Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 14-09-2019 Exécuté par barro (16-09-2019 15:14:53) Exécuté depuis C:\Users\barro\Desktop Windows 10 Home Version 1803 17134.1006 (X64) (2019-09-12 18:43:14) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-4007548501-511009406-2815695127-500 - Administrator - Disabled) barro (S-1-5-21-4007548501-511009406-2815695127-1001 - Administrator - Enabled) => C:\Users\barro DefaultAccount (S-1-5-21-4007548501-511009406-2815695127-503 - Limited - Disabled) Invité (S-1-5-21-4007548501-511009406-2815695127-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-4007548501-511009406-2815695127-504 - Limited - Disabled) _ashbackuppb_ (S-1-5-21-4007548501-511009406-2815695127-1002 - Administrator - Enabled) => C:\Users\_ashbackuppb_ ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: adaware antivirus (Disabled - Up to date) {3AF56CA3-CA5A-215C-108D-CECA729D293A} AV: COMODO Antivirus (Disabled - Out of date) {9E3E06E3-F8E0-3C44-2336-BBD8AF8F84B8} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: adaware antivirus (Disabled - Up to date) {81948D47-EC60-2ED2-2A3D-F5B8091A6387} AS: COMODO Advanced Protection (Enabled - Up to date) {255FE707-DEDA-33CA-1986-80AAD408CE05} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Lavasoft Ad-Watch Live! (Disabled - Up to date) {61CDFD9D-3CAC-9270-C6FC-52325ACB795B} FW: COMODO Firewall (Enabled) {A60587C6-B28F-3D1C-0869-12ED515CC3C3} FW: adaware firewall (Enabled) {02CEED86-8035-2004-3BD2-67FF8C4E6E41} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Ad-Aware (HKLM-x32\...\Ad-Aware) (Version: - Lavasoft) adaware antivirus (HKLM\...\{5FFF7119-74E8-442E-970E-50BAD81D5371}_AdAwareUpdater) (Version: 12.6.1005.11662 - adaware) Ad-Aware Game Edition (HKLM-x32\...\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}) (Version: 8.1.3 - Lavasoft) Hidden Ad-Aware Game Edition (HKLM-x32\...\Ad-Aware Game Edition) (Version: - Lavasoft) AdAwareInstaller (HKLM\...\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8}) (Version: 12.6.1005.11662 - adaware) Hidden AdAwareUpdater (HKLM\...\{5FFF7119-74E8-442E-970E-50BAD81D5371}) (Version: 12.6.1005.11662 - adaware) Hidden Air Command (HKLM-x32\...\{5493FC89-21E8-4D88-BCA1-4D33F1410968}) (Version: 1.0.38 - Samsung Electronics Co., Ltd.) AntimalwareEngine (HKLM\...\{5C7A5F94-02E9-4C5D-A594-B1F10865965A}) (Version: 3.0.160.0 - adaware) Hidden AntispamEngine (HKLM\...\{7DE129E5-BB4A-4517-A6CD-C69EEB346781}) (Version: 2.5.337.0 - adaware) Hidden Argente Utilities 1.0.7.0 (HKLM-x32\...\Argente Utilities_is1) (Version: 1.0.7.0 - Raúl Argente) Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking) cCloud (HKLM\...\{CF6C1B06-4F86-4C41-BD21-9E40500006B5}) (Version: 3.0.8.84 - COMODO) COMODO BackUp (HKLM\...\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}) (Version: 4.4.1.23 - COMODO) Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 76.0.3809.132 - Comodo) Comodo IceDragon (HKLM-x32\...\Comodo IceDragon) (Version: 65.0.2.15 - COMODO) COMODO Internet Security Premium (HKLM\...\{E6B0FD8D-8799-441B-8734-B8A266C0C303}) (Version: 12.0.0.6818 - COMODO Security Solutions Inc.) Hidden COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 12.0.0.6818 - COMODO Security Solutions Inc.) Comodo i-Vault (HKLM-x32\...\{6D68F5E6-0C59-4B61-A140-50557D80DBE4}) (Version: 3.00.0001 - Comodo) Hidden Comodo i-Vault (HKLM-x32\...\InstallShield_{6D68F5E6-0C59-4B61-A140-50557D80DBE4}) (Version: 3.00.0001 - Comodo) COMODO Secure Shopping (HKLM-x32\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628}) (Version: 1.3.151.0 - COMODO) Hidden COMODO Secure Shopping (HKLM-x32\...\Comodo Secure_Shopping_list_uninstall) (Version: 1.3.473628.151 - Comodo) COMODO System Utilities (HKLM\...\{A7DA4247-9F22-4d4a-974A-DD455CCF43B6}) (Version: 4.0.226743.26 - COMODO) COMODO Unite (HKLM\...\{F527D3F1-57DF-43B5-A570-ADED61CE8C06}) (Version: 3.0.2.0 - COMODO) CPCTuneUp (HKLM\...\{FC4D0316-D3D8-4c07-9E45-7A2A4D75E069}) (Version: 1.0.265884.46 - COMODO) FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line) GeekBuddy (HKLM\...\{2310DD22-D2F0-4066-9FE4-6B1A4CDF1107}) (Version: 4.32.247 - Comodo Security Solutions Inc) Hidden GeekBuddy (HKLM\...\Geekbuddy) (Version: 4.32.247 - Comodo Security Solutions Inc) Goodgame Big Farm (HKU\S-1-5-21-4007548501-511009406-2815695127-1001\...\Goodgame Big Farm) (Version: - ) <==== ATTENTION Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.75 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.2.183.13 - Google Inc.) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1052 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4599 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.3.1031 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.1.22 - Intel Corporation) Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.5.0.7 - IObit) Java(TM) 6 Update 2 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160020}) (Version: 1.6.0.20 - Sun Microsystems, Inc.) Lavasoft Digital Lock (HKLM-x32\...\Lavasoft Digital Lock) (Version: 7.7.2.2 - Lavasoft) Lavasoft Privacy Toolbox (HKLM-x32\...\Lavasoft Privacy Toolbox) (Version: 7.7.3.0 - Lavasoft) macOS UX Pack (HKLM-x32\...\UX Pack) (Version: 5.0 - Windows X's Live) MAGIX Cloud Import (HKLM\...\{E2EC0850-84BF-4A86-842E-4A100473FB22}) (Version: 0.1.0.5 - MAGIX Software GmbH) Hidden MAGIX Cloud Import (HKLM\...\MX.{E2EC0850-84BF-4A86-842E-4A100473FB22}) (Version: 0.1.0.5 - MAGIX Software GmbH) MAGIX Connect (HKLM\...\{B0C73D27-EB3E-4D0E-B40D-0141DAF708CC}) (Version: 3.0.0.1 - MAGIX Software GmbH) Hidden MAGIX Connect (HKLM\...\MX.{B0C73D27-EB3E-4D0E-B40D-0141DAF708CC}) (Version: 3.0.0.1 - MAGIX Software GmbH) MAGIX Speed burnR (HKLM\...\{370FD2B5-6A2F-4BB9-8B5F-F5CE6F0C01E5}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden MAGIX Speed burnR (HKLM-x32\...\MX.{370FD2B5-6A2F-4BB9-8B5F-F5CE6F0C01E5}) (Version: 7.0.2.6 - MAGIX Software GmbH) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.92 - McAfee, LLC.) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation) Online Video Recorder 3.0.2 (HKLM-x32\...\{983FEDDC-AD2E-48D5-8593-331D3B93407C}_is1) (Version: - Avanquest Software) Opera Stable 63.0.3368.88 (HKU\S-1-5-21-4007548501-511009406-2815695127-1001\...\Opera 63.0.3368.88) (Version: 63.0.3368.88 - Opera Software) PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: - Kakao Corp.) Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10454 - Qualcomm) Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.448 - Qualcomm Atheros) Revo Uninstaller Pro 4.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.1.5 - VS Revo Group, Ltd.) S Agent (HKLM\...\{0052BF58-5307-4F7D-A379-8F4EC9212FA8}) (Version: 1.1.58 - Samsung Electronics Co., Ltd.) Hidden Samsung Recovery (HKLM\...\{D21EED26-59C0-4315-BDCC-D682496465E9}) (Version: 7.3.0 - Samsung Electronics Co., Ltd.) Samsung System Agent (HKLM-x32\...\{CDB4F12C-2E9E-48CC-8591-663964C1BAE3}) (Version: 1.0.48 - Samsung Electronics Co., Ltd.) Hidden Show Window (HKLM-x32\...\{87A08690-781E-4A8E-8300-775A2EA02932}) (Version: 1.0.0.30 - Samsung Electronics Co., Ltd.) Silent Install Builder 6 (HKLM-x32\...\{2452C59D-6030-4A9A-A97F-B925390619E1}) (Version: 6.0.3.0 - Aprel Tech, LLC) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SuperEasy Audio Converter 2 v.2.1.3063 (HKLM-x32\...\{039BC111-3B00-B8C5-E02C-0CA1440A9469}_is1) (Version: 2.1.3063 - SuperEasy Software GmbH & Co. KG) SuperEasy Live Defrag v.1.0.5 (HKLM-x32\...\{039BC111-AAD6-2271-877C-FB2AC8E21BC2}_is1) (Version: 1.0.5 - SuperEasy Software GmbH & Co. KG) SuperEasy Mouse Tracker v.1.0.1 (HKLM-x32\...\{039BC111-5370-00F1-D053-EB66832A92B4}_is1) (Version: 1.0.1 - SuperEasy Software GmbH & Co. KG) SuperEasy Password Manager Free v.1.0.1 (HKLM-x32\...\{039BC111-97D7-5FDC-1B09-1192F59609B9}_is1) (Version: 1.0.1 - SuperEasy Software GmbH & Co. KG) SuperEasy Password Manager v.1.0.0 (HKLM-x32\...\{039BC111-1425-98F7-8E95-664B20AFA1CD}_is1) (Version: 1.0.0 - SuperEasy Software GmbH & Co. KG) SuperEasy Photo Booster v.1.1.2131 (HKLM-x32\...\{039BC111-1600-6CEF-A8E5-198B376ED64D}_is1) (Version: 1.1.2131 - SuperEasy Software GmbH & Co. KG) SuperEasy SpeedUp 2 v.2.1.0 (HKLM-x32\...\{039BC111-0BED-4A9E-C98B-E3A0FDA67D3C}_is1) (Version: 2.1.0 - SuperEasy Software GmbH & Co. KG) SuperEasy Video Booster v.1.1.2152 (HKLM-x32\...\{039BC111-ED4E-CCDF-634D-AF330C24ACB8}_is1) (Version: 1.1.2152 - SuperEasy Software GmbH & Co. KG) SuperEasy Video Converter 2 v.2.1.2164 (HKLM-x32\...\{039BC111-5D42-BD22-5D57-C7073E40209A}_is1) (Version: 2.1.2164 - SuperEasy Software GmbH & Co. KG) TubeDigger 6.7.2 (HKLM-x32\...\{1E3745C1-674D-4B2E-B8F7-3F4088950ED7}_is1) (Version: 6.7.2 - TubeDigger) Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.5.5 - Tweaking.com) Unlocker 1.9.1 (HKLM-x32\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation) USB Disk Storage Format Tool 6.0 (HKLM\...\USB Disk Storage Format Tool_is1) (Version: - Authorsoft Corporation) Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) WinZip 23.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2411D}) (Version: 23.0.13300 - Corel Corporation) World Of Warships (HKLM-x32\...\World Of Warships) (Version: - ) Yandex.Disk (HKU\S-1-5-21-4007548501-511009406-2815695127-1001\...\YandexDisk2) (Version: 3.1.7.2905 - Yandex) Your SuperEasy Deal (HKLM-x32\...\Your SuperEasy Deal_is1) (Version: - SuperEasy Software GmbH & Co. KG) Packages: ========= Book Paramètres -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.GalaxySetting_1.0.60.0_x64__wyx1vj98g3asy [2019-09-09] (Samsung Electronics Co, Ltd.) Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-13] (Microsoft Corporation) Courrier et calendrier -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-09-09] (Microsoft Corporation) [MS Ad] Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.12831.0_x64__8wekyb3d8bbwe [2019-09-09] (Microsoft Corporation) Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-09] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-09] (Microsoft Corporation) [MS Ad] Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) Microsoft News: les actualités à ne pas manquer -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad] Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-09-09] (Microsoft Studios) [MS Ad] Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad] Samsung Notes -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungNotes_2.0.63.0_x64__wyx1vj98g3asy [2019-09-09] (Samsung Electronics Co, Ltd.) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-4007548501-511009406-2815695127-1001_Classes\CLSID\{11C9DD7B-CCF5-4502-90A1-FEE8889976D5}\InprocServer32 -> C:\Users\barro\AppData\Roaming\Yandex\YandexDisk2\3.1.7.2905\YandexDisk3ShellExt-1511.dll (YANDEX LLC -> Яндекс) CustomCLSID: HKU\S-1-5-21-4007548501-511009406-2815695127-1001_Classes\CLSID\{18224999-F24B-43ee-B697-9427587FDC9C}\InprocServer32 -> C:\Users\barro\AppData\Roaming\Yandex\YandexDisk2\3.1.7.2905\YandexDisk3ShellExt-1511.dll (YANDEX LLC -> Яндекс) CustomCLSID: HKU\S-1-5-21-4007548501-511009406-2815695127-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\barro\AppData\Local\Microsoft\OneDrive\19.152.0801.0007\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-4007548501-511009406-2815695127-1001_Classes\CLSID\{63ADB0D1-6DA0-46A2-89D0-E0CE44536E32}\InprocServer32 -> C:\Users\barro\AppData\Roaming\Yandex\YandexDisk2\3.1.7.2905\YandexDisk3ShellExt-1511.dll (YANDEX LLC -> Яндекс) CustomCLSID: HKU\S-1-5-21-4007548501-511009406-2815695127-1001_Classes\CLSID\{75EF3512-D401-4172-BA0F-00E000DCBCE4}\InprocServer32 -> C:\Users\barro\AppData\Roaming\Yandex\YandexDisk2\3.1.7.2905\YandexDisk3ShellExt-1511.dll (YANDEX LLC -> Яндекс) CustomCLSID: HKU\S-1-5-21-4007548501-511009406-2815695127-1001_Classes\CLSID\{78CE3579-0D34-413C-88C7-FE2855271688}\localserver32 -> C:\Users\barro\AppData\Roaming\Yandex\YandexDisk2\3.1.7.2905\YandexDisk2.exe (YANDEX LLC -> Yandex) CustomCLSID: HKU\S-1-5-21-4007548501-511009406-2815695127-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\barro\AppData\Local\Microsoft\OneDrive\19.152.0801.0007\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-4007548501-511009406-2815695127-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\barro\AppData\Local\Microsoft\OneDrive\19.152.0801.0007\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-4007548501-511009406-2815695127-1001_Classes\CLSID\{847202AE-CDE0-469A-AF10-8798E02DED83}\InprocServer32 -> C:\Users\barro\AppData\Roaming\Yandex\YandexDisk2\3.1.7.2905\YandexDisk3ShellExt-1511.dll (YANDEX LLC -> Яндекс) CustomCLSID: HKU\S-1-5-21-4007548501-511009406-2815695127-1001_Classes\CLSID\{8EEE3CD5-1F70-4B63-B19D-A5F1457761DB}\InprocServer32 -> C:\Users\barro\AppData\Roaming\Yandex\YandexDisk2\3.1.7.2905\YandexDisk3ShellExt-1511.dll (YANDEX LLC -> Яндекс) CustomCLSID: HKU\S-1-5-21-4007548501-511009406-2815695127-1001_Classes\CLSID\{9CE04609-A360-4266-9937-9D799E8D2D5A}\InprocServer32 -> C:\Users\barro\AppData\Roaming\Yandex\YandexDisk2\3.1.7.2905\YandexDisk3ShellExt-1511.dll (YANDEX LLC -> Яндекс) CustomCLSID: HKU\S-1-5-21-4007548501-511009406-2815695127-1001_Classes\CLSID\{C5F6CDD1-FB7B-4971-A53F-4B00757F756B}\InprocServer32 -> C:\Users\barro\AppData\Roaming\Yandex\YandexDisk2\3.1.7.2905\YandexDisk3ShellExt-1511.dll (YANDEX LLC -> Яндекс) CustomCLSID: HKU\S-1-5-21-4007548501-511009406-2815695127-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> ) ShellIconOverlayIdentifiers: [ IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\Jealous de I A Timoland, Faches de Tri'Toir, & WonderDar\IObit Malware Fighter\IMFShellExt.dll -> Pas de fichier ShellIconOverlayIdentifiers: [ YandexDisk1 SyncDone] -> {C5F6CDD1-FB7B-4971-A53F-4B00757F756B} => C:\Users\barro\AppData\Roaming\Yandex\YandexDisk2\3.1.7.2905\YandexDisk3ShellExt-1511.dll [2019-08-02] (YANDEX LLC -> Яндекс) ShellIconOverlayIdentifiers: [ YandexDisk2 SyncProgress] -> {75EF3512-D401-4172-BA0F-00E000DCBCE4} => C:\Users\barro\AppData\Roaming\Yandex\YandexDisk2\3.1.7.2905\YandexDisk3ShellExt-1511.dll [2019-08-02] (YANDEX LLC -> Яндекс) ShellIconOverlayIdentifiers: [ YandexDisk3 SyncDisabled] -> {8EEE3CD5-1F70-4B63-B19D-A5F1457761DB} => C:\Users\barro\AppData\Roaming\Yandex\YandexDisk2\3.1.7.2905\YandexDisk3ShellExt-1511.dll [2019-08-02] (YANDEX LLC -> Яндекс) ShellIconOverlayIdentifiers: [ YandexDisk4 SyncError] -> {9CE04609-A360-4266-9937-9D799E8D2D5A} => C:\Users\barro\AppData\Roaming\Yandex\YandexDisk2\3.1.7.2905\YandexDisk3ShellExt-1511.dll [2019-08-02] (YANDEX LLC -> Яндекс) ShellIconOverlayIdentifiers: [ YandexDisk5 SyncPart] -> {63ADB0D1-6DA0-46A2-89D0-E0CE44536E32} => C:\Users\barro\AppData\Roaming\Yandex\YandexDisk2\3.1.7.2905\YandexDisk3ShellExt-1511.dll [2019-08-02] (YANDEX LLC -> Яндекс) ShellIconOverlayIdentifiers: [COSDriveIconOverlay] -> {5FDACB62-6B7B-4116-9403-C5E0D3852A57} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (Comodo Security Solutions -> C-O-M-O-D-O) ShellIconOverlayIdentifiers: [COSSyncItemInSyncIconOverlay] -> {68F287EF-DA6D-4595-AF52-90FF6CE52AFE} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (Comodo Security Solutions -> C-O-M-O-D-O) ShellIconOverlayIdentifiers: [COSSyncItemModifiedIconOverlay] -> {AE67D273-7253-4236-B55E-D40055B305D6} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (Comodo Security Solutions -> C-O-M-O-D-O) ShellIconOverlayIdentifiers: [COSSyncItemNewIconOverlay] -> {022F23E9-DA0F-4A86-A728-CAF6150C0B63} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (Comodo Security Solutions -> C-O-M-O-D-O) ShellIconOverlayIdentifiers: [COSSyncItemUnsynchronizedIconOverlay] -> {4D7EE7CF-E7A1-45FE-8F80-3A37574918D7} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (Comodo Security Solutions -> C-O-M-O-D-O) ContextMenuHandlers1-x32: [CELERITASWMSecureExt] -> {871722EA-997E-4277-B1F0-C2CB37D2E585} => C:\Users\Sonia Antoine\Program Files (x86)\SupersonicPC\SolvusoftWMSecureShell.dll -> Pas de fichier ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => F:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) ContextMenuHandlers1: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (Comodo Security Solutions -> C-O-M-O-D-O) ContextMenuHandlers1-x32: [FAShellExt] -> {4E9D321B-9085-40AD-8AF2-C054DC2B9C06} => C:\PROGRA~2\FASTFO~1\FASHEL~1.DLL -> Pas de fichier ContextMenuHandlers1: [KillCopy] -> {A5C2457A-87BC-324E-8124-0025DC10AA04} => C:\Program Files (x86)\KillSoft\KillCopy\killcopy_amd64.dll -> Pas de fichier ContextMenuHandlers1: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware Game Edition\ShellExt_64.dll [2019-09-15] (Lavasoft AB -> ) ContextMenuHandlers1: [PCProCtxMenu] -> {203ABD21-41F1-4F1B-BAE3-D6A89A90D239} => -> Pas de fichier ContextMenuHandlers1: [SafeIT Shell Extension] -> {167A4A27-28EA-4861-8173-963F9900D44C} => C:\Program Files\Common Files\Lavasoft\Dlls\SITShellExLibrary.dll [2008-11-13] (SafeIT Security Sweden AB -> SafeIT Security Sweden AB) ContextMenuHandlers1-x32: [SecureExt] -> {AB31A0D4-4437-4389-8054-A9338DF771AA} => C:\Program Files (x86)\UTILILAB\SystemOPTIMIZER\USOSecureShell.dll -> Pas de fichier ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-01-30] (Corel Corporation -> WinZip Computing) ContextMenuHandlers2: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => -> Pas de fichier ContextMenuHandlers2-x32: [CELERITASWMSecureExt] -> {871722EA-997E-4277-B1F0-C2CB37D2E585} => C:\Users\Sonia Antoine\Program Files (x86)\SupersonicPC\SolvusoftWMSecureShell.dll -> Pas de fichier ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => F:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) ContextMenuHandlers2: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (Comodo Security Solutions -> C-O-M-O-D-O) ContextMenuHandlers2-x32: [FAShellExt] -> {4E9D321B-9085-40AD-8AF2-C054DC2B9C06} => C:\PROGRA~2\FASTFO~1\FASHEL~1.DLL -> Pas de fichier ContextMenuHandlers2: [KillCopy] -> {A5C2457A-87BC-324E-8124-0025DC10AA04} => C:\Program Files (x86)\KillSoft\KillCopy\killcopy_amd64.dll -> Pas de fichier ContextMenuHandlers2: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware Game Edition\ShellExt_64.dll [2019-09-15] (Lavasoft AB -> ) ContextMenuHandlers2: [Photo! 3D ScreenSaver] -> {AA7A03E6-7FA5-42E7-9D7A-9A2A4E344B3F} => -> Pas de fichier ContextMenuHandlers2: [SafeIT Shell Extension] -> {167A4A27-28EA-4861-8173-963F9900D44C} => C:\Program Files\Common Files\Lavasoft\Dlls\SITShellExLibrary.dll [2008-11-13] (SafeIT Security Sweden AB -> SafeIT Security Sweden AB) ContextMenuHandlers2-x32: [SecureExt] -> {AB31A0D4-4437-4389-8054-A9338DF771AA} => C:\Program Files (x86)\UTILILAB\SystemOPTIMIZER\USOSecureShell.dll -> Pas de fichier ContextMenuHandlers3: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => -> Pas de fichier ContextMenuHandlers3-x32: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files (x86)\Unlocker\UnlockerCOM.dll [2010-07-04] () [Fichier non signé] ContextMenuHandlers4: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (Comodo Security Solutions -> C-O-M-O-D-O) ContextMenuHandlers4-x32: [DiskInternals_Uneraser] -> {0AF221E8-29B6-46EB-B420-DC696F042596} => f:\Program Files (x86)\SoftAmbulance\Partition Doctor\contmenu.dll [2005-01-15] () [Fichier non signé] ContextMenuHandlers4-x32: [FAShellExt] -> {4E9D321B-9085-40AD-8AF2-C054DC2B9C06} => C:\PROGRA~2\FASTFO~1\FASHEL~1.DLL -> Pas de fichier ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\Jealous de I A Timoland, Faches de Tri'Toir, & WonderDar\IObit Malware Fighter\IMFShellExt.dll -> Pas de fichier ContextMenuHandlers4: [Photo! 3D ScreenSaver] -> {AA7A03E6-7FA5-42E7-9D7A-9A2A4E344B3F} => -> Pas de fichier ContextMenuHandlers4: [SafeIT Shell Extension] -> {167A4A27-28EA-4861-8173-963F9900D44C} => C:\Program Files\Common Files\Lavasoft\Dlls\SITShellExLibrary.dll [2008-11-13] (SafeIT Security Sweden AB -> SafeIT Security Sweden AB) ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-01-30] (Corel Corporation -> WinZip Computing) ContextMenuHandlers5-x32: [FAShellExt] -> {4E9D321B-9085-40AD-8AF2-C054DC2B9C06} => C:\PROGRA~2\FASTFO~1\FASHEL~1.DLL -> Pas de fichier ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki120832.inf_amd64_2ded2fe16badb11a\igfxDTCM.dll [2017-02-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [Advanced System Protector] -> {00212D92-C5D8-4ff4-AE50-B20F0F85C40A} => -> Pas de fichier ContextMenuHandlers6-x32: [CELERITASWMSecureExt] -> {871722EA-997E-4277-B1F0-C2CB37D2E585} => C:\Users\Sonia Antoine\Program Files (x86)\SupersonicPC\SolvusoftWMSecureShell.dll -> Pas de fichier ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => F:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) ContextMenuHandlers6-x32: [FAShellExt] -> {4E9D321B-9085-40AD-8AF2-C054DC2B9C06} => C:\PROGRA~2\FASTFO~1\FASHEL~1.DLL -> Pas de fichier ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\Jealous de I A Timoland, Faches de Tri'Toir, & WonderDar\IObit Malware Fighter\IMFShellExt.dll -> Pas de fichier ContextMenuHandlers6: [KillCopy] -> {A5C2457A-87BC-324E-8124-0025DC10AA04} => C:\Program Files (x86)\KillSoft\KillCopy\killcopy_amd64.dll -> Pas de fichier ContextMenuHandlers6: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware Game Edition\ShellExt_64.dll [2019-09-15] (Lavasoft AB -> ) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group) ContextMenuHandlers6: [SafeIT Shell Extension] -> {167A4A27-28EA-4861-8173-963F9900D44C} => C:\Program Files\Common Files\Lavasoft\Dlls\SITShellExLibrary.dll [2008-11-13] (SafeIT Security Sweden AB -> SafeIT Security Sweden AB) ContextMenuHandlers6-x32: [SecureExt] -> {AB31A0D4-4437-4389-8054-A9338DF771AA} => C:\Program Files (x86)\UTILILAB\SystemOPTIMIZER\USOSecureShell.dll -> Pas de fichier ContextMenuHandlers6: [SegurazoShellExtension.FileContextMenuExt] -> {BFD98515-CD74-48A4-98E2-13D209E3EE4F} => C:\Program Files (x86)\Segurazo\SegurazoShell64_v1069.dll [2019-03-18] (Digital Communications Inc. -> Digital Communications Inc) ContextMenuHandlers6-x32: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files (x86)\Unlocker\UnlockerCOM.dll [2010-07-04] () [Fichier non signé] ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-01-30] (Corel Corporation -> WinZip Computing) ContextMenuHandlers1_S-1-5-21-4007548501-511009406-2815695127-1001: [Yandex.Disk.3] -> {847202AE-CDE0-469A-AF10-8798E02DED83} => C:\Users\barro\AppData\Roaming\Yandex\YandexDisk2\3.1.7.2905\YandexDisk3ShellExt-1511.dll [2019-08-02] (YANDEX LLC -> Яндекс) ContextMenuHandlers4_S-1-5-21-4007548501-511009406-2815695127-1001: [Yandex.Disk.3] -> {847202AE-CDE0-469A-AF10-8798E02DED83} => C:\Users\barro\AppData\Roaming\Yandex\YandexDisk2\3.1.7.2905\YandexDisk3ShellExt-1511.dll [2019-08-02] (YANDEX LLC -> Яндекс) FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => C:\Program Files (x86)\UX Pack\OldNewExplorer\OldNewExplorer64.dll [2015-09-13] (www.startisback.com) [Fichier non signé] ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) Shortcut: C:\Users\barro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDiskReport 1.3.2\JGoodies Home Page.lnk -> hxxp://www.jgoodies.com ShortcutWithArgument: C:\Users\barro\Desktop\AdsFix_Donate.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN ==================== Modules chargés (Avec liste blanche) ============== 2019-09-16 00:00 - 2014-05-15 22:21 - 000028672 ____C (Digia Plc and/or its subsidiary(-ies)) [Fichier non signé] C:\Users\barro\Desktop\mbar\imageformats\qico4.dll 2019-09-16 00:00 - 2014-05-15 22:21 - 002578432 ____C (Digia Plc and/or its subsidiary(-ies)) [Fichier non signé] C:\Users\barro\Desktop\mbar\QtCore4.dll 2019-09-16 00:00 - 2014-05-15 22:21 - 008406528 ____C (Digia Plc and/or its subsidiary(-ies)) [Fichier non signé] C:\Users\barro\Desktop\mbar\QtGui4.dll 2019-09-09 12:57 - 2015-09-13 22:02 - 000253440 _____ (www.startisback.com) [Fichier non signé] C:\Program Files (x86)\UX Pack\OldNewExplorer\OldNewExplorer32.dll 2019-09-09 12:57 - 2015-09-13 22:02 - 000258560 _____ (www.startisback.com) [Fichier non signé] C:\Program Files (x86)\UX Pack\OldNewExplorer\OldNewExplorer64.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\WINDOWS\System32:tdsrset.gfc [1465] AlternateDataStreams: C:\ProgramData\Temp:43AAB821 [134] AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [112] ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Game Edition Service => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Game Edition Service => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service => ""="Service" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-4007548501-511009406-2815695127-1001\...\localhost -> localhost ==================== Hosts contenu: ========================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2017-09-29 15:46 - 2019-09-15 12:50 - 000002103 __RSH C:\WINDOWS\system32\drivers\etc\hosts 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 rp.yefeneri2.com 0.0.0.0 os.yefeneri2.com 0.0.0.0 os2.yefeneri2.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Common Files\Ulead Systems\MPEG;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-4007548501-511009406-2815695127-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Yosemite\mojave_dynamic_7.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé. MSCONFIG\Services: AntDS => 2 MSCONFIG\Services: AntServer => 2 MSCONFIG\Services: ASO3DiskOptimizer => 2 MSCONFIG\Services: AtherosSvc => 2 MSCONFIG\Services: AvServer => 2 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: cplspcon => 2 MSCONFIG\Services: esifsvc => 2 MSCONFIG\Services: gdipp_svc_32 => 2 MSCONFIG\Services: gdipp_svc_64 => 2 MSCONFIG\Services: Grip sensor Reset service => 2 MSCONFIG\Services: igfxCUIService2.0.0.0 => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: isesrv => 2 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: MdmLdrSvc => 2 MSCONFIG\Services: Nomad => 2 MSCONFIG\Services: PanelManagerSvc => 2 MSCONFIG\Services: PingPlotter5 => 2 MSCONFIG\Services: RCD => 2 MSCONFIG\Services: SafiService => 2 MSCONFIG\Services: Samsung System Service => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: SuperEasy Software Defrag Service => 2 MSCONFIG\Services: USODiskOptimizer => 2 MSCONFIG\Services: WlSarService => 2 MSCONFIG\Services: XianzhiDeviceService => 2 ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{0553A3F9-0A04-4D68-B473-F9E6AD9C5437}] => (Allow) C:\Users\barro\Desktop\UltraAdwareKiller64.exe Pas de fichier FirewallRules: [{8CB01D61-E842-4A3D-889B-D9928596E503}] => (Allow) C:\Users\barro\Desktop\UltraAdwareKiller64.exe Pas de fichier FirewallRules: [{5C1FA866-6D1C-4356-9ADA-263098A075AB}] => (Allow) LPort=12008 FirewallRules: [{561003F4-AE5E-4459-80BD-B85E4150A7FF}] => (Allow) LPort=12007 FirewallRules: [{AEA21F85-EC5C-4E9D-AACC-5705F4B9CF3A}] => (Allow) LPort=12006 FirewallRules: [{12F10A3F-3FFE-4122-A5BA-AC162152716A}] => (Allow) LPort=12005 FirewallRules: [{E042AF8C-B08B-4F6D-85D6-4962EBD32841}] => (Allow) D:\Program Files (x86)\Comodo Unite\prtw.exe Pas de fichier FirewallRules: [{82E5ED9A-AEF5-4821-AA20-1E119487E282}] => (Allow) D:\Program Files (x86)\Comodo Unite\prtw.exe Pas de fichier FirewallRules: [{4E46BF08-C5AA-4CF5-93B1-7C0EECFC8FFB}] => (Allow) D:\Program Files (x86)\Comodo Unite\UniteCAM.exe Pas de fichier FirewallRules: [{A79907C7-EAFC-4DDC-AA0E-0AA92DFD32D2}] => (Allow) D:\Program Files (x86)\Comodo Unite\UniteCAM.exe Pas de fichier FirewallRules: [{A9E897A7-EC30-4FC2-8C13-807335FE0B9C}] => (Allow) D:\Program Files (x86)\Comodo Unite\crdphService.exe Pas de fichier FirewallRules: [{4075EAA9-29FF-4B43-9438-B9E6B593A8A8}] => (Allow) D:\Program Files (x86)\Comodo Unite\crdphService.exe Pas de fichier FirewallRules: [{C0899DF7-12B9-4686-BB84-70553DE097B3}] => (Allow) D:\Program Files (x86)\Comodo Unite\crdphAppShare.exe Pas de fichier FirewallRules: [{82BFA9B0-02AF-4EDD-8E72-87E2B5C980D4}] => (Allow) D:\Program Files (x86)\Comodo Unite\crdphAppShare.exe Pas de fichier FirewallRules: [{F702FB60-C656-4764-8FC9-B050918C8115}] => (Allow) D:\Program Files (x86)\Comodo Unite\EzVpnSvc.exe Pas de fichier FirewallRules: [{93258584-BBB0-43B9-8468-52ADA02A1B86}] => (Allow) D:\Program Files (x86)\Comodo Unite\EzVpnSvc.exe Pas de fichier FirewallRules: [{CF9998A5-7527-44EF-877F-B644C1D8F358}] => (Allow) D:\Program Files (x86)\Comodo Unite\Unite.exe Pas de fichier FirewallRules: [{C6237E26-548B-4380-BE5D-02ADD77CF29E}] => (Allow) D:\Program Files (x86)\Comodo Unite\Unite.exe Pas de fichier FirewallRules: [{9480BBD1-81A7-4F88-8E94-029C1281AEF5}] => (Allow) C:\Users\barro\AppData\Local\Chromium\Application\chrome.exe Pas de fichier FirewallRules: [{DDF6792C-3BC4-4AC0-8BB4-1BD7F4CB2557}] => (Allow) C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemAgent.exe (SAMSUNG ELECTRONICS CO,.LTD. -> Samsung Electronics Co., Ltd.) FirewallRules: [{8E831364-B6BC-413E-AA39-2F19BAAE58EF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11929.20254.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{613F4195-EA8D-4ECF-896E-F373E78D742E}C:\program files (x86)\comodo\dragon\dragon.exe] => (Allow) C:\program files (x86)\comodo\dragon\dragon.exe (Comodo Security Solutions -> Comodo) FirewallRules: [UDP Query User{72F8C018-417C-4D40-8AC9-44C0755347C8}C:\program files (x86)\comodo\dragon\dragon.exe] => (Allow) C:\program files (x86)\comodo\dragon\dragon.exe (Comodo Security Solutions -> Comodo) FirewallRules: [{40E29CCE-4DBD-4206-A978-20FABCA0B8A8}] => (Allow) C:\Users\barro\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{BD61B648-641E-4F0D-80EA-59F58261B12D}] => (Allow) C:\Program Files\COMODO\cCloud\cCloud.exe (Comodo Security Solutions -> COMODO Security Solutions) FirewallRules: [{A3A9980A-D107-4E6D-80A7-693838BB5F7C}] => (Allow) C:\Program Files\COMODO\cCloud\cCloud.exe (Comodo Security Solutions -> COMODO Security Solutions) FirewallRules: [{A5F35D2F-A2E8-4BA7-BDF4-346FAF4251FE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Pas de fichier FirewallRules: [{ED982B35-2D39-48CE-B0C4-4C2ED828A115}] => (Allow) C:\Program Files (x86)\Hiaasen\Heep.exe Pas de fichier FirewallRules: [{D8F0AE28-1D07-419C-B791-5A8E07C75A97}] => (Allow) C:\Program Files (x86)\Betray\Heep.exe Pas de fichier FirewallRules: [{FE555EDE-FDF5-41D9-8179-0FB76570A367}] => (Allow) C:\Program Files (x86)\subcontinental\Fuelled.exe Pas de fichier FirewallRules: [{BC936966-A557-486D-835F-B009F45F4DFA}] => (Allow) C:\Program Files (x86)\Betray\Fuelled.exe Pas de fichier FirewallRules: [TCP Query User{AEE4E877-F47C-4FD5-A95C-059606676862}C:\program files (x86)\google\chrome\application\chromefloor.exe] => (Allow) C:\program files (x86)\google\chrome\application\chromefloor.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{F8B4B119-281E-43CE-8CCB-C9E932C9035E}C:\program files (x86)\google\chrome\application\chromefloor.exe] => (Allow) C:\program files (x86)\google\chrome\application\chromefloor.exe (Google LLC -> Google LLC) FirewallRules: [{92ED9914-0AD6-499E-8FDF-F2E07078684E}] => (Allow) C:\Program Files\Common Files\MAGIX Services\MxCloudSync\MxCloudSync.exe (MAGIX Software GmbH -> MAGIX) FirewallRules: [{226C70CD-0002-4639-9952-17D091B1DACA}] => (Allow) C:\Program Files\Common Files\MAGIX Services\QMxNetworkSync\QMxNetworkSync.exe (MAGIX Software GmbH -> MAGIX) FirewallRules: [TCP Query User{CB433B0D-6A8D-44A0-9098-CD59F7E83C71}H:\portableapps\firefoxportablenightly\app\firefox64\firefox.exe] => (Allow) H:\portableapps\firefoxportablenightly\app\firefox64\firefox.exe Pas de fichier FirewallRules: [UDP Query User{91FA5EDF-7214-4464-941E-2B93BDAF2BFD}H:\portableapps\firefoxportablenightly\app\firefox64\firefox.exe] => (Allow) H:\portableapps\firefoxportablenightly\app\firefox64\firefox.exe Pas de fichier FirewallRules: [{8A84153A-99AD-49D9-9DAF-82DF90DC000A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{97F2F59C-6653-4555-89D6-710E5C2390C0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{EFC55585-E1BC-4801-8326-A020693FD51A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{8630BE38-E8BB-4813-9BF9-1744E62313DF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{7C06C4FF-6328-43A8-A9A4-BAB64853E4C3}] => (Allow) C:\Program Files (x86)\TubeDigger\TubeDigger.exe Pas de fichier FirewallRules: [{50DB1AEC-1C75-4588-97CF-FEE446260E92}] => (Allow) C:\Program Files (x86)\TubeDigger\CEF3\TubeDgr3.exe (TubeDigger) [Fichier non signé] ==================== Points de restauration ========================= ==================== Éléments en erreur du Gestionnaire de périphériques ============= Name: Dispositif de stockage de masse USB Description: Dispositif de stockage de masse USB Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Dispositif de stockage USB compatible Service: USBSTOR Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Périphérique USB inconnu (échec de demande de descripteur de périphérique) Description: Périphérique USB inconnu (échec de demande de descripteur de périphérique) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Contrôleur hôte USB standard) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (09/16/2019 03:13:22 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: La création du contexte d’activation a échoué pour « F:\ad-aware-game-edition-8.1.1.exe ». Erreur dans le fichier de manifeste ou de stratégie « F:\ad-aware-game-edition-8.1.1.exe » à la ligne 0. Syntaxe XML non valide. Error: (09/16/2019 03:10:50 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: La création du contexte d’activation a échoué pour « F:\ad-aware-game-edition-8.1.1.exe ». Erreur dans le fichier de manifeste ou de stratégie « F:\ad-aware-game-edition-8.1.1.exe » à la ligne 0. Syntaxe XML non valide. Error: (09/16/2019 03:10:32 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: La création du contexte d’activation a échoué pour « F:\ad-aware-game-edition-8.1.1.exe ». Erreur dans le fichier de manifeste ou de stratégie « F:\ad-aware-game-edition-8.1.1.exe » à la ligne 0. Syntaxe XML non valide. Error: (09/16/2019 01:58:54 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: La création du contexte d’activation a échoué pour « F:\Lavasoft\Lavasoft Digital Lock\LSDigitalLock.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.1006_none_1ba8efce91103545.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.1006_none_d3fbb8f77c940c3f.manifest. Error: (09/16/2019 01:58:34 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: La création du contexte d’activation a échoué pour « F:\Lavasoft\Lavasoft Digital Lock\LSDigitalLock.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.1006_none_1ba8efce91103545.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.1006_none_d3fbb8f77c940c3f.manifest. Error: (09/16/2019 01:58:32 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: La création du contexte d’activation a échoué pour « F:\Lavasoft\Lavasoft Digital Lock\LSDigitalLock.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.1006_none_1ba8efce91103545.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.1006_none_d3fbb8f77c940c3f.manifest. Error: (09/16/2019 01:56:20 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-N22G116) Description: Impossible de fermer l’application ou le service « Explorateur Windows ». Error: (09/16/2019 10:56:53 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet Erreurs système: ============= Error: (09/16/2019 03:16:44 PM) (Source: Disk) (EventID: 154) (User: ) Description: L’opération d’E/S à l’adresse de bloc logique 0x7457a800 pour le disque 7 (nom d’objet périphérique physique : \Device\00000287) a échoué en raison d’une erreur matérielle. Error: (09/16/2019 03:16:44 PM) (Source: Disk) (EventID: 154) (User: ) Description: L’opération d’E/S à l’adresse de bloc logique 0x7457a800 pour le disque 7 (nom d’objet périphérique physique : \Device\00000287) a échoué en raison d’une erreur matérielle. Error: (09/16/2019 03:16:44 PM) (Source: Disk) (EventID: 154) (User: ) Description: L’opération d’E/S à l’adresse de bloc logique 0x7457a800 pour le disque 7 (nom d’objet périphérique physique : \Device\00000287) a échoué en raison d’une erreur matérielle. Error: (09/16/2019 03:16:44 PM) (Source: Disk) (EventID: 154) (User: ) Description: L’opération d’E/S à l’adresse de bloc logique 0x7457a800 pour le disque 7 (nom d’objet périphérique physique : \Device\00000287) a échoué en raison d’une erreur matérielle. Error: (09/16/2019 03:16:44 PM) (Source: Disk) (EventID: 154) (User: ) Description: L’opération d’E/S à l’adresse de bloc logique 0x7457a800 pour le disque 7 (nom d’objet périphérique physique : \Device\00000287) a échoué en raison d’une erreur matérielle. Error: (09/16/2019 03:16:40 PM) (Source: Disk) (EventID: 154) (User: ) Description: L’opération d’E/S à l’adresse de bloc logique 0x6a5f98 pour le disque 7 (nom d’objet périphérique physique : \Device\00000287) a échoué en raison d’une erreur matérielle. Error: (09/16/2019 03:16:40 PM) (Source: Disk) (EventID: 154) (User: ) Description: L’opération d’E/S à l’adresse de bloc logique 0x6a5fa8 pour le disque 7 (nom d’objet périphérique physique : \Device\00000287) a échoué en raison d’une erreur matérielle. Error: (09/16/2019 03:16:40 PM) (Source: Disk) (EventID: 154) (User: ) Description: L’opération d’E/S à l’adresse de bloc logique 0x6bcff8 pour le disque 7 (nom d’objet périphérique physique : \Device\00000287) a échoué en raison d’une erreur matérielle. Windows Defender: =================================== Date: 2019-09-14 12:49:22.498 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Misleading:Win32/Lodi&threatid=240849&enterprise=0 Nom : Misleading:Win32/Lodi ID : 240849 Gravité : Élevée Catégorie : Logiciel potentiellement non désiré Chemin : file:_G:\LFS Hyper & EFM\PortableApps\IronPortable\Data\IronPortableData\Default\Cache\f_0057e2 Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : AUTORITE NT\Système Nom du processus : C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe Version de la signature : AV: 1.301.1275.0, AS: 1.301.1275.0, NIS: 1.301.1275.0 Version du moteur : AM: 1.1.16300.1, NIS: 1.1.16300.1 Date: 2019-09-14 12:29:40.587 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Stallmonitz&threatid=225956&enterprise=0 Nom : SoftwareBundler:Win32/Stallmonitz ID : 225956 Gravité : Élevée Catégorie : Programme d’installation de logiciels indésirables regroupés Chemin : file:_G:\LFS Hyper & EFM\idées cuvion 3 - l'art du moine de nuages de musique quand il faut ago le mercredi 28 aout 2019\windows-desktop-launcher-vipad.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : AUTORITE NT\Système Nom du processus : C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe Version de la signature : AV: 1.301.1275.0, AS: 1.301.1275.0, NIS: 1.301.1275.0 Version du moteur : AM: 1.1.16300.1, NIS: 1.1.16300.1 Date: 2019-09-12 21:17:35.887 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Misleading:Win32/Lodi&threatid=240849&enterprise=0 Nom : Misleading:Win32/Lodi ID : 240849 Gravité : Élevée Catégorie : Logiciel potentiellement non désiré Chemin : file:_C:\Users\barro\AppData\Local\Temp\Tmp7C3A.tmp Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : DESKTOP-N22G116\barro Nom du processus : C:\Program Files (x86)\Segurazo\SegurazoClient.exe Version de la signature : AV: 1.301.1099.0, AS: 1.301.1099.0, NIS: 1.301.1099.0 Version du moteur : AM: 1.1.16300.1, NIS: 1.1.16300.1 CodeIntegrity: =================================== Date: 2019-09-16 15:13:44.375 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements. Date: 2019-09-16 15:13:44.366 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-16 15:06:15.448 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements. Date: 2019-09-16 15:06:15.441 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-16 13:56:22.927 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements. Date: 2019-09-16 13:56:22.898 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-16 13:24:02.139 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements. Date: 2019-09-16 13:24:01.992 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. P04HAC.000.180220.WY.1219 02/20/2018 Motherboard: SAMSUNG ELECTRONICS CO., LTD. SM-W720NZKBXEF Processeur: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz Pourcentage de mémoire utilisée: 82% Mémoire physique - RAM - totale: 3997.93 MB Mémoire physique - RAM - disponible: 714.73 MB Mémoire virtuelle totale: 8696.62 MB Mémoire virtuelle disponible: 3250.65 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:107.22 GB) (Free:3.91 GB) NTFS Drive e: (anti-tfl) (Removable) (Total:0.12 GB) (Free:0.02 GB) exFAT Drive f: (micro sd) (Removable) (Total:28.84 GB) (Free:11.86 GB) exFAT Drive g: (WD Elements) (Fixed) (Total:929.42 GB) (Free:1.33 GB) NTFS Drive i: (COMODO RESC) (Removable) (Total:29.33 GB) (Free:25.69 GB) FAT32 \\?\Volume{9774f3c4-3c40-4d7f-8f85-9ec561793cd5}\ (Windows RE tools) (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS \\?\Volume{ce29ef87-8ee2-4624-a514-2a4806d3b314}\ (SAMSUNG_REC2) (Fixed) (Total:10.31 GB) (Free:1.69 GB) NTFS \\?\Volume{d48a4231-6c35-4220-4173-636c65706975}\ (SAMSUNG_REC) (Fixed) (Total:1 GB) (Free:0.2 GB) FAT32 \\?\Volume{68138d28-d0bf-4e42-999d-cd62adb00eb3}\ () (Fixed) (Total:0.84 GB) (Free:0.34 GB) NTFS \\?\Volume{ed3f42c7-2cd1-4a0a-b00d-04d576fa90cf}\ () (Fixed) (Total:0 GB) (Free:0 GB) \\?\Volume{8738a07e-199c-44d3-8ce0-db7664dd3b32}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 \\?\Volume{36ac666d-01e9-4a91-ae73-9a9df83e6502}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.31 GB) FAT32 ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: 26EA9241) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 29 GB) (Disk ID: A09E77CE) Partition 1: (Active) - (Size=128 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=28.8 GB) - (Type=07 NTFS) Could not read MBR for disk 3. ======================================================== Disk: 6 (Size: 29.4 GB) (Disk ID: 007C59DC) Partition 1: (Active) - (Size=29.4 GB) - (Type=0C) ==================== Fin de Addition.txt ============================