Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11.03.2024
Exécuté par dd (administrateur) sur DD-PC (MSI MS-7850) (12-03-2024 12:51:39)
Exécuté depuis C:\Users\dd\Desktop\FRST64.exe
Profils chargés: dd
Plate-forme: Microsoft Windows 7 Professionnel Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe ->) (AMD) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(C:\Program Files\CyberGhost 8\Dashboard.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.140\msedgewebview2.exe <10>
(C:\Program Files\LibreOffice 5\program\soffice.exe ->) (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice 5\program\soffice.bin
(C:\Program Files\LibreOffice 5\program\swriter.exe ->) (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice 5\program\soffice.exe
(explorer.exe ->) (AMD) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(explorer.exe ->) (Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(explorer.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\dd\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Gadwin, Ltd. -> Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe
(explorer.exe ->) (Google Inc (TEST) -> Epic Privacy Browser) [Fichier non signé] C:\Users\dd\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(explorer.exe ->) (Proton Technologies AG -> ProtonVPN) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe
(explorer.exe ->) (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice 5\program\swriter.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
(services.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe
(services.exe ->) (Intel CASE -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(services.exe ->) (Proton Technologies AG -> ProtonVPN) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(svchost.exe ->) (Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\Creator\FXC_ProxyProcess.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
(taskeng.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(WinZip Computing LLC -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-23] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [124032 2018-04-23] (Corel Corporation -> WinZip Computing)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436416 2018-04-23] (WinZip Computing LLC -> WinZip Computing, S.L.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4110832 2022-07-06] (Opera Norway AS -> Opera Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [f.lux] => C:\Users\dd\AppData\Local\FluxSoftware\Flux\flux.exe [1528952 2024-02-22] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [Gadwin PrintScreen (64-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe [15216928 2017-09-20] (Gadwin, Ltd. -> Gadwin Systems)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD) [Fichier non signé]
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [] => [X]
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [Epic Privacy Browser Installer] => C:\Users\dd\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2023-05-30] (Google Inc (TEST) -> Epic Privacy Browser) [Fichier non signé]
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [8877160 2023-04-17] (Proton Technologies AG -> ProtonVPN)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [GoogleChromeAutoLaunch_2A16E0E14DC832CD71362A42168F8DD2] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3151128 2023-01-24] (Google LLC -> Google LLC)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45018016 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1421560 2024-02-22] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\MountPoints2: G - G:\DVDSetup.exe
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\MountPoints2: {8b23092f-09e2-11e8-b473-f64ac4587453} - G:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2018-02-05] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\Windows\system32\hpinkstsD711LM.dll [383496 2014-12-18] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 4520 series): C:\Windows\system32\HPDiscoPMD711.dll [807432 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [181248 2023-01-01] (pdfforge GmbH) [Fichier non signé]
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\Windows\system32\PEPrinterMonitor.dll [285232 2022-01-26] (Wondershare Technology Co.,Ltd -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-27] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\109.1.47.186\Installer\chrmstp.exe [2023-05-30] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2018-02-07]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [Fichier non signé]
GroupPolicy-Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {72637047-8264-4671-97B8-005A6F02F488} - System32\Tasks\{1693A6EF-1C4B-48C8-88C3-B35ABB95682B} => C:\Windows\system32\pcalua.exe [9728 2019-02-10] (Microsoft Windows -> Microsoft Corporation) -> -a "D:\compil logiciel\PDF Creator v.0.9.3 [GB-FR]\PDFCreator-0_9_3_GPLGhostscript.exe" -d "D:\compil logiciel\PDF Creator v.0.9.3 [GB-FR]"
Task: {EFCF2B7F-B016-460D-8A2A-8CC4D0DEF468} - System32\Tasks\{36CA278C-D9C5-4DA0-BEEE-2EECF10A7709} => C:\Windows\system32\pcalua.exe [9728 2019-02-10] (Microsoft Windows -> Microsoft Corporation) -> -a "D:\compil logiciel\PDF Creator v.0.9.3 [GB-FR]\PDFCreator-0_9_3_GPLGhostscript.exe" -d "D:\compil logiciel\PDF Creator v.0.9.3 [GB-FR]"
Task: {62B4A84C-D57D-4F3E-A3EB-A347C0BA1C03} - System32\Tasks\{53F9C13F-AB7C-44A4-A5F0-45BBC1CA653B} => C:\Windows\system32\pcalua.exe [9728 2019-02-10] (Microsoft Windows -> Microsoft Corporation) -> -a J:\LDPlayer\LDPlayer64\dnuninst.exe
Task: {9F964FCA-8E62-4439-99B1-B8C42219AD7A} - System32\Tasks\{6DC0DB21-31B4-4878-B33F-25DC63FF9F50} => J:\projet BeFinance\LOGICIELS\Office 2016-2019\patch français\OfficeSetup.exe [7497928 2023-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2D50435-7D21-4957-A664-157F82BBD48A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {2664A095-A77D-4490-8992-7AB4729A468A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {AA0A2DD5-43E6-4454-9079-BD4190934A72} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {FEA80CB6-6E71-40BF-807F-140821A137D2} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [333200 2023-12-11] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {D4240CBB-195C-4EFF-80C1-01EFE6790845} - System32\Tasks\Avira_FallbackUpdater => C:\Windows\system32\sc.exe [45056 2009-07-14] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false
Task: {A10AFF2B-97E6-4AFB-80EA-99CFC17EE4DD} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {A10AFF2B-97E6-4AFB-80EA-99CFC17EE4DD} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {A10AFF2B-97E6-4AFB-80EA-99CFC17EE4DD} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {34F71810-ED4D-474E-8A13-F616DC810F8D} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [260832 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {FF83EB73-7F72-4222-B69E-D9805918DF4F} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1825360 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {2D0A11F7-19DD-4D0C-95CA-52478D445582} - System32\Tasks\Avira_Security_Update => C:\Windows\system32\net.exe [55808 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {897F3BDA-2D5A-474B-9690-EBFD4A17DDAA} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [37097112 2023-12-14] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {B7D74C43-3378-48B7-A969-13E6F5EA605E} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{70988E01-CACE-4FB2-B075-6096DBB774CB} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-05-30] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {56171070-9230-46E5-94D5-29B892FA903F} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{D873D107-3CA7-4F08-A399-60A0DB54D45A} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-05-30] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {81231B04-B1DF-44F1-BFA0-EDFA34FA07C9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {FF9A9505-CE0C-47D2-B8AD-0CD83EF37DA5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "935acc50-f226-464c-8e92-8dbca46bfcfe" --version "6.21.10918" --silent
Task: {D5CDCB88-6BB7-48FD-AF2B-BBC3E8751BF0} - System32\Tasks\CCleanerSkipUAC - dd => C:\Program Files\CCleaner\CCleaner.exe [38778272 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {568D4116-D92A-4E28-AF31-64A7CDFD89A1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
Task: {9F93CBFA-11B1-411C-A606-140C5CE95BDC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
Task: {D3102BC9-417B-4E77-8725-ADB42AC5F75A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D3CD6CB-F263-4C54-BFF5-B1A06547BBD0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {736AB4CE-2648-496C-A40D-2579BF9D4AB3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117144 2024-02-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F95277D-5BB6-40F2-B132-9C82721330BA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117144 2024-02-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {109D4CBB-6920-4D30-BA7A-A453D52EBEDE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4373984 2024-02-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {A3968A56-360F-47C5-B07A-5C7FECF5E86A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4373984 2024-02-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {2235E002-5181-4799-9A52-A45111739A6E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CC718F56-4634-47F8-9611-28086F1D85DB} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2024-02-20] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4365D575-2733-422C-853D-469AC0AF0F77} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2024-02-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {D744A55B-4217-4FE1-AFB8-44F2FA591C04} - System32\Tasks\NCH Software\PhotoPadDowngrade => C:\Program Files (x86)\NCH Software\PhotoPad\PhotoPad.exe [7133360 2023-08-21] (NCH Software, Inc. -> NCH Software)
Task: {1125FE4E-70BA-4330-9D54-C6002434910B} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [12607712 2023-04-21] (NCH Software, Inc. -> NCH Software)
Task: {6796E23D-1D5C-43AD-8A68-78B298FF5C2E} - System32\Tasks\Opera scheduled Autoupdate 1529853331 => C:\Program Files\Opera\launcher.exe [2635168 2023-10-30] (Opera Norway AS -> Opera Software)
Task: {D373157D-D279-4887-8523-5F9D1EA88109} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {5D1CD0DD-FEE7-43D8-AA57-867C5062FFA2} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe /update (Pas de fichier) <==== ATTENTION
Task: {CE66503C-9C9A-4656-930F-7A21E26C85C2} - System32\Tasks\VivaldiUpdateCheck-4233ccb750e0b871 => C:\Users\dd\AppData\Local\Vivaldi\Application\update_notifier.exe [3426152 2023-01-25] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
Task: {237CDAC1-EFD3-4262-AFA7-42A5D7CCB256} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-23] (Corel Corporation -> Corel Corporation)
Task: {A0E02CBE-ACB3-4F6B-9147-5FC93C78C950} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-23] (Corel Corporation -> Corel Corporation)
Task: {1418C71E-0193-4E76-9937-420EF2F4F17D} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-23] (Corel Corporation -> Corel Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{285E7193-BEDF-4BDC-9B97-A2755D3840B1}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{B65E3FD9-B850-41F9-8A85-501E66505B1A}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{B65E3FD9-B850-41F9-8A85-501E66505B1A}: [DhcpDomain] lan
Tcpip\..\Interfaces\{F3A0463A-07CB-4519-83F7-5E06F83A765B}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FA81728F-1F39-44E7-9A4D-6CD79871755F}: [DhcpNameServer] 192.168.42.129
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\dd\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-25]
Edge DownloadDir: Default -> J:\x
Edge HomePage: Default -> hxxps://
Edge StartupUrls: Default -> "hxxps://"
Edge DefaultSearchURL: Default -> hxxps://find.fnavigate-now.com/results.aspx?d=020518&n=0670&q={searchTerms}&gd=RD1002792&searchsource=69
Edge DefaultSearchKeyword: Default -> yahoo search
Edge DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
Edge Extension: (Edge relevant text changes) - C:\Users\dd\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-16]
FireFox:
========
FF DefaultProfile: ao8uwsx7.default
FF DefaultProfile: lsayimjg.default
FF DefaultProfile: zromm51n.default
FF DefaultProfile: zvq47xid.default
FF DefaultProfile: q0i40nay.default
FF DefaultProfile: p7ytw0nu.default
FF ProfilePath: C:\Users\dd\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ao8uwsx7.default [2024-03-11]
FF ProfilePath: C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default [2024-03-12]
FF DownloadDir: H:\x
FF Homepage: Mozilla\Firefox\Profiles\lsayimjg.default -> hxxps://www.google.com
FF Notifications: Mozilla\Firefox\Profiles\lsayimjg.default -> hxxps://concours-bdf.vraiforum.com
FF Extension: (ReloadMatic) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\0.id@reloadmatic.webex.xpi [2021-10-05]
FF Extension: (MySessions) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\balyaev@gmail.com.xpi [2023-11-29]
FF Extension: (Flash Video Downloader) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\ductloanphuok@gmail.com.xpi [2020-04-14]
FF Extension: (Boomerang for Gmail) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi [2020-01-04] [UpdateUrl:hxxps://www.boomeranggmail.com/firefox/updates.json]
FF Extension: (User-Agent Switcher) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2022-07-12]
FF Extension: (Tab Auto Refresh) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{7fee47a1-8299-4576-90bf-5fd88d756926}.xpi [2022-07-12]
FF Extension: (Video DownloadHelper) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2024-02-24]
FF Extension: (Web Developer) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2023-05-30]
FF Extension: (IGRAAL : Cashback & codes promo) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{dbac9680-d559-4cd4-9765-059879e8c467}.xpi [2024-03-07]
FF SearchPlugin: C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\searchplugins\Yahoo Search.xml [2023-12-02]
FF ProfilePath: C:\Users\dd\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\zromm51n.default [2024-03-11]
FF ProfilePath: C:\Users\dd\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\zvq47xid.default [2023-05-30]
FF ProfilePath: C:\Users\dd\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\4mirq6sj.default-default [2023-09-06]
FF ProfilePath: C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default [2018-03-22]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-cs@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-de@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (English (US) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-en-US@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Español (España) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-es-ES@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Finnish Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-fi@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Français Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-fr@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Galego (España) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-gl@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Hebrew (IL) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-he@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Magyar (HU) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-hu@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Italiano (IT) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-it@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Japanese Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-ja@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Korean (KR) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-ko@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Nederlands (NL) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-nl@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Polski Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-pl@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Russian (RU) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-ru@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Slovenski jezik Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-sl@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (српски (sr) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-sr@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Svenska (SE) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-sv-SE@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-zh-CN@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-zh-TW@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF ProfilePath: C:\Users\dd\AppData\Roaming\Comodo\IceDragon\Profiles\p7ytw0nu.default [2024-03-11]
FF Extension: (Comodo Online Security) - C:\Users\dd\AppData\Roaming\Comodo\IceDragon\Profiles\p7ytw0nu.default\Extensions\cos@comodo.com.xpi [2019-03-15]
FF Extension: (Https Enforcement) - C:\Users\dd\AppData\Roaming\Comodo\IceDragon\Profiles\p7ytw0nu.default\Extensions\https@comodo.com.xpi [2019-03-15]
FF Extension: (Media Downloader) - C:\Users\dd\AppData\Roaming\Comodo\IceDragon\Profiles\p7ytw0nu.default\Extensions\{5e9eca63-6e0d-47ce-9862-07d938121575}.xpi [2019-03-15] []
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-02-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4128362433-1591382183-1842780436-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4128362433-1591382183-1842780436-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\dd\AppData\Local\Epic Privacy Browser\Installer\1.3.29.13\npEpicUpdate3.dll [2023-05-30] (Google Inc (TEST) -> Epic Privacy Browser) [Fichier non signé]
FF Plugin HKU\S-1-5-21-4128362433-1591382183-1842780436-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\dd\AppData\Local\Epic Privacy Browser\Installer\1.3.29.13\npEpicUpdate3.dll [2023-05-30] (Google Inc (TEST) -> Epic Privacy Browser) [Fichier non signé]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default [2024-03-12]
CHR DownloadDir: H:\logiciel
CHR HomePage: Default -> hxxps://
CHR StartupUrls: Default -> "hxxps://"
CHR DefaultSearchURL: Default -> hxxps://find.fnavigate-now.com/results.aspx?d=020518&n=9998&q={searchTerms}&gd=SY1004294&searchsource=58
CHR DefaultSearchKeyword: Default -> yahoo search
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Avira Password Manager) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-09]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-03-08]
CHR Extension: (Firebug Lite for Google Chrome) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehemiojjcpldeipjhjkepfdaohajpbdo [2019-08-19]
CHR Extension: (AFS) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gckmgjhcejhnfenfbippohhnfjkeaapj [2019-07-08]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-02-22]
CHR Extension: (IGRAAL : Cashback & codes promo) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2024-03-01]
CHR Extension: (CrossPilot) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\migomhggnppjdijnfkiimcpjgnhmnale [2023-09-21]
CHR Extension: (Shazam : le nom des chansons en un clic) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-02-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Bypass Paywalls Clean) - J:\projet BeFinance\tuto\hack journaux\hack WSJ\bypass-paywalls-chrome-clean-master\bypass-paywalls-chrome-clean-master [2023-09-06] [UpdateUrl:hxxps://gitlab.com/magnolia1234/bypass-paywalls-chrome-clean/-/raw/master/updates.xml] <==== ATTENTION
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
Opera:
=======
OPR Profile: C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable [2024-03-12]
OPR DownloadDir: J:\x
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2024-01-14]
OPR Extension: (Opera Wallet) - C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-11-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-02]
OPR Extension: (Amazon Assistant pour Opera) - C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2023-03-30]
Brave:
=======
BRA Profile: C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-03-11]
BRA DownloadDir: J:\data
BRA Extension: (Avira Password Manager) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-12]
BRA Extension: (Protection Web Avira) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-05-30]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2024-03-11]
BRA Extension: (Brave NTP background images) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-02-02]
BRA Extension: (Wallet Data Files Updater) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2024-03-11]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2024-03-11]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-09-07]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-09-07]
BRA Extension: (Brave Ad Block Updater (AdGuard Français (plaintext))) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\flnkmpokemfpaajmiimmjeiandgoodgg [2024-03-10]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2024-03-10]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2024-03-11]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-09-06]
BRA Extension: (Brave NTP sponsored images) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2024-03-11]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-01-26]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-10-25]
Vivaldi:
=======
VIV Profile: C:\Users\dd\AppData\Local\Vivaldi\User Data\Default [2023-12-06]
VIV Extension: (Avira Password Manager) - C:\Users\dd\AppData\Local\Vivaldi\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-05-27]
VIV Extension: (Protection Web Avira) - C:\Users\dd\AppData\Local\Vivaldi\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-05-27]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2018-02-07] () [Fichier non signé]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6782232 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [389096 2023-09-06] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [268600 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [298400 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-05-30] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-05-30] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11139576 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
R2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [82680 2024-02-22] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [26512 2023-07-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8930944 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8930944 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-10-10] (Mixbyte Inc -> Freemake)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-02-21] (Intel CASE -> )
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [402024 2023-04-17] (Proton Technologies AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [328808 2023-04-17] (Proton Technologies AG -> ProtonVPN)
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.27\bin\httpd.exe [29184 2017-07-07] (Apache Software Foundation) [Fichier non signé]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.2.8\bin\mysqld.exe [14545920 2017-08-17] () [Fichier non signé]
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.19\bin\mysqld.exe [39496704 2017-06-22] () [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\109.1.47.186\elevation_service.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1542656 2009-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R0 BdNet; C:\Windows\System32\DRIVERS\BdNet.sys [180360 2022-12-20] (BullGuard LTD -> BullGuard Ltd.)
R1 BdSentry; C:\Windows\System32\DRIVERS\BdSentry.sys [219448 2023-02-01] (BullGuard LTD -> Avira Operations GmbH)
R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [319376 2021-08-14] (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
R1 netprotection_network_filter; C:\Windows\System32\drivers\netprotection_network_filter.sys [92416 2022-12-15] (Avira Operations GmbH -> Avira Operations GmbH)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [39448 2021-08-19] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win7\ProtonVPN.CalloutDriver.sys [25824 2023-04-17] (Proton Technologies AG -> Proton Technologies AG)
R2 rtp_filesystem_filter; C:\Windows\System32\DRIVERS\rtp_filesystem_filter.sys [230408 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_process_monitor; C:\Windows\System32\DRIVERS\rtp_process_monitor.sys [224512 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\Windows\System32\DRIVERS\rtp_traverse.sys [62632 2022-12-16] (Avira Operations GmbH -> Avira Operations GmbH)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [41792 2021-06-13] (nordvpn s.a. -> The OpenVPN Project)
R3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [39696 2020-12-30] (Proton Technologies AG -> The OpenVPN Project)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 wintun; C:\Windows\System32\DRIVERS\wintun.sys [29680 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\DRIVERS\wireguard.sys [489368 2023-06-02] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-03-12 12:51 - 2024-03-12 12:52 - 000050336 _____ C:\Users\dd\Desktop\FRST.txt
2024-03-12 12:51 - 2024-03-12 12:51 - 000000000 ____D C:\FRST
2024-03-12 12:47 - 2024-03-12 12:48 - 000000000 ____D C:\Users\dd\Desktop\bordel
2024-03-12 12:46 - 2024-03-12 12:47 - 002390528 _____ (Farbar) C:\Users\dd\Desktop\FRST64.exe
2024-03-11 17:34 - 2024-03-11 17:35 - 096273120 _____ (Facebook, Inc.) C:\Users\dd\Downloads\Messenger.206.0.0.8.218 (1).exe
2024-03-11 11:45 - 2024-03-11 11:45 - 000000000 ____D C:\Users\dd\AppData\Roaming\Microsoft\QuickStyles
2024-03-10 20:59 - 2024-03-10 21:00 - 096273120 _____ (Facebook, Inc.) C:\Users\dd\Downloads\Messenger.206.0.0.8.218.exe
2024-03-09 22:51 - 2024-03-11 19:19 - 000000000 ____D C:\Users\dd\AppData\Roaming\GoLogin
2024-03-09 22:51 - 2024-03-09 22:51 - 000002154 _____ C:\Users\dd\Desktop\GoLogin.lnk
2024-03-09 22:51 - 2024-03-09 22:51 - 000000000 ____D C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoLogin
2024-03-08 14:03 - 2024-03-08 14:03 - 000283357 _____ C:\Users\dd\Downloads\retroactivite-complementaire-sante-solidaire-lettre-ministerielle.pdf
2024-02-25 11:13 - 2024-02-25 11:13 - 000002263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-25 11:13 - 2024-02-25 11:13 - 000002222 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-02-22 13:29 - 2024-02-22 13:29 - 000003670 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupVerify
2024-02-20 22:58 - 2024-02-22 10:28 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-02-20 19:02 - 2024-02-20 19:02 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise.lnk
2024-02-20 19:02 - 2024-02-20 19:02 - 000002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2024-02-20 19:02 - 2024-02-20 19:02 - 000002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2024-02-20 19:02 - 2024-02-20 19:02 - 000002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2024-02-20 19:02 - 2024-02-20 19:02 - 000002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2024-02-20 19:02 - 2024-02-20 19:02 - 000002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2024-02-20 19:02 - 2024-02-20 19:02 - 000002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2024-02-20 19:02 - 2024-02-20 19:02 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2024-02-20 19:02 - 2024-02-20 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2024-02-20 18:35 - 2024-02-20 18:35 - 000000000 ____D C:\Program Files\maxthon6896_2042940491
2024-02-20 14:08 - 2024-02-20 14:08 - 000000000 ____D C:\Users\dd\Documents\Modèles Office personnalisés
2024-02-20 13:57 - 2024-02-20 19:04 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-20 13:56 - 2024-02-20 13:56 - 000000000 ____D C:\Program Files\Microsoft Office 15
2024-02-19 12:06 - 2024-02-19 12:06 - 000000000 ____D C:\Users\dd\Documents\EViews User Objects
2024-02-19 12:06 - 2024-02-19 12:06 - 000000000 ____D C:\Users\dd\Documents\EViews Addins
2024-02-19 12:05 - 2024-03-10 15:50 - 000000000 ____D C:\Users\dd\AppData\ev_temp
2024-02-19 12:05 - 2024-02-19 12:05 - 000001696 _____ C:\Users\Public\Desktop\EViews 12 SV (x64).lnk
2024-02-19 12:05 - 2024-02-19 12:05 - 000001657 _____ C:\Users\dd\Documents\EViews Example Files.lnk
2024-02-19 12:05 - 2024-02-19 12:05 - 000000000 ____D C:\Users\dd\AppData\Roaming\InstallShield Installation Information
2024-02-19 12:05 - 2024-02-19 12:05 - 000000000 ____D C:\Users\dd\AppData\Roaming\IHS EViews
2024-02-19 12:05 - 2024-02-19 12:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EViews 12 SV
2024-02-19 12:05 - 2024-02-19 12:05 - 000000000 ____D C:\ProgramData\IHS EViews
2024-02-19 12:05 - 2024-02-19 12:05 - 000000000 ____D C:\Program Files\EViews 12 SV
2024-02-18 12:29 - 2024-02-18 12:33 - 000000000 ____D C:\Users\dd\AppData\Local\UPDF
2024-02-18 12:29 - 2024-02-18 12:29 - 000000000 ____D C:\Users\Public\AppData\Local\UPDF
2024-02-18 12:29 - 2024-02-18 12:29 - 000000000 ____D C:\Users\dd\AppData\Local\WebView
2024-02-18 12:28 - 2024-02-18 12:34 - 000000000 ____D C:\Program Files (x86)\UPDF
2024-02-18 12:26 - 2024-02-18 12:29 - 000000000 ____D C:\Users\dd\AppData\Local\UPDFSetup
2024-02-18 12:26 - 2024-02-18 12:26 - 000000000 ____D C:\Program Files (x86)\UPDF_Win
2024-02-13 18:05 - 2024-02-13 18:05 - 000055272 _____ C:\Users\dd\Downloads\o069230801164244-e-gestionnaire-administratif-12603.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-03-12 12:51 - 2009-07-14 05:45 - 000025792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2024-03-12 12:51 - 2009-07-14 05:45 - 000025792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2024-03-12 12:31 - 2018-02-04 20:46 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-12 10:37 - 2009-07-14 16:24 - 000747644 _____ C:\Windows\system32\perfh00C.dat
2024-03-12 10:37 - 2009-07-14 16:24 - 000150168 _____ C:\Windows\system32\perfc00C.dat
2024-03-12 10:37 - 2009-07-14 06:13 - 001669584 _____ C:\Windows\system32\PerfStringBackup.INI
2024-03-12 10:37 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2024-03-12 10:34 - 2024-02-05 17:19 - 000000000 ____D C:\Users\dd\AppData\Local\CyberGhost
2024-03-12 10:34 - 2023-12-03 10:07 - 000000000 ____D C:\Program Files\CCleaner
2024-03-12 10:34 - 2022-09-06 23:07 - 000000000 ____D C:\Users\dd\AppData\Local\Epic Privacy Browser
2024-03-12 10:32 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-03-11 23:43 - 2022-06-29 15:05 - 004948856 _____ C:\Windows\system32\rtp.db
2024-03-11 18:53 - 2018-02-05 11:13 - 000000000 ____D C:\Users\dd\AppData\Roaming\vlc
2024-03-11 17:48 - 2018-02-05 23:47 - 000000000 ____D C:\Users\dd\AppData\Local\CrashDumps
2024-03-11 17:33 - 2018-02-04 20:36 - 000000000 ___SD C:\Users\dd\AppData\Roaming\Microsoft\Credentials
2024-03-11 14:49 - 2023-11-05 11:39 - 000000000 ____D C:\Users\dd\AppData\Roaming\HandBrake
2024-03-11 11:43 - 2018-02-05 12:40 - 000000000 ____D C:\Users\dd\AppData\Roaming\Microsoft\Excel
2024-03-10 22:49 - 2018-02-05 12:59 - 000000000 ____D C:\Users\dd\AppData\Roaming\Microsoft\Word
2024-03-09 23:24 - 2019-01-31 00:11 - 000000000 ____D C:\ProgramData\Mozilla
2024-03-09 23:24 - 2018-02-05 10:51 - 000000000 ____D C:\Users\dd\AppData\LocalLow\Mozilla
2024-03-09 16:03 - 2018-02-07 13:22 - 000000000 ____D C:\Users\dd\AppData\Roaming\Adobe
2024-03-09 16:03 - 2018-02-07 13:22 - 000000000 ____D C:\ProgramData\Adobe
2024-03-09 15:49 - 2023-05-10 09:41 - 000000000 ____D C:\Windows\system32\Tasks\NCH Software
2024-03-08 10:08 - 2023-12-03 10:08 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-03-07 12:57 - 2018-07-19 11:25 - 000002065 _____ C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2024-03-05 22:38 - 2021-10-19 09:30 - 000003590 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-05 22:38 - 2021-10-19 09:30 - 000003462 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-05 10:30 - 2023-05-10 11:27 - 000000000 ____D C:\Users\dd\AppData\Roaming\Bandicam Company
2024-03-03 10:28 - 2009-07-14 06:08 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2024-02-29 14:03 - 2019-02-12 10:26 - 000000000 ____D C:\Users\dd\Downloads\captures
2024-02-28 09:30 - 2024-02-05 17:19 - 000000000 ____D C:\Program Files\CyberGhost 8
2024-02-25 19:46 - 2022-10-11 16:33 - 000002019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2024-02-25 11:34 - 2023-04-26 12:27 - 000000000 ____D C:\Users\dd\AppData\Roaming\avidemux
2024-02-24 22:27 - 2021-05-26 16:36 - 000000000 ____D C:\Users\dd\AppData\Local\Windows Live
2024-02-22 10:28 - 2018-02-05 10:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-02-21 10:03 - 2021-10-09 14:16 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2024-02-20 19:01 - 2018-02-05 12:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-02-20 18:40 - 2023-11-16 15:37 - 000000000 ____D C:\Users\dd\dwhelper
2024-02-20 18:37 - 2023-11-04 16:33 - 000000000 ____D C:\Program Files (x86)\Digiarty
2024-02-20 18:35 - 2018-02-04 20:49 - 000154520 _____ C:\Users\dd\AppData\Local\GDIPFONTCACHEV1.DAT
2024-02-20 18:32 - 2009-07-14 05:45 - 000570992 _____ C:\Windows\system32\FNTCACHE.DAT
2024-02-20 18:22 - 2009-07-14 16:35 - 000000000 ____D C:\Windows\ShellNew
2024-02-20 18:22 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-02-20 18:21 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2024-02-20 14:00 - 2018-10-19 21:12 - 000000000 ____D C:\Users\dd\AppData\Roaming\Skype
2024-02-20 00:05 - 2023-05-12 23:10 - 000000000 ____D C:\Users\dd\AppData\Roaming\Microsoft\PowerPoint
2024-02-19 23:53 - 2023-05-12 17:42 - 000000000 ____D C:\Windows\AAct_Tools
2024-02-19 22:45 - 2023-05-27 09:17 - 000000000 ____D C:\Program Files (x86)\SeaMonkey
2024-02-19 12:05 - 2018-02-05 12:40 - 000000000 ____D C:\Users\dd\AppData\Roaming\Microsoft\AddIns
2024-02-16 14:32 - 2022-02-07 22:12 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-02-16 14:23 - 2023-12-03 10:08 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-02-16 14:23 - 2023-12-03 10:08 - 000003246 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-02-11 16:25 - 2018-02-04 20:55 - 000000000 ____D C:\Users\dd\AppData\Local\ElevatedDiagnostics
==================== Fichiers à la racine de certains dossiers ========
2023-05-09 10:55 - 2023-05-10 18:19 - 000000116 _____ () C:\Users\dd\AppData\Roaming\Camdata.ini
2023-05-09 10:55 - 2023-05-10 18:19 - 000000408 _____ () C:\Users\dd\AppData\Roaming\CamLayout.ini
2023-05-09 10:55 - 2023-05-10 18:19 - 000000408 _____ () C:\Users\dd\AppData\Roaming\CamShapes.ini
2023-05-09 10:55 - 2023-05-10 10:43 - 000004535 _____ () C:\Users\dd\AppData\Roaming\CamStudio.cfg
2021-06-23 10:32 - 2021-06-23 10:32 - 000000068 _____ () C:\Users\dd\AppData\Roaming\changzhi_leidian.data
2021-08-11 20:12 - 2021-08-11 20:12 - 000000154 _____ () C:\Users\dd\AppData\Roaming\changzhi_leidianmac.data
2023-05-11 16:26 - 2023-05-11 16:46 - 000001005 _____ () C:\Users\dd\AppData\Roaming\mplex-log.log
2023-05-11 16:25 - 2023-05-11 16:48 - 000002407 _____ () C:\Users\dd\AppData\Roaming\PPTConverter.log
2023-05-09 10:52 - 2023-05-10 10:45 - 000000377 _____ () C:\Users\dd\AppData\Roaming\version2.xml
2023-11-19 18:12 - 2023-11-19 18:13 - 001010015 _____ () C:\Users\dd\AppData\Roaming\VideoPad.dmp
2021-01-25 00:38 - 2023-09-07 11:34 - 000007680 _____ () C:\Users\dd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-08-17 19:22 - 2020-08-17 19:22 - 000004096 ____H () C:\Users\dd\AppData\Local\keyfile3.drm
2022-09-07 00:35 - 2022-09-07 00:35 - 000007629 _____ () C:\Users\dd\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2024-03-07 14:58
==================== Fin de FRST.txt ========================
Exécuté par dd (administrateur) sur DD-PC (MSI MS-7850) (12-03-2024 12:51:39)
Exécuté depuis C:\Users\dd\Desktop\FRST64.exe
Profils chargés: dd
Plate-forme: Microsoft Windows 7 Professionnel Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe ->) (AMD) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(C:\Program Files\CyberGhost 8\Dashboard.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.140\msedgewebview2.exe <10>
(C:\Program Files\LibreOffice 5\program\soffice.exe ->) (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice 5\program\soffice.bin
(C:\Program Files\LibreOffice 5\program\swriter.exe ->) (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice 5\program\soffice.exe
(explorer.exe ->) (AMD) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(explorer.exe ->) (Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(explorer.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\dd\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Gadwin, Ltd. -> Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe
(explorer.exe ->) (Google Inc (TEST) -> Epic Privacy Browser) [Fichier non signé] C:\Users\dd\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(explorer.exe ->) (Proton Technologies AG -> ProtonVPN) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe
(explorer.exe ->) (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice 5\program\swriter.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
(services.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe
(services.exe ->) (Intel CASE -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(services.exe ->) (Proton Technologies AG -> ProtonVPN) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(svchost.exe ->) (Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\Creator\FXC_ProxyProcess.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
(taskeng.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(WinZip Computing LLC -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-23] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [124032 2018-04-23] (Corel Corporation -> WinZip Computing)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436416 2018-04-23] (WinZip Computing LLC -> WinZip Computing, S.L.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4110832 2022-07-06] (Opera Norway AS -> Opera Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [f.lux] => C:\Users\dd\AppData\Local\FluxSoftware\Flux\flux.exe [1528952 2024-02-22] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [Gadwin PrintScreen (64-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe [15216928 2017-09-20] (Gadwin, Ltd. -> Gadwin Systems)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD) [Fichier non signé]
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [] => [X]
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [Epic Privacy Browser Installer] => C:\Users\dd\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2023-05-30] (Google Inc (TEST) -> Epic Privacy Browser) [Fichier non signé]
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [8877160 2023-04-17] (Proton Technologies AG -> ProtonVPN)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [GoogleChromeAutoLaunch_2A16E0E14DC832CD71362A42168F8DD2] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3151128 2023-01-24] (Google LLC -> Google LLC)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45018016 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1421560 2024-02-22] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\MountPoints2: G - G:\DVDSetup.exe
HKU\S-1-5-21-4128362433-1591382183-1842780436-1000\...\MountPoints2: {8b23092f-09e2-11e8-b473-f64ac4587453} - G:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2018-02-05] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\Windows\system32\hpinkstsD711LM.dll [383496 2014-12-18] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 4520 series): C:\Windows\system32\HPDiscoPMD711.dll [807432 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [181248 2023-01-01] (pdfforge GmbH) [Fichier non signé]
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\Windows\system32\PEPrinterMonitor.dll [285232 2022-01-26] (Wondershare Technology Co.,Ltd -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-27] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\109.1.47.186\Installer\chrmstp.exe [2023-05-30] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2018-02-07]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [Fichier non signé]
GroupPolicy-Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {72637047-8264-4671-97B8-005A6F02F488} - System32\Tasks\{1693A6EF-1C4B-48C8-88C3-B35ABB95682B} => C:\Windows\system32\pcalua.exe [9728 2019-02-10] (Microsoft Windows -> Microsoft Corporation) -> -a "D:\compil logiciel\PDF Creator v.0.9.3 [GB-FR]\PDFCreator-0_9_3_GPLGhostscript.exe" -d "D:\compil logiciel\PDF Creator v.0.9.3 [GB-FR]"
Task: {EFCF2B7F-B016-460D-8A2A-8CC4D0DEF468} - System32\Tasks\{36CA278C-D9C5-4DA0-BEEE-2EECF10A7709} => C:\Windows\system32\pcalua.exe [9728 2019-02-10] (Microsoft Windows -> Microsoft Corporation) -> -a "D:\compil logiciel\PDF Creator v.0.9.3 [GB-FR]\PDFCreator-0_9_3_GPLGhostscript.exe" -d "D:\compil logiciel\PDF Creator v.0.9.3 [GB-FR]"
Task: {62B4A84C-D57D-4F3E-A3EB-A347C0BA1C03} - System32\Tasks\{53F9C13F-AB7C-44A4-A5F0-45BBC1CA653B} => C:\Windows\system32\pcalua.exe [9728 2019-02-10] (Microsoft Windows -> Microsoft Corporation) -> -a J:\LDPlayer\LDPlayer64\dnuninst.exe
Task: {9F964FCA-8E62-4439-99B1-B8C42219AD7A} - System32\Tasks\{6DC0DB21-31B4-4878-B33F-25DC63FF9F50} => J:\projet BeFinance\LOGICIELS\Office 2016-2019\patch français\OfficeSetup.exe [7497928 2023-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2D50435-7D21-4957-A664-157F82BBD48A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {2664A095-A77D-4490-8992-7AB4729A468A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {AA0A2DD5-43E6-4454-9079-BD4190934A72} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {FEA80CB6-6E71-40BF-807F-140821A137D2} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [333200 2023-12-11] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {D4240CBB-195C-4EFF-80C1-01EFE6790845} - System32\Tasks\Avira_FallbackUpdater => C:\Windows\system32\sc.exe [45056 2009-07-14] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false
Task: {A10AFF2B-97E6-4AFB-80EA-99CFC17EE4DD} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {A10AFF2B-97E6-4AFB-80EA-99CFC17EE4DD} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {A10AFF2B-97E6-4AFB-80EA-99CFC17EE4DD} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {34F71810-ED4D-474E-8A13-F616DC810F8D} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [260832 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {FF83EB73-7F72-4222-B69E-D9805918DF4F} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1825360 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {2D0A11F7-19DD-4D0C-95CA-52478D445582} - System32\Tasks\Avira_Security_Update => C:\Windows\system32\net.exe [55808 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {897F3BDA-2D5A-474B-9690-EBFD4A17DDAA} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [37097112 2023-12-14] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {B7D74C43-3378-48B7-A969-13E6F5EA605E} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{70988E01-CACE-4FB2-B075-6096DBB774CB} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-05-30] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {56171070-9230-46E5-94D5-29B892FA903F} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{D873D107-3CA7-4F08-A399-60A0DB54D45A} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-05-30] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {81231B04-B1DF-44F1-BFA0-EDFA34FA07C9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {FF9A9505-CE0C-47D2-B8AD-0CD83EF37DA5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "935acc50-f226-464c-8e92-8dbca46bfcfe" --version "6.21.10918" --silent
Task: {D5CDCB88-6BB7-48FD-AF2B-BBC3E8751BF0} - System32\Tasks\CCleanerSkipUAC - dd => C:\Program Files\CCleaner\CCleaner.exe [38778272 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {568D4116-D92A-4E28-AF31-64A7CDFD89A1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
Task: {9F93CBFA-11B1-411C-A606-140C5CE95BDC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
Task: {D3102BC9-417B-4E77-8725-ADB42AC5F75A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D3CD6CB-F263-4C54-BFF5-B1A06547BBD0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {736AB4CE-2648-496C-A40D-2579BF9D4AB3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117144 2024-02-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F95277D-5BB6-40F2-B132-9C82721330BA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117144 2024-02-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {109D4CBB-6920-4D30-BA7A-A453D52EBEDE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4373984 2024-02-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {A3968A56-360F-47C5-B07A-5C7FECF5E86A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4373984 2024-02-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {2235E002-5181-4799-9A52-A45111739A6E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CC718F56-4634-47F8-9611-28086F1D85DB} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2024-02-20] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4365D575-2733-422C-853D-469AC0AF0F77} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2024-02-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {D744A55B-4217-4FE1-AFB8-44F2FA591C04} - System32\Tasks\NCH Software\PhotoPadDowngrade => C:\Program Files (x86)\NCH Software\PhotoPad\PhotoPad.exe [7133360 2023-08-21] (NCH Software, Inc. -> NCH Software)
Task: {1125FE4E-70BA-4330-9D54-C6002434910B} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [12607712 2023-04-21] (NCH Software, Inc. -> NCH Software)
Task: {6796E23D-1D5C-43AD-8A68-78B298FF5C2E} - System32\Tasks\Opera scheduled Autoupdate 1529853331 => C:\Program Files\Opera\launcher.exe [2635168 2023-10-30] (Opera Norway AS -> Opera Software)
Task: {D373157D-D279-4887-8523-5F9D1EA88109} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {5D1CD0DD-FEE7-43D8-AA57-867C5062FFA2} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe /update (Pas de fichier) <==== ATTENTION
Task: {CE66503C-9C9A-4656-930F-7A21E26C85C2} - System32\Tasks\VivaldiUpdateCheck-4233ccb750e0b871 => C:\Users\dd\AppData\Local\Vivaldi\Application\update_notifier.exe [3426152 2023-01-25] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
Task: {237CDAC1-EFD3-4262-AFA7-42A5D7CCB256} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-23] (Corel Corporation -> Corel Corporation)
Task: {A0E02CBE-ACB3-4F6B-9147-5FC93C78C950} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-23] (Corel Corporation -> Corel Corporation)
Task: {1418C71E-0193-4E76-9937-420EF2F4F17D} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-04-23] (Corel Corporation -> Corel Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{285E7193-BEDF-4BDC-9B97-A2755D3840B1}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{B65E3FD9-B850-41F9-8A85-501E66505B1A}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{B65E3FD9-B850-41F9-8A85-501E66505B1A}: [DhcpDomain] lan
Tcpip\..\Interfaces\{F3A0463A-07CB-4519-83F7-5E06F83A765B}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FA81728F-1F39-44E7-9A4D-6CD79871755F}: [DhcpNameServer] 192.168.42.129
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\dd\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-25]
Edge DownloadDir: Default -> J:\x
Edge HomePage: Default -> hxxps://
Edge StartupUrls: Default -> "hxxps://"
Edge DefaultSearchURL: Default -> hxxps://find.fnavigate-now.com/results.aspx?d=020518&n=0670&q={searchTerms}&gd=RD1002792&searchsource=69
Edge DefaultSearchKeyword: Default -> yahoo search
Edge DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
Edge Extension: (Edge relevant text changes) - C:\Users\dd\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-16]
FireFox:
========
FF DefaultProfile: ao8uwsx7.default
FF DefaultProfile: lsayimjg.default
FF DefaultProfile: zromm51n.default
FF DefaultProfile: zvq47xid.default
FF DefaultProfile: q0i40nay.default
FF DefaultProfile: p7ytw0nu.default
FF ProfilePath: C:\Users\dd\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ao8uwsx7.default [2024-03-11]
FF ProfilePath: C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default [2024-03-12]
FF DownloadDir: H:\x
FF Homepage: Mozilla\Firefox\Profiles\lsayimjg.default -> hxxps://www.google.com
FF Notifications: Mozilla\Firefox\Profiles\lsayimjg.default -> hxxps://concours-bdf.vraiforum.com
FF Extension: (ReloadMatic) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\0.id@reloadmatic.webex.xpi [2021-10-05]
FF Extension: (MySessions) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\balyaev@gmail.com.xpi [2023-11-29]
FF Extension: (Flash Video Downloader) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\ductloanphuok@gmail.com.xpi [2020-04-14]
FF Extension: (Boomerang for Gmail) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi [2020-01-04] [UpdateUrl:hxxps://www.boomeranggmail.com/firefox/updates.json]
FF Extension: (User-Agent Switcher) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2022-07-12]
FF Extension: (Tab Auto Refresh) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{7fee47a1-8299-4576-90bf-5fd88d756926}.xpi [2022-07-12]
FF Extension: (Video DownloadHelper) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2024-02-24]
FF Extension: (Web Developer) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2023-05-30]
FF Extension: (IGRAAL : Cashback & codes promo) - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\Extensions\{dbac9680-d559-4cd4-9765-059879e8c467}.xpi [2024-03-07]
FF SearchPlugin: C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\lsayimjg.default\searchplugins\Yahoo Search.xml [2023-12-02]
FF ProfilePath: C:\Users\dd\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\zromm51n.default [2024-03-11]
FF ProfilePath: C:\Users\dd\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\zvq47xid.default [2023-05-30]
FF ProfilePath: C:\Users\dd\AppData\Roaming\FlashPeak\SlimBrowser\Profiles\4mirq6sj.default-default [2023-09-06]
FF ProfilePath: C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default [2018-03-22]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-cs@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-de@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (English (US) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-en-US@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Español (España) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-es-ES@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Finnish Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-fi@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Français Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-fr@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Galego (España) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-gl@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Hebrew (IL) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-he@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Magyar (HU) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-hu@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Italiano (IT) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-it@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Japanese Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-ja@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Korean (KR) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-ko@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Nederlands (NL) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-nl@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Polski Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-pl@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Russian (RU) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-ru@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Slovenski jezik Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-sl@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (српски (sr) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-sr@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Svenska (SE) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-sv-SE@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-zh-CN@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\dd\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\q0i40nay.default\Extensions\langpack-zh-TW@bluegriffon.org.xpi [2018-03-22] [] [non signé]
FF ProfilePath: C:\Users\dd\AppData\Roaming\Comodo\IceDragon\Profiles\p7ytw0nu.default [2024-03-11]
FF Extension: (Comodo Online Security) - C:\Users\dd\AppData\Roaming\Comodo\IceDragon\Profiles\p7ytw0nu.default\Extensions\cos@comodo.com.xpi [2019-03-15]
FF Extension: (Https Enforcement) - C:\Users\dd\AppData\Roaming\Comodo\IceDragon\Profiles\p7ytw0nu.default\Extensions\https@comodo.com.xpi [2019-03-15]
FF Extension: (Media Downloader) - C:\Users\dd\AppData\Roaming\Comodo\IceDragon\Profiles\p7ytw0nu.default\Extensions\{5e9eca63-6e0d-47ce-9862-07d938121575}.xpi [2019-03-15] []
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-02-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4128362433-1591382183-1842780436-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4128362433-1591382183-1842780436-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\dd\AppData\Local\Epic Privacy Browser\Installer\1.3.29.13\npEpicUpdate3.dll [2023-05-30] (Google Inc (TEST) -> Epic Privacy Browser) [Fichier non signé]
FF Plugin HKU\S-1-5-21-4128362433-1591382183-1842780436-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\dd\AppData\Local\Epic Privacy Browser\Installer\1.3.29.13\npEpicUpdate3.dll [2023-05-30] (Google Inc (TEST) -> Epic Privacy Browser) [Fichier non signé]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default [2024-03-12]
CHR DownloadDir: H:\logiciel
CHR HomePage: Default -> hxxps://
CHR StartupUrls: Default -> "hxxps://"
CHR DefaultSearchURL: Default -> hxxps://find.fnavigate-now.com/results.aspx?d=020518&n=9998&q={searchTerms}&gd=SY1004294&searchsource=58
CHR DefaultSearchKeyword: Default -> yahoo search
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Avira Password Manager) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-09]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-03-08]
CHR Extension: (Firebug Lite for Google Chrome) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehemiojjcpldeipjhjkepfdaohajpbdo [2019-08-19]
CHR Extension: (AFS) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gckmgjhcejhnfenfbippohhnfjkeaapj [2019-07-08]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-02-22]
CHR Extension: (IGRAAL : Cashback & codes promo) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2024-03-01]
CHR Extension: (CrossPilot) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\migomhggnppjdijnfkiimcpjgnhmnale [2023-09-21]
CHR Extension: (Shazam : le nom des chansons en un clic) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-02-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Bypass Paywalls Clean) - J:\projet BeFinance\tuto\hack journaux\hack WSJ\bypass-paywalls-chrome-clean-master\bypass-paywalls-chrome-clean-master [2023-09-06] [UpdateUrl:hxxps://gitlab.com/magnolia1234/bypass-paywalls-chrome-clean/-/raw/master/updates.xml] <==== ATTENTION
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
Opera:
=======
OPR Profile: C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable [2024-03-12]
OPR DownloadDir: J:\x
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2024-01-14]
OPR Extension: (Opera Wallet) - C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-11-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-02]
OPR Extension: (Amazon Assistant pour Opera) - C:\Users\dd\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2023-03-30]
Brave:
=======
BRA Profile: C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-03-11]
BRA DownloadDir: J:\data
BRA Extension: (Avira Password Manager) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-12]
BRA Extension: (Protection Web Avira) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-05-30]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2024-03-11]
BRA Extension: (Brave NTP background images) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-02-02]
BRA Extension: (Wallet Data Files Updater) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2024-03-11]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2024-03-11]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-09-07]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-09-07]
BRA Extension: (Brave Ad Block Updater (AdGuard Français (plaintext))) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\flnkmpokemfpaajmiimmjeiandgoodgg [2024-03-10]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2024-03-10]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2024-03-11]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-09-06]
BRA Extension: (Brave NTP sponsored images) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2024-03-11]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-01-26]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\dd\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-10-25]
Vivaldi:
=======
VIV Profile: C:\Users\dd\AppData\Local\Vivaldi\User Data\Default [2023-12-06]
VIV Extension: (Avira Password Manager) - C:\Users\dd\AppData\Local\Vivaldi\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-05-27]
VIV Extension: (Protection Web Avira) - C:\Users\dd\AppData\Local\Vivaldi\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-05-27]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2018-02-07] () [Fichier non signé]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6782232 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [389096 2023-09-06] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [268600 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [298400 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-05-30] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-05-30] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11139576 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
R2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [82680 2024-02-22] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [26512 2023-07-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8930944 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8930944 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-10-10] (Mixbyte Inc -> Freemake)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-02-21] (Intel CASE -> )
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [402024 2023-04-17] (Proton Technologies AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [328808 2023-04-17] (Proton Technologies AG -> ProtonVPN)
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.27\bin\httpd.exe [29184 2017-07-07] (Apache Software Foundation) [Fichier non signé]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.2.8\bin\mysqld.exe [14545920 2017-08-17] () [Fichier non signé]
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.19\bin\mysqld.exe [39496704 2017-06-22] () [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\109.1.47.186\elevation_service.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1542656 2009-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R0 BdNet; C:\Windows\System32\DRIVERS\BdNet.sys [180360 2022-12-20] (BullGuard LTD -> BullGuard Ltd.)
R1 BdSentry; C:\Windows\System32\DRIVERS\BdSentry.sys [219448 2023-02-01] (BullGuard LTD -> Avira Operations GmbH)
R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [319376 2021-08-14] (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
R1 netprotection_network_filter; C:\Windows\System32\drivers\netprotection_network_filter.sys [92416 2022-12-15] (Avira Operations GmbH -> Avira Operations GmbH)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [39448 2021-08-19] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win7\ProtonVPN.CalloutDriver.sys [25824 2023-04-17] (Proton Technologies AG -> Proton Technologies AG)
R2 rtp_filesystem_filter; C:\Windows\System32\DRIVERS\rtp_filesystem_filter.sys [230408 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_process_monitor; C:\Windows\System32\DRIVERS\rtp_process_monitor.sys [224512 2023-02-10] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\Windows\System32\DRIVERS\rtp_traverse.sys [62632 2022-12-16] (Avira Operations GmbH -> Avira Operations GmbH)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [41792 2021-06-13] (nordvpn s.a. -> The OpenVPN Project)
R3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [39696 2020-12-30] (Proton Technologies AG -> The OpenVPN Project)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 wintun; C:\Windows\System32\DRIVERS\wintun.sys [29680 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\DRIVERS\wireguard.sys [489368 2023-06-02] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-03-12 12:51 - 2024-03-12 12:52 - 000050336 _____ C:\Users\dd\Desktop\FRST.txt
2024-03-12 12:51 - 2024-03-12 12:51 - 000000000 ____D C:\FRST
2024-03-12 12:47 - 2024-03-12 12:48 - 000000000 ____D C:\Users\dd\Desktop\bordel
2024-03-12 12:46 - 2024-03-12 12:47 - 002390528 _____ (Farbar) C:\Users\dd\Desktop\FRST64.exe
2024-03-11 17:34 - 2024-03-11 17:35 - 096273120 _____ (Facebook, Inc.) C:\Users\dd\Downloads\Messenger.206.0.0.8.218 (1).exe
2024-03-11 11:45 - 2024-03-11 11:45 - 000000000 ____D C:\Users\dd\AppData\Roaming\Microsoft\QuickStyles
2024-03-10 20:59 - 2024-03-10 21:00 - 096273120 _____ (Facebook, Inc.) C:\Users\dd\Downloads\Messenger.206.0.0.8.218.exe
2024-03-09 22:51 - 2024-03-11 19:19 - 000000000 ____D C:\Users\dd\AppData\Roaming\GoLogin
2024-03-09 22:51 - 2024-03-09 22:51 - 000002154 _____ C:\Users\dd\Desktop\GoLogin.lnk
2024-03-09 22:51 - 2024-03-09 22:51 - 000000000 ____D C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoLogin
2024-03-08 14:03 - 2024-03-08 14:03 - 000283357 _____ C:\Users\dd\Downloads\retroactivite-complementaire-sante-solidaire-lettre-ministerielle.pdf
2024-02-25 11:13 - 2024-02-25 11:13 - 000002263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-25 11:13 - 2024-02-25 11:13 - 000002222 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-02-22 13:29 - 2024-02-22 13:29 - 000003670 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupVerify
2024-02-20 22:58 - 2024-02-22 10:28 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-02-20 19:02 - 2024-02-20 19:02 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise.lnk
2024-02-20 19:02 - 2024-02-20 19:02 - 000002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2024-02-20 19:02 - 2024-02-20 19:02 - 000002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2024-02-20 19:02 - 2024-02-20 19:02 - 000002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2024-02-20 19:02 - 2024-02-20 19:02 - 000002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2024-02-20 19:02 - 2024-02-20 19:02 - 000002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2024-02-20 19:02 - 2024-02-20 19:02 - 000002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2024-02-20 19:02 - 2024-02-20 19:02 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2024-02-20 19:02 - 2024-02-20 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2024-02-20 18:35 - 2024-02-20 18:35 - 000000000 ____D C:\Program Files\maxthon6896_2042940491
2024-02-20 14:08 - 2024-02-20 14:08 - 000000000 ____D C:\Users\dd\Documents\Modèles Office personnalisés
2024-02-20 13:57 - 2024-02-20 19:04 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-20 13:56 - 2024-02-20 13:56 - 000000000 ____D C:\Program Files\Microsoft Office 15
2024-02-19 12:06 - 2024-02-19 12:06 - 000000000 ____D C:\Users\dd\Documents\EViews User Objects
2024-02-19 12:06 - 2024-02-19 12:06 - 000000000 ____D C:\Users\dd\Documents\EViews Addins
2024-02-19 12:05 - 2024-03-10 15:50 - 000000000 ____D C:\Users\dd\AppData\ev_temp
2024-02-19 12:05 - 2024-02-19 12:05 - 000001696 _____ C:\Users\Public\Desktop\EViews 12 SV (x64).lnk
2024-02-19 12:05 - 2024-02-19 12:05 - 000001657 _____ C:\Users\dd\Documents\EViews Example Files.lnk
2024-02-19 12:05 - 2024-02-19 12:05 - 000000000 ____D C:\Users\dd\AppData\Roaming\InstallShield Installation Information
2024-02-19 12:05 - 2024-02-19 12:05 - 000000000 ____D C:\Users\dd\AppData\Roaming\IHS EViews
2024-02-19 12:05 - 2024-02-19 12:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EViews 12 SV
2024-02-19 12:05 - 2024-02-19 12:05 - 000000000 ____D C:\ProgramData\IHS EViews
2024-02-19 12:05 - 2024-02-19 12:05 - 000000000 ____D C:\Program Files\EViews 12 SV
2024-02-18 12:29 - 2024-02-18 12:33 - 000000000 ____D C:\Users\dd\AppData\Local\UPDF
2024-02-18 12:29 - 2024-02-18 12:29 - 000000000 ____D C:\Users\Public\AppData\Local\UPDF
2024-02-18 12:29 - 2024-02-18 12:29 - 000000000 ____D C:\Users\dd\AppData\Local\WebView
2024-02-18 12:28 - 2024-02-18 12:34 - 000000000 ____D C:\Program Files (x86)\UPDF
2024-02-18 12:26 - 2024-02-18 12:29 - 000000000 ____D C:\Users\dd\AppData\Local\UPDFSetup
2024-02-18 12:26 - 2024-02-18 12:26 - 000000000 ____D C:\Program Files (x86)\UPDF_Win
2024-02-13 18:05 - 2024-02-13 18:05 - 000055272 _____ C:\Users\dd\Downloads\o069230801164244-e-gestionnaire-administratif-12603.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-03-12 12:51 - 2009-07-14 05:45 - 000025792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2024-03-12 12:51 - 2009-07-14 05:45 - 000025792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2024-03-12 12:31 - 2018-02-04 20:46 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-12 10:37 - 2009-07-14 16:24 - 000747644 _____ C:\Windows\system32\perfh00C.dat
2024-03-12 10:37 - 2009-07-14 16:24 - 000150168 _____ C:\Windows\system32\perfc00C.dat
2024-03-12 10:37 - 2009-07-14 06:13 - 001669584 _____ C:\Windows\system32\PerfStringBackup.INI
2024-03-12 10:37 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2024-03-12 10:34 - 2024-02-05 17:19 - 000000000 ____D C:\Users\dd\AppData\Local\CyberGhost
2024-03-12 10:34 - 2023-12-03 10:07 - 000000000 ____D C:\Program Files\CCleaner
2024-03-12 10:34 - 2022-09-06 23:07 - 000000000 ____D C:\Users\dd\AppData\Local\Epic Privacy Browser
2024-03-12 10:32 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-03-11 23:43 - 2022-06-29 15:05 - 004948856 _____ C:\Windows\system32\rtp.db
2024-03-11 18:53 - 2018-02-05 11:13 - 000000000 ____D C:\Users\dd\AppData\Roaming\vlc
2024-03-11 17:48 - 2018-02-05 23:47 - 000000000 ____D C:\Users\dd\AppData\Local\CrashDumps
2024-03-11 17:33 - 2018-02-04 20:36 - 000000000 ___SD C:\Users\dd\AppData\Roaming\Microsoft\Credentials
2024-03-11 14:49 - 2023-11-05 11:39 - 000000000 ____D C:\Users\dd\AppData\Roaming\HandBrake
2024-03-11 11:43 - 2018-02-05 12:40 - 000000000 ____D C:\Users\dd\AppData\Roaming\Microsoft\Excel
2024-03-10 22:49 - 2018-02-05 12:59 - 000000000 ____D C:\Users\dd\AppData\Roaming\Microsoft\Word
2024-03-09 23:24 - 2019-01-31 00:11 - 000000000 ____D C:\ProgramData\Mozilla
2024-03-09 23:24 - 2018-02-05 10:51 - 000000000 ____D C:\Users\dd\AppData\LocalLow\Mozilla
2024-03-09 16:03 - 2018-02-07 13:22 - 000000000 ____D C:\Users\dd\AppData\Roaming\Adobe
2024-03-09 16:03 - 2018-02-07 13:22 - 000000000 ____D C:\ProgramData\Adobe
2024-03-09 15:49 - 2023-05-10 09:41 - 000000000 ____D C:\Windows\system32\Tasks\NCH Software
2024-03-08 10:08 - 2023-12-03 10:08 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-03-07 12:57 - 2018-07-19 11:25 - 000002065 _____ C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2024-03-05 22:38 - 2021-10-19 09:30 - 000003590 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-05 22:38 - 2021-10-19 09:30 - 000003462 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-05 10:30 - 2023-05-10 11:27 - 000000000 ____D C:\Users\dd\AppData\Roaming\Bandicam Company
2024-03-03 10:28 - 2009-07-14 06:08 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2024-02-29 14:03 - 2019-02-12 10:26 - 000000000 ____D C:\Users\dd\Downloads\captures
2024-02-28 09:30 - 2024-02-05 17:19 - 000000000 ____D C:\Program Files\CyberGhost 8
2024-02-25 19:46 - 2022-10-11 16:33 - 000002019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2024-02-25 11:34 - 2023-04-26 12:27 - 000000000 ____D C:\Users\dd\AppData\Roaming\avidemux
2024-02-24 22:27 - 2021-05-26 16:36 - 000000000 ____D C:\Users\dd\AppData\Local\Windows Live
2024-02-22 10:28 - 2018-02-05 10:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-02-21 10:03 - 2021-10-09 14:16 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2024-02-20 19:01 - 2018-02-05 12:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-02-20 18:40 - 2023-11-16 15:37 - 000000000 ____D C:\Users\dd\dwhelper
2024-02-20 18:37 - 2023-11-04 16:33 - 000000000 ____D C:\Program Files (x86)\Digiarty
2024-02-20 18:35 - 2018-02-04 20:49 - 000154520 _____ C:\Users\dd\AppData\Local\GDIPFONTCACHEV1.DAT
2024-02-20 18:32 - 2009-07-14 05:45 - 000570992 _____ C:\Windows\system32\FNTCACHE.DAT
2024-02-20 18:22 - 2009-07-14 16:35 - 000000000 ____D C:\Windows\ShellNew
2024-02-20 18:22 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-02-20 18:21 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2024-02-20 14:00 - 2018-10-19 21:12 - 000000000 ____D C:\Users\dd\AppData\Roaming\Skype
2024-02-20 00:05 - 2023-05-12 23:10 - 000000000 ____D C:\Users\dd\AppData\Roaming\Microsoft\PowerPoint
2024-02-19 23:53 - 2023-05-12 17:42 - 000000000 ____D C:\Windows\AAct_Tools
2024-02-19 22:45 - 2023-05-27 09:17 - 000000000 ____D C:\Program Files (x86)\SeaMonkey
2024-02-19 12:05 - 2018-02-05 12:40 - 000000000 ____D C:\Users\dd\AppData\Roaming\Microsoft\AddIns
2024-02-16 14:32 - 2022-02-07 22:12 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-02-16 14:23 - 2023-12-03 10:08 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-02-16 14:23 - 2023-12-03 10:08 - 000003246 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-02-11 16:25 - 2018-02-04 20:55 - 000000000 ____D C:\Users\dd\AppData\Local\ElevatedDiagnostics
==================== Fichiers à la racine de certains dossiers ========
2023-05-09 10:55 - 2023-05-10 18:19 - 000000116 _____ () C:\Users\dd\AppData\Roaming\Camdata.ini
2023-05-09 10:55 - 2023-05-10 18:19 - 000000408 _____ () C:\Users\dd\AppData\Roaming\CamLayout.ini
2023-05-09 10:55 - 2023-05-10 18:19 - 000000408 _____ () C:\Users\dd\AppData\Roaming\CamShapes.ini
2023-05-09 10:55 - 2023-05-10 10:43 - 000004535 _____ () C:\Users\dd\AppData\Roaming\CamStudio.cfg
2021-06-23 10:32 - 2021-06-23 10:32 - 000000068 _____ () C:\Users\dd\AppData\Roaming\changzhi_leidian.data
2021-08-11 20:12 - 2021-08-11 20:12 - 000000154 _____ () C:\Users\dd\AppData\Roaming\changzhi_leidianmac.data
2023-05-11 16:26 - 2023-05-11 16:46 - 000001005 _____ () C:\Users\dd\AppData\Roaming\mplex-log.log
2023-05-11 16:25 - 2023-05-11 16:48 - 000002407 _____ () C:\Users\dd\AppData\Roaming\PPTConverter.log
2023-05-09 10:52 - 2023-05-10 10:45 - 000000377 _____ () C:\Users\dd\AppData\Roaming\version2.xml
2023-11-19 18:12 - 2023-11-19 18:13 - 001010015 _____ () C:\Users\dd\AppData\Roaming\VideoPad.dmp
2021-01-25 00:38 - 2023-09-07 11:34 - 000007680 _____ () C:\Users\dd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-08-17 19:22 - 2020-08-17 19:22 - 000004096 ____H () C:\Users\dd\AppData\Local\keyfile3.drm
2022-09-07 00:35 - 2022-09-07 00:35 - 000007629 _____ () C:\Users\dd\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2024-03-07 14:58
==================== Fin de FRST.txt ========================