Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-11-2019
Ran by Neji (administrator) on DESKTOP-LFBUOKT (Dell Inc. Inspiron 3650) (04-11-2019 22:33:33)
Running from C:\Users\Neji\Downloads
Loaded Profiles: Neji (Available Profiles: Neji)
Platform: Windows 10 Home Version 1809 17763.292 (X64) Language: Anglais (États-Unis)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vulnerability.scan.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files (x86)\Common Files\SOLIDWORKS Installation Manager\BackgroundDownloading\sldBgDwld.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.1137\McCHSvc.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.1137\SSScheduler.exe
(Mentor Graphics Corp -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe
(Mentor Graphics Corp -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\pacjsworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\TiWorker.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Trace Software International -> Trace Software International) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235440 2017-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1494000 2017-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1494000 2017-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-09] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2019-07-31]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.1137\SSScheduler.exe (McAfee, Inc. -> McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Fast Start.lnk [2018-05-11]
ShortcutTarget: SOLIDWORKS 2015 Fast Start.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Background Downloader.lnk [2018-05-10]
ShortcutTarget: SOLIDWORKS Background Downloader.lnk -> C:\Program Files (x86)\Common Files\SOLIDWORKS Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E9C582E-518C-4C7A-98F3-5D5427F8DE84} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [488760 2019-07-15] (Bitdefender SRL -> Bitdefender)
Task: {27C53B35-78A1-486C-A19A-A053FDCAFBF6} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3019B132-7126-41CC-82EB-29B6FD3202B0} - System32\Tasks\MATLAB R2018a Startup Accelerator => C:\Program Files\MATLAB\R2018a\bin\win64\MATLABStartupAccelerator.exe [56320 2018-02-06] () [File not signed]
Task: {72D285E9-6D7D-418B-9C0A-FC0DA3067460} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-20] (Google Inc -> Google Inc.)
Task: {A5D70073-1887-4761-95F4-46C676FB8CAA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-20] (Google Inc -> Google Inc.)
Task: {AE7335E6-B0C6-401E-AEA2-C95E5D0B8E63} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [482024 2018-12-11] (Bitdefender SRL -> Bitdefender)
Task: {D99B775D-620C-46F9-892E-55EC892A3830} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-11] (Adobe Inc. -> Adobe Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\MATLAB R2018a Startup Accelerator.job => C:\Program Files\MATLAB\R2018a\bin\win64\MATLABStartupAccelerator.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-3743822934-4113951979-2085486307-1001] => hxxp://bibliotheque.etsmtl.ca/proxy.pac
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{233b73e1-69c7-4e72-8b0f-5babc563115e}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{ec71a4e4-ea97-4505-8410-2beb16cd3ffc}: [DhcpNameServer] 192.168.0.1
ManualProxies: 0hxxp://bibliotheque.etsmtl.ca/proxy.pac

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll [2010-04-13] (TechSmith Corporation -> TechSmith Corporation)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-12-11] (Bitdefender SRL -> Bitdefender)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll [2010-04-13] (TechSmith Corporation -> TechSmith Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-12-11] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-12-11] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll [2010-04-13] (TechSmith Corporation -> TechSmith Corporation)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-12-11] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll [2010-04-13] (TechSmith Corporation -> TechSmith Corporation)

Edge:
======
DownloadDir: C:\Users\Neji\Downloads

FireFox:
========
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2018-12-11]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2017-07-05] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-19] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-19] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3743822934-4113951979-2085486307-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Neji\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-05-25] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR NewTab: Default -> Not-active:"chrome-extension://iopmmcfpdpmefeohhkmaboakgnpkhjjk/newtabproduct.html"
CHR Notifications: Default -> hxxps://drive.google.com; hxxps://graphiste.com
CHR Profile: C:\Users\Neji\AppData\Local\Google\Chrome\User Data\Default [2019-11-04]
CHR Extension: (Slides) - C:\Users\Neji\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-23]
CHR Extension: (Docs) - C:\Users\Neji\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-23]
CHR Extension: (Google Drive) - C:\Users\Neji\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-04-23]
CHR Extension: (YouTube) - C:\Users\Neji\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-23]
CHR Extension: (Sheets) - C:\Users\Neji\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-23]
CHR Extension: (Bitdefender Wallet) - C:\Users\Neji\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2019-07-21]
CHR Extension: (Google Docs hors connexion) - C:\Users\Neji\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (EasyPhotoEdit) - C:\Users\Neji\AppData\Local\Google\Chrome\User Data\Default\Extensions\iopmmcfpdpmefeohhkmaboakgnpkhjjk [2019-10-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Neji\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Gmail) - C:\Users\Neji\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Neji\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-18]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [551832 2017-06-30] (Advanced Micro Devices, Inc. -> AMD)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [779152 2018-12-11] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [779152 2018-12-11] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-09-24] (Bitdefender SRL -> Bitdefender)
S3 brlapi; C:\WINDOWS\brltty\bin\brltty.exe [839694 2019-02-26] (Microsoft Windows -> )
R2 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [184328 2015-03-05] (Trace Software International -> Trace Software International)
R3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.1137\McCHSvc.exe [406416 2019-07-17] (McAfee, Inc. -> McAfee, Inc.)
R2 MSSQL$TEW_SQLEXPRESS; c:\ProgramData\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation -> Microsoft Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1291888 2019-07-15] (Bitdefender SRL -> Bitdefender)
R2 RemoteSolverDispatcher; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [238848 2015-03-05] (Mentor Graphics Corp -> Mentor Graphics Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [333296 2017-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 ServiceDevMgmt; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [95520 2019-03-28] (Bitdefender SRL -> Bitdefender)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2018-05-11] (SolidWorks) [File not signed]
S4 SQLAgent$TEW_SQLEXPRESS; c:\ProgramData\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation -> Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [112656 2018-12-11] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [804656 2018-12-11] (Bitdefender SRL -> Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe [522624 2018-09-24] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-09-06] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-09-06] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0315687.inf_amd64_374fae4a4c5ce87a\atikmdag.sys [36572568 2017-06-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0315687.inf_amd64_374fae4a4c5ce87a\atikmpag.sys [529304 2017-06-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1292296 2018-10-17] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4325808 2016-07-28] (Qualcomm Atheros -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111112 2017-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [156912 2018-11-01] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23032 2018-05-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [45728 2018-10-17] (Bitdefender SRL -> © Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96448 2018-05-22] (Bitdefender SRL -> BitDefender)
R0 Gemma; C:\WINDOWS\System32\DRIVERS\Gemma.sys [359584 2018-12-11] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [193184 2018-09-24] (Bitdefender SRL -> BitDefender LLC)
R2 Ignis; C:\WINDOWS\System32\DRIVERS\ignis.sys [196352 2018-12-11] (Bitdefender SRL -> Bitdefender)
S4 RsFx0200; C:\WINDOWS\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation -> Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [426504 2016-08-05] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [609576 2018-08-02] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-09-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-09-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-09-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-04 22:33 - 2019-11-04 22:34 - 000024889 _____ C:\Users\Neji\Downloads\FRST.txt
2019-11-04 22:32 - 2019-11-04 22:34 - 000000000 ____D C:\FRST
2019-11-04 22:32 - 2019-11-04 22:32 - 000000000 ____D C:\Users\Neji\Downloads\FRST-OlderVersion
2019-11-04 22:30 - 2019-11-04 22:32 - 001619456 _____ (Farbar) C:\Users\Neji\Downloads\FRST64-2.1.exe
2019-11-04 20:30 - 2019-11-04 20:29 - 000361899 _____ C:\Users\Neji\Desktop\RecuFraisCitoyenneté(630).pdf
2019-11-04 20:26 - 2019-11-04 20:26 - 000361899 _____ C:\Users\Neji\Downloads\R401606393.pdf
2019-11-04 17:01 - 2019-11-04 17:01 - 000294679 _____ C:\Users\Neji\Desktop\NouhaKhelifi.CV-converted.pdf
2019-11-04 16:52 - 2019-11-04 17:00 - 000087453 ____H C:\Users\Neji\Downloads\~WRL0885.tmp
2019-10-17 14:43 - 2019-11-04 22:09 - 002576931 _____ C:\Users\Neji\Desktop\cit0002f-2.pdf
2019-10-17 14:42 - 2019-10-17 14:42 - 000043126 _____ C:\Users\Neji\Desktop\demande-citoyennete-canadienne-adultes.html
2019-10-17 14:27 - 2019-10-17 14:27 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-10-17 14:27 - 2019-10-17 14:27 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2019-10-17 14:27 - 2019-10-17 14:27 - 000002124 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2019-10-10 16:58 - 2019-10-10 16:58 - 000000000 ____D C:\Users\Neji\Documents\Zoom
2019-10-10 09:35 - 2019-10-10 09:35 - 004335160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-04 20:41 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-04 20:10 - 2019-02-26 19:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-04 17:30 - 2018-09-15 02:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-04 17:30 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-04 17:29 - 2018-07-10 13:41 - 000000000 ____D C:\ProgramData\Packages
2019-11-04 16:19 - 2019-07-31 20:01 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2019-11-04 16:17 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-10-19 10:00 - 2018-08-27 22:46 - 000010309 _____ C:\Users\Neji\Desktop\Ammortissement terrain rawed.xlsx
2019-10-18 17:56 - 2019-03-03 19:19 - 000000000 ____D C:\Users\Neji\AppData\Local\CrashDumps
2019-10-17 14:28 - 2018-05-10 16:41 - 000000000 ____D C:\Users\Neji\AppData\Local\Adobe
2019-10-17 14:27 - 2019-02-26 20:22 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-10-17 14:27 - 2018-04-20 10:51 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-10-17 14:11 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-10-17 14:10 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-10-17 13:50 - 2018-04-20 08:25 - 000000000 ____D C:\Users\Neji\AppData\Local\Packages
2019-10-10 09:35 - 2018-04-20 11:05 - 000000000 ____D C:\Users\Neji\AppData\Local\PlaceholderTileLogoFolder

==================== Files in the root of some directories ========

2019-09-03 08:22 - 2019-09-03 08:36 - 000006144 _____ () C:\Users\Neji\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-05-19 09:00 - 2019-09-02 19:27 - 000000000 _____ () C:\Users\Neji\AppData\Local\Temptable.xml
2018-07-03 10:02 - 2018-12-04 11:28 - 000295936 _____ () C:\Users\Neji\AppData\Local\WebpageIcons.db

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================