000002119 _____ C:\ProgramData\Desktop\Kaspersky Total Security.lnk
2020-06-06 10:38 - 2020-06-12 09:20 - 000000000 ____D C:\Users\tomporaire\AppData\Local\CrashDumps
2020-06-06 09:24 - 2020-06-06 10:34 - 000000000 ____D C:\Users\tomporaire\AppData\Roaming\SOLUTO Application Setup Executable
2020-06-05 22:11 - 2020-06-12 06:37 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-06-05 22:08 - 2020-06-09 18:07 - 000000000 ____D C:\Users\tomporaire\AppData\Local\Adobe
2020-06-05 22:07 - 2020-06-12 06:35 - 000002028 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-06-05 22:07 - 2020-06-05 22:07 - 000002016 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2020-06-05 22:07 - 2020-06-05 22:07 - 000002016 _____ C:\ProgramData\Desktop\Adobe Acrobat DC.lnk
2020-06-05 22:04 - 2020-06-05 22:17 - 000000000 ____D C:\ProgramData\Adobe
2020-06-05 22:04 - 2020-06-05 22:04 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-06-05 11:50 - 2020-06-08 12:10 - 000000000 ____D C:\RecMaster recording folder
2020-06-05 11:49 - 2020-06-09 11:55 - 000000000 ____D C:\Program Files (x86)\Auntec
2020-06-05 11:49 - 2020-06-08 11:00 - 000000000 ____D C:\Users\tomporaire\AppData\Roaming\recmaster
2020-06-05 04:54 - 2020-06-05 04:54 - 000004246 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-06-05 04:41 - 2020-06-05 04:41 - 000000000 ____D C:\Users\tomporaire\AppData\Local\Apps\2.0
2020-06-05 04:30 - 2020-06-05 04:30 - 000000000 ____D C:\Users\tomporaire\AppData\Local\Ashampoo
2020-06-05 04:29 - 2020-06-05 04:29 - 000001242 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 16.lnk
2020-06-05 04:29 - 2020-06-05 04:29 - 000001242 _____ C:\ProgramData\Desktop\Ashampoo WinOptimizer 16.lnk
2020-06-05 04:29 - 2020-06-05 04:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2020-06-05 04:29 - 2020-06-05 04:29 - 000000000 ____D C:\ProgramData\Ashampoo
2020-06-05 04:29 - 2020-06-05 04:29 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2020-06-05 04:29 - 2019-02-18 15:39 - 000034304 _____ (mst software GmbH, Germany) C:\Windows\system32\DfSdkBt.exe
2020-06-05 01:05 - 2020-06-05 01:05 - 000001800 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2020-06-05 01:05 - 2020-06-05 01:05 - 000001788 _____ C:\Users\Public\Desktop\Wireshark.lnk
2020-06-05 01:05 - 2020-06-05 01:05 - 000001788 _____ C:\ProgramData\Desktop\Wireshark.lnk
2020-06-05 00:00 - 2020-06-05 00:00 - 001837051 _____ C:\Users\tomporaire\Downloads\Salam Khateeb.pdf
2020-06-04 21:34 - 2020-06-06 23:43 - 000000000 ____D C:\Program Files\Common Files\AV
2020-06-04 21:33 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2020-06-04 21:32 - 2020-06-12 10:19 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-06-04 21:32 - 2020-06-07 13:01 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2020-06-04 21:22 - 2020-06-04 21:22 - 000000000 ____D C:\Users\tomporaire\AppData\Local\VirtualStore
2020-06-04 19:11 - 2020-06-04 19:11 - 000001453 _____ C:\Users\tomporaire\Desktop\vivaldi - Raccourci.lnk
2020-06-04 08:36 - 2020-06-04 08:36 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgremoverx.exe
2020-06-04 08:34 - 2020-06-04 08:34 - 000029769 _____ C:\ProgramData\uninstalltool.1591259673.bdinstall.bin
2020-06-04 05:07 - 2020-06-05 03:25 - 000000000 ____D C:\Windows\system32\Tasks\Abelssoft
2020-06-04 04:04 - 2020-06-04 04:04 - 000000000 ____D C:\ProgramData\Paragon Software
2020-06-03 01:56 - 2020-06-12 09:32 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-03 01:56 - 2020-06-12 09:32 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-06-03 01:56 - 2020-06-03 18:25 - 000003450 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2020-06-02 22:05 - 2020-06-02 22:05 - 000001970 _____ C:\Users\Public\Desktop\NordVPN.lnk
2020-06-02 22:05 - 2020-06-02 22:05 - 000001970 _____ C:\ProgramData\Desktop\NordVPN.lnk
2020-06-02 22:04 - 2020-06-02 22:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
2020-06-02 22:04 - 2020-06-02 22:05 - 000000000 ____D C:\Program Files (x86)\NordVPN
2020-06-01 11:44 - 2020-05-25 21:09 - 000000000 ____D C:\Sci-Hub
2020-06-01 05:36 - 2020-06-04 20:11 - 000000000 ___RD C:\Users\tomporaire\OneDrive - xKx
2020-06-01 05:36 - 2020-06-01 05:36 - 000000000 ___HD C:\OneDriveTemp
2020-06-01 05:21 - 2020-06-01 05:21 - 000000000 ____D C:\Users\tomporaire\AppData\Local\OneDrive
2020-06-01 03:11 - 2020-06-01 03:11 - 000000000 ____D C:\ProgramData\Vuesoft
2020-06-01 03:10 - 2020-06-01 03:12 - 000000000 ____D C:\Users\tomporaire\AppData\Local\VueSoft
2020-06-01 02:14 - 2020-06-11 10:44 - 000000000 ____D C:\Program Files (x86)\WinPcap
2020-06-01 02:14 - 2020-06-01 02:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2020-06-01 02:13 - 2020-06-11 13:11 - 000000000 ____D C:\Program Files (x86)\arcai.com
2020-06-01 01:27 - 2020-06-01 01:45 - 000000000 ____D C:\Users\tomporaire\AppData\Roaming\Wireshark
2020-06-01 01:21 - 2020-06-05 04:22 - 000000000 ____D C:\Program Files\Npcap
2020-05-31 07:45 - 2019-02-18 10:55 - 001034556 _____ C:\Windows\system32\Windows6.1-KB2999226-x64.msu
2020-05-31 04:52 - 2020-06-04 06:25 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1355259030-146301216-2603353483-1000
2020-05-30 02:08 - 2020-05-30 02:08 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2020-05-29 23:33 - 2020-05-29 23:33 - 000065488 _____ (Adobe Systems Inc) C:\Windows\system32\AdobePDF.dll
2020-05-29 23:33 - 2020-05-29 23:33 - 000036304 _____ (Adobe Systems Inc.) C:\Windows\system32\AdobePDFUI.dll
2020-05-29 01:32 - 2020-06-05 00:56 - 000000000 ____D C:\Windows\AutoKMS
2020-05-29 01:29 - 2020-05-29 01:31 - 000000000 ____D C:\ProgramData\Microsoft Toolkit
2020-05-29 01:15 - 2020-05-29 01:15 - 000000000 ____D C:\Users\tomporaire\AppData\Local\Windows_8
2020-05-29 00:24 - 2020-06-04 06:25 - 000002171 _____ C:\Users\tomporaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2020-05-29 00:24 - 2020-05-29 00:24 - 000002144 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2020-05-29 00:24 - 2020-05-29 00:24 - 000002144 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2020-05-29 00:24 - 2020-05-29 00:24 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2020-05-29 00:20 - 2020-05-29 00:20 - 000002374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-05-29 00:15 - 2020-05-30 02:09 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-28 22:26 - 2020-05-28 22:25 - 150253568 _____ C:\Users\tomporaire\Downloads\WordRetail.img
2020-05-28 18:36 - 2020-05-28 18:36 - 000043712 _____ C:\Users\tomporaire\Downloads\uc.htm
2020-05-28 17:23 - 2020-05-28 17:23 - 015611404 _____ C:\Users\tomporaire\Desktop\Breathology-Arabic.pdf
2020-05-28 16:26 - 2020-05-28 16:26 - 000000000 ____D C:\Program Files\Microsoft Office 15
2020-05-28 02:08 - 2020-06-11 13:01 - 000001305 _____ C:\Windows\SysWOW64\Partizan.RRI
2020-05-27 03:38 - 2020-06-05 22:17 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2020-05-27 00:54 - 2020-05-27 01:43 - 000000000 ____D C:\Users\tomporaire\Documents\Sharm Studio
2020-05-26 13:45 - 2020-06-03 18:25 - 000002970 _____ C:\Windows\system32\Tasks\{EB602AE6-566A-4DEF-8199-80A9516605B4}
2020-05-26 03:48 - 2020-05-26 03:49 - 011858104 _____ C:\Users\tomporaire\Downloads\نظرات في قانون المسطرة المدنية.pdf
2020-05-26 02:52 - 2020-05-26 02:52 - 000000000 ____D C:\Users\tomporaire\AppData\Local\Investintech.com Inc
2020-05-26 01:02 - 2020-05-26 01:02 - 000819487 _____ C:\Users\tomporaire\Downloads\المفهوم القانوني للتركيز الاقتصادي حسب التشريع الجزائري.pdf
2020-05-24 15:14 - 2020-06-11 16:32 - 000000000 ____D C:\Users\tomporaire\Downloads\Compressed
2020-05-24 15:14 - 2020-06-04 04:33 - 000000000 ____D C:\Users\tomporaire\AppData\Roaming\IDM
2020-05-24 15:14 - 2020-06-01 02:10 - 000000000 ____D C:\Users\tomporaire\Downloads\Video
2020-05-24 15:14 - 2020-05-24 15:14 - 000000000 ____D C:\ProgramData\IDM
2020-05-24 15:13 - 2020-06-11 19:54 - 000000000 ____D C:\Users\tomporaire\AppData\Roaming\DMCache
2020-05-24 15:13 - 2020-05-28 03:40 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2020-05-24 15:13 - 2020-05-24 15:13 - 000001009 _____ C:\Users\tomporaire\Desktop\Internet Download Manager.lnk
2020-05-24 15:13 - 2020-05-24 15:13 - 000000000 ____D C:\Users\tomporaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2020-05-24 15:13 - 2020-05-24 15:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2020-05-24 15:11 - 2020-05-24 15:11 - 000000000 ____D C:\IDM
2020-05-22 02:44 - 2020-05-22 02:55 - 159321536 _____ C:\Users\tomporaire\Desktop\war_and_peace_01_librivox_64kb_mp3.zip
2020-05-21 23:36 - 2020-05-21 23:38 - 046995292 _____ C:\Users\tomporaire\Desktop\DK_Consiousness_DK_Yoo.pdf
2020-05-21 01:47 - 2020-05-21 01:47 - 000000000 _____ C:\Windows\system32\last.dump
2020-05-20 18:52 - 2020-06-05 04:30 - 000000000 ____D C:\Users\tomporaire\AppData\LocalLow\Temp
2020-05-20 18:30 - 2020-05-20 18:31 - 017401792 _____ C:\Users\tomporaire\Downloads\15071.pdf
2020-05-20 18:30 - 2020-05-20 18:30 - 001902495 _____ C:\Users\tomporaire\Downloads\2011_AFTE_LegalStudyFreedomThought_AR (1).pdf
2020-05-20 18:24 - 2020-05-20 18:29 - 003669244 _____ C:\Users\tomporaire\Downloads\book.pdf
2020-05-20 18:22 - 2020-05-20 18:22 - 000164128 _____ C:\Users\tomporaire\Downloads\1295-4098-1-PB.pdf
2020-05-20 18:12 - 2020-05-20 18:12 - 000489867 _____ C:\Users\tomporaire\Downloads\مفهوم النظام العام وتطبيقاته في التشريع المغربي.pdf
2020-05-20 15:25 - 2020-05-20 15:26 - 000000000 ____D C:\ProgramData\NordVpn
2020-05-19 23:19 - 2020-05-19 23:22 - 001998492 _____ C:\Users\tomporaire\Downloads\ذ حسن فتوخ، الدعاوى الناشئة عن الالتزامات التعاقدية.pdf
2020-05-19 09:36 - 2020-05-19 09:36 - 000998296 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2020-05-19 09:36 - 2020-05-19 09:36 - 000251800 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2020-05-19 09:36 - 2020-05-19 09:36 - 000232344 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kneps.sys
2020-05-19 09:36 - 2020-05-19 09:36 - 000211048 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2020-05-19 09:36 - 2020-05-19 09:36 - 000145504 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupflt.sys
2020-05-19 09:36 - 2020-05-19 09:36 - 000079768 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupdisk.sys
2020-05-19 09:36 - 2020-05-19 09:36 - 000079760 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klkbdflt.sys
2020-05-17 19:20 - 2020-06-02 22:05 - 000000000 ____D C:\Users\tomporaire\AppData\Local\NordVPN
2020-05-17 19:20 - 2020-05-17 19:20 - 000000000 ____D C:\ProgramData\Caphyon
2020-05-17 19:18 - 2020-05-17 19:18 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP
2020-05-17 18:27 - 2020-05-17 18:31 - 033462944 _____ C:\Users\tomporaire\Downloads\القانون الدستوري و النظم السياسية المقارنة - النظرية العامة للدولة و الدستور  الجزء الاول.pdf
2020-05-17 18:25 - 2020-05-17 18:33 - 097161204 _____ C:\Users\tomporaire\Downloads\أساس الالتزام العقدي.pdf
2020-05-17 11:34 - 2020-05-17 11:35 - 006300014 _____ C:\Users\tomporaire\Downloads\download (2).pdf
2020-05-15 20:47 - 2020-05-15 20:47 - 001147357 _____ C:\Users\tomporaire\Downloads\هل يجوز للمحكمة رفع الاعتقال عن المتهم قبل مناقشة القضية في جوهرها، في اطار المادة 74.pdf
2020-05-15 16:23 - 2020-06-04 19:11 - 000000374 _____ C:\Users\tomporaire\.vivaldi_reporting_data
2020-05-15 16:22 - 2020-06-04 21:19 - 000000000 ____D C:\Users\tomporaire\User Data
2020-05-15 16:21 - 2020-06-11 10:44 - 000000000 ____D C:\Users\tomporaire\Application
2020-05-15 14:15 - 2020-05-15 14:36 - 063187528 _____ (Vivaldi Technologies AS) C:\Users\tomporaire\Downloads\Vivaldi.3.0.1874.38.x64.exe
2020-05-13 02:20 - 2020-05-27 23:01 - 000000000 ____D C:\Users\tomporaire\AppData\Roaming\Adobe
2020-05-13 02:16 - 2020-05-13 02:22 - 000000000 ____D C:\Users\tomporaire\Documents\PlagiarismCheckerX
2020-05-13 02:04 - 2020-05-13 02:04 - 000000000 ____D C:\Users\tomporaire\AppData\Local\CEF
2020-05-13 02:01 - 2020-05-13 02:01 - 000000000 ____D C:\Users\tomporaire\AppData\Roaming\Plagiarism Checker X, LLC
 
==================== Un mois (modifiés) ==================
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
 
2020-06-12 10:52 - 2020-05-09 14:03 - 000000000 ____D C:\FRST
2020-06-12 10:34 - 2009-07-14 04:45 - 000027280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-12 10:34 - 2009-07-14 04:45 - 000027280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-12 09:45 - 2020-05-09 01:14 - 000000000 ____D C:\Users\tomporaire\Desktop\Tools
2020-06-12 09:20 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\inf
2020-06-11 22:09 - 2020-03-07 15:59 - 000000000 ____D C:\Users\tomporaire\AppData\Roaming\Smadav
2020-06-11 22:05 - 2009-07-14 05:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-11 13:03 - 2020-02-17 15:30 - 000000000 ____D C:\Users\tomporaire\Documents\RegRun2
2020-06-11 12:56 - 2020-02-17 15:30 - 000000000 ____D C:\Users\Public\Documents\regruninfo
2020-06-11 12:56 - 2020-02-17 15:30 - 000000000 ____D C:\ProgramData\Documents\regruninfo
2020-06-11 12:55 - 2020-02-19 21:55 - 000000000 ____D C:\Users\tomporaire\Desktop\الرسالة
2020-06-11 11:55 - 2020-04-16 12:13 - 008097272 _____ (Microsoft Corporation) C:\Users\tomporaire\Downloads\setuplanguagepack.x64.ar-sa_.exe
2020-06-11 11:45 - 2020-01-22 23:20 - 000000000 ____D C:\Program Files\WinRAR
2020-06-11 11:45 - 2018-01-16 18:27 - 000000000 __SHD C:\[Smad-Cage]
2020-06-11 10:44 - 2020-02-07 06:58 - 000000000 ____D C:\Program Files (x86)\AutoPowerOn
2020-06-09 17:57 - 2020-02-19 21:55 - 000000000 ____D C:\Users\tomporaire\Desktop\الاثبات
2020-06-09 00:25 - 2020-02-16 22:30 - 000002339 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-06-09 00:25 - 2020-02-16 22:30 - 000002298 _____ C:\Users\Public\Desktop\Brave.lnk
2020-06-09 00:25 - 2020-02-16 22:30 - 000002298 _____ C:\ProgramData\Desktop\Brave.lnk
2020-06-07 17:24 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\rescache
2020-06-07 12:58 - 2020-05-12 06:35 - 000000000 ____D C:\Users\tomporaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pluralsight
2020-06-07 08:16 - 2020-02-19 23:22 - 000000000 ____D C:\Users\tomporaire\Desktop\recover
2020-06-07 06:04 - 2020-02-11 01:30 - 000000000 ____D C:\Users\tomporaire\Desktop\Kharbashat
2020-06-07 01:35 - 2020-01-17 22:02 - 001531438 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-06-07 01:35 - 2009-07-14 15:24 - 000702248 _____ C:\Windows\system32\perfh00C.dat
2020-06-07 01:35 - 2009-07-14 15:24 - 000133114 _____ C:\Windows\system32\perfc00C.dat
2020-06-07 01:35 - 2009-07-14 05:13 - 001531438 _____ C:\Windows\system32\PerfStringBackup.INI
2020-06-06 09:06 - 2020-01-15 16:29 - 000000000 ____D C:\Windows\system32\MRT
2020-06-06 08:55 - 2020-01-15 16:29 - 120636720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-06-06 08:32 - 2020-03-07 15:59 - 000000718 _____ C:\Users\Public\Desktop\SMADΔV.lnk
2020-06-06 08:32 - 2020-03-07 15:59 - 000000718 _____ C:\ProgramData\Desktop\SMADΔV.lnk
2020-06-06 08:32 - 2020-03-07 15:59 - 000000000 ____D C:\Program Files (x86)\SMADAV
2020-06-06 05:48 - 2009-07-14 05:08 - 000000000 __SHD C:\Users\All Users
2020-06-05 04:05 - 2020-02-19 22:01 - 000000000 ____D C:\Users\tomporaire\Desktop\New Testament
2020-06-05 01:05 - 2020-02-17 19:48 - 000000000 ____D C:\Program Files\Wireshark
2020-06-05 01:05 - 2020-01-17 21:51 - 000000000 ____D C:\ProgramData\Package Cache
2020-06-04 19:16 - 2020-01-11 20:56 - 000000000 ____D C:\Users\tomporaire
2020-06-04 07:52 - 2020-03-07 15:59 - 000003170 _____ C:\Windows\system32\Tasks\smadav
2020-06-03 08:01 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\system32\NDF
2020-06-02 10:23 - 2020-05-02 09:56 - 000000000 ____D C:\Users\tomporaire\AppData\Local\ElevatedDiagnostics
2020-06-01 05:36 - 2020-02-02 22:22 - 000000000 ___RD C:\Users\tomporaire\OneDrive
2020-05-30 02:08 - 2009-07-14 03:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2020-05-30 02:06 - 2020-02-02 21:08 - 000000000 ____D C:\Program Files\Microsoft Office
2020-05-27 03:33 - 2009-07-14 05:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-05-14 17:36 - 2020-04-25 06:32 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installers
2020-05-14 17:36 - 2020-04-25 06:32 - 000000000 ____D C:\ProgramData\Documents\Downloaded Installers
 
==================== Fichiers à la racine de certains dossiers ========
 
2020-06-03 18:53 - 2020-06-03 18:53 - 000000000 _____ () C:\Users\tomporaire\AppData\Local\oobelibMkey.log
2020-02-08 21:02 - 2020-03-22 12:35 - 000007608 _____ () C:\Users\tomporaire\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
 
 
LastRegBack: 2020-06-07 17:16
==================== Fin de FRST.txt ========================




Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Exécuté par tomporaire (12-06-2020 10:56:21)
Exécuté depuis C:\Users\tomporaire\Desktop
Windows 7 Professional Service Pack 1 (X64) (2020-01-11 20:56:12)
Mode d'amorçage: Normal
==========================================================
 
 
==================== Comptes: =============================
 
Administrateur (S-1-5-21-1355259030-146301216-2603353483-500 - Administrator - Disabled)
Invité (S-1-5-21-1355259030-146301216-2603353483-501 - Limited - Disabled)
tomporaire (S-1-5-21-1355259030-146301216-2603353483-1000 - Administrator - Enabled) => C:\Users\tomporaire
 
==================== Centre de sécurité ========================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
 
AV: Kaspersky Total Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Total Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}
 
==================== Programmes installés ======================
 
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
 
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Ashampoo WinOptimizer 16 (HKLM-x32\...\{4209F371-C47A-1204-F2BA-6FD6E5BB1B50}_is1) (Version: 16.00.21 - Ashampoo GmbH & Co. KG)
Auto Power-on & Shut-down 2.83 (HKLM-x32\...\Auto Power-on & Shut-down_is1) (Version:  - LifSoft, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 81.1.9.80 - Auteurs de Brave)
Dll-Files Fixer (HKLM-x32\...\Dll-Files Fixer_is1) (Version: 3.3.91 - Dll-Files.com)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50009.6 - Sonix)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version:  - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 16.3 - Intel)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Kaspersky Total Security (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1355259030-146301216-2603353483-1000\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Word 2016 - en-us (HKLM\...\WordRetail - en-us) (Version: 16.0.12527.20612 - Microsoft Corporation)
NordVPN (HKLM-x32\...\{11709A5F-F32B-4D68-855A-BDD011BFE57E}) (Version: 6.30.8 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.30.8) (Version: 6.30.8 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20612 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
RICOH Media Driver (HKLM-x32\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.13.00.05 - RICOH)
SMADAV version 13.5.0 (HKLM-x32\...\{8B9FA5FF-3E61-4658-B0DA-E6DDB46D6BAD}_is1) (Version: 13.5.0 - Smadsoft)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Wireshark 3.2.4 64-bit (HKLM-x32\...\Wireshark) (Version: 3.2.4 - The Wireshark developer community, hxxps://www.wireshark.org)
 
==================== Personnalisé CLSID (Avec liste blanche): ==============
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
CustomCLSID: HKU\S-1-5-21-1355259030-146301216-2603353483-1000_Classes\CLSID\{BCA9D37C-CA60-4160-9115-97A00F24702D}\localserver32 -> C:\Users\tomporaire\Application\3.0.1874.38\notification_helper.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-05-12] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Pas de fichier
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Pas de fichier
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-05-29] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2020-06-06] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2020-06-06] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [SmadExt] -> {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} => C:\Program Files (x86)\SMADAV\SmadExtMenu64.dll [2019-10-18] (Zainuddin Nafarin -> Smadsoft)
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2020-06-06] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} =>  -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-05-29] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2020-06-06] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [SmadExt] -> {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} => C:\Program Files (x86)\SMADAV\SmadExtMenu64.dll [2019-10-18] (Zainuddin Nafarin -> Smadsoft)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1355259030-146301216-2603353483-1000: [          kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} =>  -> Pas de fichier
ContextMenuHandlers4_S-1-5-21-1355259030-146301216-2603353483-1000: [          kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} =>  -> Pas de fichier
 
==================== Codecs (Avec liste blanche) ====================
 
==================== Raccourcis & WMI ========================
 
==================== Modules chargés (Avec liste blanche) =============
 
2020-06-05 04:29 - 2018-06-27 10:58 - 001748480 _____ (The curl library, hxxps://curl.haxx.se/) [Fichier non signé] C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\ash_libcurl.dll
 
==================== Alternate Data Streams (Avec liste blanche) ========
 
==================== Mode sans échec (Avec liste blanche) ==================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
 
==================== Association (Avec liste blanche) =================
 
==================== Internet Explorer sites de confiance/sensibles ==========
 
==================== Hosts contenu: =========================
 
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
 
2009-07-14 02:34 - 2020-05-27 03:54 - 000001071 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com 
127.0.0.1 activate.adobe.com
8.
 
==================== Autres zones ===========================
 
(Actuellement, il n'y a pas de correction automatique pour cette section.)
 
HKU\S-1-5-21-1355259030-146301216-2603353483-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\tomporaire\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Le Pare-feu est activé.
 
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
 
MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
 
==================== RèglesPare-feu (Avec liste blanche) ================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3ADBC44A-C609-4243-B52E-C1A7BE2F02A1}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{E6266E15-26F5-4398-8735-F6C4580A99BC}] => (Allow) C:\Program Files (x86)\arcai.com\aips.exe => Pas de fichier
FirewallRules: [{D04EADC2-C434-4E9A-A970-31619B1BB3A6}] => (Allow) C:\Program Files (x86)\arcai.com\aips.exe => Pas de fichier
FirewallRules: [{B2A9B25F-E4A8-445A-865B-CB8B05C5EF66}] => (Allow) C:\Program Files (x86)\arcai.com\netcut_windows.exe => Pas de fichier
FirewallRules: [{65BCA827-D212-4FA6-B151-39E84CC67022}] => (Allow) C:\Program Files (x86)\arcai.com\netcut_windows.exe => Pas de fichier
FirewallRules: [{D15FACEA-0098-47BD-B5BD-F0D0ABC603C0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe (Tilf AB -> Dll-FIles.Com)
FirewallRules: [{AFF24A2C-FB1A-48AB-A5A7-9FB1B43C0F50}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe (Tilf AB -> Dll-FIles.Com)
 
==================== Points de restauration =========================
 
11-06-2020 12:04:39 Checkpoint by HitmanPro
 
==================== Éléments en erreur du Gestionnaire de périphériques ============
 
Name: Validity Sensors (WBF) VFS451
Description: Validity Sensors (WBF) VFS451
Class Guid: {53d29ef7-377c-4d14-864b-eb3a85769359}
Manufacturer: Validity Sensors, Inc.
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Intel® 82577LM Gigabit Network Connection
Description: Intel® 82577LM Gigabit Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: e1kexpress
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Kaspersky Security Data Escort Adapter #2
Description: Kaspersky Security Data Escort Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Kaspersky Security Data Escort Provider
Service: kltap
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
Name: Generic Bluetooth Adapter
Description: Generic Bluetooth Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: GenericAdapter
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Erreurs du Journal des événements: ========================
 
Erreurs Application:
==================
Error: (06/12/2020 10:40:10 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Échec de la planification du redémarrage du service de protection logicielle à 2020-07-04T22:24:09Z. Code d’erreur : 0x80041321.
 
Error: (06/12/2020 09:09:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme WO16.exe version 16.0.0.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.
 
ID de processus : 1288
 
Heure de début : 01d6409707f3feb8
 
Heure de fin : 10
 
Chemin d’accès de l’application : C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\WO16.exe
 
ID de rapport : e06eb107-ac8b-11ea-836e-b2786c09fe9b
 
Error: (06/12/2020 08:25:11 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: Impossible de lire la valeur « First Counter » sous la clé usbperf\Performance. Les codes d’état sont renvoyés dans les données.
 
Error: (06/11/2020 10:15:35 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Échec de la planification du redémarrage du service de protection logicielle à 2020-07-04T22:24:35Z. Code d’erreur : 0x80041321.
 
Error: (06/11/2020 10:12:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme DLLFixer.exe version 3.3.91.3181 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.
 
ID de processus : 7f8
 
Heure de début : 01d6403c739291b6
 
Heure de fin : 16
 
Chemin d’accès de l’application : C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
 
ID de rapport : 8d152d9f-ac30-11ea-836e-b2786c09fe9b
 
Error: (06/11/2020 09:31:33 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Impossible de lire la valeur « First Counter » sous la clé usbperf\Performance. Les codes d’état sont renvoyés dans les données.
 
Error: (06/11/2020 08:12:42 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Échec de la planification du redémarrage du service de protection logicielle à 2020-07-04T22:24:42Z. Code d’erreur : 0x80041321.
 
Error: (06/11/2020 04:49:07 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe Files (x86)\Dll-Files.com Fixer\DLLFixer.exe"  ; Description = DLL-Files Fixer Thu, Jun 11, 20  16:49 ; Erreur = 0x80070005).
 
 
Erreurs système:
=============
Error: (06/12/2020 10:16:04 AM) (Source: Disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
 
Error: (06/12/2020 10:16:01 AM) (Source: Disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
 
Error: (06/12/2020 09:30:41 AM) (Source: Disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
 
Error: (06/12/2020 09:30:38 AM) (Source: Disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
 
Error: (06/12/2020 09:30:35 AM) (Source: Disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
 
Error: (06/12/2020 09:30:32 AM) (Source: Disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
 
Error: (06/12/2020 09:30:29 AM) (Source: Disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
 
Error: (06/12/2020 09:30:27 AM) (Source: Disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
 
 
CodeIntegrity:
===================================
 
Date: 2020-03-19 05:45:24.816
Description: 
Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_b5e7f8ade1f2fff4\appid.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
Date: 2020-03-19 05:45:24.712
Description: 
Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_b5e7f8ade1f2fff4\appid.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
Date: 2020-03-19 05:45:24.589
Description: 
Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_b5e7f8ade1f2fff4\appid.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
Date: 2020-03-15 20:23:20.302
Description: 
Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_b5e7f8ade1f2fff4\appid.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
Date: 2020-03-15 20:23:20.230
Description: 
Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_b5e7f8ade1f2fff4\appid.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
Date: 2020-03-15 20:23:20.144
Description: 
Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_b5e7f8ade1f2fff4\appid.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
Date: 2020-03-07 17:03:35.472
Description: 
Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_b5e7f8ade1f2fff4\appid.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
Date: 2020-03-07 17:03:35.391
Description: 
Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_b5e7f8ade1f2fff4\appid.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
==================== Infos Mémoire =========================== 
 
BIOS: Hewlett-Packard 68CCU Ver. F.0E 08/23/2010
Carte mère: Hewlett-Packard 172A
Processeur: Intel® Core™ i5 CPU M 540 @ 2.53GHz
Pourcentage de mémoire utilisée: 97%
Mémoire physique - RAM - totale: 3887.38 MB
Mémoire physique - RAM - disponible: 115.52 MB
Mémoire virtuelle totale: 7772.9 MB
Mémoire virtuelle disponible: 1286.21 MB
 
==================== Lecteurs ================================
 
Drive c: () (Fixed) (Total:232.79 GB) (Free:123.58 GB) NTFS ==>[lecteur avec composants d'amorçage (obtenu depuis BCD)]
Drive e: () (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS
 
 
==================== MBR & Table des partitions ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 505F36AF)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=232.8 GB) - (Type=07 NTFS)
 
==================== Fin de Addition.txt =======================

 


    Advertisements

Register to Remove


#2 Satchfan

Satchfan

    SuperHelper

  • Malware Team
  • 6,753 posts
  • Interests:LFC, music, more LFC, more music

Posted 12 June 2020 - 08:19 AM

Hello BCDboy and welcome to WTT.

My name is Satchfan and I would be glad to help you with your computer problem.

Please read the following guidelines which will help to make cleaning your machine easier:

  • please follow all instructions in the order posted
  • please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
  • all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
  • if you don't understand something, please don't hesitate to ask for clarification before proceeding
  • the fixes are specific to your problem and should only be used for this issue on this machine.
  • please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested

===================================================

Note: Please complete these tasks in the order given in the instructions.

===================================================

Run Malwarebytes Anti-Malware

Download Malwarebytes Anti-Malware from here:


  • run the program
  • click on Scan
  • Malwarebytes will then run an update and begin the scan
  • when the scan has completed and if malware was found, click the Quarantine Selected button to allow MBAM to quarantine what was found
  • if prompted to restart the computer, close all other programs and click Yes to restart your computer
  • once you are back at your desktop, open MBAM once more
  • click on the ‘Reports’ tab
  • double-click on the most recent Scan Report
  • click on Export, then Copy to Clipboard

===================================================

Download and run AdwCleaner

Download AdwCleaner from here and save it to your desktop.

  • run AdwCleaner by clicking on Scan Now
  • when it has finished, leave everything that was found checked, (ticked), then click on Clean and Repair
  • if it asks to reboot, allow the reboot
  • on reboot, click on View Log File; please attach the content of the log to your next reply.

===================================================

I would like to see the FRST reports in English so that it is easier for me to review them.

Right-click on the FRST64 icon, select Rename, then rename it to FRST64english. When you’ve done that, please run another scan and make sure that there is a checkmark next to ‘Addition.txt’ before you press Scan.

Copy and paste both documents in your reply.

Logs to include with the next post:

Mbam.txt
AdwCleaner log
New Frst.txt
New Addition.txt


Thanks

Satchfan

 


NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#3 Satchfan

Satchfan

    SuperHelper

  • Malware Team
  • 6,753 posts
  • Interests:LFC, music, more LFC, more music

Posted 15 June 2020 - 04:50 AM

Hello BCDboy

 

It has been several days since I replied to you.

 

Please let me know if you are having problems but if I do not hear from you within 24 hours I'll assume that you no longer need help and close this topic.

 

Satchfan


NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#4 Satchfan

Satchfan

    SuperHelper

  • Malware Team
  • 6,753 posts
  • Interests:LFC, music, more LFC, more music

Posted 16 June 2020 - 08:31 AM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.htmland start a new topic


  • BCDboy likes this

NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users