Publicité
Publicité
Commentaire : FRST
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 03-12-2023
Exécuté par dd (administrateur) sur DD-PC (MSI MS-7850) (04-12-2023 10:25:18)
Exécuté depuis C:\Users\dd\Desktop\FRST64.exe
Profils chargés: dd
Plate-forme: Microsoft Windows 7 Professionnel Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: "C:\Program Files (x86)\Comodo\IceDragon\icedragon.exe" -osint -url "%1"
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe ->) (AMD) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\TotalAV\SecurityService.exe ->) (Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\TotalAV.exe
(C:\Program Files (x86)\UCBrowser\Application\UCService.exe ->) (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> ) C:\Program Files (x86)\UCBrowser\Application\6.0.1308.1016\UCAgent.exe
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (ACLAP -> Node.js) C:\Program Files\net.downloadhelper.coapp\bin\net.downloadhelper.coapp-win-64.exe
(explorer.exe ->) (AMD) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(explorer.exe ->) (Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(explorer.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\dd\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Gadwin, Ltd. -> Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe
(explorer.exe ->) (Google Inc (TEST) -> Epic Privacy Browser) [Fichier non signé] C:\Users\dd\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(explorer.exe ->) (Lavasoft Software Canada Inc. -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <24>
(explorer.exe ->) (Proton Technologies AG -> ProtonVPN) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ALOHA MOBILE LTD -> ) C:\Users\dd\AppData\Local\Aloha Mobile\Aloha\Application\1.2.1.0\aloha_service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu Inc.) C:\Program Files (x86)\baidu\Baidu Browser\sparkservice.exe
(services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> Comodo Inc.) C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
(services.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe
(services.exe ->) (Intel CASE -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(services.exe ->) (Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\VPNServiceHost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(services.exe ->) (Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\SecurityService.exe <2>
(services.exe ->) (Proton Technologies AG -> ProtonVPN) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(services.exe ->) (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> ) C:\Program Files (x86)\UCBrowser\Application\UCService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(taskeng.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(taskeng.exe ->) (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu.com, Inc.) C:\Program Files (x86)\baidu\Baidu Browser\SparkUpdate.exe
(WinZip Computing LLC -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-23] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [124032 2018-04-23] (Corel Corporation -> WinZip Computing)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436416 2018-04-23] (WinZip Computing LLC -> WinZip Computing, S.L.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4110832 2022-07-06] (Opera Norway AS -> Opera Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [f.lux] => C:\Users\dd\AppData\Local\FluxSoftware\Flux\flux.exe [1525880 2023-05-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [Gadwin PrintScreen (64-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe [15216928 2017-09-20] (Gadwin, Ltd. -> Gadwin Systems)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD) [Fichier non signé]
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [] => [X]
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [Epic Privacy Browser Installer] => C:\Users\dd\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2023-05-30] (Google Inc (TEST) -> Epic Privacy Browser) [Fichier non signé]
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [8877160 2023-04-17] (Proton Technologies AG -> ProtonVPN)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [GoogleChromeAutoLaunch_2A16E0E14DC832CD71362A42168F8DD2] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3151128 2023-01-24] (Google LLC -> Google LLC)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [10125528 2023-11-16] (Lavasoft Software Canada Inc. -> Lavasoft) <==== ATTENTION
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1376200 2023-11-24] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44529568 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\MountPoints2: G - G:\DVDSetup.exe
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\MountPoints2: {8b23092f-09e2-11e8-b473-f64ac4587453} - G:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2018-02-05] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\Windows\system32\hpinkstsD711LM.dll [383496 2014-12-18] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 4520 series): C:\Windows\system32\HPDiscoPMD711.dll [807432 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [181248 2023-01-01] (pdfforge GmbH) [Fichier non signé]
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\Windows\system32\PEPrinterMonitor.dll [285232 2022-01-26] (Wondershare Technology Co.,Ltd -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-27] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\109.0.19987.120\Installer\chrmstp.exe [2023-06-01] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\109.1.47.186\Installer\chrmstp.exe [2023-05-30] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{65122CB0-EA0F-47DF-A953-017170ED12F9}] -> "C:\Program Files (x86)\UCBrowser\Application\6.0.1308.1016\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --wow-install-target-path="C:\Program Files (x86)\UCBrowser"
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2018-02-07]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [Fichier non signé]
GroupPolicy-Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {66E620CB-9ABA-447B-BEB4-A7162D49AD5E} - \Opera scheduled assistant Autoupdate 1581075286 -> Pas de fichier <==== ATTENTION
Task: {72637047-8264-4671-97B8-005A6F02F488} - System32\Tasks\{1693A6EF-1C4B-48C8-88C3-B35ABB95682B} => C:\Windows\system32\pcalua.exe [9728 2019-02-10] (Microsoft Windows -> Microsoft Corporation) -> -a "D:\compil logiciel\PDF Creator v.0.9.3 [GB-FR]\PDFCreator-0_9_3_GPLGhostscript.exe" -d "D:\compil logiciel\PDF Creator v.0.9.3 [GB-FR]"
Task: {EFCF2B7F-B016-460D-8A2A-8CC4D0DEF468} - System32\Tasks\{36CA278C-D9C5-4DA0-BEEE-2EECF10A7709} => C:\Windows\system32\pcalua.exe [9728 2019-02-10] (Microsoft Windows -> Microsoft Corporation) -> -a "D:\compil logiciel\PDF Creator v.0.9.3 [GB-FR]\PDFCreator-0_9_3_GPLGhostscript.exe" -d "D:\compil logiciel\PDF Creator v.0.9.3 [GB-FR]"
Task: {62B4A84C-D57D-4F3E-A3EB-A347C0BA1C03} - System32\Tasks\{53F9C13F-AB7C-44A4-A5F0-45BBC1CA653B} => C:\Windows\system32\pcalua.exe [9728 2019-02-10] (Microsoft Windows -> Microsoft Corporation) -> -a J:\LDPlayer\LDPlayer64\dnuninst.exe
Task: {9F964FCA-8E62-4439-99B1-B8C42219AD7A} - System32\Tasks\{6DC0DB21-31B4-4878-B33F-25DC63FF9F50} => J:\projet BeFinance\LOGICIELS\Office 2016-2019\patch français\OfficeSetup.exe [7497928 2023-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B505971-0643-4D4E-B4E0-B655574C4731} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {2664A095-A77D-4490-8992-7AB4729A468A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {AA0A2DD5-43E6-4454-9079-BD4190934A72} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {EBFDDC55-88DD-4E10-86C7-6E8FA38E211A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3257832 2023-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {7F83101A-D5E8-4CDE-AA65-E82DE821ADC3} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3257832 2023-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {8B7265A0-236A-4700-8212-B89A93F07FF8} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-06-01] (Avast Software s.r.o. -> AVAST Software)
Task: {829C07C1-CFF1-4306-9A57-FE7E65DD4A53} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-06-01] (Avast Software s.r.o. -> AVAST Software)
Task: {FEA80CB6-6E71-40BF-807F-140821A137D2} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [333200 2023-09-22] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {D4240CBB-195C-4EFF-80C1-01EFE6790845} - System32\Tasks\Avira_FallbackUpdater => C:\Windows\system32\sc.exe [45056 2009-07-14] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false
Task: {9BE13ABB-1CA7-4D32-817E-4644A5065219} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {9BE13ABB-1CA7-4D32-817E-4644A5065219} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {9BE13ABB-1CA7-4D32-817E-4644A5065219} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {ED396B3B-AC54-48CC-8D3E-CCBCB5C798E9} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [260360 2023-10-31] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {33FABDA2-6A66-489C-A144-4BA5BB92DFFE} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1814008 2023-10-31] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {2D0A11F7-19DD-4D0C-95CA-52478D445582} - System32\Tasks\Avira_Security_Update => C:\Windows\system32\net.exe [55808 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {721270AD-F893-40E5-B625-35AC7AF03BB3} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [37168176 2023-09-26] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {B7D74C43-3378-48B7-A969-13E6F5EA605E} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{70988E01-CACE-4FB2-B075-6096DBB774CB} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-05-30] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {56171070-9230-46E5-94D5-29B892FA903F} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{D873D107-3CA7-4F08-A399-60A0DB54D45A} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-05-30] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {83956ADF-C84F-4D43-A79A-55981A72F9F6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {7CD5CCAC-16CB-499C-A9DF-61377AC917C6} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "935acc50-f226-464c-8e92-8dbca46bfcfe" --version "6.18.10838" --silent
Task: {D5CDCB88-6BB7-48FD-AF2B-BBC3E8751BF0} - System32\Tasks\CCleanerSkipUAC - dd => C:\Program Files\CCleaner\CCleaner.exe [37546912 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {568D4116-D92A-4E28-AF31-64A7CDFD89A1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
Task: {9F93CBFA-11B1-411C-A606-140C5CE95BDC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
Task: {36154A32-030B-41C0-B6C7-D6EA3A9A525F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614336 2022-07-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {E070FBC8-B3B6-4EB7-8AA9-D32B2983E64B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614336 2022-07-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {334B80A1-84D0-433E-ADDF-0A5C2463E53C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117144 2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {082248D7-01B7-4104-AA86-92A1973DBBBF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117144 2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {0A1B7AF7-EA22-48C3-834F-3EC40256B7C4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4374008 2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A52E6639-4417-4EAF-A926-ED1785EEB7ED} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4374008 2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {2235E002-5181-4799-9A52-A45111739A6E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CC718F56-4634-47F8-9611-28086F1D85DB} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-11-22] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {C24785C9-0597-4238-A27F-41BEC5E10A6F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-11-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {D744A55B-4217-4FE1-AFB8-44F2FA591C04} - System32\Tasks\NCH Software\PhotoPadDowngrade => C:\Program Files (x86)\NCH Software\PhotoPad\PhotoPad.exe [7133360 2023-08-21] (NCH Software, Inc. -> NCH Software)
Task: {0BFD17AE-06D3-46BE-8E69-3CE0B649F371} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [12607712 2023-04-21] (NCH Software, Inc. -> NCH Software)
Task: {6796E23D-1D5C-43AD-8A68-78B298FF5C2E} - System32\Tasks\Opera scheduled Autoupdate 1529853331 => C:\Program Files\Opera\launcher.exe [2635168 2023-10-30] (Opera Norway AS -> Opera Software)
Task: {B2DC599C-D8C3-40DB-9216-D8419097B9F7} - System32\Tasks\SparkUpdater => C:\Program Files (x86)\baidu\Baidu Browser\SparkUpdate.exe [1372472 2016-01-15] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu.com, Inc.)
Task: {D373157D-D279-4887-8523-5F9D1EA88109} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {5D1CD0DD-FEE7-43D8-AA57-867C5062FFA2} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [524176 2017-02-04] (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> UCWeb Inc) <==== ATTENTION
Task: {39B77E5E-D546-4463-BD7E-9444F3CE7F0F} - System32\Tasks\UCBrowserUpdaterCore => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [524176 2017-02-04] (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> UCWeb Inc) <==== ATTENTION
Task: {CE66503C-9C9A-4656-930F-7A21E26C85C2} - System32\Tasks\VivaldiUpdateCheck-4233ccb750e0b871 => C:\Users\dd\AppData\Local\Vivaldi\Application\update_notifier.exe [3426152 2023-01-25] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
Task: {237CDAC1-EFD3-4262-AFA7-42A5D7CCB256} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-23] (Corel Corporation -> Corel Corporation)
Task: {A0E02CBE-ACB3-4F6B-9147-5FC93C78C950} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-23] (Corel Corporation -> Corel Corporation)
Task: {1418C71E-0193-4E76-9937-420EF2F4F17D} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-23] (Corel Corporation -> Corel Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
Task: C:\Windows\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
Task: C:\Windows\Tasks\UCBrowserUpdaterCore.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{285E7193-BEDF-4BDC-9B97-A2755D3840B1}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{B65E3FD9-B850-41F9-8A85-501E66505B1A}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{F3A0463A-07CB-4519-83F7-5E06F83A765B}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FA81728F-1F39-44E7-9A4D-6CD79871755F}: [DhcpNameServer] 192.168.42.129
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\dd\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-03]
Edge DownloadDir: Default -> J:\x
Edge HomePage: Default -> hxxps://
Edge StartupUrls: Default -> "hxxps://"
Edge DefaultSearchURL: Default -> hxxps://find.fnavigate-now.com/results.aspx?d=020518&n=0670&q={searchTerms}&gd=RD1002792&searchsource=69
Edge DefaultSearchKeyword: Default -> yahoo search
Edge DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
Edge Extension: (Edge relevant text changes) - C:\Users\dd\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-16]
FireFox:
========
FF DefaultProfile: ao8uwsx7.default
FF DefaultProfile: lsayimjg.default
FF DefaultProfile: zromm51n.default
FF DefaultProfile: 87huvv4p.default
FF DefaultProfile: zvq47xid.default
FF DefaultProfile: q0i40nay.default
FF DefaultProfile: p7ytw0nu.default
FF ProfilePath: C:\Users\dd\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ao8uwsx7.default [2023-12-04]
FF ProfilePath: C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default [2023-12-04]
FF DownloadDir: H:\x
FF Homepage: Mozilla\Firefox\Profiles\lsayimjg.default -> hxxps://www.google.com
FF NewTab: Mozilla\Firefox\Profiles\lsayimjg.default -> hxxps://mynewtab.co?pId=KL150601&iDate=020518&searchEngine=bing
FF Notifications: Mozilla\Firefox\Profiles\lsayimjg.default -> hxxps://concours-bdf.vraiforum.com
FF Extension: (ReloadMatic) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\0.id@reloadmatic.webex.xpi [2021-10-05]
FF Extension: (MySessions) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\balyaev@gmail.com.xpi [2023-11-29]
FF Extension: (Flash Video Downloader) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\ductloanphuok@gmail.com.xpi [2020-04-14]
FF Extension: (Video Downloader professional) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\ffext_basicvideoext@startpage24.xpi [2022-03-15]
FF Extension: (Boomerang for Gmail) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi [2020-01-04] [UpdateUrl:hxxps://www.boomeranggmail.com/firefox/updates.json]
FF Extension: (User-Agent Switcher) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2022-07-12]
FF Extension: (Tab Auto Refresh) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{7fee47a1-8299-4576-90bf-5fd88d756926}.xpi [2022-07-12]
FF Extension: (Video DownloadHelper) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2023-08-26]
FF Extension: (Web Developer) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2023-05-30]
FF Extension: (IGRAAL : Cashback & codes promo) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{dbac9680-d559-4cd4-9765-059879e8c467}.xpi [2023-11-14]
FF SearchPlugin: C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\searchplugins\Yahoo Search.xml [2023-12-02]
FF ProfilePath: C:\Users\dd\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\zromm51n.default [2023-12-04]
FF ProfilePath: C:\Users\dd\AppData\Roaming\K-Meleon\87huvv4p.default [2023-12-04]
FF user.js: detected! => C:\Users\dd\AppData\Roaming\K-Meleon\87huvv4p.default\user.js [2006-04-06]
FF Extension: (NewsFox) - C:\Program Files (x86)\K-Meleon\browser\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [2015-03-12] [] [non signé]
FF ProfilePath: C:\Users\dd\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\zvq47xid.default [2023-05-30]
FF ProfilePath: C:\Users\dd\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\4mirq6sj.default-default [2023-09-06]
FF ProfilePath: C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default [2018-03-22]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-cs@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-de@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (English (US) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-en-US@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Español (España) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-es-ES@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Finnish Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-fi@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Français Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-fr@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Galego (España) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-gl@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Hebrew (IL) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-he@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Magyar (HU) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-hu@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Italiano (IT) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-it@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Japanese Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-ja@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Korean (KR) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-ko@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Nederlands (NL) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-nl@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Polski Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-pl@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Russian (RU) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-ru@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Slovenski jezik Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-sl@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (српски (sr) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-sr@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Svenska (SE) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-sv-SE@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-zh-CN@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-zh-TW@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF ProfilePath: C:\Users\dd\AppData\Roaming\Comodo\IceDragon\Profiles\p7ytw0nu.default [2023-12-04]
FF Homepage: Comodo\IceDragon\Profiles\p7ytw0nu.default -> about:newtab
FF Extension: (Comodo Online Security) - C:\Users\dd\AppData\Roaming\Comodo\IceDragon\Profiles\p7ytw0nu.default\Extensions\cos@comodo.com.xpi [2019-03-15]
FF Extension: (Https Enforcement) - C:\Users\dd\AppData\Roaming\Comodo\IceDragon\Profiles\p7ytw0nu.default\Extensions\https@comodo.com.xpi [2019-03-15]
FF Extension: (Media Downloader) - C:\Users\dd\AppData\Roaming\Comodo\IceDragon\Profiles\p7ytw0nu.default\Extensions\{5e9eca63-6e0d-47ce-9862-07d938121575}.xpi [2019-03-15] []
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1631.4\npAvastBrowserUpdate3.dll [2023-06-01] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1631.4\npAvastBrowserUpdate3.dll [2023-06-01] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4128362433-1591382183-1842780436-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4128362433-1591382183-1842780436-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\dd\AppData\Local\Epic Privacy Browser\Installer\1.3.29.13\npEpicUpdate3.dll [2023-05-30] (Google Inc (TEST) -> Epic Privacy Browser) [Fichier non signé]
FF Plugin HKU\S-1-5-21-4128362433-1591382183-1842780436-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\dd\AppData\Local\Epic Privacy Browser\Installer\1.3.29.13\npEpicUpdate3.dll [2023-05-30] (Google Inc (TEST) -> Epic Privacy Browser) [Fichier non signé]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\dsengine.js [2018-02-05] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\dsengine.cfg [2018-02-05] <==== ATTENTION
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default [2023-12-04]
CHR DownloadDir: J:\projet BeFinance\VIDEOS\LES OPTIONS\Demystifiez les options-partie3\images
CHR HomePage: Default -> hxxps://
CHR StartupUrls: Default -> "hxxps://"
CHR DefaultSearchURL: Default -> hxxps://find.fnavigate-now.com/results.aspx?d=020518&n=9998&q={searchTerms}&gd=SY1004294&searchsource=58
CHR DefaultSearchKeyword: Default -> yahoo search
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Avira Password Manager) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-11-04]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-11-29]
CHR Extension: (Firebug Lite for Google Chrome) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehemiojjcpldeipjhjkepfdaohajpbdo [2019-08-19]
CHR Extension: (AFS) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gckmgjhcejhnfenfbippohhnfjkeaapj [2019-07-08]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-11-28]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2020-09-24]
CHR Extension: (IGRAAL : Cashback & codes promo) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2023-11-10]
CHR Extension: (CrossPilot) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\migomhggnppjdijnfkiimcpjgnhmnale [2023-09-21]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Bypass Paywalls Clean) - J:\projet BeFinance\tuto\hack journaux\hack WSJ\bypass-paywalls-chrome-clean-master\bypass-paywalls-chrome-clean-master [2023-09-06] [UpdateUrl:hxxps://gitlab.com/magnolia1234/bypass-paywalls-chrome-clean/-/raw/master/updates.xml] <==== ATTENTION
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
Opera:
=======
OPR Profile: C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable [2023-12-04]
OPR DownloadDir: J:\x
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-10-16]
OPR Extension: (Opera Wallet) - C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-11-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-02]
OPR Extension: (Amazon Assistant pour Opera) - C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2023-03-30]
Brave:
=======
BRA Profile: C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-12-03]
BRA Extension: (Avira Password Manager) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-11-04]
BRA Extension: (Protection Web Avira) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-05-30]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-12-03]
BRA Extension: (Brave NTP background images) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-09-18]
BRA Extension: (Wallet Data Files Updater) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-11-20]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-12-03]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-09-07]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-09-07]
BRA Extension: (Brave Ad Block Updater (AdGuard Français (plaintext))) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\flnkmpokemfpaajmiimmjeiandgoodgg [2023-12-01]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-11-16]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-12-03]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-09-06]
BRA Extension: (Brave NTP sponsored images) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2023-12-03]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-12-01]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-10-25]
Vivaldi:
=======
VIV Profile: C:\Users\dd\AppData\Local\Vivaldi\User Data\Default [2023-06-01]
VIV Extension: (Avira Password Manager) - C:\Users\dd\AppData\Local\Vivaldi\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-05-27]
VIV Extension: (Protection Web Avira) - C:\Users\dd\AppData\Local\Vivaldi\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-05-27]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2018-02-07] () [Fichier non signé]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 Aloha Mobile service; C:\Users\dd\AppData\Local\Aloha Mobile\Aloha\Application\1.2.1.0\aloha_service.exe [569624 2023-10-30] (ALOHA MOBILE LTD -> )
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-06-01] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-06-01] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\109.0.19987.120\elevation_service.exe [1802816 2023-01-26] (Avast Software s.r.o. -> AVAST Software)
S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6576104 2023-10-11] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [389096 2023-09-06] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [266936 2023-10-31] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [297392 2023-10-31] (Avira Operations GmbH -> Avira Operations GmbH)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-05-30] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-05-30] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11138992 2022-07-27] (Microsoft Corporation -> Microsoft Corporation)
R2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [72648 2023-11-24] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [26512 2023-07-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8930944 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8930944 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-10-10] (Mixbyte Inc -> Freemake)
R2 IceDragonUpdater; C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [2616800 2019-05-29] (Comodo Security Solutions, Inc. -> Comodo Inc.)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-02-21] (Intel CASE -> )
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [402024 2023-04-17] (Proton Technologies AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [328808 2023-04-17] (Proton Technologies AG -> ProtonVPN)
R2 SecurityService; C:\Program Files (x86)\TotalAV\SecurityService.exe [274624 2023-10-31] (Protected Antivirus Limited -> TotalAV) <==== ATTENTION
R2 SparkSvc; C:\Program Files (x86)\baidu\Baidu Browser\sparkservice.exe [97080 2016-01-15] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu Inc.)
S3 SparkUpdater; C:\Program Files (x86)\Baidu\SparkUpdate\Sparkupdate.exe [1372472 2016-01-15] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu.com, Inc.)
R2 UCBrowserSvc; C:\Program Files (x86)\UCBrowser\Application\UCService.exe [629648 2017-02-04] (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> ) <==== ATTENTION
R2 VPNService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\VPNServiceHost.exe [20184 2023-11-16] (Lavasoft Software Canada Inc. -> ) <==== ATTENTION
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.27\bin\httpd.exe [29184 2017-07-07] (Apache Software Foundation) [Fichier non signé]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.2.8\bin\mysqld.exe [14545920 2017-08-17] () [Fichier non signé]
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.19\bin\mysqld.exe [39496704 2017-06-22] () [Fichier non signé]
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [27864 2023-11-16] (Lavasoft Software Canada Inc. -> ) <==== ATTENTION
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\109.1.47.186\elevation_service.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1542656 2009-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R0 BdNet; C:\Windows\System32\DRIVERS\BdNet.sys [180360 2022-12-20] (BullGuard LTD -> BullGuard Ltd.)
R1 BdSentry; C:\Windows\System32\DRIVERS\BdSentry.sys [219448 2023-02-01] (BullGuard LTD -> Avira Operations GmbH)
R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [319376 2021-08-14] (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
R1 netprotection_network_filter; C:\Windows\System32\drivers\netprotection_network_filter.sys [92416 2022-12-15] (Avira Operations GmbH -> Avira Operations GmbH)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [39448 2021-08-19] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win7\ProtonVPN.CalloutDriver.sys [25824 2023-04-17] (Proton Technologies AG -> Proton Technologies AG)
R2 rtp_filesystem_filter; C:\Windows\System32\DRIVERS\rtp_filesystem_filter.sys [230408 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_process_monitor; C:\Windows\System32\DRIVERS\rtp_process_monitor.sys [224512 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\Windows\System32\DRIVERS\rtp_traverse.sys [62632 2022-12-16] (Avira Operations GmbH -> Avira Operations GmbH)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [41792 2021-06-13] (nordvpn s.a. -> The OpenVPN Project)
R3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [39696 2020-12-30] (Proton Technologies AG -> The OpenVPN Project)
U3 Tdeeows_; pas de ImagePath
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R1 webshieldfilter; C:\Windows\System32\drivers\webshieldfilter.sys [86880 2023-10-31] (Protected Antivirus Limited -> Windows (R) Win 7 DDK provider) <==== ATTENTION
R3 wintun; C:\Windows\System32\DRIVERS\wintun.sys [29680 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\DRIVERS\wireguard.sys [489368 2023-06-02] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 MSICDSetup; \??\G:\CDriver64.sys [X]
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]
S3 NTIOLib_1_0_C; \??\G:\NTIOLib_X64.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-12-04 10:25 - 2023-12-04 10:25 - 000000000 ____D C:\Users\dd\Desktop\FRST-OlderVersion
2023-12-03 17:43 - 2023-12-03 17:43 - 000000000 ____D C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avidemux 2.8 VC++ 64bits
2023-12-03 17:43 - 2023-12-03 17:43 - 000000000 ____D C:\Program Files\Avidemux 2.8 VC++ 64bits
2023-12-03 11:09 - 2023-12-03 11:09 - 000000000 ____D C:\Users\dd\Documents\TotalAV
2023-12-03 11:06 - 2023-12-04 09:57 - 000001081 _____ C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
2023-12-03 11:06 - 2023-12-03 11:06 - 000000000 ____D C:\Users\dd\AppData\Local\GUI
2023-12-03 11:06 - 2023-12-03 11:06 - 000000000 ____D C:\ProgramData\SecuritySuite
2023-12-03 11:06 - 2023-10-31 16:01 - 000086880 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\webshieldfilter.sys
2023-12-03 11:03 - 2023-12-03 11:06 - 000000000 ____D C:\ProgramData\TotalAV
2023-12-03 11:03 - 2023-12-03 11:03 - 000000955 _____ C:\Users\Public\Desktop\TotalAV.lnk
2023-12-03 11:02 - 2023-12-04 09:56 - 000000000 ____D C:\Program Files (x86)\TotalAV
2023-12-03 10:59 - 2023-12-03 10:59 - 000003413 _____ C:\Users\dd\Desktop\eqxdrnxvxsgnonexn.txt
2023-12-03 10:44 - 2023-12-03 10:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2023-12-03 10:44 - 2023-12-03 10:44 - 000000000 ____D C:\ProgramData\GridinSoft
2023-12-03 10:23 - 2023-12-03 10:34 - 000069337 _____ C:\Users\dd\Desktop\Addition.txt
2023-12-03 10:21 - 2023-12-04 10:25 - 000056972 _____ C:\Users\dd\Desktop\FRST.txt
2023-12-03 10:21 - 2023-12-04 10:25 - 000000000 ____D C:\FRST
2023-12-03 10:20 - 2023-12-04 10:25 - 002384384 _____ (Farbar) C:\Users\dd\Desktop\FRST64.exe
2023-12-03 10:08 - 2023-12-04 10:08 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-12-03 10:08 - 2023-12-03 10:08 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-12-03 10:08 - 2023-12-03 10:08 - 000003246 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-12-03 10:08 - 2023-12-03 10:08 - 000002796 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - dd
2023-12-03 10:07 - 2023-12-04 09:57 - 000000000 ____D C:\Program Files\CCleaner
2023-12-03 10:07 - 2023-12-03 10:07 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2023-12-03 10:07 - 2023-12-03 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-11-28 09:37 - 2023-11-28 09:37 - 000000000 ____D C:\Users\dd\AppData\Roaming\Thunderbird
2023-11-27 11:15 - 2023-11-27 11:17 - 000011830 _____ C:\Users\dd\Downloads\apivia calculs.ods
2023-11-27 11:10 - 2023-11-27 11:10 - 002900920 _____ C:\Users\dd\Downloads\Mon détail de garantie .pdf
2023-11-27 11:04 - 2023-11-27 11:04 - 000000089 _____ C:\Users\dd\Downloads\tel apivia.txt
2023-11-24 18:40 - 2023-11-24 18:40 - 000000000 ____D C:\ProgramData\CyberGhost
2023-11-24 18:38 - 2023-12-04 09:57 - 000000000 ____D C:\Users\dd\AppData\Local\CyberGhost
2023-11-24 18:38 - 2023-11-24 18:38 - 000001002 _____ C:\Users\dd\Desktop\CyberGhost 8.lnk
2023-11-24 18:38 - 2023-11-24 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 8
2023-11-24 18:38 - 2023-11-24 18:38 - 000000000 ____D C:\Program Files\TAP-Windows
2023-11-24 18:37 - 2023-12-03 10:06 - 000000000 ____D C:\Users\dd\AppData\Roaming\CyberGhost
2023-11-24 18:37 - 2023-11-24 18:38 - 000000000 ____D C:\Program Files\CyberGhost 8
2023-11-23 15:29 - 2023-11-23 15:29 - 000000000 ____D C:\ProgramData\Caphyon
2023-11-22 13:38 - 2023-11-22 13:38 - 000459110 _____ C:\Users\dd\Downloads\www.carrefour2.pdf
2023-11-22 13:37 - 2023-11-22 13:37 - 000578805 _____ C:\Users\dd\Downloads\www.carrefour.pdf
2023-11-22 13:33 - 2023-11-22 13:33 - 000016074 _____ C:\Users\dd\Downloads\8-144-1859_facture.pdf
2023-11-22 13:23 - 2023-11-22 18:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-11-21 10:00 - 2023-11-21 10:00 - 000187054 _____ C:\Users\dd\Downloads\bon but2.pdf
2023-11-20 13:09 - 2023-11-20 13:09 - 000493446 _____ C:\Users\dd\Downloads\gemo].pdf
2023-11-19 18:12 - 2023-11-19 18:13 - 001010015 _____ C:\Users\dd\AppData\Roaming\VideoPad.dmp
2023-11-16 15:37 - 2023-11-24 15:55 - 000000000 ____D C:\Users\dd\dwhelper
2023-11-16 15:37 - 2023-11-16 15:37 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp
2023-11-16 15:32 - 2023-11-16 15:32 - 000000000 ____D C:\Users\dd\AppData\Local\4kdownload.com
2023-11-13 10:07 - 2023-11-13 10:07 - 000093466 _____ C:\Users\dd\Downloads\2023-10-Confirmation - Actualisation _ Pôle emploi.pdf
2023-11-09 17:04 - 2023-11-09 17:04 - 000238425 _____ C:\Users\dd\Downloads\fusion.pdf
2023-11-09 17:03 - 2023-11-09 17:03 - 000128175 _____ C:\Users\dd\Downloads\[laposte2.pdf
2023-11-09 17:02 - 2023-11-09 17:02 - 000123351 _____ C:\Users\dd\Downloads\[laposte1.pdf
2023-11-09 10:18 - 2023-11-09 10:18 - 001738407 _____ C:\Users\dd\Downloads\newsletternovembre23.pdf
2023-11-09 10:16 - 2023-11-09 10:16 - 000003710 _____ C:\Windows\system32\Tasks\Avira_Security_Maintenance
2023-11-09 10:16 - 2023-11-09 10:16 - 000003232 _____ C:\Windows\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2023-11-09 10:16 - 2023-11-09 10:16 - 000002648 _____ C:\Windows\system32\Tasks\Avira_Security_Systray
2023-11-07 15:31 - 2023-11-07 15:34 - 000000333 _____ C:\Users\dd\Downloads\irina.txt
2023-11-05 11:39 - 2023-12-03 18:02 - 000000000 ____D C:\Users\dd\AppData\Roaming\HandBrake
2023-11-05 11:39 - 2023-11-05 11:39 - 000000000 ____D C:\Users\dd\AppData\Roaming\HandBrake Team
2023-11-05 11:38 - 2023-11-05 11:38 - 000000983 _____ C:\Users\dd\Desktop\HandBrake.lnk
2023-11-05 11:38 - 2023-11-05 11:38 - 000000000 ____D C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2023-11-05 11:38 - 2023-11-05 11:38 - 000000000 ____D C:\Program Files (x86)\HandBrake
2023-11-05 11:14 - 2023-11-05 11:14 - 000050048 _____ (Avast Software) C:\Windows\system32\icarus_rvrt.exe
2023-11-05 11:14 - 2023-11-05 11:14 - 000000000 ____D C:\ProgramData\AVG
2023-11-05 11:14 - 2023-11-05 11:14 - 000000000 ____D C:\Program Files\Common Files\AVG
2023-11-05 11:14 - 2023-11-05 11:14 - 000000000 ____D C:\Program Files\AVG
2023-11-05 11:11 - 2023-11-05 11:11 - 000000000 ____D C:\Users\dd\AppData\Local\OneBrowser
2023-11-05 11:07 - 2023-11-05 11:09 - 102072624 _____ (Free Time Co., Ltd) C:\Users\dd\Downloads\setup.exe
2023-11-05 11:06 - 2023-11-05 11:06 - 000000000 ____D C:\Program Files (x86)\CreditchbUtility
2023-11-04 18:50 - 2023-11-04 18:50 - 000000032 _____ C:\Users\dd\Downloads\gemo ducogo.txt
2023-11-04 16:50 - 2023-11-04 16:50 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2023-11-04 16:48 - 2023-11-05 10:51 - 000000000 ____D C:\Users\dd\AppData\Local\Wondershare
2023-11-04 16:47 - 2023-11-24 10:44 - 000000000 ____D C:\Program Files\Wondershare
2023-11-04 16:42 - 2023-11-04 16:48 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2023-11-04 16:33 - 2023-11-04 16:33 - 000001260 _____ C:\Users\Public\Desktop\VideoProc Converter AI.lnk
2023-11-04 16:33 - 2023-11-04 16:33 - 000000000 ____D C:\Users\dd\AppData\Roaming\Digiarty
2023-11-04 16:33 - 2023-11-04 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoProc Converter AI
2023-11-04 16:33 - 2023-11-04 16:33 - 000000000 ____D C:\Program Files (x86)\Digiarty
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-12-04 10:24 - 2018-02-05 11:13 - 000000000 ____D C:\Users\dd\AppData\Roaming\vlc
2023-12-04 10:09 - 2009-07-14 05:45 - 000025792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-12-04 10:09 - 2009-07-14 05:45 - 000025792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-12-04 10:06 - 2018-02-04 20:46 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-04 10:02 - 2022-09-06 18:55 - 000002554 _____ C:\Windows\system32\Tasks\UCBrowserUpdaterCore
2023-12-04 10:02 - 2022-09-06 18:55 - 000000450 _____ C:\Windows\Tasks\UCBrowserUpdater.job
2023-12-04 10:02 - 2022-09-06 18:55 - 000000286 _____ C:\Windows\Tasks\UCBrowserUpdaterCore.job
2023-12-04 10:00 - 2009-07-14 16:24 - 000747644 _____ C:\Windows\system32\perfh00C.dat
2023-12-04 10:00 - 2009-07-14 16:24 - 000150168 _____ C:\Windows\system32\perfc00C.dat
2023-12-04 10:00 - 2009-07-14 06:13 - 001669584 _____ C:\Windows\system32\PerfStringBackup.INI
2023-12-04 10:00 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2023-12-04 09:58 - 2022-09-06 23:07 - 000000000 ____D C:\Users\dd\AppData\Local\Epic Privacy Browser
2023-12-04 09:55 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-12-03 19:22 - 2022-06-29 15:05 - 012015560 _____ C:\Windows\system32\rtp.db
2023-12-03 18:28 - 2023-04-26 12:27 - 000000000 ____D C:\Users\dd\AppData\Roaming\avidemux
2023-12-03 15:36 - 2018-02-07 13:22 - 000000000 ____D C:\Users\dd\AppData\Roaming\Adobe
2023-12-03 15:36 - 2018-02-07 13:22 - 000000000 ____D C:\ProgramData\Adobe
2023-12-03 15:26 - 2023-05-27 08:58 - 000000000 ____D C:\Users\dd\AppData\LocalLow\Comodo
2023-12-03 14:13 - 2023-05-10 09:41 - 000000000 ____D C:\Windows\system32\Tasks\NCH Software
2023-12-03 10:59 - 2018-02-05 23:47 - 000000000 ____D C:\Users\dd\AppData\Local\CrashDumps
2023-12-03 10:12 - 2018-02-04 20:40 - 000000000 ____D C:\ProgramData\Package Cache
2023-12-03 09:57 - 2009-07-14 05:45 - 000564960 _____ C:\Windows\system32\FNTCACHE.DAT
2023-12-02 16:07 - 2018-02-04 20:49 - 000152576 _____ C:\Users\dd\AppData\Local\GDIPFONTCACHEV1.DAT
2023-12-02 12:48 - 2023-05-10 11:27 - 000000000 ____D C:\Users\dd\AppData\Roaming\Bandicam Company
2023-12-02 10:02 - 2018-02-05 11:19 - 000000000 ____D C:\Users\dd\AppData\Roaming\Lavasoft
2023-12-02 10:02 - 2018-02-05 11:19 - 000000000 ____D C:\Users\dd\AppData\Local\Lavasoft
2023-12-02 10:02 - 2018-02-05 11:19 - 000000000 ____D C:\ProgramData\Lavasoft
2023-12-01 10:33 - 2018-02-04 20:46 - 000003798 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-12-01 10:33 - 2018-02-04 20:46 - 000003670 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-11-30 10:30 - 2018-06-24 16:15 - 000000000 ____D C:\Program Files\Opera
2023-11-28 09:37 - 2019-01-31 00:11 - 000000000 ____D C:\ProgramData\Mozilla
2023-11-28 09:37 - 2018-02-05 10:51 - 000000000 ____D C:\Users\dd\AppData\LocalLow\Mozilla
2023-11-24 20:49 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2023-11-24 18:24 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\DVD Maker
2023-11-24 18:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2023-11-24 18:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2023-11-24 18:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Setup
2023-11-24 18:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\migwiz
2023-11-24 18:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-11-24 18:11 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-11-24 18:11 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Dism
2023-11-24 10:44 - 2022-04-01 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2023-11-24 10:44 - 2022-04-01 10:39 - 000000000 ____D C:\ProgramData\Wondershare
2023-11-22 18:47 - 2018-02-05 10:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-11-22 13:28 - 2021-10-09 14:16 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-11-16 18:12 - 2022-02-10 22:14 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-11-16 15:37 - 2018-02-04 20:36 - 000000000 ____D C:\Users\dd
2023-11-16 15:32 - 2023-05-30 11:35 - 000000000 ____D C:\Users\dd\AppData\Local\cache
2023-11-14 14:01 - 2022-10-11 16:33 - 000002019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-11-13 16:53 - 2021-05-26 16:36 - 000000000 ____D C:\Users\dd\AppData\Local\Windows Live
2023-11-12 16:47 - 2023-06-01 00:01 - 000002437 _____ C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aloha.lnk
2023-11-12 16:47 - 2023-06-01 00:01 - 000002400 _____ C:\Users\dd\Desktop\Aloha.lnk
2023-11-09 10:17 - 2021-04-15 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2023-11-09 10:16 - 2021-04-15 12:29 - 000000965 _____ C:\Users\Public\Desktop\Avira.lnk
2023-11-09 10:16 - 2020-10-29 12:38 - 000003310 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2023-11-06 23:02 - 2018-06-24 16:15 - 000003854 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1529853331
2023-11-05 11:12 - 2023-06-01 00:32 - 000000000 ____D C:\Users\dd\AppData\Local\BrightData
2023-11-05 11:12 - 2023-06-01 00:32 - 000000000 ____D C:\ProgramData\BrightData
2023-11-04 16:59 - 2022-04-01 10:39 - 000000000 ____D C:\Users\dd\AppData\Roaming\Wondershare
2023-11-04 14:21 - 2022-09-06 18:55 - 000003428 _____ C:\Windows\system32\Tasks\UCBrowserUpdater
==================== Fichiers à la racine de certains dossiers ========
2023-05-09 10:55 - 2023-05-10 18:19 - 000000116 _____ () C:\Users\dd\AppData\Roaming\Camdata.ini
2023-05-09 10:55 - 2023-05-10 18:19 - 000000408 _____ () C:\Users\dd\AppData\Roaming\CamLayout.ini
2023-05-09 10:55 - 2023-05-10 18:19 - 000000408 _____ () C:\Users\dd\AppData\Roaming\CamShapes.ini
2023-05-09 10:55 - 2023-05-10 10:43 - 000004535 _____ () C:\Users\dd\AppData\Roaming\CamStudio.cfg
2021-06-23 10:32 - 2021-06-23 10:32 - 000000068 _____ () C:\Users\dd\AppData\Roaming\changzhi_leidian.data
2021-08-11 20:12 - 2021-08-11 20:12 - 000000154 _____ () C:\Users\dd\AppData\Roaming\changzhi_leidianmac.data
2023-05-11 16:26 - 2023-05-11 16:46 - 000001005 _____ () C:\Users\dd\AppData\Roaming\mplex-log.log
2023-05-11 16:25 - 2023-05-11 16:48 - 000002407 _____ () C:\Users\dd\AppData\Roaming\PPTConverter.log
2023-05-09 10:52 - 2023-05-10 10:45 - 000000377 _____ () C:\Users\dd\AppData\Roaming\version2.xml
2023-11-19 18:12 - 2023-11-19 18:13 - 001010015 _____ () C:\Users\dd\AppData\Roaming\VideoPad.dmp
2021-01-25 00:38 - 2023-09-07 11:34 - 000007680 _____ () C:\Users\dd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-08-17 19:22 - 2020-08-17 19:22 - 000004096 ____H () C:\Users\dd\AppData\Local\keyfile3.drm
2022-09-07 00:35 - 2022-09-07 00:35 - 000007629 _____ () C:\Users\dd\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2023-11-28 10:25
==================== Fin de FRST.txt ========================
Exécuté par dd (administrateur) sur DD-PC (MSI MS-7850) (04-12-2023 10:25:18)
Exécuté depuis C:\Users\dd\Desktop\FRST64.exe
Profils chargés: dd
Plate-forme: Microsoft Windows 7 Professionnel Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: "C:\Program Files (x86)\Comodo\IceDragon\icedragon.exe" -osint -url "%1"
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe ->) (AMD) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\TotalAV\SecurityService.exe ->) (Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\TotalAV.exe
(C:\Program Files (x86)\UCBrowser\Application\UCService.exe ->) (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> ) C:\Program Files (x86)\UCBrowser\Application\6.0.1308.1016\UCAgent.exe
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (ACLAP -> Node.js) C:\Program Files\net.downloadhelper.coapp\bin\net.downloadhelper.coapp-win-64.exe
(explorer.exe ->) (AMD) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(explorer.exe ->) (Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(explorer.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\dd\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Gadwin, Ltd. -> Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe
(explorer.exe ->) (Google Inc (TEST) -> Epic Privacy Browser) [Fichier non signé] C:\Users\dd\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(explorer.exe ->) (Lavasoft Software Canada Inc. -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <24>
(explorer.exe ->) (Proton Technologies AG -> ProtonVPN) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ALOHA MOBILE LTD -> ) C:\Users\dd\AppData\Local\Aloha Mobile\Aloha\Application\1.2.1.0\aloha_service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu Inc.) C:\Program Files (x86)\baidu\Baidu Browser\sparkservice.exe
(services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> Comodo Inc.) C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
(services.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe
(services.exe ->) (Intel CASE -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(services.exe ->) (Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\VPNServiceHost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(services.exe ->) (Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\SecurityService.exe <2>
(services.exe ->) (Proton Technologies AG -> ProtonVPN) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(services.exe ->) (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> ) C:\Program Files (x86)\UCBrowser\Application\UCService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(taskeng.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(taskeng.exe ->) (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu.com, Inc.) C:\Program Files (x86)\baidu\Baidu Browser\SparkUpdate.exe
(WinZip Computing LLC -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-23] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [124032 2018-04-23] (Corel Corporation -> WinZip Computing)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436416 2018-04-23] (WinZip Computing LLC -> WinZip Computing, S.L.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4110832 2022-07-06] (Opera Norway AS -> Opera Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [f.lux] => C:\Users\dd\AppData\Local\FluxSoftware\Flux\flux.exe [1525880 2023-05-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [Gadwin PrintScreen (64-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe [15216928 2017-09-20] (Gadwin, Ltd. -> Gadwin Systems)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD) [Fichier non signé]
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [] => [X]
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [Epic Privacy Browser Installer] => C:\Users\dd\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2023-05-30] (Google Inc (TEST) -> Epic Privacy Browser) [Fichier non signé]
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [8877160 2023-04-17] (Proton Technologies AG -> ProtonVPN)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [GoogleChromeAutoLaunch_2A16E0E14DC832CD71362A42168F8DD2] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3151128 2023-01-24] (Google LLC -> Google LLC)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [10125528 2023-11-16] (Lavasoft Software Canada Inc. -> Lavasoft) <==== ATTENTION
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1376200 2023-11-24] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44529568 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\MountPoints2: G - G:\DVDSetup.exe
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\MountPoints2: {8b23092f-09e2-11e8-b473-f64ac4587453} - G:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2018-02-05] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\Windows\system32\hpinkstsD711LM.dll [383496 2014-12-18] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 4520 series): C:\Windows\system32\HPDiscoPMD711.dll [807432 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [181248 2023-01-01] (pdfforge GmbH) [Fichier non signé]
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\Windows\system32\PEPrinterMonitor.dll [285232 2022-01-26] (Wondershare Technology Co.,Ltd -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-27] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\109.0.19987.120\Installer\chrmstp.exe [2023-06-01] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\109.1.47.186\Installer\chrmstp.exe [2023-05-30] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{65122CB0-EA0F-47DF-A953-017170ED12F9}] -> "C:\Program Files (x86)\UCBrowser\Application\6.0.1308.1016\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --wow-install-target-path="C:\Program Files (x86)\UCBrowser"
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2018-02-07]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [Fichier non signé]
GroupPolicy-Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {66E620CB-9ABA-447B-BEB4-A7162D49AD5E} - \Opera scheduled assistant Autoupdate 1581075286 -> Pas de fichier <==== ATTENTION
Task: {72637047-8264-4671-97B8-005A6F02F488} - System32\Tasks\{1693A6EF-1C4B-48C8-88C3-B35ABB95682B} => C:\Windows\system32\pcalua.exe [9728 2019-02-10] (Microsoft Windows -> Microsoft Corporation) -> -a "D:\compil logiciel\PDF Creator v.0.9.3 [GB-FR]\PDFCreator-0_9_3_GPLGhostscript.exe" -d "D:\compil logiciel\PDF Creator v.0.9.3 [GB-FR]"
Task: {EFCF2B7F-B016-460D-8A2A-8CC4D0DEF468} - System32\Tasks\{36CA278C-D9C5-4DA0-BEEE-2EECF10A7709} => C:\Windows\system32\pcalua.exe [9728 2019-02-10] (Microsoft Windows -> Microsoft Corporation) -> -a "D:\compil logiciel\PDF Creator v.0.9.3 [GB-FR]\PDFCreator-0_9_3_GPLGhostscript.exe" -d "D:\compil logiciel\PDF Creator v.0.9.3 [GB-FR]"
Task: {62B4A84C-D57D-4F3E-A3EB-A347C0BA1C03} - System32\Tasks\{53F9C13F-AB7C-44A4-A5F0-45BBC1CA653B} => C:\Windows\system32\pcalua.exe [9728 2019-02-10] (Microsoft Windows -> Microsoft Corporation) -> -a J:\LDPlayer\LDPlayer64\dnuninst.exe
Task: {9F964FCA-8E62-4439-99B1-B8C42219AD7A} - System32\Tasks\{6DC0DB21-31B4-4878-B33F-25DC63FF9F50} => J:\projet BeFinance\LOGICIELS\Office 2016-2019\patch français\OfficeSetup.exe [7497928 2023-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B505971-0643-4D4E-B4E0-B655574C4731} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {2664A095-A77D-4490-8992-7AB4729A468A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {AA0A2DD5-43E6-4454-9079-BD4190934A72} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {EBFDDC55-88DD-4E10-86C7-6E8FA38E211A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3257832 2023-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {7F83101A-D5E8-4CDE-AA65-E82DE821ADC3} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3257832 2023-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {8B7265A0-236A-4700-8212-B89A93F07FF8} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-06-01] (Avast Software s.r.o. -> AVAST Software)
Task: {829C07C1-CFF1-4306-9A57-FE7E65DD4A53} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-06-01] (Avast Software s.r.o. -> AVAST Software)
Task: {FEA80CB6-6E71-40BF-807F-140821A137D2} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [333200 2023-09-22] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {D4240CBB-195C-4EFF-80C1-01EFE6790845} - System32\Tasks\Avira_FallbackUpdater => C:\Windows\system32\sc.exe [45056 2009-07-14] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false
Task: {9BE13ABB-1CA7-4D32-817E-4644A5065219} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {9BE13ABB-1CA7-4D32-817E-4644A5065219} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {9BE13ABB-1CA7-4D32-817E-4644A5065219} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {ED396B3B-AC54-48CC-8D3E-CCBCB5C798E9} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [260360 2023-10-31] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {33FABDA2-6A66-489C-A144-4BA5BB92DFFE} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1814008 2023-10-31] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {2D0A11F7-19DD-4D0C-95CA-52478D445582} - System32\Tasks\Avira_Security_Update => C:\Windows\system32\net.exe [55808 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {721270AD-F893-40E5-B625-35AC7AF03BB3} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [37168176 2023-09-26] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {B7D74C43-3378-48B7-A969-13E6F5EA605E} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{70988E01-CACE-4FB2-B075-6096DBB774CB} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-05-30] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {56171070-9230-46E5-94D5-29B892FA903F} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{D873D107-3CA7-4F08-A399-60A0DB54D45A} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-05-30] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {83956ADF-C84F-4D43-A79A-55981A72F9F6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {7CD5CCAC-16CB-499C-A9DF-61377AC917C6} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "935acc50-f226-464c-8e92-8dbca46bfcfe" --version "6.18.10838" --silent
Task: {D5CDCB88-6BB7-48FD-AF2B-BBC3E8751BF0} - System32\Tasks\CCleanerSkipUAC - dd => C:\Program Files\CCleaner\CCleaner.exe [37546912 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {568D4116-D92A-4E28-AF31-64A7CDFD89A1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
Task: {9F93CBFA-11B1-411C-A606-140C5CE95BDC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
Task: {36154A32-030B-41C0-B6C7-D6EA3A9A525F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614336 2022-07-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {E070FBC8-B3B6-4EB7-8AA9-D32B2983E64B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614336 2022-07-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {334B80A1-84D0-433E-ADDF-0A5C2463E53C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117144 2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {082248D7-01B7-4104-AA86-92A1973DBBBF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117144 2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {0A1B7AF7-EA22-48C3-834F-3EC40256B7C4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4374008 2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A52E6639-4417-4EAF-A926-ED1785EEB7ED} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4374008 2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {2235E002-5181-4799-9A52-A45111739A6E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CC718F56-4634-47F8-9611-28086F1D85DB} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-11-22] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {C24785C9-0597-4238-A27F-41BEC5E10A6F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-11-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {D744A55B-4217-4FE1-AFB8-44F2FA591C04} - System32\Tasks\NCH Software\PhotoPadDowngrade => C:\Program Files (x86)\NCH Software\PhotoPad\PhotoPad.exe [7133360 2023-08-21] (NCH Software, Inc. -> NCH Software)
Task: {0BFD17AE-06D3-46BE-8E69-3CE0B649F371} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [12607712 2023-04-21] (NCH Software, Inc. -> NCH Software)
Task: {6796E23D-1D5C-43AD-8A68-78B298FF5C2E} - System32\Tasks\Opera scheduled Autoupdate 1529853331 => C:\Program Files\Opera\launcher.exe [2635168 2023-10-30] (Opera Norway AS -> Opera Software)
Task: {B2DC599C-D8C3-40DB-9216-D8419097B9F7} - System32\Tasks\SparkUpdater => C:\Program Files (x86)\baidu\Baidu Browser\SparkUpdate.exe [1372472 2016-01-15] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu.com, Inc.)
Task: {D373157D-D279-4887-8523-5F9D1EA88109} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {5D1CD0DD-FEE7-43D8-AA57-867C5062FFA2} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [524176 2017-02-04] (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> UCWeb Inc) <==== ATTENTION
Task: {39B77E5E-D546-4463-BD7E-9444F3CE7F0F} - System32\Tasks\UCBrowserUpdaterCore => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [524176 2017-02-04] (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> UCWeb Inc) <==== ATTENTION
Task: {CE66503C-9C9A-4656-930F-7A21E26C85C2} - System32\Tasks\VivaldiUpdateCheck-4233ccb750e0b871 => C:\Users\dd\AppData\Local\Vivaldi\Application\update_notifier.exe [3426152 2023-01-25] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
Task: {237CDAC1-EFD3-4262-AFA7-42A5D7CCB256} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-23] (Corel Corporation -> Corel Corporation)
Task: {A0E02CBE-ACB3-4F6B-9147-5FC93C78C950} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-23] (Corel Corporation -> Corel Corporation)
Task: {1418C71E-0193-4E76-9937-420EF2F4F17D} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-23] (Corel Corporation -> Corel Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
Task: C:\Windows\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
Task: C:\Windows\Tasks\UCBrowserUpdaterCore.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{285E7193-BEDF-4BDC-9B97-A2755D3840B1}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{B65E3FD9-B850-41F9-8A85-501E66505B1A}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{F3A0463A-07CB-4519-83F7-5E06F83A765B}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FA81728F-1F39-44E7-9A4D-6CD79871755F}: [DhcpNameServer] 192.168.42.129
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\dd\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-03]
Edge DownloadDir: Default -> J:\x
Edge HomePage: Default -> hxxps://
Edge StartupUrls: Default -> "hxxps://"
Edge DefaultSearchURL: Default -> hxxps://find.fnavigate-now.com/results.aspx?d=020518&n=0670&q={searchTerms}&gd=RD1002792&searchsource=69
Edge DefaultSearchKeyword: Default -> yahoo search
Edge DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
Edge Extension: (Edge relevant text changes) - C:\Users\dd\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-16]
FireFox:
========
FF DefaultProfile: ao8uwsx7.default
FF DefaultProfile: lsayimjg.default
FF DefaultProfile: zromm51n.default
FF DefaultProfile: 87huvv4p.default
FF DefaultProfile: zvq47xid.default
FF DefaultProfile: q0i40nay.default
FF DefaultProfile: p7ytw0nu.default
FF ProfilePath: C:\Users\dd\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ao8uwsx7.default [2023-12-04]
FF ProfilePath: C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default [2023-12-04]
FF DownloadDir: H:\x
FF Homepage: Mozilla\Firefox\Profiles\lsayimjg.default -> hxxps://www.google.com
FF NewTab: Mozilla\Firefox\Profiles\lsayimjg.default -> hxxps://mynewtab.co?pId=KL150601&iDate=020518&searchEngine=bing
FF Notifications: Mozilla\Firefox\Profiles\lsayimjg.default -> hxxps://concours-bdf.vraiforum.com
FF Extension: (ReloadMatic) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\0.id@reloadmatic.webex.xpi [2021-10-05]
FF Extension: (MySessions) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\balyaev@gmail.com.xpi [2023-11-29]
FF Extension: (Flash Video Downloader) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\ductloanphuok@gmail.com.xpi [2020-04-14]
FF Extension: (Video Downloader professional) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\ffext_basicvideoext@startpage24.xpi [2022-03-15]
FF Extension: (Boomerang for Gmail) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi [2020-01-04] [UpdateUrl:hxxps://www.boomeranggmail.com/firefox/updates.json]
FF Extension: (User-Agent Switcher) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2022-07-12]
FF Extension: (Tab Auto Refresh) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{7fee47a1-8299-4576-90bf-5fd88d756926}.xpi [2022-07-12]
FF Extension: (Video DownloadHelper) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2023-08-26]
FF Extension: (Web Developer) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2023-05-30]
FF Extension: (IGRAAL : Cashback & codes promo) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{dbac9680-d559-4cd4-9765-059879e8c467}.xpi [2023-11-14]
FF SearchPlugin: C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\searchplugins\Yahoo Search.xml [2023-12-02]
FF ProfilePath: C:\Users\dd\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\zromm51n.default [2023-12-04]
FF ProfilePath: C:\Users\dd\AppData\Roaming\K-Meleon\87huvv4p.default [2023-12-04]
FF user.js: detected! => C:\Users\dd\AppData\Roaming\K-Meleon\87huvv4p.default\user.js [2006-04-06]
FF Extension: (NewsFox) - C:\Program Files (x86)\K-Meleon\browser\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [2015-03-12] [] [non signé]
FF ProfilePath: C:\Users\dd\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\zvq47xid.default [2023-05-30]
FF ProfilePath: C:\Users\dd\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\4mirq6sj.default-default [2023-09-06]
FF ProfilePath: C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default [2018-03-22]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-cs@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-de@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (English (US) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-en-US@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Español (España) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-es-ES@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Finnish Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-fi@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Français Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-fr@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Galego (España) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-gl@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Hebrew (IL) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-he@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Magyar (HU) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-hu@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Italiano (IT) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-it@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Japanese Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-ja@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Korean (KR) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-ko@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Nederlands (NL) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-nl@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Polski Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-pl@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Russian (RU) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-ru@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Slovenski jezik Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-sl@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (српски (sr) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-sr@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Svenska (SE) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-sv-SE@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-zh-CN@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-zh-TW@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF ProfilePath: C:\Users\dd\AppData\Roaming\Comodo\IceDragon\Profiles\p7ytw0nu.default [2023-12-04]
FF Homepage: Comodo\IceDragon\Profiles\p7ytw0nu.default -> about:newtab
FF Extension: (Comodo Online Security) - C:\Users\dd\AppData\Roaming\Comodo\IceDragon\Profiles\p7ytw0nu.default\Extensions\cos@comodo.com.xpi [2019-03-15]
FF Extension: (Https Enforcement) - C:\Users\dd\AppData\Roaming\Comodo\IceDragon\Profiles\p7ytw0nu.default\Extensions\https@comodo.com.xpi [2019-03-15]
FF Extension: (Media Downloader) - C:\Users\dd\AppData\Roaming\Comodo\IceDragon\Profiles\p7ytw0nu.default\Extensions\{5e9eca63-6e0d-47ce-9862-07d938121575}.xpi [2019-03-15] []
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1631.4\npAvastBrowserUpdate3.dll [2023-06-01] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1631.4\npAvastBrowserUpdate3.dll [2023-06-01] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4128362433-1591382183-1842780436-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4128362433-1591382183-1842780436-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\dd\AppData\Local\Epic Privacy Browser\Installer\1.3.29.13\npEpicUpdate3.dll [2023-05-30] (Google Inc (TEST) -> Epic Privacy Browser) [Fichier non signé]
FF Plugin HKU\S-1-5-21-4128362433-1591382183-1842780436-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\dd\AppData\Local\Epic Privacy Browser\Installer\1.3.29.13\npEpicUpdate3.dll [2023-05-30] (Google Inc (TEST) -> Epic Privacy Browser) [Fichier non signé]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\dsengine.js [2018-02-05] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\dsengine.cfg [2018-02-05] <==== ATTENTION
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default [2023-12-04]
CHR DownloadDir: J:\projet BeFinance\VIDEOS\LES OPTIONS\Demystifiez les options-partie3\images
CHR HomePage: Default -> hxxps://
CHR StartupUrls: Default -> "hxxps://"
CHR DefaultSearchURL: Default -> hxxps://find.fnavigate-now.com/results.aspx?d=020518&n=9998&q={searchTerms}&gd=SY1004294&searchsource=58
CHR DefaultSearchKeyword: Default -> yahoo search
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Avira Password Manager) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-11-04]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-11-29]
CHR Extension: (Firebug Lite for Google Chrome) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehemiojjcpldeipjhjkepfdaohajpbdo [2019-08-19]
CHR Extension: (AFS) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gckmgjhcejhnfenfbippohhnfjkeaapj [2019-07-08]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-11-28]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2020-09-24]
CHR Extension: (IGRAAL : Cashback & codes promo) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2023-11-10]
CHR Extension: (CrossPilot) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\migomhggnppjdijnfkiimcpjgnhmnale [2023-09-21]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Bypass Paywalls Clean) - J:\projet BeFinance\tuto\hack journaux\hack WSJ\bypass-paywalls-chrome-clean-master\bypass-paywalls-chrome-clean-master [2023-09-06] [UpdateUrl:hxxps://gitlab.com/magnolia1234/bypass-paywalls-chrome-clean/-/raw/master/updates.xml] <==== ATTENTION
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
Opera:
=======
OPR Profile: C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable [2023-12-04]
OPR DownloadDir: J:\x
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-10-16]
OPR Extension: (Opera Wallet) - C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-11-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-02]
OPR Extension: (Amazon Assistant pour Opera) - C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2023-03-30]
Brave:
=======
BRA Profile: C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-12-03]
BRA Extension: (Avira Password Manager) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-11-04]
BRA Extension: (Protection Web Avira) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-05-30]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-12-03]
BRA Extension: (Brave NTP background images) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-09-18]
BRA Extension: (Wallet Data Files Updater) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-11-20]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-12-03]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-09-07]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-09-07]
BRA Extension: (Brave Ad Block Updater (AdGuard Français (plaintext))) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\flnkmpokemfpaajmiimmjeiandgoodgg [2023-12-01]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-11-16]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-12-03]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-09-06]
BRA Extension: (Brave NTP sponsored images) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2023-12-03]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-12-01]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-10-25]
Vivaldi:
=======
VIV Profile: C:\Users\dd\AppData\Local\Vivaldi\User Data\Default [2023-06-01]
VIV Extension: (Avira Password Manager) - C:\Users\dd\AppData\Local\Vivaldi\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-05-27]
VIV Extension: (Protection Web Avira) - C:\Users\dd\AppData\Local\Vivaldi\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-05-27]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2018-02-07] () [Fichier non signé]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 Aloha Mobile service; C:\Users\dd\AppData\Local\Aloha Mobile\Aloha\Application\1.2.1.0\aloha_service.exe [569624 2023-10-30] (ALOHA MOBILE LTD -> )
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-06-01] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-06-01] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\109.0.19987.120\elevation_service.exe [1802816 2023-01-26] (Avast Software s.r.o. -> AVAST Software)
S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6576104 2023-10-11] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [389096 2023-09-06] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [266936 2023-10-31] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [297392 2023-10-31] (Avira Operations GmbH -> Avira Operations GmbH)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-05-30] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-05-30] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11138992 2022-07-27] (Microsoft Corporation -> Microsoft Corporation)
R2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [72648 2023-11-24] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [26512 2023-07-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8930944 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8930944 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-10-10] (Mixbyte Inc -> Freemake)
R2 IceDragonUpdater; C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [2616800 2019-05-29] (Comodo Security Solutions, Inc. -> Comodo Inc.)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-02-21] (Intel CASE -> )
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [402024 2023-04-17] (Proton Technologies AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [328808 2023-04-17] (Proton Technologies AG -> ProtonVPN)
R2 SecurityService; C:\Program Files (x86)\TotalAV\SecurityService.exe [274624 2023-10-31] (Protected Antivirus Limited -> TotalAV) <==== ATTENTION
R2 SparkSvc; C:\Program Files (x86)\baidu\Baidu Browser\sparkservice.exe [97080 2016-01-15] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu Inc.)
S3 SparkUpdater; C:\Program Files (x86)\Baidu\SparkUpdate\Sparkupdate.exe [1372472 2016-01-15] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu.com, Inc.)
R2 UCBrowserSvc; C:\Program Files (x86)\UCBrowser\Application\UCService.exe [629648 2017-02-04] (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> ) <==== ATTENTION
R2 VPNService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\VPNServiceHost.exe [20184 2023-11-16] (Lavasoft Software Canada Inc. -> ) <==== ATTENTION
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.27\bin\httpd.exe [29184 2017-07-07] (Apache Software Foundation) [Fichier non signé]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.2.8\bin\mysqld.exe [14545920 2017-08-17] () [Fichier non signé]
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.19\bin\mysqld.exe [39496704 2017-06-22] () [Fichier non signé]
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [27864 2023-11-16] (Lavasoft Software Canada Inc. -> ) <==== ATTENTION
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\109.1.47.186\elevation_service.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1542656 2009-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R0 BdNet; C:\Windows\System32\DRIVERS\BdNet.sys [180360 2022-12-20] (BullGuard LTD -> BullGuard Ltd.)
R1 BdSentry; C:\Windows\System32\DRIVERS\BdSentry.sys [219448 2023-02-01] (BullGuard LTD -> Avira Operations GmbH)
R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [319376 2021-08-14] (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
R1 netprotection_network_filter; C:\Windows\System32\drivers\netprotection_network_filter.sys [92416 2022-12-15] (Avira Operations GmbH -> Avira Operations GmbH)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [39448 2021-08-19] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win7\ProtonVPN.CalloutDriver.sys [25824 2023-04-17] (Proton Technologies AG -> Proton Technologies AG)
R2 rtp_filesystem_filter; C:\Windows\System32\DRIVERS\rtp_filesystem_filter.sys [230408 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_process_monitor; C:\Windows\System32\DRIVERS\rtp_process_monitor.sys [224512 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\Windows\System32\DRIVERS\rtp_traverse.sys [62632 2022-12-16] (Avira Operations GmbH -> Avira Operations GmbH)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [41792 2021-06-13] (nordvpn s.a. -> The OpenVPN Project)
R3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [39696 2020-12-30] (Proton Technologies AG -> The OpenVPN Project)
U3 Tdeeows_; pas de ImagePath
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R1 webshieldfilter; C:\Windows\System32\drivers\webshieldfilter.sys [86880 2023-10-31] (Protected Antivirus Limited -> Windows (R) Win 7 DDK provider) <==== ATTENTION
R3 wintun; C:\Windows\System32\DRIVERS\wintun.sys [29680 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\DRIVERS\wireguard.sys [489368 2023-06-02] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 MSICDSetup; \??\G:\CDriver64.sys [X]
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]
S3 NTIOLib_1_0_C; \??\G:\NTIOLib_X64.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-12-04 10:25 - 2023-12-04 10:25 - 000000000 ____D C:\Users\dd\Desktop\FRST-OlderVersion
2023-12-03 17:43 - 2023-12-03 17:43 - 000000000 ____D C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avidemux 2.8 VC++ 64bits
2023-12-03 17:43 - 2023-12-03 17:43 - 000000000 ____D C:\Program Files\Avidemux 2.8 VC++ 64bits
2023-12-03 11:09 - 2023-12-03 11:09 - 000000000 ____D C:\Users\dd\Documents\TotalAV
2023-12-03 11:06 - 2023-12-04 09:57 - 000001081 _____ C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
2023-12-03 11:06 - 2023-12-03 11:06 - 000000000 ____D C:\Users\dd\AppData\Local\GUI
2023-12-03 11:06 - 2023-12-03 11:06 - 000000000 ____D C:\ProgramData\SecuritySuite
2023-12-03 11:06 - 2023-10-31 16:01 - 000086880 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\webshieldfilter.sys
2023-12-03 11:03 - 2023-12-03 11:06 - 000000000 ____D C:\ProgramData\TotalAV
2023-12-03 11:03 - 2023-12-03 11:03 - 000000955 _____ C:\Users\Public\Desktop\TotalAV.lnk
2023-12-03 11:02 - 2023-12-04 09:56 - 000000000 ____D C:\Program Files (x86)\TotalAV
2023-12-03 10:59 - 2023-12-03 10:59 - 000003413 _____ C:\Users\dd\Desktop\eqxdrnxvxsgnonexn.txt
2023-12-03 10:44 - 2023-12-03 10:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2023-12-03 10:44 - 2023-12-03 10:44 - 000000000 ____D C:\ProgramData\GridinSoft
2023-12-03 10:23 - 2023-12-03 10:34 - 000069337 _____ C:\Users\dd\Desktop\Addition.txt
2023-12-03 10:21 - 2023-12-04 10:25 - 000056972 _____ C:\Users\dd\Desktop\FRST.txt
2023-12-03 10:21 - 2023-12-04 10:25 - 000000000 ____D C:\FRST
2023-12-03 10:20 - 2023-12-04 10:25 - 002384384 _____ (Farbar) C:\Users\dd\Desktop\FRST64.exe
2023-12-03 10:08 - 2023-12-04 10:08 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-12-03 10:08 - 2023-12-03 10:08 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-12-03 10:08 - 2023-12-03 10:08 - 000003246 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-12-03 10:08 - 2023-12-03 10:08 - 000002796 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - dd
2023-12-03 10:07 - 2023-12-04 09:57 - 000000000 ____D C:\Program Files\CCleaner
2023-12-03 10:07 - 2023-12-03 10:07 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2023-12-03 10:07 - 2023-12-03 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-11-28 09:37 - 2023-11-28 09:37 - 000000000 ____D C:\Users\dd\AppData\Roaming\Thunderbird
2023-11-27 11:15 - 2023-11-27 11:17 - 000011830 _____ C:\Users\dd\Downloads\apivia calculs.ods
2023-11-27 11:10 - 2023-11-27 11:10 - 002900920 _____ C:\Users\dd\Downloads\Mon détail de garantie .pdf
2023-11-27 11:04 - 2023-11-27 11:04 - 000000089 _____ C:\Users\dd\Downloads\tel apivia.txt
2023-11-24 18:40 - 2023-11-24 18:40 - 000000000 ____D C:\ProgramData\CyberGhost
2023-11-24 18:38 - 2023-12-04 09:57 - 000000000 ____D C:\Users\dd\AppData\Local\CyberGhost
2023-11-24 18:38 - 2023-11-24 18:38 - 000001002 _____ C:\Users\dd\Desktop\CyberGhost 8.lnk
2023-11-24 18:38 - 2023-11-24 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 8
2023-11-24 18:38 - 2023-11-24 18:38 - 000000000 ____D C:\Program Files\TAP-Windows
2023-11-24 18:37 - 2023-12-03 10:06 - 000000000 ____D C:\Users\dd\AppData\Roaming\CyberGhost
2023-11-24 18:37 - 2023-11-24 18:38 - 000000000 ____D C:\Program Files\CyberGhost 8
2023-11-23 15:29 - 2023-11-23 15:29 - 000000000 ____D C:\ProgramData\Caphyon
2023-11-22 13:38 - 2023-11-22 13:38 - 000459110 _____ C:\Users\dd\Downloads\www.carrefour2.pdf
2023-11-22 13:37 - 2023-11-22 13:37 - 000578805 _____ C:\Users\dd\Downloads\www.carrefour.pdf
2023-11-22 13:33 - 2023-11-22 13:33 - 000016074 _____ C:\Users\dd\Downloads\8-144-1859_facture.pdf
2023-11-22 13:23 - 2023-11-22 18:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-11-21 10:00 - 2023-11-21 10:00 - 000187054 _____ C:\Users\dd\Downloads\bon but2.pdf
2023-11-20 13:09 - 2023-11-20 13:09 - 000493446 _____ C:\Users\dd\Downloads\gemo].pdf
2023-11-19 18:12 - 2023-11-19 18:13 - 001010015 _____ C:\Users\dd\AppData\Roaming\VideoPad.dmp
2023-11-16 15:37 - 2023-11-24 15:55 - 000000000 ____D C:\Users\dd\dwhelper
2023-11-16 15:37 - 2023-11-16 15:37 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp
2023-11-16 15:32 - 2023-11-16 15:32 - 000000000 ____D C:\Users\dd\AppData\Local\4kdownload.com
2023-11-13 10:07 - 2023-11-13 10:07 - 000093466 _____ C:\Users\dd\Downloads\2023-10-Confirmation - Actualisation _ Pôle emploi.pdf
2023-11-09 17:04 - 2023-11-09 17:04 - 000238425 _____ C:\Users\dd\Downloads\fusion.pdf
2023-11-09 17:03 - 2023-11-09 17:03 - 000128175 _____ C:\Users\dd\Downloads\[laposte2.pdf
2023-11-09 17:02 - 2023-11-09 17:02 - 000123351 _____ C:\Users\dd\Downloads\[laposte1.pdf
2023-11-09 10:18 - 2023-11-09 10:18 - 001738407 _____ C:\Users\dd\Downloads\newsletternovembre23.pdf
2023-11-09 10:16 - 2023-11-09 10:16 - 000003710 _____ C:\Windows\system32\Tasks\Avira_Security_Maintenance
2023-11-09 10:16 - 2023-11-09 10:16 - 000003232 _____ C:\Windows\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2023-11-09 10:16 - 2023-11-09 10:16 - 000002648 _____ C:\Windows\system32\Tasks\Avira_Security_Systray
2023-11-07 15:31 - 2023-11-07 15:34 - 000000333 _____ C:\Users\dd\Downloads\irina.txt
2023-11-05 11:39 - 2023-12-03 18:02 - 000000000 ____D C:\Users\dd\AppData\Roaming\HandBrake
2023-11-05 11:39 - 2023-11-05 11:39 - 000000000 ____D C:\Users\dd\AppData\Roaming\HandBrake Team
2023-11-05 11:38 - 2023-11-05 11:38 - 000000983 _____ C:\Users\dd\Desktop\HandBrake.lnk
2023-11-05 11:38 - 2023-11-05 11:38 - 000000000 ____D C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2023-11-05 11:38 - 2023-11-05 11:38 - 000000000 ____D C:\Program Files (x86)\HandBrake
2023-11-05 11:14 - 2023-11-05 11:14 - 000050048 _____ (Avast Software) C:\Windows\system32\icarus_rvrt.exe
2023-11-05 11:14 - 2023-11-05 11:14 - 000000000 ____D C:\ProgramData\AVG
2023-11-05 11:14 - 2023-11-05 11:14 - 000000000 ____D C:\Program Files\Common Files\AVG
2023-11-05 11:14 - 2023-11-05 11:14 - 000000000 ____D C:\Program Files\AVG
2023-11-05 11:11 - 2023-11-05 11:11 - 000000000 ____D C:\Users\dd\AppData\Local\OneBrowser
2023-11-05 11:07 - 2023-11-05 11:09 - 102072624 _____ (Free Time Co., Ltd) C:\Users\dd\Downloads\setup.exe
2023-11-05 11:06 - 2023-11-05 11:06 - 000000000 ____D C:\Program Files (x86)\CreditchbUtility
2023-11-04 18:50 - 2023-11-04 18:50 - 000000032 _____ C:\Users\dd\Downloads\gemo ducogo.txt
2023-11-04 16:50 - 2023-11-04 16:50 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2023-11-04 16:48 - 2023-11-05 10:51 - 000000000 ____D C:\Users\dd\AppData\Local\Wondershare
2023-11-04 16:47 - 2023-11-24 10:44 - 000000000 ____D C:\Program Files\Wondershare
2023-11-04 16:42 - 2023-11-04 16:48 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2023-11-04 16:33 - 2023-11-04 16:33 - 000001260 _____ C:\Users\Public\Desktop\VideoProc Converter AI.lnk
2023-11-04 16:33 - 2023-11-04 16:33 - 000000000 ____D C:\Users\dd\AppData\Roaming\Digiarty
2023-11-04 16:33 - 2023-11-04 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoProc Converter AI
2023-11-04 16:33 - 2023-11-04 16:33 - 000000000 ____D C:\Program Files (x86)\Digiarty
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-12-04 10:24 - 2018-02-05 11:13 - 000000000 ____D C:\Users\dd\AppData\Roaming\vlc
2023-12-04 10:09 - 2009-07-14 05:45 - 000025792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-12-04 10:09 - 2009-07-14 05:45 - 000025792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-12-04 10:06 - 2018-02-04 20:46 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-04 10:02 - 2022-09-06 18:55 - 000002554 _____ C:\Windows\system32\Tasks\UCBrowserUpdaterCore
2023-12-04 10:02 - 2022-09-06 18:55 - 000000450 _____ C:\Windows\Tasks\UCBrowserUpdater.job
2023-12-04 10:02 - 2022-09-06 18:55 - 000000286 _____ C:\Windows\Tasks\UCBrowserUpdaterCore.job
2023-12-04 10:00 - 2009-07-14 16:24 - 000747644 _____ C:\Windows\system32\perfh00C.dat
2023-12-04 10:00 - 2009-07-14 16:24 - 000150168 _____ C:\Windows\system32\perfc00C.dat
2023-12-04 10:00 - 2009-07-14 06:13 - 001669584 _____ C:\Windows\system32\PerfStringBackup.INI
2023-12-04 10:00 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2023-12-04 09:58 - 2022-09-06 23:07 - 000000000 ____D C:\Users\dd\AppData\Local\Epic Privacy Browser
2023-12-04 09:55 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-12-03 19:22 - 2022-06-29 15:05 - 012015560 _____ C:\Windows\system32\rtp.db
2023-12-03 18:28 - 2023-04-26 12:27 - 000000000 ____D C:\Users\dd\AppData\Roaming\avidemux
2023-12-03 15:36 - 2018-02-07 13:22 - 000000000 ____D C:\Users\dd\AppData\Roaming\Adobe
2023-12-03 15:36 - 2018-02-07 13:22 - 000000000 ____D C:\ProgramData\Adobe
2023-12-03 15:26 - 2023-05-27 08:58 - 000000000 ____D C:\Users\dd\AppData\LocalLow\Comodo
2023-12-03 14:13 - 2023-05-10 09:41 - 000000000 ____D C:\Windows\system32\Tasks\NCH Software
2023-12-03 10:59 - 2018-02-05 23:47 - 000000000 ____D C:\Users\dd\AppData\Local\CrashDumps
2023-12-03 10:12 - 2018-02-04 20:40 - 000000000 ____D C:\ProgramData\Package Cache
2023-12-03 09:57 - 2009-07-14 05:45 - 000564960 _____ C:\Windows\system32\FNTCACHE.DAT
2023-12-02 16:07 - 2018-02-04 20:49 - 000152576 _____ C:\Users\dd\AppData\Local\GDIPFONTCACHEV1.DAT
2023-12-02 12:48 - 2023-05-10 11:27 - 000000000 ____D C:\Users\dd\AppData\Roaming\Bandicam Company
2023-12-02 10:02 - 2018-02-05 11:19 - 000000000 ____D C:\Users\dd\AppData\Roaming\Lavasoft
2023-12-02 10:02 - 2018-02-05 11:19 - 000000000 ____D C:\Users\dd\AppData\Local\Lavasoft
2023-12-02 10:02 - 2018-02-05 11:19 - 000000000 ____D C:\ProgramData\Lavasoft
2023-12-01 10:33 - 2018-02-04 20:46 - 000003798 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-12-01 10:33 - 2018-02-04 20:46 - 000003670 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-11-30 10:30 - 2018-06-24 16:15 - 000000000 ____D C:\Program Files\Opera
2023-11-28 09:37 - 2019-01-31 00:11 - 000000000 ____D C:\ProgramData\Mozilla
2023-11-28 09:37 - 2018-02-05 10:51 - 000000000 ____D C:\Users\dd\AppData\LocalLow\Mozilla
2023-11-24 20:49 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2023-11-24 18:24 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\DVD Maker
2023-11-24 18:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2023-11-24 18:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2023-11-24 18:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Setup
2023-11-24 18:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\migwiz
2023-11-24 18:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-11-24 18:11 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-11-24 18:11 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Dism
2023-11-24 10:44 - 2022-04-01 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2023-11-24 10:44 - 2022-04-01 10:39 - 000000000 ____D C:\ProgramData\Wondershare
2023-11-22 18:47 - 2018-02-05 10:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-11-22 13:28 - 2021-10-09 14:16 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-11-16 18:12 - 2022-02-10 22:14 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-11-16 15:37 - 2018-02-04 20:36 - 000000000 ____D C:\Users\dd
2023-11-16 15:32 - 2023-05-30 11:35 - 000000000 ____D C:\Users\dd\AppData\Local\cache
2023-11-14 14:01 - 2022-10-11 16:33 - 000002019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-11-13 16:53 - 2021-05-26 16:36 - 000000000 ____D C:\Users\dd\AppData\Local\Windows Live
2023-11-12 16:47 - 2023-06-01 00:01 - 000002437 _____ C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aloha.lnk
2023-11-12 16:47 - 2023-06-01 00:01 - 000002400 _____ C:\Users\dd\Desktop\Aloha.lnk
2023-11-09 10:17 - 2021-04-15 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2023-11-09 10:16 - 2021-04-15 12:29 - 000000965 _____ C:\Users\Public\Desktop\Avira.lnk
2023-11-09 10:16 - 2020-10-29 12:38 - 000003310 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2023-11-06 23:02 - 2018-06-24 16:15 - 000003854 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1529853331
2023-11-05 11:12 - 2023-06-01 00:32 - 000000000 ____D C:\Users\dd\AppData\Local\BrightData
2023-11-05 11:12 - 2023-06-01 00:32 - 000000000 ____D C:\ProgramData\BrightData
2023-11-04 16:59 - 2022-04-01 10:39 - 000000000 ____D C:\Users\dd\AppData\Roaming\Wondershare
2023-11-04 14:21 - 2022-09-06 18:55 - 000003428 _____ C:\Windows\system32\Tasks\UCBrowserUpdater
==================== Fichiers à la racine de certains dossiers ========
2023-05-09 10:55 - 2023-05-10 18:19 - 000000116 _____ () C:\Users\dd\AppData\Roaming\Camdata.ini
2023-05-09 10:55 - 2023-05-10 18:19 - 000000408 _____ () C:\Users\dd\AppData\Roaming\CamLayout.ini
2023-05-09 10:55 - 2023-05-10 18:19 - 000000408 _____ () C:\Users\dd\AppData\Roaming\CamShapes.ini
2023-05-09 10:55 - 2023-05-10 10:43 - 000004535 _____ () C:\Users\dd\AppData\Roaming\CamStudio.cfg
2021-06-23 10:32 - 2021-06-23 10:32 - 000000068 _____ () C:\Users\dd\AppData\Roaming\changzhi_leidian.data
2021-08-11 20:12 - 2021-08-11 20:12 - 000000154 _____ () C:\Users\dd\AppData\Roaming\changzhi_leidianmac.data
2023-05-11 16:26 - 2023-05-11 16:46 - 000001005 _____ () C:\Users\dd\AppData\Roaming\mplex-log.log
2023-05-11 16:25 - 2023-05-11 16:48 - 000002407 _____ () C:\Users\dd\AppData\Roaming\PPTConverter.log
2023-05-09 10:52 - 2023-05-10 10:45 - 000000377 _____ () C:\Users\dd\AppData\Roaming\version2.xml
2023-11-19 18:12 - 2023-11-19 18:13 - 001010015 _____ () C:\Users\dd\AppData\Roaming\VideoPad.dmp
2021-01-25 00:38 - 2023-09-07 11:34 - 000007680 _____ () C:\Users\dd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-08-17 19:22 - 2020-08-17 19:22 - 000004096 ____H () C:\Users\dd\AppData\Local\keyfile3.drm
2022-09-07 00:35 - 2022-09-07 00:35 - 000007629 _____ () C:\Users\dd\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2023-11-28 10:25
==================== Fin de FRST.txt ========================