Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 3.02.2019
Exécuté par DUDU (administrateur) sur PC-DE-DUDU (19-10-2023 17:01:32)
Exécuté depuis C:\Users\DUDU\AppData\Desktop\FRST
Profils chargés: DUDU (Profils disponibles: DUDU)
Platform: Windows Vista (TM) Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
() C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Axaware) C:\Program Files (x86)\Axaware\SpamBully 4 for Outlook Express\sb4service.exe
() C:\Program Files (x86)\Tor\tor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Michel Krämer) C:\Program Files\Spamihilator\spamihilator.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Farbar) C:\Users\DUDU\AppData\Desktop\FRST\FRST64 (3).exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\MountPoints2: {7083c17d-4cf9-11e1-892f-00248c212b84} - F:\DVAP.exe
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\MountPoints2: {9eb50319-88d3-11df-b644-00248c212b84} - G:\DPFMate.exe
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\MountPoints2: {a7f7595f-5509-11e2-8f70-00248c212b84} - G:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\MountPoints2: {c6fefb27-0c0e-11e7-963b-00248c212b84} - G:\Setup.exe
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\MountPoints2: {c8122702-7b90-11df-8453-00248c212b84} - G:\Toshiba\more4you.exe
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\MountPoints2: {d2f3f7b7-3ff9-11e7-8bfa-806e6f6e6963} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\MountPoints2: {f6d216c0-881e-11df-9cce-00248c212b84} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\launcher.exe
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\MountPoints2: {f799ae92-3f6b-11e1-8bb5-00248c212b84} - F:\APPInst.exe
HKLM\...\Drivers32-x32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [220672 2008-01-21] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [685056 2009-05-01] (DivX, Inc.)
HKLM\...\Drivers32-x32: [vidc.yv12] => C:\Windows\SysWOW64\DivX.dll [685056 2009-05-01] (DivX, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\49.0.79.76\Installer\chrmstp.exe [2018-10-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2023-01-17] (Google Inc -> Google Inc.)
IFEO\pdfeditor.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IFEO\settingseditor.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IFEO\vsbatch2pdf.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IFEO\vspdf2word.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IFEO\vspdfprsrv.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
Startup: C:\Users\DUDU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spamihilator.lnk [2022-02-26]
ShortcutTarget: Spamihilator.lnk -> C:\Program Files\Spamihilator\spamihilator.exe (Michel Krämer)
BootExecute: autocheck autochk *
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{14C8AC34-7627-4BD3-B061-9A6F2917C0D4}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{7AC1BEB0-DFEA-4896-83A4-B043F335347C}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{D1E87935-149B-4FD2-A80D-8E5C058D57AC}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/?ocid=iehp
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL =
SearchScopes: HKLM -> {8FA8CF48-84DE-48E4-BC86-2CE033C98BA7} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM -> {E912A64F-8AA9-4F39-BD13-FCA04E1FDB8E} URL = hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-05] (Google Inc -> Google Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc. -> McAfee, Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealNetworks, Inc. -> RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-04-03] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-05] (Google Inc -> Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-04-03] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Pas de fichier
Toolbar: HKLM - Pas de nom - !{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - Pas de fichier
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Pas de fichier
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-05] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Pas de nom - !{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - Pas de fichier
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-05] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-2260066265-393213169-1671809853-1000 -> Pas de nom - {472734EA-242A-422B-ADF8-83D1E48CC825} - Pas de fichier
Toolbar: HKU\S-1-5-21-2260066265-393213169-1671809853-1000 -> Pas de nom - {7CD364C4-812B-4CB1-A30A-AAE798E5E59E} - Pas de fichier
Toolbar: HKU\S-1-5-21-2260066265-393213169-1671809853-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-05] (Google Inc -> Google Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2014-04-01] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2014-04-01] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2014-04-01] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2014-04-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\DUDU\AppData\Roaming\Mozilla\Firefox\Profiles\5pqug0ww.default-1495786349536 [2023-10-19]
FF user.js: detected! => C:\Users\DUDU\AppData\Roaming\Mozilla\Firefox\Profiles\5pqug0ww.default-1495786349536\user.js [2018-04-26]
FF Homepage: Mozilla\Firefox\Profiles\5pqug0ww.default-1495786349536 -> about:home
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\DUDU\AppData\Roaming\Mozilla\Firefox\Profiles\5pqug0ww.default-1495786349536\Extensions\sp@avast.com.xpi [2019-02-05]
FF Extension: (Avast Online Security & Privacy) - C:\Users\DUDU\AppData\Roaming\Mozilla\Firefox\Profiles\5pqug0ww.default-1495786349536\Extensions\wrc@avast.com.xpi [2023-03-03]
FF Extension: (Hotfix for Firefox bug 1548973 (armagaddon 2.0) mitigation) - C:\Users\DUDU\AppData\Roaming\Mozilla\Firefox\Profiles\5pqug0ww.default-1495786349536\features\{b778c741-f49f-43ff-9953-05c88f58fe91}\hotfix-bug-1548973@mozilla.org.xpi [2020-07-27] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-11-04] [Legacy] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: (PDF Architect 2 Creator) - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-01-24] [Legacy] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-06-16] [Legacy] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: (McAfee Security Scan Plus) - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [Legacy] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_314.dll [2020-01-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.)
FF Plugin-x32: @Diginext.fr/VirtualGeoGP -> C:\Program Files (x86)\VirtualGeo3-GP\WebPlugin\Win32\npQtAPI3DPlugin.dll [2014-03-21] (DIGINEXT)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [2009-05-19] (DivX, Inc)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-04-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-04-03] (Oracle Corporation)
FF Plugin-x32: @ma-config.com/HardwareDetection -> C:\Program Files (x86)\ma-config.com\nphardwaredetection.dll [2011-11-14] (Cybelsoft)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-06-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-06-16] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2260066265-393213169-1671809853-1000: @tools.google.com/Google Update;version=3 -> C:\Users\DUDU\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-2260066265-393213169-1671809853-1000: @tools.google.com/Google Update;version=9 -> C:\Users\DUDU\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [Pas de fichier]
Chrome:
=======
CHR Profile: C:\Users\DUDU\AppData\Local\Google\Chrome\User Data\Default [2023-10-19]
CHR Extension: (Avast Online Security) - C:\Users\DUDU\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-04-08]
CHR Extension: (RealDownloader) - C:\Users\DUDU\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2019-02-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\DUDU\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-03]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-08-25] (Adobe) [Fichier non signé]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-10-27] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-10-27] (AVAST Software s.r.o. -> AVAST Software)
S3 ExpressInvoiceService; C:\Program Files (x86)\NCH Software\ExpressInvoice\expressinvoice.exe [2645216 2017-10-14] (NCH Software -> NCH Software)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Fichier non signé]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Fichier non signé]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Fichier non signé]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-02-28] (Hewlett-Packard Co.) [Fichier non signé]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-02-28] (Hewlett-Packard Co.) [Fichier non signé]
S3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] (Canon Inc. -> )
S3 InstallClick; C:\Program Files (x86)\RIFT Technologies\InstallClick Connector\installclick.exe [149840 2012-04-26] (RIFT Technologies -> )
S3 maconfservice; C:\Program Files (x86)\ma-config.com\maconfservice.exe [311928 2011-11-14] (Cybelsoft -> CybelSoft)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc. -> McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2009-11-12] (Numedia Soft, Inc. -> )
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH -> pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH -> pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] (RealNetworks, Inc. -> )
R2 ServiceSB4; C:\Program Files (x86)\Axaware\SpamBully 4 for Outlook Express\sb4service.exe [585008 2010-06-08] (Axaware LLC -> Axaware)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [2743310 2011-12-25] () [Fichier non signé]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Windows -> Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [486456 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 adpahci; C:\Windows\system32\drivers\adpahci.sys [342584 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 adpu160m; C:\Windows\system32\drivers\adpu160m.sys [126520 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 adpu320; C:\Windows\system32\drivers\adpu320.sys [185912 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 aic78xx; C:\Windows\system32\drivers\djsvs.sys [88168 2006-11-02] (Microsoft Windows -> Adaptec, Inc.)
S4 aliide; C:\Windows\system32\drivers\aliide.sys [15976 2008-01-21] (Microsoft Windows -> Acer Laboratories Inc.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (APOWERSOFT LIMITED -> Wondershare)
S4 arc; C:\Windows\system32\drivers\arc.sys [90680 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 arcsas; C:\Windows\system32\drivers\arcsas.sys [91192 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201240 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230344 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201768 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346592 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59496 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239840 2020-05-22] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46384 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163416 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr.sys [79632 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87432 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028672 2019-05-23] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469272 2019-05-23] (AVAST Software s.r.o. -> AVAST Software)
R3 aswStmXP; C:\Windows\System32\drivers\aswStmXP.sys [188144 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380464 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
S4 cmdide; C:\Windows\system32\drivers\cmdide.sys [18024 2008-01-21] (Microsoft Windows -> CMD Technology, Inc.)
S3 driverhardwarev2x64; C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [16640 2011-07-21] (Cybelsoft -> CybelSoft)
S4 elxstor; C:\Windows\system32\drivers\elxstor.sys [397368 2008-01-21] (Microsoft Windows -> Emulex)
S3 fbxusb; C:\Windows\System32\DRIVERS\fbxusb64.sys [39320 2007-08-27] (Freebox -> FreeBox SA)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-06-13] (GFI Software Development Ltd. -> GFI Software)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2019-02-03] (Glarysoft LTD -> Glarysoft Ltd)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [269824 2006-04-13] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [48640 2009-02-26] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [33280 2006-04-13] (HP)
S4 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [37480 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
S4 iteraid; C:\Windows\system32\drivers\iteraid.sys [37480 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2023-09-29] (Malwarebytes Corporation -> Malwarebytes)
S4 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51816 2006-11-02] (Microsoft Windows -> IBM Corporation)
R0 nvrd64; C:\Windows\System32\drivers\nvrd64.sys [166944 2008-07-21] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; C:\Program Files\PC-Doctor for Windows\PCD5SRVC_x64.pkms [25888 2008-11-05] (PC-Doctor, Inc.) [Fichier non signé]
S4 ql2300; C:\Windows\system32\drivers\ql2300.sys [1221176 2008-01-21] (Microsoft Windows -> QLogic Corporation)
S4 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [124008 2006-11-02] (Microsoft Windows -> QLogic Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit Information Technology -> IObit)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2009-11-12] () [Fichier non signé]
S3 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [7168 2009-11-12] () [Fichier non signé]
S4 uliahci; C:\Windows\system32\drivers\uliahci.sys [284728 2008-01-21] (Microsoft Windows -> ULi Electronics Inc.)
S4 UlSata; C:\Windows\system32\drivers\ulsata.sys [148072 2006-11-02] (Microsoft Windows -> Promise Technology, Inc.)
S4 ulsata2; C:\Windows\system32\drivers\ulsata2.sys [174696 2008-01-21] (Microsoft Windows -> Promise Technology, Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [50688 2010-04-19] (Apple, Inc.) [Fichier non signé]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2008-11-28] (CyberLink -> CyberLink Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 JLTECH0227; System32\Drivers\jl2005c.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-10-19 11:15 - 2023-10-19 11:17 - 060602400 _____ (Piriform Software Ltd) C:\Users\DUDU\Downloads\ccsetup617_pro_trial(3).exe
2023-10-19 10:33 - 2023-10-19 10:33 - 060602400 _____ (Piriform Software Ltd) C:\Users\DUDU\Downloads\ccsetup617_pro_trial(2).exe
2023-10-19 10:24 - 2023-10-19 10:25 - 060602400 _____ (Piriform Software Ltd) C:\Users\DUDU\Downloads\ccsetup617_pro_trial(1).exe
2023-10-19 10:10 - 2023-10-19 10:11 - 060602400 _____ (Piriform Software Ltd) C:\Users\DUDU\Downloads\ccsetup617_pro_trial.exe
2023-10-19 09:27 - 2023-10-19 09:27 - 002383360 _____ (Farbar) C:\Users\DUDU\Downloads\FRST64(5).exe
2023-10-19 09:22 - 2023-10-19 09:22 - 005793080 _____ (Crystal Dew World ) C:\Users\DUDU\Downloads\crystaldiskinfo_9-1-1_fr_306038(1).exe
2023-10-19 09:20 - 2023-10-19 09:20 - 005793080 _____ (Crystal Dew World ) C:\Users\DUDU\Downloads\crystaldiskinfo_9-1-1_fr_306038.exe
2023-10-19 09:16 - 2023-10-19 09:16 - 005793080 _____ (Crystal Dew World ) C:\Users\DUDU\Downloads\crystaldiskinfo-9-1-1.exe
2023-10-19 08:37 - 2023-10-19 08:37 - 001340160 _____ (Solvusoft Corporation) C:\Users\DUDU\Downloads\Setup_FileViewPro_2024.exe
2023-10-17 11:48 - 2023-10-17 11:48 - 000000000 ____D C:\Users\DUDU\AppData\Roaming\pdfforge_GmbH
2023-10-02 15:55 - 2023-10-02 15:55 - 000000000 ____D C:\Users\DUDU\AppData\Local\Adobe
==================== Un mois (modifiés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-10-19 17:01 - 2019-01-31 20:42 - 000000000 ____D C:\FRST
2023-10-19 17:00 - 2017-05-29 18:02 - 000000000 ____D C:\Users\DUDU\AppData\LocalLow\Mozilla
2023-10-19 16:54 - 2009-02-11 17:35 - 000714758 _____ C:\Windows\system32\perfh00C.dat
2023-10-19 16:54 - 2009-02-11 17:35 - 000141878 _____ C:\Windows\system32\perfc00C.dat
2023-10-19 16:54 - 2006-11-02 15:33 - 000000000 ____D C:\Windows\inf
2023-10-19 16:54 - 2006-11-02 14:46 - 001593474 _____ C:\Windows\system32\PerfStringBackup.INI
2023-10-19 16:50 - 2009-05-11 16:55 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-19 16:49 - 2022-02-26 12:34 - 000000000 ____D C:\Users\DUDU\AppData\Roaming\Spamihilator
2023-10-19 16:48 - 2010-05-20 21:46 - 000109640 _____ C:\ProgramData\nvModes.001
2023-10-19 16:48 - 2006-11-02 17:42 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-10-19 16:48 - 2006-11-02 17:22 - 000003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2023-10-19 16:48 - 2006-11-02 17:22 - 000003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2023-10-19 11:50 - 2006-11-02 17:42 - 000032562 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2023-10-19 10:19 - 2015-01-24 13:17 - 000000000 ____D C:\Users\DUDU\AppData\Local\PDFCreator
2023-10-19 10:17 - 2011-10-28 19:00 - 000000000 ____D C:\Users\DUDU\AppData\Local\CrashDumps
2023-10-19 09:35 - 2019-01-31 20:44 - 000057074 _____ C:\Users\DUDU\Downloads\Addition.txt
2023-10-19 09:35 - 2019-01-31 20:42 - 000044209 _____ C:\Users\DUDU\Downloads\FRST.txt
2023-10-19 09:07 - 2010-05-20 21:02 - 000109640 _____ C:\ProgramData\nvModes.dat
2023-10-17 11:55 - 2009-05-11 19:46 - 000000000 ____D C:\Users\DUDU\AppData\Local\Paint.NET
2023-10-17 11:16 - 2017-04-17 22:35 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2023-10-17 11:08 - 2018-10-04 18:53 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2023-10-13 13:34 - 2012-07-05 20:01 - 000000000 ____D C:\Users\DUDU\Documents\accident
2023-10-05 10:13 - 2011-09-05 19:12 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2023-09-30 09:37 - 2015-07-16 07:03 - 000003798 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2023-09-30 09:37 - 2015-07-16 07:03 - 000003670 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2023-09-29 08:13 - 2019-05-28 20:04 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2023-09-27 12:16 - 2015-09-29 18:46 - 000000000 ____D C:\ProgramData\CanonIJPLM
2023-09-25 15:40 - 2010-02-21 17:03 - 000000000 ____D C:\Users\DUDU\AppData\Roaming\vlc
==================== Fichiers à la racine de certains dossiers =======
2013-06-13 18:59 - 2013-06-13 18:59 - 000129536 _____ () C:\Users\Public\AlexaNSISPlugin.4872.dll
2017-11-17 21:04 - 2017-11-17 21:04 - 007649280 _____ () C:\Program Files (x86)\GUT1880.tmp
2010-01-02 17:01 - 2010-01-02 17:01 - 000000019 _____ () C:\Users\DUDU\AppData\Roaming\4e6ef303
2009-10-01 19:16 - 2010-01-02 17:14 - 000005609 ___SH () C:\Users\DUDU\AppData\Roaming\9eeef404684C.manifest
2009-10-01 19:16 - 2010-01-02 17:14 - 000000011 ___SH () C:\Users\DUDU\AppData\Roaming\9eeef404684O.manifest
2009-10-01 19:16 - 2010-01-02 17:14 - 000003025 ___SH () C:\Users\DUDU\AppData\Roaming\9eeef404684P.manifest
2009-10-01 19:16 - 2010-01-02 17:14 - 000000011 ___SH () C:\Users\DUDU\AppData\Roaming\9eeef404684S.manifest
2010-01-02 17:01 - 2010-01-02 17:14 - 000000344 ___SH () C:\Users\DUDU\AppData\Roaming\9eeef404724C.manifest
2010-01-02 17:01 - 2010-01-02 17:13 - 000000079 ___SH () C:\Users\DUDU\AppData\Roaming\9eeef404724O.manifest
2010-01-02 17:01 - 2010-01-02 17:14 - 000002089 ___SH () C:\Users\DUDU\AppData\Roaming\9eeef404724P.manifest
2010-01-02 17:01 - 2010-01-02 17:13 - 000000011 ___SH () C:\Users\DUDU\AppData\Roaming\9eeef404724S.manifest
2010-01-02 17:06 - 2010-01-02 17:06 - 000001372 _____ () C:\Users\DUDU\AppData\Roaming\9llLuT7.vbs
2014-09-01 10:18 - 2014-09-01 10:18 - 000002086 _____ () C:\Users\DUDU\AppData\Roaming\JAUTBY
2015-12-22 10:46 - 2015-12-22 10:54 - 000000115 _____ () C:\Users\DUDU\AppData\Roaming\LogFile.txt
2017-01-05 22:02 - 2017-01-05 22:02 - 000000292 _____ () C:\Users\DUDU\AppData\Roaming\mplex-log.log
2014-09-01 10:18 - 2014-09-01 10:18 - 000001248 _____ () C:\Users\DUDU\AppData\Roaming\OIELWDEM
2010-05-14 10:13 - 2010-05-14 10:13 - 000007859 _____ () C:\Users\DUDU\AppData\Roaming\pcouffin.cat
2010-05-14 10:13 - 2010-05-14 10:13 - 000001167 _____ () C:\Users\DUDU\AppData\Roaming\pcouffin.inf
2010-05-14 10:13 - 2010-05-14 10:13 - 000000055 _____ () C:\Users\DUDU\AppData\Roaming\pcouffin.log
2017-01-05 21:40 - 2017-01-05 22:02 - 000000395 _____ () C:\Users\DUDU\AppData\Roaming\PPTConverter.log
2010-01-02 17:09 - 2010-01-02 17:09 - 000001372 _____ () C:\Users\DUDU\AppData\Roaming\RjcRZozk9m6rk.vbs
2010-01-02 17:14 - 2010-01-02 17:14 - 000001372 _____ () C:\Users\DUDU\AppData\Roaming\t5pLBYh.vbs
2009-11-13 18:55 - 2009-11-13 18:55 - 000026311 _____ () C:\Users\DUDU\AppData\Roaming\UserTile.png
2014-03-10 21:20 - 2014-04-01 18:58 - 000000079 _____ () C:\Users\DUDU\AppData\Roaming\WB.CFG
2016-07-20 21:04 - 2017-01-12 20:40 - 000000398 _____ () C:\Users\DUDU\AppData\Roaming\wklnhst.dat
2010-01-02 17:01 - 2010-01-02 17:01 - 000001372 _____ () C:\Users\DUDU\AppData\Roaming\zAnwR.vbs
2017-04-13 18:59 - 2017-04-13 18:59 - 000000000 ____H () C:\Users\DUDU\AppData\Local\BIT9E90.tmp
2014-04-19 20:07 - 2018-08-21 22:29 - 000008268 _____ () C:\Users\DUDU\AppData\Local\d3d9caps.dat
2009-04-25 13:24 - 2020-04-04 20:07 - 000158720 _____ () C:\Users\DUDU\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-02-10 21:14 - 2021-02-10 21:14 - 000325870 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI0DFE.txt
2018-09-17 19:35 - 2018-09-17 19:35 - 000329994 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI1831.txt
2011-11-01 15:07 - 2011-11-01 15:07 - 000336906 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI1D0E.txt
2011-06-06 19:26 - 2011-06-06 19:26 - 000338960 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI3760.txt
2020-04-08 11:19 - 2020-04-08 11:19 - 000421594 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI45F2.txt
2013-07-04 19:20 - 2013-07-04 19:20 - 000318970 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI597B.txt
2010-01-07 21:26 - 2010-01-07 21:26 - 000325462 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI6466.txt
2010-01-07 21:26 - 2010-01-07 21:26 - 000348790 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI6477.txt
2010-05-06 16:54 - 2010-05-06 16:54 - 000427310 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI660F.txt
2021-02-10 21:13 - 2021-02-10 21:14 - 000012530 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI0DFE.txt
2018-09-17 19:35 - 2018-09-17 19:35 - 000011218 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI1831.txt
2011-11-01 15:07 - 2011-11-01 15:07 - 000014602 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI1D0E.txt
2011-06-06 19:26 - 2011-06-06 19:26 - 000016242 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI3760.txt
2020-04-08 11:19 - 2020-04-08 11:19 - 000011706 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI45F2.txt
2015-02-06 21:13 - 2015-02-06 21:13 - 000014802 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI51B5.txt
2015-02-06 21:13 - 2015-02-06 21:13 - 000015094 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI51C9.txt
2013-07-04 19:20 - 2013-07-04 19:20 - 000011218 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI597B.txt
2010-01-07 21:26 - 2010-01-07 21:26 - 000011234 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI6466.txt
2010-01-07 21:26 - 2010-01-07 21:26 - 000011442 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI6477.txt
2010-05-06 16:54 - 2010-05-06 16:54 - 000011610 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI660F.txt
2010-12-23 11:55 - 2010-12-23 11:55 - 000000036 _____ () C:\Users\DUDU\AppData\Local\housecall.guid.cache
2016-12-18 12:02 - 2022-12-15 10:41 - 000004096 ____H () C:\Users\DUDU\AppData\Local\keyfile3.drm
2013-06-17 20:32 - 2013-06-17 20:32 - 000000001 _____ () C:\Users\DUDU\AppData\Local\llftool.4.30.agreement
2014-04-09 19:38 - 2014-04-09 19:38 - 000002701 _____ () C:\Users\DUDU\AppData\Local\recently-used.xbel
2014-04-24 21:38 - 2014-04-24 21:38 - 000000840 _____ () C:\Users\DUDU\AppData\Local\ZHPFixReport.txt
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\dllhost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\dllhost.exe => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2023-10-19 16:53
==================== Fin de FRST.txt ============================
Exécuté par DUDU (administrateur) sur PC-DE-DUDU (19-10-2023 17:01:32)
Exécuté depuis C:\Users\DUDU\AppData\Desktop\FRST
Profils chargés: DUDU (Profils disponibles: DUDU)
Platform: Windows Vista (TM) Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
() C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Axaware) C:\Program Files (x86)\Axaware\SpamBully 4 for Outlook Express\sb4service.exe
() C:\Program Files (x86)\Tor\tor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Michel Krämer) C:\Program Files\Spamihilator\spamihilator.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Farbar) C:\Users\DUDU\AppData\Desktop\FRST\FRST64 (3).exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\MountPoints2: {7083c17d-4cf9-11e1-892f-00248c212b84} - F:\DVAP.exe
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\MountPoints2: {9eb50319-88d3-11df-b644-00248c212b84} - G:\DPFMate.exe
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\MountPoints2: {a7f7595f-5509-11e2-8f70-00248c212b84} - G:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\MountPoints2: {c6fefb27-0c0e-11e7-963b-00248c212b84} - G:\Setup.exe
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\MountPoints2: {c8122702-7b90-11df-8453-00248c212b84} - G:\Toshiba\more4you.exe
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\MountPoints2: {d2f3f7b7-3ff9-11e7-8bfa-806e6f6e6963} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\MountPoints2: {f6d216c0-881e-11df-9cce-00248c212b84} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\launcher.exe
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\MountPoints2: {f799ae92-3f6b-11e1-8bb5-00248c212b84} - F:\APPInst.exe
HKLM\...\Drivers32-x32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [220672 2008-01-21] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [685056 2009-05-01] (DivX, Inc.)
HKLM\...\Drivers32-x32: [vidc.yv12] => C:\Windows\SysWOW64\DivX.dll [685056 2009-05-01] (DivX, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\49.0.79.76\Installer\chrmstp.exe [2018-10-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2023-01-17] (Google Inc -> Google Inc.)
IFEO\pdfeditor.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IFEO\settingseditor.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IFEO\vsbatch2pdf.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IFEO\vspdf2word.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IFEO\vspdfprsrv.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
Startup: C:\Users\DUDU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spamihilator.lnk [2022-02-26]
ShortcutTarget: Spamihilator.lnk -> C:\Program Files\Spamihilator\spamihilator.exe (Michel Krämer)
BootExecute: autocheck autochk *
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{14C8AC34-7627-4BD3-B061-9A6F2917C0D4}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{7AC1BEB0-DFEA-4896-83A4-B043F335347C}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{D1E87935-149B-4FD2-A80D-8E5C058D57AC}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/?ocid=iehp
HKU\S-1-5-21-2260066265-393213169-1671809853-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL =
SearchScopes: HKLM -> {8FA8CF48-84DE-48E4-BC86-2CE033C98BA7} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM -> {E912A64F-8AA9-4F39-BD13-FCA04E1FDB8E} URL = hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-05] (Google Inc -> Google Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc. -> McAfee, Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealNetworks, Inc. -> RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-04-03] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-05] (Google Inc -> Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-04-03] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Pas de fichier
Toolbar: HKLM - Pas de nom - !{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - Pas de fichier
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Pas de fichier
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-05] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Pas de nom - !{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - Pas de fichier
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-05] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-2260066265-393213169-1671809853-1000 -> Pas de nom - {472734EA-242A-422B-ADF8-83D1E48CC825} - Pas de fichier
Toolbar: HKU\S-1-5-21-2260066265-393213169-1671809853-1000 -> Pas de nom - {7CD364C4-812B-4CB1-A30A-AAE798E5E59E} - Pas de fichier
Toolbar: HKU\S-1-5-21-2260066265-393213169-1671809853-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-05] (Google Inc -> Google Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2014-04-01] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2014-04-01] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2014-04-01] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2014-04-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\DUDU\AppData\Roaming\Mozilla\Firefox\Profiles\5pqug0ww.default-1495786349536 [2023-10-19]
FF user.js: detected! => C:\Users\DUDU\AppData\Roaming\Mozilla\Firefox\Profiles\5pqug0ww.default-1495786349536\user.js [2018-04-26]
FF Homepage: Mozilla\Firefox\Profiles\5pqug0ww.default-1495786349536 -> about:home
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\DUDU\AppData\Roaming\Mozilla\Firefox\Profiles\5pqug0ww.default-1495786349536\Extensions\sp@avast.com.xpi [2019-02-05]
FF Extension: (Avast Online Security & Privacy) - C:\Users\DUDU\AppData\Roaming\Mozilla\Firefox\Profiles\5pqug0ww.default-1495786349536\Extensions\wrc@avast.com.xpi [2023-03-03]
FF Extension: (Hotfix for Firefox bug 1548973 (armagaddon 2.0) mitigation) - C:\Users\DUDU\AppData\Roaming\Mozilla\Firefox\Profiles\5pqug0ww.default-1495786349536\features\{b778c741-f49f-43ff-9953-05c88f58fe91}\hotfix-bug-1548973@mozilla.org.xpi [2020-07-27] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-11-04] [Legacy] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: (PDF Architect 2 Creator) - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-01-24] [Legacy] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-06-16] [Legacy] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\S-1-5-21-2260066265-393213169-1671809853-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: (McAfee Security Scan Plus) - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [Legacy] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_314.dll [2020-01-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.)
FF Plugin-x32: @Diginext.fr/VirtualGeoGP -> C:\Program Files (x86)\VirtualGeo3-GP\WebPlugin\Win32\npQtAPI3DPlugin.dll [2014-03-21] (DIGINEXT)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [2009-05-19] (DivX, Inc)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-04-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-04-03] (Oracle Corporation)
FF Plugin-x32: @ma-config.com/HardwareDetection -> C:\Program Files (x86)\ma-config.com\nphardwaredetection.dll [2011-11-14] (Cybelsoft)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-06-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-06-16] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2260066265-393213169-1671809853-1000: @tools.google.com/Google Update;version=3 -> C:\Users\DUDU\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-2260066265-393213169-1671809853-1000: @tools.google.com/Google Update;version=9 -> C:\Users\DUDU\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [Pas de fichier]
Chrome:
=======
CHR Profile: C:\Users\DUDU\AppData\Local\Google\Chrome\User Data\Default [2023-10-19]
CHR Extension: (Avast Online Security) - C:\Users\DUDU\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-04-08]
CHR Extension: (RealDownloader) - C:\Users\DUDU\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2019-02-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\DUDU\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-03]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-08-25] (Adobe) [Fichier non signé]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-10-27] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-10-27] (AVAST Software s.r.o. -> AVAST Software)
S3 ExpressInvoiceService; C:\Program Files (x86)\NCH Software\ExpressInvoice\expressinvoice.exe [2645216 2017-10-14] (NCH Software -> NCH Software)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Fichier non signé]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Fichier non signé]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Fichier non signé]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-02-28] (Hewlett-Packard Co.) [Fichier non signé]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-02-28] (Hewlett-Packard Co.) [Fichier non signé]
S3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] (Canon Inc. -> )
S3 InstallClick; C:\Program Files (x86)\RIFT Technologies\InstallClick Connector\installclick.exe [149840 2012-04-26] (RIFT Technologies -> )
S3 maconfservice; C:\Program Files (x86)\ma-config.com\maconfservice.exe [311928 2011-11-14] (Cybelsoft -> CybelSoft)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc. -> McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2009-11-12] (Numedia Soft, Inc. -> )
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH -> pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH -> pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] (RealNetworks, Inc. -> )
R2 ServiceSB4; C:\Program Files (x86)\Axaware\SpamBully 4 for Outlook Express\sb4service.exe [585008 2010-06-08] (Axaware LLC -> Axaware)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [2743310 2011-12-25] () [Fichier non signé]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Windows -> Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [486456 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 adpahci; C:\Windows\system32\drivers\adpahci.sys [342584 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 adpu160m; C:\Windows\system32\drivers\adpu160m.sys [126520 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 adpu320; C:\Windows\system32\drivers\adpu320.sys [185912 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 aic78xx; C:\Windows\system32\drivers\djsvs.sys [88168 2006-11-02] (Microsoft Windows -> Adaptec, Inc.)
S4 aliide; C:\Windows\system32\drivers\aliide.sys [15976 2008-01-21] (Microsoft Windows -> Acer Laboratories Inc.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (APOWERSOFT LIMITED -> Wondershare)
S4 arc; C:\Windows\system32\drivers\arc.sys [90680 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
S4 arcsas; C:\Windows\system32\drivers\arcsas.sys [91192 2008-01-21] (Microsoft Windows -> Adaptec, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201240 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230344 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201768 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346592 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59496 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239840 2020-05-22] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46384 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163416 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr.sys [79632 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87432 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028672 2019-05-23] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469272 2019-05-23] (AVAST Software s.r.o. -> AVAST Software)
R3 aswStmXP; C:\Windows\System32\drivers\aswStmXP.sys [188144 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380464 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
S4 cmdide; C:\Windows\system32\drivers\cmdide.sys [18024 2008-01-21] (Microsoft Windows -> CMD Technology, Inc.)
S3 driverhardwarev2x64; C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [16640 2011-07-21] (Cybelsoft -> CybelSoft)
S4 elxstor; C:\Windows\system32\drivers\elxstor.sys [397368 2008-01-21] (Microsoft Windows -> Emulex)
S3 fbxusb; C:\Windows\System32\DRIVERS\fbxusb64.sys [39320 2007-08-27] (Freebox -> FreeBox SA)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-06-13] (GFI Software Development Ltd. -> GFI Software)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2019-02-03] (Glarysoft LTD -> Glarysoft Ltd)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [269824 2006-04-13] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [48640 2009-02-26] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [33280 2006-04-13] (HP)
S4 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [37480 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
S4 iteraid; C:\Windows\system32\drivers\iteraid.sys [37480 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2023-09-29] (Malwarebytes Corporation -> Malwarebytes)
S4 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51816 2006-11-02] (Microsoft Windows -> IBM Corporation)
R0 nvrd64; C:\Windows\System32\drivers\nvrd64.sys [166944 2008-07-21] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; C:\Program Files\PC-Doctor for Windows\PCD5SRVC_x64.pkms [25888 2008-11-05] (PC-Doctor, Inc.) [Fichier non signé]
S4 ql2300; C:\Windows\system32\drivers\ql2300.sys [1221176 2008-01-21] (Microsoft Windows -> QLogic Corporation)
S4 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [124008 2006-11-02] (Microsoft Windows -> QLogic Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit Information Technology -> IObit)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2009-11-12] () [Fichier non signé]
S3 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [7168 2009-11-12] () [Fichier non signé]
S4 uliahci; C:\Windows\system32\drivers\uliahci.sys [284728 2008-01-21] (Microsoft Windows -> ULi Electronics Inc.)
S4 UlSata; C:\Windows\system32\drivers\ulsata.sys [148072 2006-11-02] (Microsoft Windows -> Promise Technology, Inc.)
S4 ulsata2; C:\Windows\system32\drivers\ulsata2.sys [174696 2008-01-21] (Microsoft Windows -> Promise Technology, Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [50688 2010-04-19] (Apple, Inc.) [Fichier non signé]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2008-11-28] (CyberLink -> CyberLink Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 JLTECH0227; System32\Drivers\jl2005c.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-10-19 11:15 - 2023-10-19 11:17 - 060602400 _____ (Piriform Software Ltd) C:\Users\DUDU\Downloads\ccsetup617_pro_trial(3).exe
2023-10-19 10:33 - 2023-10-19 10:33 - 060602400 _____ (Piriform Software Ltd) C:\Users\DUDU\Downloads\ccsetup617_pro_trial(2).exe
2023-10-19 10:24 - 2023-10-19 10:25 - 060602400 _____ (Piriform Software Ltd) C:\Users\DUDU\Downloads\ccsetup617_pro_trial(1).exe
2023-10-19 10:10 - 2023-10-19 10:11 - 060602400 _____ (Piriform Software Ltd) C:\Users\DUDU\Downloads\ccsetup617_pro_trial.exe
2023-10-19 09:27 - 2023-10-19 09:27 - 002383360 _____ (Farbar) C:\Users\DUDU\Downloads\FRST64(5).exe
2023-10-19 09:22 - 2023-10-19 09:22 - 005793080 _____ (Crystal Dew World ) C:\Users\DUDU\Downloads\crystaldiskinfo_9-1-1_fr_306038(1).exe
2023-10-19 09:20 - 2023-10-19 09:20 - 005793080 _____ (Crystal Dew World ) C:\Users\DUDU\Downloads\crystaldiskinfo_9-1-1_fr_306038.exe
2023-10-19 09:16 - 2023-10-19 09:16 - 005793080 _____ (Crystal Dew World ) C:\Users\DUDU\Downloads\crystaldiskinfo-9-1-1.exe
2023-10-19 08:37 - 2023-10-19 08:37 - 001340160 _____ (Solvusoft Corporation) C:\Users\DUDU\Downloads\Setup_FileViewPro_2024.exe
2023-10-17 11:48 - 2023-10-17 11:48 - 000000000 ____D C:\Users\DUDU\AppData\Roaming\pdfforge_GmbH
2023-10-02 15:55 - 2023-10-02 15:55 - 000000000 ____D C:\Users\DUDU\AppData\Local\Adobe
==================== Un mois (modifiés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-10-19 17:01 - 2019-01-31 20:42 - 000000000 ____D C:\FRST
2023-10-19 17:00 - 2017-05-29 18:02 - 000000000 ____D C:\Users\DUDU\AppData\LocalLow\Mozilla
2023-10-19 16:54 - 2009-02-11 17:35 - 000714758 _____ C:\Windows\system32\perfh00C.dat
2023-10-19 16:54 - 2009-02-11 17:35 - 000141878 _____ C:\Windows\system32\perfc00C.dat
2023-10-19 16:54 - 2006-11-02 15:33 - 000000000 ____D C:\Windows\inf
2023-10-19 16:54 - 2006-11-02 14:46 - 001593474 _____ C:\Windows\system32\PerfStringBackup.INI
2023-10-19 16:50 - 2009-05-11 16:55 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-19 16:49 - 2022-02-26 12:34 - 000000000 ____D C:\Users\DUDU\AppData\Roaming\Spamihilator
2023-10-19 16:48 - 2010-05-20 21:46 - 000109640 _____ C:\ProgramData\nvModes.001
2023-10-19 16:48 - 2006-11-02 17:42 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-10-19 16:48 - 2006-11-02 17:22 - 000003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2023-10-19 16:48 - 2006-11-02 17:22 - 000003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2023-10-19 11:50 - 2006-11-02 17:42 - 000032562 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2023-10-19 10:19 - 2015-01-24 13:17 - 000000000 ____D C:\Users\DUDU\AppData\Local\PDFCreator
2023-10-19 10:17 - 2011-10-28 19:00 - 000000000 ____D C:\Users\DUDU\AppData\Local\CrashDumps
2023-10-19 09:35 - 2019-01-31 20:44 - 000057074 _____ C:\Users\DUDU\Downloads\Addition.txt
2023-10-19 09:35 - 2019-01-31 20:42 - 000044209 _____ C:\Users\DUDU\Downloads\FRST.txt
2023-10-19 09:07 - 2010-05-20 21:02 - 000109640 _____ C:\ProgramData\nvModes.dat
2023-10-17 11:55 - 2009-05-11 19:46 - 000000000 ____D C:\Users\DUDU\AppData\Local\Paint.NET
2023-10-17 11:16 - 2017-04-17 22:35 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2023-10-17 11:08 - 2018-10-04 18:53 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2023-10-13 13:34 - 2012-07-05 20:01 - 000000000 ____D C:\Users\DUDU\Documents\accident
2023-10-05 10:13 - 2011-09-05 19:12 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2023-09-30 09:37 - 2015-07-16 07:03 - 000003798 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2023-09-30 09:37 - 2015-07-16 07:03 - 000003670 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2023-09-29 08:13 - 2019-05-28 20:04 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2023-09-27 12:16 - 2015-09-29 18:46 - 000000000 ____D C:\ProgramData\CanonIJPLM
2023-09-25 15:40 - 2010-02-21 17:03 - 000000000 ____D C:\Users\DUDU\AppData\Roaming\vlc
==================== Fichiers à la racine de certains dossiers =======
2013-06-13 18:59 - 2013-06-13 18:59 - 000129536 _____ () C:\Users\Public\AlexaNSISPlugin.4872.dll
2017-11-17 21:04 - 2017-11-17 21:04 - 007649280 _____ () C:\Program Files (x86)\GUT1880.tmp
2010-01-02 17:01 - 2010-01-02 17:01 - 000000019 _____ () C:\Users\DUDU\AppData\Roaming\4e6ef303
2009-10-01 19:16 - 2010-01-02 17:14 - 000005609 ___SH () C:\Users\DUDU\AppData\Roaming\9eeef404684C.manifest
2009-10-01 19:16 - 2010-01-02 17:14 - 000000011 ___SH () C:\Users\DUDU\AppData\Roaming\9eeef404684O.manifest
2009-10-01 19:16 - 2010-01-02 17:14 - 000003025 ___SH () C:\Users\DUDU\AppData\Roaming\9eeef404684P.manifest
2009-10-01 19:16 - 2010-01-02 17:14 - 000000011 ___SH () C:\Users\DUDU\AppData\Roaming\9eeef404684S.manifest
2010-01-02 17:01 - 2010-01-02 17:14 - 000000344 ___SH () C:\Users\DUDU\AppData\Roaming\9eeef404724C.manifest
2010-01-02 17:01 - 2010-01-02 17:13 - 000000079 ___SH () C:\Users\DUDU\AppData\Roaming\9eeef404724O.manifest
2010-01-02 17:01 - 2010-01-02 17:14 - 000002089 ___SH () C:\Users\DUDU\AppData\Roaming\9eeef404724P.manifest
2010-01-02 17:01 - 2010-01-02 17:13 - 000000011 ___SH () C:\Users\DUDU\AppData\Roaming\9eeef404724S.manifest
2010-01-02 17:06 - 2010-01-02 17:06 - 000001372 _____ () C:\Users\DUDU\AppData\Roaming\9llLuT7.vbs
2014-09-01 10:18 - 2014-09-01 10:18 - 000002086 _____ () C:\Users\DUDU\AppData\Roaming\JAUTBY
2015-12-22 10:46 - 2015-12-22 10:54 - 000000115 _____ () C:\Users\DUDU\AppData\Roaming\LogFile.txt
2017-01-05 22:02 - 2017-01-05 22:02 - 000000292 _____ () C:\Users\DUDU\AppData\Roaming\mplex-log.log
2014-09-01 10:18 - 2014-09-01 10:18 - 000001248 _____ () C:\Users\DUDU\AppData\Roaming\OIELWDEM
2010-05-14 10:13 - 2010-05-14 10:13 - 000007859 _____ () C:\Users\DUDU\AppData\Roaming\pcouffin.cat
2010-05-14 10:13 - 2010-05-14 10:13 - 000001167 _____ () C:\Users\DUDU\AppData\Roaming\pcouffin.inf
2010-05-14 10:13 - 2010-05-14 10:13 - 000000055 _____ () C:\Users\DUDU\AppData\Roaming\pcouffin.log
2017-01-05 21:40 - 2017-01-05 22:02 - 000000395 _____ () C:\Users\DUDU\AppData\Roaming\PPTConverter.log
2010-01-02 17:09 - 2010-01-02 17:09 - 000001372 _____ () C:\Users\DUDU\AppData\Roaming\RjcRZozk9m6rk.vbs
2010-01-02 17:14 - 2010-01-02 17:14 - 000001372 _____ () C:\Users\DUDU\AppData\Roaming\t5pLBYh.vbs
2009-11-13 18:55 - 2009-11-13 18:55 - 000026311 _____ () C:\Users\DUDU\AppData\Roaming\UserTile.png
2014-03-10 21:20 - 2014-04-01 18:58 - 000000079 _____ () C:\Users\DUDU\AppData\Roaming\WB.CFG
2016-07-20 21:04 - 2017-01-12 20:40 - 000000398 _____ () C:\Users\DUDU\AppData\Roaming\wklnhst.dat
2010-01-02 17:01 - 2010-01-02 17:01 - 000001372 _____ () C:\Users\DUDU\AppData\Roaming\zAnwR.vbs
2017-04-13 18:59 - 2017-04-13 18:59 - 000000000 ____H () C:\Users\DUDU\AppData\Local\BIT9E90.tmp
2014-04-19 20:07 - 2018-08-21 22:29 - 000008268 _____ () C:\Users\DUDU\AppData\Local\d3d9caps.dat
2009-04-25 13:24 - 2020-04-04 20:07 - 000158720 _____ () C:\Users\DUDU\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-02-10 21:14 - 2021-02-10 21:14 - 000325870 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI0DFE.txt
2018-09-17 19:35 - 2018-09-17 19:35 - 000329994 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI1831.txt
2011-11-01 15:07 - 2011-11-01 15:07 - 000336906 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI1D0E.txt
2011-06-06 19:26 - 2011-06-06 19:26 - 000338960 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI3760.txt
2020-04-08 11:19 - 2020-04-08 11:19 - 000421594 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI45F2.txt
2013-07-04 19:20 - 2013-07-04 19:20 - 000318970 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI597B.txt
2010-01-07 21:26 - 2010-01-07 21:26 - 000325462 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI6466.txt
2010-01-07 21:26 - 2010-01-07 21:26 - 000348790 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI6477.txt
2010-05-06 16:54 - 2010-05-06 16:54 - 000427310 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistMSI660F.txt
2021-02-10 21:13 - 2021-02-10 21:14 - 000012530 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI0DFE.txt
2018-09-17 19:35 - 2018-09-17 19:35 - 000011218 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI1831.txt
2011-11-01 15:07 - 2011-11-01 15:07 - 000014602 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI1D0E.txt
2011-06-06 19:26 - 2011-06-06 19:26 - 000016242 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI3760.txt
2020-04-08 11:19 - 2020-04-08 11:19 - 000011706 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI45F2.txt
2015-02-06 21:13 - 2015-02-06 21:13 - 000014802 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI51B5.txt
2015-02-06 21:13 - 2015-02-06 21:13 - 000015094 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI51C9.txt
2013-07-04 19:20 - 2013-07-04 19:20 - 000011218 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI597B.txt
2010-01-07 21:26 - 2010-01-07 21:26 - 000011234 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI6466.txt
2010-01-07 21:26 - 2010-01-07 21:26 - 000011442 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI6477.txt
2010-05-06 16:54 - 2010-05-06 16:54 - 000011610 _____ () C:\Users\DUDU\AppData\Local\dd_vcredistUI660F.txt
2010-12-23 11:55 - 2010-12-23 11:55 - 000000036 _____ () C:\Users\DUDU\AppData\Local\housecall.guid.cache
2016-12-18 12:02 - 2022-12-15 10:41 - 000004096 ____H () C:\Users\DUDU\AppData\Local\keyfile3.drm
2013-06-17 20:32 - 2013-06-17 20:32 - 000000001 _____ () C:\Users\DUDU\AppData\Local\llftool.4.30.agreement
2014-04-09 19:38 - 2014-04-09 19:38 - 000002701 _____ () C:\Users\DUDU\AppData\Local\recently-used.xbel
2014-04-24 21:38 - 2014-04-24 21:38 - 000000840 _____ () C:\Users\DUDU\AppData\Local\ZHPFixReport.txt
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\dllhost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\dllhost.exe => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2023-10-19 16:53
==================== Fin de FRST.txt ============================