Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 15-11-2017
Exécuté par Warzonex51 (16-11-2017 09:19:36)
Exécuté depuis C:\Users\docto\Downloads
Windows 10 Pro Version 1709 16299.64 (X64) (2017-10-28 21:08:35)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-2933909970-4278495066-1699577979-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2933909970-4278495066-1699577979-503 - Limited - Disabled)
Invité (S-1-5-21-2933909970-4278495066-1699577979-501 - Limited - Disabled)
Warzonex51 (S-1-5-21-2933909970-4278495066-1699577979-1001 - Administrator - Enabled) => C:\Users\docto
WDAGUtilityAccount (S-1-5-21-2933909970-4278495066-1699577979-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22256 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
Cisco WebEx Meetings (HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 58.0.3029.115 - Comodo)
COMODO Internet Security Pro (HKLM\...\{F5884F6C-490D-4979-8D37-E6020E93190C}) (Version: 10.0.2.6408 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Pro (HKLM\...\COMODO Internet Security) (Version: 10.0.2.6408 - COMODO Security Solutions Inc.)
COMODO Secure Shopping (HKLM-x32\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA430655}) (Version: 1.3.134.0 - COMODO) Hidden
COMODO Secure Shopping (HKLM-x32\...\Comodo Secure_Shopping_list_uninstall) (Version: 1.3.430655.134 - Comodo)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileZilla Client 3.29.0 (HKLM-x32\...\FileZilla Client) (Version: 3.29.0 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.0.29935 - Foxit Software Inc.)
Geeks3D FurMark 1.19.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HL-2270DW (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.1.6.0 - Brother Industries, Ltd.)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.2.424651.94 - Comodo)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.8625.2121 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{f9b04b37-35d5-4a19-a51b-fcf4a8734851}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.4.0.6486 - Mozilla)
Mozilla Thunderbird 52.4.0 (x86 fr) (HKLM-x32\...\Mozilla Thunderbird 52.4.0 (x86 fr)) (Version: 52.4.0 - Mozilla)
MSI Afterburner 4.4.0 (HKLM-x32\...\Afterburner) (Version: 4.4.0 - MSI Co., LTD)
NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Pilote graphique 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2121 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2121 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
Ontrack® EasyRecovery™ for Windows (HKLM-x32\...\Ontrack® EasyRecovery™ for Windows_is1) (Version: 12.0.0.2 - Kroll Ontrack)
Panneau de configuration NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
qBittorrent 3.3.16 (HKLM-x32\...\qBittorrent) (Version: 3.3.16 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Roblox Player for Warzonex51 (HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Studio for Warzonex51 (HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - Roblox Corporation)
SeaTools for Windows 1.4.0.6 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.6 - Seagate Technology)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - )
The Witcher 3 Wild Hunt (HKLM-x32\...\{1BA2C102-E6CE-4F45-AFE5-6D5A85ED1ACB}_is1) (Version: 3.0.9.64944 - CD Projekt)
Trojan Remover (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.5 - Simply Super Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-09] (COMODO)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-09] (COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-09] (COMODO)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {1B89AE97-59C5-437C-962A-1A80BEC234EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)
Task: {24A69FCE-5E4E-4452-913E-2D1AE8049027} - \S-1-5-21-2933909970-4278495066-1699577979-1001\DataSenseLiveTileTask -> Pas de fichier <==== ATTENTION
Task: {43755D0C-2E2D-42C2-8C73-57D2A8D3630B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-31] (Microsoft Corporation)
Task: {4BBCEF44-FCD5-4C73-A9CC-2E4CBA9AF212} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-09] (COMODO)
Task: {4D64D07F-7408-405A-83E6-32CCD75FC90B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-31] (Microsoft Corporation)
Task: {5522146B-CE21-4565-BD82-077D8A023D1E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-11-09] (Microsoft Corporation)
Task: {636BEE92-57D1-4E40-BC0C-CC9284FC0F1F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-20] (Google Inc.)
Task: {64659A14-C574-4EB6-8647-A0ED2E4AD6B7} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-09] (COMODO)
Task: {652DC2FA-B04E-49F6-9000-44104DA8840B} - System32\Tasks\LaunchChromeTask111 => C:\Program Files\FileZilla FTP Client\FileZilla.exe [2017-11-06] (FileZilla Project)
Task: {65A1079B-D815-4379-8015-650CD548CDCC} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2017-11-09] (COMODO)
Task: {6E3C5844-F6C2-4D2D-9035-2622CC768060} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-09] (COMODO)
Task: {7D64C2DB-4E5E-4D24-A1DF-DA9C10AAFB8B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {97D91EC6-A84B-4530-84C9-CEFBD03D2D44} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-09] (COMODO)
Task: {996B86AE-A0D7-403C-9167-1BAAA781D3C7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-11-09] ()
Task: {B0F8C503-7C6E-4A3D-8D27-0453324CEC69} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-11-09] (Microsoft Corporation)
Task: {B519D1C3-F292-4F6A-9E35-2A0BD190A66E} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-09] (COMODO)
Task: {C1E49705-9131-4E64-8188-4890CFC22B80} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)
Task: {C2A1EECF-397B-4EAD-BEEC-4742951B2029} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-11-09] ()
Task: {D0227D82-9294-4890-8E78-1742D5F0121D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-20] (Google Inc.)
Task: {F3CF3AA9-1BAC-41F1-9E83-6FB3F3E087E0} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-11-09] (COMODO)
Task: {FB99061A-C0D1-443A-8113-8948DB3BF026} - System32\Tasks\RunAsStdUser_MyComGames => C:\Users\docto\AppData\Local\MyComGames\MyComGames.exe
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
==================== Modules chargés (Avec liste blanche) ==============
2017-09-29 08:41 - 2017-09-29 08:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-11-15 09:12 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-11-15 09:12 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-11-09 13:13 - 2017-11-09 13:13 - 000156864 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2017-11-09 13:12 - 2017-11-09 13:12 - 000106688 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2017-11-09 13:12 - 2017-11-09 13:12 - 000241856 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2017-11-06 14:32 - 2017-11-06 14:32 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-09-29 08:42 - 2017-09-30 09:43 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-09-29 08:42 - 2017-09-30 09:43 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-14 07:22 - 2017-09-14 07:23 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 000022016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-11-14 02:35 - 2017-11-14 02:36 - 055109120 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-09-29 20:18 - 2017-09-29 20:19 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2017-09-29 20:18 - 2017-09-29 20:18 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 003740160 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 002051584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 020759040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 003607040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-11-14 02:35 - 2017-11-14 02:35 - 003150848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-08-29 13:37 - 2017-08-29 13:37 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 002493440 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.People.AutoSuggest.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 000919040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 001363968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 000084480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngineVideoDataProvider.UWP.dll
2017-10-28 16:42 - 2017-10-28 16:42 - 004252160 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-09-26 09:21 - 2017-09-26 09:21 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000770560 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe
2017-11-01 09:42 - 2017-11-01 09:42 - 001919680 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40645.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2017-11-01 09:42 - 2017-11-01 09:42 - 001226416 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40645.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2017-11-11 06:19 - 2017-11-11 06:19 - 035058176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17084.21621.0_x64__8wekyb3d8bbwe\Music.UI.exe
2017-11-11 06:19 - 2017-11-11 06:19 - 009217024 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17084.21621.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-08-23 14:42 - 2017-08-23 14:42 - 000957952 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17084.21621.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2017-09-26 09:21 - 2017-09-26 09:21 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17084.21621.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-11 06:19 - 2017-11-11 06:19 - 013225472 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17084.21621.0_x64__8wekyb3d8bbwe\Music.Visuals.dll
2017-09-07 08:39 - 2017-09-07 08:39 - 000073920 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2017-11-15 23:13 - 2017-05-12 11:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-11-15 23:13 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-11-15 23:13 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-11-15 23:13 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-10-12 11:35 - 2017-10-12 11:35 - 000156672 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WP8MSVCCommon.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000394752 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WP8MSVCBridge.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000013824 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WinPhoneBridge_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000796160 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\System_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000039424 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\pthreadVC_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000114688 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\system_malloc_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000680448 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\CrossPortability_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 060634941 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000015374 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\unwind_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000081408 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\exif_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000863744 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\c++_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000930304 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\ffmpeg_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000361472 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\SystemResources_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000095744 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\z_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000092160 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WRTBridge_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000086528 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WinMediaFoundation_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000053760 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\EGL_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000839168 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\GLESv2_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 204953421 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\App.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000456192 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\OpenAL_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 006611763 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\JavaScriptCore_osmeta.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [143]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Il y a 7936 plus de sites.
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\123simsen.com -> www.123simsen.com
Il y a 7936 plus de sites.
==================== Hosts contenu: ==========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2017-03-18 16:03 - 2017-11-15 23:53 - 000454520 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Il y a 15600 plus de lignes.
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\docto\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\{3bebe9a8-b471-40b7-9606-06731fb3c7f6}.png
DNS Servers: 192.168.2.1 - 198.235.214.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "InstallerLauncher"
HKLM\...\StartupApproved\Run: => "COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "vdcss"
HKLM\...\StartupApproved\Run32: => "IseUI"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [UDP Query User{914DEE8A-BC86-41DF-8904-DFB21EB2B19A}F:\slime.rancher.v0.6.0d\x64\slimerancher.exe] => (Block) F:\slime.rancher.v0.6.0d\x64\slimerancher.exe
FirewallRules: [TCP Query User{3A15FEBD-6BDA-41B5-BEAB-4BDBBF4B850D}F:\slime.rancher.v0.6.0d\x64\slimerancher.exe] => (Block) F:\slime.rancher.v0.6.0d\x64\slimerancher.exe
FirewallRules: [{FFB8C292-EC9E-4521-A5C2-6310E762A710}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{2B3E9324-C03E-4325-BCD0-B376D7D02B90}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{6B1E50EB-8763-4953-B703-D4E940F1A2A3}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A8B7B153-3686-43FF-992D-1501BBA347E7}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{05E55599-D9A9-4847-A895-B238ACD5BFA9}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2BDA8DBA-6F19-46F5-997A-58A9D6DA208E}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{E9E49A04-6B6D-4438-BE42-91FD3B951B3A}G:\games\flatout 4 total insanity\flatout.exe] => (Block) G:\games\flatout 4 total insanity\flatout.exe
FirewallRules: [TCP Query User{08C1E359-9481-43A5-8AC9-FFD2F23F8FC6}G:\games\flatout 4 total insanity\flatout.exe] => (Block) G:\games\flatout 4 total insanity\flatout.exe
FirewallRules: [{097EAB21-F3EA-46A7-ABB8-478EB56AC3A2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{73C601DC-BEA7-4929-AE74-B0A86E3FD764}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9AB08DA5-F81B-4A3F-8599-7659E2CC492D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B0BABADC-2AD8-454D-A9EC-18617155A40F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{B9B60CCC-98C4-43B8-A662-05E85D757797}C:\program files\java\jre1.8.0_141\bin\java.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\java.exe
FirewallRules: [TCP Query User{57079906-CDAA-4130-BB09-524968D76E55}C:\program files\java\jre1.8.0_141\bin\java.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\java.exe
FirewallRules: [{149E8C90-AA1E-4DC5-AC60-627EC991538D}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{B6EC140C-0943-4D6C-8D5A-9660D7F663F8}] => (Allow) g:\Program Files (x86)\XePlayer\bin\XePlayer.exe
FirewallRules: [UDP Query User{5F8603F0-0294-4540-A9CE-3BF169BD60DC}C:\program files (x86)\cheat engine 6.7\cheatengine-x86_64.exe] => (Allow) C:\program files (x86)\cheat engine 6.7\cheatengine-x86_64.exe
FirewallRules: [TCP Query User{11CBC77F-6402-48B9-B853-549D2FBC6F9B}C:\program files (x86)\cheat engine 6.7\cheatengine-x86_64.exe] => (Allow) C:\program files (x86)\cheat engine 6.7\cheatengine-x86_64.exe
FirewallRules: [UDP Query User{D24ED677-3DEB-44B0-98FC-3275AE786AC1}C:\users\docto\desktop\yet.another.zombie.defense.hd\yet another zombie defense hd\yazdhd.exe] => (Block) C:\users\docto\desktop\yet.another.zombie.defense.hd\yet another zombie defense hd\yazdhd.exe
FirewallRules: [TCP Query User{E79BAAE0-03BE-4D76-9908-E54A0405A261}C:\users\docto\desktop\yet.another.zombie.defense.hd\yet another zombie defense hd\yazdhd.exe] => (Block) C:\users\docto\desktop\yet.another.zombie.defense.hd\yet another zombie defense hd\yazdhd.exe
FirewallRules: [UDP Query User{C2DC771F-895C-4732-9A3C-7F8A774E34C9}G:\games\city car driving\bin\win32\starter.exe] => (Block) G:\games\city car driving\bin\win32\starter.exe
FirewallRules: [TCP Query User{65C34182-0625-48EB-B157-0C9B27399066}G:\games\city car driving\bin\win32\starter.exe] => (Block) G:\games\city car driving\bin\win32\starter.exe
FirewallRules: [UDP Query User{37A4E5AB-FB52-491D-B882-7C2D776A32D3}G:\games\kitchen simulator 2\kitchen simulator 2 32\engine\binaries\win32\ue4game-win32-shipping.exe] => (Allow) G:\games\kitchen simulator 2\kitchen simulator 2 32\engine\binaries\win32\ue4game-win32-shipping.exe
FirewallRules: [TCP Query User{1FC039FA-74DE-487D-BC4B-94B60E948D79}G:\games\kitchen simulator 2\kitchen simulator 2 32\engine\binaries\win32\ue4game-win32-shipping.exe] => (Allow) G:\games\kitchen simulator 2\kitchen simulator 2 32\engine\binaries\win32\ue4game-win32-shipping.exe
FirewallRules: [UDP Query User{BDE2074B-7156-4B38-A7EA-20313E4DB517}F:\qbitorrent\beast battle simulator\beastbattlesimulator.exe] => (Allow) F:\qbitorrent\beast battle simulator\beastbattlesimulator.exe
FirewallRules: [TCP Query User{7CFDDC24-6BBD-4218-A63D-503079273250}F:\qbitorrent\beast battle simulator\beastbattlesimulator.exe] => (Allow) F:\qbitorrent\beast battle simulator\beastbattlesimulator.exe
FirewallRules: [{B9CEAE3B-8089-4806-9B91-EC3E97F5BBF7}] => (Allow) F:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{A7F81A1D-EEC9-4710-AD6A-76E578BC611D}] => (Allow) F:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [UDP Query User{98AFAE0B-B608-4C21-8B2A-5D5F59C756E4}C:\users\docto\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\docto\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{758DC8CB-4BF9-4CE7-934F-0EF2F1DAAAF3}C:\users\docto\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\docto\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{7A913DE4-A579-44A7-8FEA-C4869D3600CF}C:\users\docto\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\docto\appdata\local\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{26EB634E-451E-442C-9C31-53ACE1EC061A}C:\users\docto\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\docto\appdata\local\warthunder\win64\aces.exe
FirewallRules: [{16682AE5-3477-4CA4-87CB-5F0B27DB6CA9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{BBD2E454-88C0-483B-8C64-E46AFD6F4255}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0080FC69-0A3D-49CB-85D4-38A043B6F1C6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C5A638DA-8BAC-4F0B-8345-AC161E3B648D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{B7170454-EE6A-4226-8176-CE8D85C61C4B}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [TCP Query User{5DFB30AD-85B6-4B55-A6EE-29718C31CC60}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [UDP Query User{50B18202-1B98-4D79-9DF4-92603BBCC5F1}F:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) F:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [TCP Query User{E6F73744-F874-486F-ADE8-D2D62700E3A0}F:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) F:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{B8565D4B-94B9-40AB-A877-05CFFF24B173}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{BD183ADB-3584-4334-9A6F-AEE79B008686}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{B753D708-3776-4AA4-BE8B-8BF6E0A6661F}F:\games\far cry primal\bin\fcprimal.exe] => (Allow) F:\games\far cry primal\bin\fcprimal.exe
FirewallRules: [TCP Query User{ED9C8E9A-0919-42DA-A8F0-9E1875B1EB69}F:\games\far cry primal\bin\fcprimal.exe] => (Allow) F:\games\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{4FA4C538-DF9F-4BD8-BD85-01D9128B6C77}F:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{47FE89AC-E946-4320-A987-BA5F22BC8655}F:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{98D36D8C-CF74-4BE2-B65E-441BB8BABE63}F:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) F:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [TCP Query User{44E3D8E7-3A90-4928-BC3D-1815794D9CE7}F:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) F:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{70B8FFF5-AF75-44DC-B670-E5B47A28E882}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [TCP Query User{B6D7A7A1-89C4-4291-B276-2C95780B3688}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [UDP Query User{E5E8B764-595E-4790-B927-5B084CC88B40}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{E243C5CF-80D1-4EAF-B010-32C024BFC052}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{9B6357C4-077A-4249-8763-63A356847183}F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{EB555559-D21C-45B1-866A-B45030D3B2B6}F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{22478B9A-DBF7-4F2B-A665-9B2AA27A206E}] => (Allow) F:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{8C614710-DF5A-4178-8727-C6C4499DCF3D}] => (Allow) F:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [UDP Query User{FB22D298-823A-4109-BF45-620C66460CC5}F:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{0249D68B-DA26-4C7C-8477-EA85BD46B47C}F:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{E0E14667-B88C-4971-A049-F61EB9A807E8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{FA3A7D1D-3E33-4D5B-A623-22BFDDA87FC5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{71D3848D-385F-4A73-B121-73213FD7A4D2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{DAB87AEE-128B-430A-B87B-9F7D93B36FC5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{7B3E9451-534A-49E0-9555-EE341287E40A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{99CE8912-0F25-4F80-B21E-ECC52358D2B9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Points de restauration =========================
15-11-2017 22:40:28 Removing COMODO Client - Security
==================== Éléments en erreur du Gestionnaire de périphériques =============
Name: D-Link DWA-130 Wireless N USB Adapter
Description: Carte USB N sans fil D-Link DWA-130
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: D-Link Corporation
Service: RTL8192su
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements CisWmi a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM CisFileRatingChange » dont la classe cible « CisFileRatingChange » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements CisWmi a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM CisStatusChange » dont la classe cible « CisStatusChange » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements CisWmi a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM CisNotification » dont la classe cible « CisNotification » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements CisWmi a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM FwAlert » dont la classe cible « FwAlert » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements CisWmi a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM DfAlert » dont la classe cible « DfAlert » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements CisWmi a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM AvAlert » dont la classe cible « AvAlert » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements CisWmi a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM CisAlert » dont la classe cible « CisAlert » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements CisWmi a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM CisEvent » dont la classe cible « CisEvent » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM CisFileRatingChange » dont la classe cible « CisFileRatingChange » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM CisStatusChange » dont la classe cible « CisStatusChange » n’existe pas. La requête sera ignorée.
Erreurs système:
=============
Error: (11/16/2017 09:17:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service COMODO Virtual Service Manager s'est terminé de façon inattendue. Ceci s'est produit 1 fois.
Error: (11/16/2017 09:00:46 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-K31LPOB)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-K31LPOB\Warzonex51 de l’utilisateur (S-1-5-21-2933909970-4278495066-1699577979-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/15/2017 11:45:32 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-K31LPOB)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-K31LPOB\Warzonex51 de l’utilisateur (S-1-5-21-2933909970-4278495066-1699577979-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/15/2017 11:37:19 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-K31LPOB)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-K31LPOB\Warzonex51 de l’utilisateur (S-1-5-21-2933909970-4278495066-1699577979-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/15/2017 11:37:08 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-K31LPOB)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-K31LPOB\Warzonex51 de l’utilisateur (S-1-5-21-2933909970-4278495066-1699577979-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/15/2017 11:30:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-K31LPOB)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-K31LPOB\Warzonex51 de l’utilisateur (S-1-5-21-2933909970-4278495066-1699577979-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/15/2017 11:25:39 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-K31LPOB)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-K31LPOB\Warzonex51 de l’utilisateur (S-1-5-21-2933909970-4278495066-1699577979-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/15/2017 11:25:15 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-K31LPOB)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-K31LPOB\Warzonex51 de l’utilisateur (S-1-5-21-2933909970-4278495066-1699577979-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/15/2017 11:20:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-K31LPOB)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-K31LPOB\Warzonex51 de l’utilisateur (S-1-5-21-2933909970-4278495066-1699577979-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/15/2017 11:08:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID NT AUTHORITY\NETWORK SERVICE de l’utilisateur (S-1-5-20) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
CodeIntegrity:
===================================
Date: 2017-11-16 09:11:38.606
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-16 09:11:38.600
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-16 09:11:38.438
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-16 09:11:38.431
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-16 09:11:37.565
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-16 09:11:37.559
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-16 09:11:37.412
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-16 09:11:37.392
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-16 08:56:38.269
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.
Date: 2017-11-16 08:56:38.265
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Pourcentage de mémoire utilisée: 42%
Mémoire physique - RAM - totale: 8136.76 MB
Mémoire physique - RAM - disponible: 4671.86 MB
Mémoire virtuelle totale: 9416.76 MB
Mémoire virtuelle disponible: 5646.34 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:878.42 GB) (Free:837.12 GB) NTFS
Drive d: (Réservé au système) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive f: () (Fixed) (Total:488.28 GB) (Free:21.32 GB) NTFS
Drive g: (Melanie) (Fixed) (Total:495.83 GB) (Free:490.41 GB) NTFS
Drive h: () (Fixed) (Total:242.81 GB) (Free:209.01 GB) NTFS
Drive i: () (Fixed) (Total:53.95 GB) (Free:53.01 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 02FB4EC6)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=878.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=495.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: DA174FA0)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=242.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=53.9 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt ============================
Exécuté par Warzonex51 (16-11-2017 09:19:36)
Exécuté depuis C:\Users\docto\Downloads
Windows 10 Pro Version 1709 16299.64 (X64) (2017-10-28 21:08:35)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-2933909970-4278495066-1699577979-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2933909970-4278495066-1699577979-503 - Limited - Disabled)
Invité (S-1-5-21-2933909970-4278495066-1699577979-501 - Limited - Disabled)
Warzonex51 (S-1-5-21-2933909970-4278495066-1699577979-1001 - Administrator - Enabled) => C:\Users\docto
WDAGUtilityAccount (S-1-5-21-2933909970-4278495066-1699577979-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22256 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
Cisco WebEx Meetings (HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 58.0.3029.115 - Comodo)
COMODO Internet Security Pro (HKLM\...\{F5884F6C-490D-4979-8D37-E6020E93190C}) (Version: 10.0.2.6408 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Pro (HKLM\...\COMODO Internet Security) (Version: 10.0.2.6408 - COMODO Security Solutions Inc.)
COMODO Secure Shopping (HKLM-x32\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA430655}) (Version: 1.3.134.0 - COMODO) Hidden
COMODO Secure Shopping (HKLM-x32\...\Comodo Secure_Shopping_list_uninstall) (Version: 1.3.430655.134 - Comodo)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileZilla Client 3.29.0 (HKLM-x32\...\FileZilla Client) (Version: 3.29.0 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.0.29935 - Foxit Software Inc.)
Geeks3D FurMark 1.19.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HL-2270DW (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.1.6.0 - Brother Industries, Ltd.)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.2.424651.94 - Comodo)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.8625.2121 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{f9b04b37-35d5-4a19-a51b-fcf4a8734851}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.4.0.6486 - Mozilla)
Mozilla Thunderbird 52.4.0 (x86 fr) (HKLM-x32\...\Mozilla Thunderbird 52.4.0 (x86 fr)) (Version: 52.4.0 - Mozilla)
MSI Afterburner 4.4.0 (HKLM-x32\...\Afterburner) (Version: 4.4.0 - MSI Co., LTD)
NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Pilote graphique 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2121 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2121 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
Ontrack® EasyRecovery™ for Windows (HKLM-x32\...\Ontrack® EasyRecovery™ for Windows_is1) (Version: 12.0.0.2 - Kroll Ontrack)
Panneau de configuration NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
qBittorrent 3.3.16 (HKLM-x32\...\qBittorrent) (Version: 3.3.16 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Roblox Player for Warzonex51 (HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Studio for Warzonex51 (HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - Roblox Corporation)
SeaTools for Windows 1.4.0.6 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.6 - Seagate Technology)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - )
The Witcher 3 Wild Hunt (HKLM-x32\...\{1BA2C102-E6CE-4F45-AFE5-6D5A85ED1ACB}_is1) (Version: 3.0.9.64944 - CD Projekt)
Trojan Remover (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.5 - Simply Super Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-09] (COMODO)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-09] (COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-09] (COMODO)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {1B89AE97-59C5-437C-962A-1A80BEC234EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)
Task: {24A69FCE-5E4E-4452-913E-2D1AE8049027} - \S-1-5-21-2933909970-4278495066-1699577979-1001\DataSenseLiveTileTask -> Pas de fichier <==== ATTENTION
Task: {43755D0C-2E2D-42C2-8C73-57D2A8D3630B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-31] (Microsoft Corporation)
Task: {4BBCEF44-FCD5-4C73-A9CC-2E4CBA9AF212} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-09] (COMODO)
Task: {4D64D07F-7408-405A-83E6-32CCD75FC90B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-31] (Microsoft Corporation)
Task: {5522146B-CE21-4565-BD82-077D8A023D1E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-11-09] (Microsoft Corporation)
Task: {636BEE92-57D1-4E40-BC0C-CC9284FC0F1F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-20] (Google Inc.)
Task: {64659A14-C574-4EB6-8647-A0ED2E4AD6B7} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-09] (COMODO)
Task: {652DC2FA-B04E-49F6-9000-44104DA8840B} - System32\Tasks\LaunchChromeTask111 => C:\Program Files\FileZilla FTP Client\FileZilla.exe [2017-11-06] (FileZilla Project)
Task: {65A1079B-D815-4379-8015-650CD548CDCC} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2017-11-09] (COMODO)
Task: {6E3C5844-F6C2-4D2D-9035-2622CC768060} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-09] (COMODO)
Task: {7D64C2DB-4E5E-4D24-A1DF-DA9C10AAFB8B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {97D91EC6-A84B-4530-84C9-CEFBD03D2D44} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-09] (COMODO)
Task: {996B86AE-A0D7-403C-9167-1BAAA781D3C7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-11-09] ()
Task: {B0F8C503-7C6E-4A3D-8D27-0453324CEC69} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-11-09] (Microsoft Corporation)
Task: {B519D1C3-F292-4F6A-9E35-2A0BD190A66E} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-09] (COMODO)
Task: {C1E49705-9131-4E64-8188-4890CFC22B80} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)
Task: {C2A1EECF-397B-4EAD-BEEC-4742951B2029} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-11-09] ()
Task: {D0227D82-9294-4890-8E78-1742D5F0121D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-20] (Google Inc.)
Task: {F3CF3AA9-1BAC-41F1-9E83-6FB3F3E087E0} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-11-09] (COMODO)
Task: {FB99061A-C0D1-443A-8113-8948DB3BF026} - System32\Tasks\RunAsStdUser_MyComGames => C:\Users\docto\AppData\Local\MyComGames\MyComGames.exe
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
==================== Modules chargés (Avec liste blanche) ==============
2017-09-29 08:41 - 2017-09-29 08:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-11-15 09:12 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-11-15 09:12 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-11-09 13:13 - 2017-11-09 13:13 - 000156864 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2017-11-09 13:12 - 2017-11-09 13:12 - 000106688 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2017-11-09 13:12 - 2017-11-09 13:12 - 000241856 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2017-11-06 14:32 - 2017-11-06 14:32 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-09-29 08:42 - 2017-09-30 09:43 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-09-29 08:42 - 2017-09-30 09:43 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-14 07:22 - 2017-09-14 07:23 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 000022016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-11-14 02:35 - 2017-11-14 02:36 - 055109120 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-09-29 20:18 - 2017-09-29 20:19 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2017-09-29 20:18 - 2017-09-29 20:18 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 003740160 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 002051584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 020759040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 003607040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-11-14 02:35 - 2017-11-14 02:35 - 003150848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-08-29 13:37 - 2017-08-29 13:37 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 002493440 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.People.AutoSuggest.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 000919040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 001363968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-11-14 02:35 - 2017-11-14 02:36 - 000084480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngineVideoDataProvider.UWP.dll
2017-10-28 16:42 - 2017-10-28 16:42 - 004252160 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-09-26 09:21 - 2017-09-26 09:21 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000770560 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe
2017-11-01 09:42 - 2017-11-01 09:42 - 001919680 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40645.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2017-11-01 09:42 - 2017-11-01 09:42 - 001226416 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40645.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2017-11-11 06:19 - 2017-11-11 06:19 - 035058176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17084.21621.0_x64__8wekyb3d8bbwe\Music.UI.exe
2017-11-11 06:19 - 2017-11-11 06:19 - 009217024 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17084.21621.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-08-23 14:42 - 2017-08-23 14:42 - 000957952 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17084.21621.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2017-09-26 09:21 - 2017-09-26 09:21 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17084.21621.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-11 06:19 - 2017-11-11 06:19 - 013225472 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17084.21621.0_x64__8wekyb3d8bbwe\Music.Visuals.dll
2017-09-07 08:39 - 2017-09-07 08:39 - 000073920 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2017-11-15 23:13 - 2017-05-12 11:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-11-15 23:13 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-11-15 23:13 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-11-15 23:13 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-10-12 11:35 - 2017-10-12 11:35 - 000156672 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WP8MSVCCommon.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000394752 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WP8MSVCBridge.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000013824 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WinPhoneBridge_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000796160 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\System_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000039424 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\pthreadVC_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000114688 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\system_malloc_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000680448 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\CrossPortability_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 060634941 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000015374 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\unwind_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000081408 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\exif_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000863744 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\c++_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000930304 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\ffmpeg_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000361472 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\SystemResources_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000095744 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\z_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000092160 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WRTBridge_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000086528 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WinMediaFoundation_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000053760 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\EGL_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000839168 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\GLESv2_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 204953421 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\App.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 000456192 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\OpenAL_osmeta.dll
2017-10-12 11:35 - 2017-10-12 11:35 - 006611763 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\JavaScriptCore_osmeta.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [143]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Il y a 7936 plus de sites.
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\123simsen.com -> www.123simsen.com
Il y a 7936 plus de sites.
==================== Hosts contenu: ==========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2017-03-18 16:03 - 2017-11-15 23:53 - 000454520 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Il y a 15600 plus de lignes.
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\docto\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\{3bebe9a8-b471-40b7-9606-06731fb3c7f6}.png
DNS Servers: 192.168.2.1 - 198.235.214.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "InstallerLauncher"
HKLM\...\StartupApproved\Run: => "COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "vdcss"
HKLM\...\StartupApproved\Run32: => "IseUI"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2933909970-4278495066-1699577979-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [UDP Query User{914DEE8A-BC86-41DF-8904-DFB21EB2B19A}F:\slime.rancher.v0.6.0d\x64\slimerancher.exe] => (Block) F:\slime.rancher.v0.6.0d\x64\slimerancher.exe
FirewallRules: [TCP Query User{3A15FEBD-6BDA-41B5-BEAB-4BDBBF4B850D}F:\slime.rancher.v0.6.0d\x64\slimerancher.exe] => (Block) F:\slime.rancher.v0.6.0d\x64\slimerancher.exe
FirewallRules: [{FFB8C292-EC9E-4521-A5C2-6310E762A710}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{2B3E9324-C03E-4325-BCD0-B376D7D02B90}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{6B1E50EB-8763-4953-B703-D4E940F1A2A3}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A8B7B153-3686-43FF-992D-1501BBA347E7}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{05E55599-D9A9-4847-A895-B238ACD5BFA9}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2BDA8DBA-6F19-46F5-997A-58A9D6DA208E}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{E9E49A04-6B6D-4438-BE42-91FD3B951B3A}G:\games\flatout 4 total insanity\flatout.exe] => (Block) G:\games\flatout 4 total insanity\flatout.exe
FirewallRules: [TCP Query User{08C1E359-9481-43A5-8AC9-FFD2F23F8FC6}G:\games\flatout 4 total insanity\flatout.exe] => (Block) G:\games\flatout 4 total insanity\flatout.exe
FirewallRules: [{097EAB21-F3EA-46A7-ABB8-478EB56AC3A2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{73C601DC-BEA7-4929-AE74-B0A86E3FD764}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9AB08DA5-F81B-4A3F-8599-7659E2CC492D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B0BABADC-2AD8-454D-A9EC-18617155A40F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{B9B60CCC-98C4-43B8-A662-05E85D757797}C:\program files\java\jre1.8.0_141\bin\java.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\java.exe
FirewallRules: [TCP Query User{57079906-CDAA-4130-BB09-524968D76E55}C:\program files\java\jre1.8.0_141\bin\java.exe] => (Block) C:\program files\java\jre1.8.0_141\bin\java.exe
FirewallRules: [{149E8C90-AA1E-4DC5-AC60-627EC991538D}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{B6EC140C-0943-4D6C-8D5A-9660D7F663F8}] => (Allow) g:\Program Files (x86)\XePlayer\bin\XePlayer.exe
FirewallRules: [UDP Query User{5F8603F0-0294-4540-A9CE-3BF169BD60DC}C:\program files (x86)\cheat engine 6.7\cheatengine-x86_64.exe] => (Allow) C:\program files (x86)\cheat engine 6.7\cheatengine-x86_64.exe
FirewallRules: [TCP Query User{11CBC77F-6402-48B9-B853-549D2FBC6F9B}C:\program files (x86)\cheat engine 6.7\cheatengine-x86_64.exe] => (Allow) C:\program files (x86)\cheat engine 6.7\cheatengine-x86_64.exe
FirewallRules: [UDP Query User{D24ED677-3DEB-44B0-98FC-3275AE786AC1}C:\users\docto\desktop\yet.another.zombie.defense.hd\yet another zombie defense hd\yazdhd.exe] => (Block) C:\users\docto\desktop\yet.another.zombie.defense.hd\yet another zombie defense hd\yazdhd.exe
FirewallRules: [TCP Query User{E79BAAE0-03BE-4D76-9908-E54A0405A261}C:\users\docto\desktop\yet.another.zombie.defense.hd\yet another zombie defense hd\yazdhd.exe] => (Block) C:\users\docto\desktop\yet.another.zombie.defense.hd\yet another zombie defense hd\yazdhd.exe
FirewallRules: [UDP Query User{C2DC771F-895C-4732-9A3C-7F8A774E34C9}G:\games\city car driving\bin\win32\starter.exe] => (Block) G:\games\city car driving\bin\win32\starter.exe
FirewallRules: [TCP Query User{65C34182-0625-48EB-B157-0C9B27399066}G:\games\city car driving\bin\win32\starter.exe] => (Block) G:\games\city car driving\bin\win32\starter.exe
FirewallRules: [UDP Query User{37A4E5AB-FB52-491D-B882-7C2D776A32D3}G:\games\kitchen simulator 2\kitchen simulator 2 32\engine\binaries\win32\ue4game-win32-shipping.exe] => (Allow) G:\games\kitchen simulator 2\kitchen simulator 2 32\engine\binaries\win32\ue4game-win32-shipping.exe
FirewallRules: [TCP Query User{1FC039FA-74DE-487D-BC4B-94B60E948D79}G:\games\kitchen simulator 2\kitchen simulator 2 32\engine\binaries\win32\ue4game-win32-shipping.exe] => (Allow) G:\games\kitchen simulator 2\kitchen simulator 2 32\engine\binaries\win32\ue4game-win32-shipping.exe
FirewallRules: [UDP Query User{BDE2074B-7156-4B38-A7EA-20313E4DB517}F:\qbitorrent\beast battle simulator\beastbattlesimulator.exe] => (Allow) F:\qbitorrent\beast battle simulator\beastbattlesimulator.exe
FirewallRules: [TCP Query User{7CFDDC24-6BBD-4218-A63D-503079273250}F:\qbitorrent\beast battle simulator\beastbattlesimulator.exe] => (Allow) F:\qbitorrent\beast battle simulator\beastbattlesimulator.exe
FirewallRules: [{B9CEAE3B-8089-4806-9B91-EC3E97F5BBF7}] => (Allow) F:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{A7F81A1D-EEC9-4710-AD6A-76E578BC611D}] => (Allow) F:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [UDP Query User{98AFAE0B-B608-4C21-8B2A-5D5F59C756E4}C:\users\docto\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\docto\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{758DC8CB-4BF9-4CE7-934F-0EF2F1DAAAF3}C:\users\docto\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\docto\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{7A913DE4-A579-44A7-8FEA-C4869D3600CF}C:\users\docto\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\docto\appdata\local\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{26EB634E-451E-442C-9C31-53ACE1EC061A}C:\users\docto\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\docto\appdata\local\warthunder\win64\aces.exe
FirewallRules: [{16682AE5-3477-4CA4-87CB-5F0B27DB6CA9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{BBD2E454-88C0-483B-8C64-E46AFD6F4255}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0080FC69-0A3D-49CB-85D4-38A043B6F1C6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C5A638DA-8BAC-4F0B-8345-AC161E3B648D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{B7170454-EE6A-4226-8176-CE8D85C61C4B}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [TCP Query User{5DFB30AD-85B6-4B55-A6EE-29718C31CC60}C:\program files\java\jre1.8.0_141\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_141\bin\javaw.exe
FirewallRules: [UDP Query User{50B18202-1B98-4D79-9DF4-92603BBCC5F1}F:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) F:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [TCP Query User{E6F73744-F874-486F-ADE8-D2D62700E3A0}F:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) F:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{B8565D4B-94B9-40AB-A877-05CFFF24B173}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{BD183ADB-3584-4334-9A6F-AEE79B008686}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{B753D708-3776-4AA4-BE8B-8BF6E0A6661F}F:\games\far cry primal\bin\fcprimal.exe] => (Allow) F:\games\far cry primal\bin\fcprimal.exe
FirewallRules: [TCP Query User{ED9C8E9A-0919-42DA-A8F0-9E1875B1EB69}F:\games\far cry primal\bin\fcprimal.exe] => (Allow) F:\games\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{4FA4C538-DF9F-4BD8-BD85-01D9128B6C77}F:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{47FE89AC-E946-4320-A987-BA5F22BC8655}F:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{98D36D8C-CF74-4BE2-B65E-441BB8BABE63}F:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) F:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [TCP Query User{44E3D8E7-3A90-4928-BC3D-1815794D9CE7}F:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) F:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{70B8FFF5-AF75-44DC-B670-E5B47A28E882}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [TCP Query User{B6D7A7A1-89C4-4291-B276-2C95780B3688}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [UDP Query User{E5E8B764-595E-4790-B927-5B084CC88B40}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{E243C5CF-80D1-4EAF-B010-32C024BFC052}F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{9B6357C4-077A-4249-8763-63A356847183}F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{EB555559-D21C-45B1-866A-B45030D3B2B6}F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) F:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{22478B9A-DBF7-4F2B-A665-9B2AA27A206E}] => (Allow) F:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{8C614710-DF5A-4178-8727-C6C4499DCF3D}] => (Allow) F:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [UDP Query User{FB22D298-823A-4109-BF45-620C66460CC5}F:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{0249D68B-DA26-4C7C-8477-EA85BD46B47C}F:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{E0E14667-B88C-4971-A049-F61EB9A807E8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{FA3A7D1D-3E33-4D5B-A623-22BFDDA87FC5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{71D3848D-385F-4A73-B121-73213FD7A4D2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{DAB87AEE-128B-430A-B87B-9F7D93B36FC5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{7B3E9451-534A-49E0-9555-EE341287E40A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{99CE8912-0F25-4F80-B21E-ECC52358D2B9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Points de restauration =========================
15-11-2017 22:40:28 Removing COMODO Client - Security
==================== Éléments en erreur du Gestionnaire de périphériques =============
Name: D-Link DWA-130 Wireless N USB Adapter
Description: Carte USB N sans fil D-Link DWA-130
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: D-Link Corporation
Service: RTL8192su
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements CisWmi a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM CisFileRatingChange » dont la classe cible « CisFileRatingChange » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements CisWmi a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM CisStatusChange » dont la classe cible « CisStatusChange » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements CisWmi a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM CisNotification » dont la classe cible « CisNotification » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements CisWmi a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM FwAlert » dont la classe cible « FwAlert » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements CisWmi a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM DfAlert » dont la classe cible « DfAlert » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements CisWmi a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM AvAlert » dont la classe cible « AvAlert » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements CisWmi a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM CisAlert » dont la classe cible « CisAlert » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements CisWmi a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM CisEvent » dont la classe cible « CisEvent » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM CisFileRatingChange » dont la classe cible « CisFileRatingChange » n’existe pas. La requête sera ignorée.
Error: (11/15/2017 10:50:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Le fournisseur d’événements a tenté d’inscrire dans l’espace de noms //./root/cis la requête « SELECT * FROM CisStatusChange » dont la classe cible « CisStatusChange » n’existe pas. La requête sera ignorée.
Erreurs système:
=============
Error: (11/16/2017 09:17:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service COMODO Virtual Service Manager s'est terminé de façon inattendue. Ceci s'est produit 1 fois.
Error: (11/16/2017 09:00:46 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-K31LPOB)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-K31LPOB\Warzonex51 de l’utilisateur (S-1-5-21-2933909970-4278495066-1699577979-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/15/2017 11:45:32 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-K31LPOB)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-K31LPOB\Warzonex51 de l’utilisateur (S-1-5-21-2933909970-4278495066-1699577979-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/15/2017 11:37:19 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-K31LPOB)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-K31LPOB\Warzonex51 de l’utilisateur (S-1-5-21-2933909970-4278495066-1699577979-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/15/2017 11:37:08 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-K31LPOB)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-K31LPOB\Warzonex51 de l’utilisateur (S-1-5-21-2933909970-4278495066-1699577979-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/15/2017 11:30:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-K31LPOB)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-K31LPOB\Warzonex51 de l’utilisateur (S-1-5-21-2933909970-4278495066-1699577979-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/15/2017 11:25:39 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-K31LPOB)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-K31LPOB\Warzonex51 de l’utilisateur (S-1-5-21-2933909970-4278495066-1699577979-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/15/2017 11:25:15 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-K31LPOB)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-K31LPOB\Warzonex51 de l’utilisateur (S-1-5-21-2933909970-4278495066-1699577979-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/15/2017 11:20:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-K31LPOB)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-K31LPOB\Warzonex51 de l’utilisateur (S-1-5-21-2933909970-4278495066-1699577979-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/15/2017 11:08:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID NT AUTHORITY\NETWORK SERVICE de l’utilisateur (S-1-5-20) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
CodeIntegrity:
===================================
Date: 2017-11-16 09:11:38.606
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-16 09:11:38.600
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-16 09:11:38.438
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-16 09:11:38.431
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-16 09:11:37.565
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-16 09:11:37.559
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-16 09:11:37.412
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-16 09:11:37.392
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-16 08:56:38.269
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.
Date: 2017-11-16 08:56:38.265
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Pourcentage de mémoire utilisée: 42%
Mémoire physique - RAM - totale: 8136.76 MB
Mémoire physique - RAM - disponible: 4671.86 MB
Mémoire virtuelle totale: 9416.76 MB
Mémoire virtuelle disponible: 5646.34 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:878.42 GB) (Free:837.12 GB) NTFS
Drive d: (Réservé au système) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive f: () (Fixed) (Total:488.28 GB) (Free:21.32 GB) NTFS
Drive g: (Melanie) (Fixed) (Total:495.83 GB) (Free:490.41 GB) NTFS
Drive h: () (Fixed) (Total:242.81 GB) (Free:209.01 GB) NTFS
Drive i: () (Fixed) (Total:53.95 GB) (Free:53.01 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 02FB4EC6)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=878.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=495.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: DA174FA0)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=242.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=53.9 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt ============================