Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01 Exécuté par ivanita lomeli (23-05-2020 23:09:07) Exécuté depuis K:\program files (x86) anti-ivanita lomeli browsers stina & maddie damskey results only\M.A.X.T.H.O.N clone d'utililab searchguardian (nitro maxthon NX comet remix) chez damskey maddie anti-lomeli\scoped_dir14908_2106965658 Windows 10 Home Version 1903 18362.836 (X64) (2020-05-11 06:00:02) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-988608728-4089148216-4043712893-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-988608728-4089148216-4043712893-503 - Limited - Disabled) Invité (S-1-5-21-988608728-4089148216-4043712893-501 - Limited - Disabled) ivanita lomeli (S-1-5-21-988608728-4089148216-4043712893-1001 - Administrator - Enabled) => C:\Users\ivanita lomeli WDAGUtilityAccount (S-1-5-21-988608728-4089148216-4043712893-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Norton AntiVirus (Disabled - Out of date) {1122B19A-E671-38EC-8EAC-87048FD4528D} AV: 360 Total Security (Disabled - Up to date) {2ACC6E6C-C52C-B3B4-DA13-A43E20B1E26D} AV: Norton AntiVirus (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75} AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546} AV: adaware antivirus (Enabled - Up to date) {2C8A0DAA-E78D-4944-DB01-263173C8FFD9} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 360 ransomware decryption tools (HKLM-x32\...\360teslacryptdecoder) (Version: 1.0.0.1272 - 360 Security Center) 360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 10.6.0.1402 - Centre 360 Security) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) adaware antivirus (HKLM\...\{BECD7155-DC57-4F89-B1A8-A90B033C6209}_AdAwareUpdater) (Version: 12.0.649.11190 - adaware) AdAwareInstaller (HKLM\...\{D7BF2029-EB2D-4523-AFA0-95CE605E696E}) (Version: 12.0.649.11190 - adaware) Hidden AdAwareProxyEngine (HKLM\...\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C}) (Version: 1.0.0.8 - adaware) Hidden AdAwareUpdater (HKLM\...\{BECD7155-DC57-4F89-B1A8-A90B033C6209}) (Version: 12.0.649.11190 - adaware) Hidden Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.371 - Adobe) Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft) AIMP (HKLM-x32\...\AIMP) (Version: v4.60.2180, 25.03.2020 - AIMP DevTeam) Air Command (HKLM-x32\...\{5493FC89-21E8-4D88-BCA1-4D33F1410968}) (Version: 1.0.38 - Samsung Electronics Co., Ltd.) AntiLogger 2020 (HKLM-x32\...\c3afe283-9a9b-4c81-b9b7-14eaafc6f9f1_is1) (Version: 4.04 - Abelssoft) AntimalwareEngine (HKLM\...\{06D33B93-9458-4E28-BDEA-F5ECB2C3C30E}) (Version: 3.0.144.0 - adaware) Hidden AntispamEngine (HKLM\...\{7DE129E5-BB4A-4517-A6CD-C69EEB346781}) (Version: 2.5.337.0 - adaware) Hidden Apowersoft Online Launcher version 1.7.8 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.8 - APOWERSOFT LIMITED) Ashampoo Music Studio 2018 (HKLM-x32\...\{91B33C97-13C3-34F8-6F7C-328EB595BF40}_is1) (Version: 7.0.1 - Ashampoo GmbH & Co. KG) Ashampoo Snap 11 (HKLM-x32\...\{0A11EA01-AF34-C9AB-388B-8520DA9E7D92}_is1) (Version: 11.1.0 - Ashampoo GmbH & Co. KG) Ashampoo Snap 8 (HKLM-x32\...\{BB339C1F-3B65-B79C-9019-8640F02B7C58}_is1) (Version: 8.0.11 - Ashampoo GmbH & Co. KG) Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.6.14.0 - Ask.com) <==== ATTENTION Auslogics Windows Slimmer (HKLM-x32\...\{86650065-31B6-49E0-A179-559DF1EBAB26}_is1) (Version: 2.4.0.2 - Auslogics Labs Pty Ltd) Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 20.3.2405 - Avast Software) AvcEngine (HKLM\...\{3E5BEF30-3962-4B47-AECA-937B6CBB0A68}) (Version: 3.12.15976.0 - adaware) Hidden Avira (HKLM-x32\...\{4BC31208-EC3B-453B-8819-6B81AE3EC153}) (Version: 1.2.146.25871 - Avira Operations GmbH & Co. KG) Hidden Avira (HKLM-x32\...\{caade1ea-26aa-4e8f-a4f0-59cf0c0e91a5}) (Version: 1.2.146.25871 - Avira Operations GmbH & Co. KG) Avira (HKLM-x32\...\{e636e084-c7ab-4246-8ad2-aa1bb1cbedfd}) (Version: 1.2.145.25926 - Avira Operations GmbH & Co. KG) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2005.1882 - Avira Operations GmbH & Co. KG) Avira Home Guard (HKLM-x32\...\{F2246BB2-D681-4ABF-834B-CB16DE1D8363}) (Version: 1.1.11.776 - Avira Operations GmbH & Co. KG) Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.33.3.30309 - Avira Operations GmbH & Co. KG) Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.2.0.1945 - Avira Operations GmbH & Co. KG) Baidu Browser (HKLM-x32\...\Spark) (Version: 43.23 Preview - Baidu Inc.) Bandizip (HKLM\...\Bandizip) (Version: 7.04 - Bandisoft.com) BiglyBT (HKLM\...\0112-2557-8304-7048) (Version: 2.4.0.0 - Bigly Software) Bitwarden (HKLM\...\173a9bac-6f0d-50c4-8202-4744c69d091a) (Version: 1.17.2 - Bitwarden Inc.) Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation) CyberLink PowerDirector Ultimate Suite 16 (HKLM-x32\...\{794F8733-0A6F-494A-B280-682ABCDEE289}) (Version: 16 - CyberLink Corp.) CyberLink Screen Recorder 4 (HKLM-x32\...\{6819D136-7F3F-4A0D-96C1-368BE830BFDA}) (Version: 4.2.3.8860 - CyberLink Corp.) EagleGet version 2.1.6.50 (HKLM-x32\...\{F6D8142A-B30B-454B-9EE0-08A7B997DFE4}_is1) (Version: 2.1.6.50 - EagleGet) Everything 1.4.1.969 (x64) (HKLM\...\Everything) (Version: 1.4.1.969 - David Carpenter) FirewallEngine (HKLM\...\{AAF4B2C1-2E27-46EF-9B9E-2B2130F056F3}) (Version: 2.0.0.20 - adaware) Hidden foobar2000 v1.5.4 (HKLM-x32\...\foobar2000) (Version: 1.5.4 - Peter Pawlowski) GlassWire 2.1 (remove only) (HKLM-x32\...\GlassWire 2.1) (Version: 2.1.1152 - SecureMix LLC) Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1052 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4599 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.3.1031 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.1.22 - Intel Corporation) Isoo Backup 4.4.1 (HKLM\...\{37E567C7-EB03-4349-B068-1FD0A2CD55FE}_is1) (Version: - Isoo Technology Co., Ltd.) KeepVid Music Tag Editor(Build 2.0.0.17) (HKLM-x32\...\KeepVid Music Tag Editor_is1) (Version: 2.0.0.17 - KeepVid Software) Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains) LINE (HKU\S-1-5-21-988608728-4089148216-4043712893-1001\...\LINE) (Version: 5.0.0.1380 - LINE Corporation) macOS UX Pack (HKLM-x32\...\UX Pack) (Version: 5.0 - Windows X's Live) Maxthon Nitro (HKU\S-1-5-21-988608728-4089148216-4043712893-1001\...\MxNitro) (Version: 1.0.1.3000 - Maxthon International Limited) MediaInfo 20.03 (HKLM\...\MediaInfo) (Version: 20.03 - MediaArea.net) Microsoft OneDrive (HKU\S-1-5-21-988608728-4089148216-4043712893-1001\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation) MiniTool Partition Wizard Free 12 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Software Limited) MiniTool ShadowMaker Free Edition (HKLM-x32\...\MT-75D7C412-925B-4AD0-90DC-5E4FEE22EAE1_is1) (Version: 3.2 - MiniTool) Moo0 Moniteur Système 1.83 (HKLM-x32\...\Moo0 SystemMonitor) (Version: - ) Mozilla Firefox 76.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 76.0.1 (x64 fr)) (Version: 76.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 76.0.1 - Mozilla) Mp3tag v3.01 (HKLM-x32\...\Mp3tag) (Version: 3.01 - Florian Heidenreich) MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team) MX5 (HKLM-x32\...\Maxthon5) (Version: 5.3.8.2000 - Maxthon International Limited) Norton AntiVirus (HKLM-x32\...\NGC) (Version: 22.20.2.57 - Symantec Corporation) OnlineThreatsEngine (HKLM\...\{26F31E12-3722-45FD-903B-49012286BB4C}) (Version: 3.0.1.23 - adaware) Hidden OpenVPN 2.4.9-I601-Win10 (HKLM\...\OpenVPN) (Version: 2.4.9-I601-Win10 - OpenVPN Technologies, Inc.) Opera Stable 68.0.3618.125 (HKU\S-1-5-21-988608728-4089148216-4043712893-1001\...\Opera 68.0.3618.125) (Version: 68.0.3618.125 - Opera Software) Oracle VM VirtualBox 6.1.6 (HKLM\...\{949F6306-1CEC-47DA-9559-8199EDE2D75A}) (Version: 6.1.6 - Oracle Corporation) Paragon Partition Manager™ 17 CE (HKLM\...\{2BDF230B-4373-444E-BBC9-9C1AE58F8AF8}) (Version: 17.9.1.4890 - Paragon Software) Hidden Paragon Partition Manager™ 17 CE (HKLM-x32\...\{28607c90-6fc3-466e-a9b6-51413cec4167}) (Version: 17.9.1.4890 - Paragon Software GmbH) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.10 - Tracker Software Products Ltd) PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 200513 - Kakao Corp.) Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10454 - Qualcomm) Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.448 - Qualcomm Atheros) Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.) Revo Uninstaller Pro 4.3.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.3.1 - VS Revo Group, Ltd.) RogueKiller version 14.4.2.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.4.2.0 - Adlice Software) RogueKillerPE version 3.4.1.0 (HKLM\...\BEC55C5D-D6D0-4A41-B82C-264EC5EE8052_is1) (Version: 3.4.1.0 - Adlice Software) S Agent (HKLM\...\{0052BF58-5307-4F7D-A379-8F4EC9212FA8}) (Version: 1.1.58 - Samsung Electronics Co., Ltd.) Hidden Samsung Recovery (HKLM\...\{D21EED26-59C0-4315-BDCC-D682496465E9}) (Version: 7.3.0 - Samsung Electronics Co., Ltd.) Samsung System Agent (HKLM-x32\...\{CDB4F12C-2E9E-48CC-8591-663964C1BAE3}) (Version: 1.0.48 - Samsung Electronics Co., Ltd.) Hidden Screen Recorder 1.2.56 (HKLM-x32\...\{51949CCD-4D6E-4BB1-8183-A40570847B14}_is1) (Version: 1.2.56 - Apeaksoft Studio) Show Window (HKLM-x32\...\{87A08690-781E-4A8E-8300-775A2EA02932}) (Version: 1.0.0.30 - Samsung Electronics Co., Ltd.) Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.) SSDFresh 2020 (HKLM-x32\...\{71149886-0AA3-4F31-81F9-CC90EA0D55EF}_is1) (Version: 9.01 - Abelssoft) SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.2 - Krzysztof Kowalczyk) SureThing Disc Labeler Deluxe Trial (HKLM-x32\...\{E6AE1519-E496-4B7E-A3E7-E4EE798EB2DA}_is1) (Version: 7.0.95.0 - MicroVision Development, Inc.) TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.) TechSmith Capture (HKU\S-1-5-21-988608728-4089148216-4043712893-1001\...\RelayRecorder) (Version: 1.1.10 - TechSmith Corporation) twinsplay (HKLM-x32\...\twinsplay) (Version: - ) UC Browser (HKLM-x32\...\UCBrowser) (Version: 6.0.1308.1016 - UCWeb Inc.) <==== ATTENTION Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation) UsbFix Anti-Malware Premium (HKLM-x32\...\Usbfix) (Version: 11.0.2.2 - SOSVirus (SOSVirus.Net)) UVK - Ultra Virus Killer (HKLM\...\UVK - Ultra virus killer) (Version: 10.16.3.0 - Carifred) ViFind (HKU\S-1-5-21-988608728-4089148216-4043712893-1001\...\ViFind) (Version: 0.0.0.201 - Lee-Soft.com) VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN) VPNMaster 1.2.0.0 stable (HKLM-x32\...\VPNMaster) (Version: 1.2.0.0 stable - inconnecting.com) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) WhatsApp (HKU\S-1-5-21-988608728-4089148216-4043712893-1001\...\WhatsApp) (Version: 2.2019.8 - WhatsApp) WinPcap for Avira 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Domotz, Inc) WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH) WinZip 24.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24121}) (Version: 24.0.13618 - Corel Corporation) WlSarService (HKLM\...\{C0C78593-1CF0-4CD8-A80C-191FE561F5A5}) (Version: 1.0.0.7 - Samsung Electronics Co., Ltd.) Hidden Wondershare TidyMyMusic(Build 2.1.0.3) (HKLM-x32\...\Wondershare TidyMyMusic_is1) (Version: 2.1.0.3 - Wondershare Software) Packages: ========= Book Paramètres -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.GalaxySetting_1.0.60.0_x64__wyx1vj98g3asy [2020-05-10] (Samsung Electronics Co, Ltd.) Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.37.4.0_x86__kgqvnymyfvs32 [2020-05-13] (king.com) Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-05-10] (Microsoft Corporation) Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.37.5.0_x86__kgqvnymyfvs32 [2020-05-12] (king.com) Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12730.20270.0_x86__8wekyb3d8bbwe [2020-05-15] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-05-10] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-05-10] (Microsoft Corporation) [MS Ad] Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12730.20270.0_x86__8wekyb3d8bbwe [2020-05-15] (Microsoft Corporation) Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12730.20270.0_x86__8wekyb3d8bbwe [2020-05-15] (Microsoft Corporation) Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12730.20270.0_x86__8wekyb3d8bbwe [2020-05-15] (Microsoft Corporation) Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12730.20270.0_x86__8wekyb3d8bbwe [2020-05-15] (Microsoft Corporation) Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12730.20270.0_x86__8wekyb3d8bbwe [2020-05-15] (Microsoft Corporation) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-10] (Microsoft Studios) [MS Ad] Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12730.20270.0_x86__8wekyb3d8bbwe [2020-05-15] (Microsoft Corporation) MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-05-10] (Microsoft Corporation) [MS Ad] Samsung Flow -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.5.17.0_x64__wyx1vj98g3asy [2020-05-10] (Samsung Electronics Co, Ltd.) Samsung Notes -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungNotes_3.10.342.0_x64__wyx1vj98g3asy [2020-05-10] (Samsung Electronics Co, Ltd.) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-988608728-4089148216-4043712893-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl.x64.dll (Bandisoft -> Bandisoft.com) CustomCLSID: HKU\S-1-5-21-988608728-4089148216-4043712893-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> ) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers1: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2020-04-17] (Bandisoft -> Bandisoft.com) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-05-15] (IP Izmaylov Artem Andreevich -> AIMP DevTeam) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-05-14] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [Fichier non signé] ContextMenuHandlers1: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2020-04-21] (Beijing Qihu Technology Co., Ltd. -> ) ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-05-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.2.57\NavShExt.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-09-01] (Corel Corporation -> WinZip Computing) ContextMenuHandlers2: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2020-04-17] (Bandisoft -> Bandisoft.com) ContextMenuHandlers2: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareShellExtension.dll [2017-02-21] (Adaware Software -> ) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [Fichier non signé] ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.2.57\NavShExt.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-05-14] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareShellExtension.dll [2017-02-21] (Adaware Software -> ) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers4: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2020-04-17] (Bandisoft -> Bandisoft.com) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-05-15] (IP Izmaylov Artem Andreevich -> AIMP DevTeam) ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [Fichier non signé] ContextMenuHandlers4: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2020-04-21] (Beijing Qihu Technology Co., Ltd. -> ) ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-09-01] (Corel Corporation -> WinZip Computing) ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2020-04-17] (Bandisoft -> Bandisoft.com) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki120832.inf_amd64_2ded2fe16badb11a\igfxDTCM.dll [2017-02-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-05-14] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => L:\Program\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group) ContextMenuHandlers6: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2020-04-21] (Beijing Qihu Technology Co., Ltd. -> ) ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-05-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.2.57\NavShExt.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-09-01] (Corel Corporation -> WinZip Computing) ContextMenuHandlers1_S-1-5-21-988608728-4089148216-4043712893-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2020-04-17] (Bandisoft -> Bandisoft.com) ContextMenuHandlers2_S-1-5-21-988608728-4089148216-4043712893-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2020-04-17] (Bandisoft -> Bandisoft.com) ContextMenuHandlers4_S-1-5-21-988608728-4089148216-4043712893-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2020-04-17] (Bandisoft -> Bandisoft.com) ContextMenuHandlers5_S-1-5-21-988608728-4089148216-4043712893-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2020-04-17] (Bandisoft -> Bandisoft.com) FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => C:\Program Files (x86)\UX Pack\OldNewExplorer\OldNewExplorer64.dll [2015-09-13] (www.startisback.com) [Fichier non signé] ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\ivanita lomeli\Desktop\RESTORED\2020-05-18_20-55-23\Facebook.lnk -> K:\program files (x86) anti-ivanita lomeli browsers stina & maddie damskey results only\ucbrowser\Application\UCBrowser.exe (UCWeb Inc.) -> hxxp://facebook.com ShortcutWithArgument: C:\Users\Public\Desktop\Google.lnk -> K:\program files (x86) anti-ivanita lomeli browsers stina & maddie damskey results only\baidu spark\Baidu Browser\Spark.exe () -> --useraction=google hxxp://www.google.com ==================== Modules chargés (Avec liste blanche) ============= 2020-05-21 05:17 - 2020-05-21 05:17 - 000045056 _____ () [Fichier non signé] C:\Program Files (x86)\UX Pack\LeftSider\leftsider.dll 2020-05-21 05:17 - 2020-05-21 05:17 - 000048640 _____ () [Fichier non signé] C:\Program Files (x86)\UX Pack\LeftSider\leftsider64.dll 2020-05-21 05:15 - 2007-09-02 13:57 - 000069632 _____ () [Fichier non signé] C:\Program Files (x86)\UX Pack\RocketDock\RocketDock.dll 2020-05-21 05:15 - 2009-08-12 12:09 - 000077824 _____ () [Fichier non signé] C:\Program Files (x86)\UX Pack\XWidget\Res\Lib\lib.dll 2020-05-21 05:15 - 2009-03-21 17:19 - 000040960 _____ () [Fichier non signé] C:\Program Files (x86)\UX Pack\YzShadow\Languages\English.lang 2017-02-21 14:50 - 2017-02-21 14:50 - 000067544 _____ () [Fichier non signé] C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_date_time-vc140-mt-1_61.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000215552 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\gdk_pixbuf-2.36.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000407552 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\gstaudio-1.0.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000030720 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\gstbadaudio-1.0.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000064000 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\gstbadbase-1.0.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000053248 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\gstbadvideo-1.0.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000361984 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\gstbase-1.0.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000296960 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\gstcodecparsers-1.0.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000204800 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\gstpbutils-1.0.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 001189888 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\gstreamer-1.0.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000054784 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\gstriff-1.0.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000107520 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\gstrtp-1.0.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000213504 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\gsttag-1.0.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000545792 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\gstvideo-1.0.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000446464 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\jpeg62.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000024576 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\libffi.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000050176 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstadder.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000024576 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstaudioconvert.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000046592 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstaudiomixer.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000125440 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstaudioparsers.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000030208 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstaudioresample.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000027136 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstautodetect.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000342528 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstcoreelements.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000026624 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstdirectsoundsink.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000107520 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstflv.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000039936 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstgdkpixbuf.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000026112 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstimagefreeze.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000453632 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstisomp4.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000040960 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstjpeg.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000127488 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstmultifile.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000510976 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstplayback.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000029184 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstpng.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000091648 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gsttypefindfunctions.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000023552 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstvideoconvert.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000186368 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstvideoparsersbad.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000037888 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstvideorate.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000032256 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstvideoscale.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000039424 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstvolume.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000076288 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\mbplugin\gstwinks.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000505856 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\orc-0.4.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000213504 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\png-1.6.dll 2020-05-23 16:24 - 2019-06-12 03:33 - 000112640 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\rtmp.dll 2020-05-23 16:24 - 2019-06-12 03:33 - 000091648 _____ () [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\zlib-1.2.dll 2008-07-29 06:49 - 2008-07-29 06:49 - 000021504 _____ () [Fichier non signé] C:\Users\ivanita lomeli\Desktop\11Crem Suite V1\Camtasia Studio 7 (equal camtasia 2018 de 10Crem in 11Crem)\Media\Theater\plugins\imageformats\qgif4.dll 2008-07-29 06:49 - 2008-07-29 06:49 - 000119296 _____ () [Fichier non signé] C:\Users\ivanita lomeli\Desktop\11Crem Suite V1\Camtasia Studio 7 (equal camtasia 2018 de 10Crem in 11Crem)\Media\Theater\plugins\imageformats\qjpeg4.dll 2008-08-25 18:43 - 2008-08-25 18:43 - 001960960 _____ () [Fichier non signé] C:\Users\ivanita lomeli\Desktop\11Crem Suite V1\Camtasia Studio 7 (equal camtasia 2018 de 10Crem in 11Crem)\QtCore4.dll 2008-07-29 06:01 - 2008-07-29 06:01 - 007073792 _____ () [Fichier non signé] C:\Users\ivanita lomeli\Desktop\11Crem Suite V1\Camtasia Studio 7 (equal camtasia 2018 de 10Crem in 11Crem)\QtGui4.dll 2017-02-21 14:50 - 2017-02-21 14:50 - 000144856 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_filesystem-vc140-mt-1_61.dll 2017-02-21 14:50 - 2017-02-21 14:50 - 000524760 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_locale-vc140-mt-1_61.dll 2017-02-21 14:50 - 2017-02-21 14:50 - 000733144 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_log-vc140-mt-1_61.dll 2017-02-21 14:50 - 2017-02-21 14:50 - 000121816 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_thread-vc140-mt-1_61.dll 2017-02-21 14:51 - 2017-02-21 14:51 - 003712984 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\RCF.dll 2020-05-11 08:01 - 2020-05-11 08:01 - 000037888 _____ () C:\Windows\System32\usocoreps.dll 2017-02-21 14:50 - 2017-02-21 14:50 - 000039384 _____ (Adaware Software -> ) [Fichier non signé] C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_chrono-vc140-mt-1_61.dll 2017-02-21 14:50 - 2017-02-21 14:50 - 000318424 _____ (Adaware Software -> The Qt Company Ltd) [Fichier non signé] C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\imageformats\qtiff.dll 2020-03-27 18:50 - 2020-03-27 18:50 - 000398336 _____ (Florian Heidenreich) [Fichier non signé] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000085504 _____ (Free Software Foundation) [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\intl-0.19.dll 2011-01-13 16:12 - 2011-01-13 16:12 - 000499712 _____ (hxxp://www.mp3dev.org/) [Fichier non signé] C:\Users\ivanita lomeli\Desktop\11Crem Suite V1\Camtasia Studio 7 (equal camtasia 2018 de 10Crem in 11Crem)\TSCLame.acm 2020-05-13 17:29 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files (x86)\7-Zip\7-zip.dll 2011-01-13 14:43 - 2011-01-13 14:43 - 000229888 _____ (LEAD Technologies, Inc.) [Fichier non signé] C:\Users\ivanita lomeli\Desktop\11Crem Suite V1\Camtasia Studio 7 (equal camtasia 2018 de 10Crem in 11Crem)\LTDIS10N.dll 2011-01-13 14:43 - 2011-01-13 14:43 - 000108032 _____ (LEAD Technologies, Inc.) [Fichier non signé] C:\Users\ivanita lomeli\Desktop\11Crem Suite V1\Camtasia Studio 7 (equal camtasia 2018 de 10Crem in 11Crem)\LTFIL10N.DLL 2011-01-13 14:43 - 2011-01-13 14:43 - 000297984 _____ (LEAD Technologies, Inc.) [Fichier non signé] C:\Users\ivanita lomeli\Desktop\11Crem Suite V1\Camtasia Studio 7 (equal camtasia 2018 de 10Crem in 11Crem)\LTKRN10N.dll 2011-01-13 14:54 - 2011-01-13 14:54 - 000429096 _____ (MainConcept AG -> MainConcept GmbH) [Fichier non signé] C:\Users\ivanita lomeli\Desktop\11Crem Suite V1\Camtasia Studio 7 (equal camtasia 2018 de 10Crem in 11Crem)\mcaacadec.dll 2011-01-13 14:54 - 2011-01-13 14:54 - 000171048 _____ (MainConcept AG -> MainConcept GmbH) [Fichier non signé] C:\Users\ivanita lomeli\Desktop\11Crem Suite V1\Camtasia Studio 7 (equal camtasia 2018 de 10Crem in 11Crem)\mcdaac.ax 2011-01-13 14:54 - 2011-01-13 14:54 - 000416808 _____ (MainConcept AG -> MainConcept GmbH) [Fichier non signé] C:\Users\ivanita lomeli\Desktop\11Crem Suite V1\Camtasia Studio 7 (equal camtasia 2018 de 10Crem in 11Crem)\mcmp4demux.ax 2011-01-13 14:54 - 2011-01-13 14:54 - 000236584 _____ (MainConcept AG -> MainConcept GmbH) [Fichier non signé] C:\Users\ivanita lomeli\Desktop\11Crem Suite V1\Camtasia Studio 7 (equal camtasia 2018 de 10Crem in 11Crem)\mcstdavcvd.ax 2011-01-13 14:54 - 2011-01-13 14:54 - 001080360 _____ (MainConcept AG -> MainConcept GmbH) [Fichier non signé] C:\Users\ivanita lomeli\Desktop\11Crem Suite V1\Camtasia Studio 7 (equal camtasia 2018 de 10Crem in 11Crem)\mcstdh264dec.dll 2011-01-13 14:54 - 2011-01-13 14:54 - 000499712 _____ (Microsoft Corporation) [Fichier non signé] C:\Users\ivanita lomeli\Desktop\11Crem Suite V1\Camtasia Studio 7 (equal camtasia 2018 de 10Crem in 11Crem)\MSVCP71.dll 2011-01-13 14:54 - 2011-01-13 14:54 - 000348160 _____ (Microsoft Corporation) [Fichier non signé] C:\Users\ivanita lomeli\Desktop\11Crem Suite V1\Camtasia Studio 7 (equal camtasia 2018 de 10Crem in 11Crem)\MSVCR71.dll 2020-05-16 07:07 - 2020-05-16 07:07 - 000208384 _____ (Microsoft Corporation) [Fichier non signé] C:\Windows\System32\AuthBroker.dll 2019-03-19 06:44 - 2019-03-19 06:44 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\gamestreamingext.dll 2020-05-16 07:10 - 2020-05-16 07:10 - 000509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.cortana.Desktop.dll 2020-05-16 07:10 - 2020-05-16 07:10 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.cortana.onecore.dll 2019-03-19 06:45 - 2019-03-19 06:45 - 000128512 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Cortana.ProxyStub.dll 2020-05-23 16:24 - 2019-06-12 03:33 - 000673792 _____ (rttr.org) [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\rttr.dll 2020-05-16 01:39 - 2020-05-16 01:39 - 000913920 _____ (ServiceStack) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\3d3266bc497c30fa79ed8206a210247a\ServiceStack.Text.ni.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 001501696 _____ (The GLib developer community) [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\gio-2.54.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 001346560 _____ (The GLib developer community) [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\glib-2.54.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000018432 _____ (The GLib developer community) [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\gmodule-2.54.dll 2020-05-23 16:24 - 2019-06-12 03:34 - 000281088 _____ (The GLib developer community) [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\gobject-2.54.dll 2020-05-23 16:24 - 2019-06-12 03:33 - 002116608 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\LIBEAY32.dll 2020-05-23 16:24 - 2019-06-12 03:33 - 000361472 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files\CyberLink\ScreenRecorder4\SSLEAY32.dll 2017-02-21 14:50 - 2017-02-21 14:50 - 000040408 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\imageformats\qico.dll 2017-02-21 14:51 - 2017-02-21 14:51 - 001330136 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\platforms\qwindows.dll 2020-05-12 21:33 - 2016-09-25 15:12 - 000029696 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files\MiniTool ShadowMaker\imageformats\qgif.dll 2020-05-12 21:33 - 2016-09-25 15:12 - 001236992 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files\MiniTool ShadowMaker\platforms\qwindows.dll 2017-02-21 14:50 - 2017-02-21 14:50 - 000038360 _____ (The Qt Company Ltd) C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\imageformats\qgif.dll 2017-02-21 14:50 - 2017-02-21 14:50 - 000046040 _____ (The Qt Company Ltd) C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\imageformats\qicns.dll 2017-02-21 14:50 - 2017-02-21 14:50 - 000243160 _____ (The Qt Company Ltd) C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\imageformats\qjpeg.dll 2017-02-21 14:50 - 2017-02-21 14:50 - 000032216 _____ (The Qt Company Ltd) C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\imageformats\qsvg.dll 2017-02-21 14:50 - 2017-02-21 14:50 - 000031704 _____ (The Qt Company Ltd) C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\imageformats\qtga.dll 2020-05-21 05:15 - 2015-09-13 22:02 - 000253440 _____ (www.startisback.com) [Fichier non signé] C:\Program Files (x86)\UX Pack\OldNewExplorer\OldNewExplorer32.dll 2020-05-21 05:15 - 2015-09-13 22:02 - 000258560 _____ (www.startisback.com) [Fichier non signé] C:\Program Files (x86)\UX Pack\OldNewExplorer\OldNewExplorer64.dll 2020-05-21 05:15 - 2009-03-21 17:19 - 000061440 _____ (Y'z) [Fichier non signé] C:\Program Files (x86)\UX Pack\YzShadow\YzShadow.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\adawareantivirusservice => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UnsignedThemes => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\adawareantivirusservice => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UnsignedThemes => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer sites de confiance/sensibles ========== ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\program files (x86)\skype\Phone\ HKU\S-1-5-21-988608728-4089148216-4043712893-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Yosemite\mojave_dynamic_7.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Le Pare-feu est activé. Network Binding: ============= VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Connexion au réseau local: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) MSCONFIG\Services: adawareantivirusservice => 2 MSCONFIG\Services: AdobeARMservice => 3 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AtherosSvc => 2 MSCONFIG\Services: Avira.HomeGuard => 2 MSCONFIG\Services: Avira.ServiceHost => 2 MSCONFIG\Services: AviraPhantomVPN => 2 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: cplspcon => 2 MSCONFIG\Services: esifsvc => 2 MSCONFIG\Services: gdipp_svc_32 => 2 MSCONFIG\Services: gdipp_svc_64 => 2 MSCONFIG\Services: GlassWire => 2 MSCONFIG\Services: Grip sensor Reset service => 2 MSCONFIG\Services: igfxCUIService2.0.0.0 => 3 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: MTAgentService => 2 MSCONFIG\Services: MTSchedulerService => 2 MSCONFIG\Services: OpenVPNService => 3 MSCONFIG\Services: OpenVPNServiceInteractive => 2 MSCONFIG\Services: OpenVPNServiceLegacy => 3 MSCONFIG\Services: PanelManagerSvc => 2 MSCONFIG\Services: QHActiveDefense => MSCONFIG\Services: rkrtservice => 2 MSCONFIG\Services: SafiService => 2 MSCONFIG\Services: Samsung Pen Service => 2 MSCONFIG\Services: Samsung System Service => 2 MSCONFIG\Services: SkypeUpdate => 3 MSCONFIG\Services: SparkSvc => 3 MSCONFIG\Services: SparkUpdater => 3 MSCONFIG\Services: UCBrowserSvc => 3 MSCONFIG\Services: VBoxSDS => 3 MSCONFIG\Services: WlSarService => 2 ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{1DAC848E-3B93-4558-B09D-F5F5D8A908BA}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.5.17.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> ) FirewallRules: [{1587CABD-89E9-4849-B297-94AF18C9DD7C}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.5.17.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> ) FirewallRules: [{E7EC7BD8-258D-4729-845F-6225CD3848D4}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.5.17.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> ) FirewallRules: [{4BEEAFEB-9FC3-41FB-AD71-B52C944086C3}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.5.17.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> ) FirewallRules: [{DDF6792C-3BC4-4AC0-8BB4-1BD7F4CB2557}] => (Allow) C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemAgent.exe (SAMSUNG ELECTRONICS CO,.LTD. -> Samsung Electronics Co., Ltd.) FirewallRules: [{B6B2F44D-3A6D-49DD-B656-8F07C8CBAA1D}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.5.17.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> ) FirewallRules: [{1B59C9CF-5D9D-43D6-A225-961CC2ED3F0D}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.5.17.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> ) FirewallRules: [{7BD3B368-EF77-4376-8D40-C94AC597C357}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.5.17.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> ) FirewallRules: [{CD2EEB71-1D90-4C6A-BF8A-F95BD24FBB77}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.5.17.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> ) FirewallRules: [TCP Query User{C2065D64-539A-4AA6-A3FD-5F1C24B1D054}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{9E68829F-EB5C-4075-92D4-72F599D5D636}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{A5684250-357C-4697-ABA5-02572E1E5A1C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{C80C99C9-7035-4DA1-8CB6-22968DF914CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{80745C87-914A-4550-8049-E5FFA6640A60}] => (Allow) K:\program files (x86) anti-ivanita lomeli browsers stina & maddie damskey results only\baidu spark\Baidu Browser\Spark.exe (Baidu Online Network Technology (Beijing) Co.,Ltd. -> ) FirewallRules: [{02C3DD56-98B0-4736-A738-F54A6E64FD0E}] => (Allow) K:\program files (x86) anti-ivanita lomeli browsers stina & maddie damskey results only\baidu spark\Baidu Browser\Spark.exe (Baidu Online Network Technology (Beijing) Co.,Ltd. -> ) FirewallRules: [{70F111AB-91CE-4BC0-B23F-62AEDF40D2B4}] => (Allow) K:\program files (x86) anti-ivanita lomeli browsers stina & maddie damskey results only\ucbrowser\Application\UCBrowser.exe (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> UCWeb Inc.) FirewallRules: [{008FC5FC-41F6-4B23-833A-484AEA415948}] => (Allow) K:\program files (x86) anti-ivanita lomeli browsers stina & maddie damskey results only\ucbrowser\Application\UCBrowser.exe (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> UCWeb Inc.) FirewallRules: [{9E06E53C-DAD1-46AB-87C2-CBDA159A2EE9}] => (Allow) K:\program files (x86) anti-ivanita lomeli browsers stina & maddie damskey results only\maxthon\Maxthon5\Bin\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon International ltd.) FirewallRules: [{66D4314A-1DA1-438D-9177-4D64CABE59A9}] => (Allow) K:\program files (x86) anti-ivanita lomeli browsers stina & maddie damskey results only\maxthon\Maxthon5\Bin\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon International ltd.) FirewallRules: [{1AE848CF-8C4E-4934-86B9-46921DE72520}] => (Allow) C:\Users\ivanita lomeli\AppData\Local\LINE\bin\5.0.0.1380\LINE.exe (LINE Corporation -> LINE Corporation) FirewallRules: [{6FD66E6C-FB73-43A4-BBA0-92529660E1B6}] => (Allow) C:\Users\ivanita lomeli\AppData\Local\LINE\bin\5.0.0.1380\LINE.exe (LINE Corporation -> LINE Corporation) FirewallRules: [{8394B0FD-77EA-4037-A52C-963860798326}] => (Allow) C:\Users\ivanita lomeli\AppData\Local\LINE\bin\5.0.0.1380\LineUpdater.exe (LINE Corporation -> LINE Corporation) FirewallRules: [{19C5A3FA-DE74-4A3C-A082-663CDE7CC7ED}] => (Allow) C:\Users\ivanita lomeli\AppData\Local\LINE\bin\5.0.0.1380\LineUpdater.exe (LINE Corporation -> LINE Corporation) FirewallRules: [{0665295A-4067-4B3E-97E9-E866E1D70851}] => (Allow) C:\Users\ivanita lomeli\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe => Pas de fichier FirewallRules: [{B4914155-7FAF-47D7-AAC9-A3E7099E79DE}] => (Allow) C:\Users\ivanita lomeli\AppData\Local\Programs\Opera\68.0.3618.104\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{022A3BAD-273F-44F7-B134-51FC959ABE97}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe (QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.) FirewallRules: [{F12C46D5-DED9-46DB-8462-BAF9E77CE42D}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe (QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.) FirewallRules: [{17190BAF-F722-4418-ACF5-021F4ED8D7DF}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) FirewallRules: [{42123FEF-0A4C-4D13-95B4-D5E4CC0BECB0}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) FirewallRules: [{38E00C82-0B68-4A44-A456-E0E419444E6B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12730.20270.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7A6CD757-CE9B-4AA7-8309-801285732A78}] => (Allow) C:\Program Files (x86)\Avira\Home Guard\Avira.HomeGuard.Service.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG;) FirewallRules: [{41BCAD9D-1F0E-4706-B415-39AE9925F0ED}] => (Allow) C:\Users\ivanita lomeli\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft) FirewallRules: [{40194068-579F-4E2E-903A-20599B5AD165}] => (Allow) C:\Users\ivanita lomeli\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft) FirewallRules: [{E3C160B4-3D7A-4417-9CD2-B6F4FED462D4}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC) FirewallRules: [{3FB0DD66-19B5-40C9-8436-9733B7C0A9B7}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC) FirewallRules: [{BD1FBC18-DA9B-4BDF-B337-682B2A1E6BF4}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> ) FirewallRules: [{80AE671C-3B39-4EA8-9F88-EE77AD9B967B}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> ) FirewallRules: [{463A92BE-32BE-47C9-9A4D-04E7CD414C9F}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.6.13.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [Fichier non signé] FirewallRules: [{B99274EE-AC09-49D9-A342-202FF45FACE7}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.6.13.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [Fichier non signé] FirewallRules: [{A2158F8C-89A8-4A1F-A991-6DEDB5B99F5D}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.6.13.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [Fichier non signé] FirewallRules: [{E3154CA5-F837-4F43-A04C-350A983848D3}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.6.13.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe () [Fichier non signé] FirewallRules: [TCP Query User{1DEBA874-420A-4DE3-A9CC-E00C0A3A21A3}C:\users\ivanita lomeli\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\ivanita lomeli\appdata\local\programs\opera\68.0.3618.125\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{39048B26-22D1-405A-AC59-219FC6160ACF}C:\users\ivanita lomeli\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\ivanita lomeli\appdata\local\programs\opera\68.0.3618.125\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{361A2266-7218-46E1-9140-413725BE3260}] => (Allow) C:\Program Files\CyberLink\ScreenRecorder4\VideoEditor\SRVE.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{0087F781-E756-4BA7-B59C-7D7DF9EA9AA2}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) FirewallRules: [{3C0CF6F0-D39E-42D8-BA13-26BE28C69B01}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) FirewallRules: [{1914F51F-8CC4-429B-8D32-CE9D810BD906}] => (Allow) C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe (Da Silva Alfrédo -> Carifred.com) FirewallRules: [{BA5CAA20-5B42-4FE7-B0BC-9DE9ADE175BE}] => (Allow) C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe (Da Silva Alfrédo -> Carifred.com) FirewallRules: [{72E324E0-A518-4533-B9C1-C0EE8763BB24}] => (Allow) C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe (Da Silva Alfrédo -> Carifred.com) ==================== Points de restauration ========================= ==================== Éléments en erreur du Gestionnaire de périphériques ============ Name: Dispositif de stockage de masse USB Description: Dispositif de stockage de masse USB Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Dispositif de stockage USB compatible Service: USBSTOR Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: EMTECh YUMI wintobootic Description: USB DISK 3.0 Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Service: WUDFWpdFs Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Samsung Camera Rear Description: Samsung Camera Rear Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: IMX258 Camera Sensor Service: IMX258 Problem: : Windows cannot load the device driver for this hardware because a previous instance of the device driver is still in memory. (Code 38) Resolution: The driver could not be loaded because a previous instance is still loaded. Restart the computer. ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (05/23/2020 11:14:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante dwm.exe, version : 10.0.18362.387, horodatage : 0x8e064b77 Nom du module défaillant : dwmcore.dll, version : 10.0.18362.752, horodatage : 0x179e3b3c Code d’exception : 0xc00001ad Décalage d’erreur : 0x000000000015b85a ID du processus défaillant : 0x26c8 Heure de début de l’application défaillante : 0x01d631471cc3493c Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\dwm.exe Chemin d’accès du module défaillant: C:\WINDOWS\system32\dwmcore.dll ID de rapport : a7a55af8-3b3b-45c6-b572-8d04319e12ee Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (05/23/2020 11:14:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante backgroundTaskHost.exe, version : 10.0.18362.1, horodatage : 0x533f8404 Nom du module défaillant : biwinrt.dll, version : 10.0.18362.1, horodatage : 0x3f99ee98 Code d’exception : 0xc000027b Décalage d’erreur : 0x0000000000013d63 ID du processus défaillant : 0xd60 Heure de début de l’application défaillante : 0x01d631466df38783 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\backgroundTaskHost.exe Chemin d’accès du module défaillant: C:\Windows\System32\biwinrt.dll ID de rapport : e1c176f2-01c2-4425-9529-39a7a7bc53b6 Nom complet du package défaillant : Microsoft.MicrosoftOfficeHub_18.2004.1162.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : Microsoft.MicrosoftOfficeHub Error: (05/23/2020 11:14:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante StartMenuExperienceHost.exe, version : 0.0.0.0, horodatage : 0x5e708f15 Nom du module défaillant : ntdll.dll, version : 10.0.18362.815, horodatage : 0xb29ecf52 Code d’exception : 0xc00000fd Décalage d’erreur : 0x00000000000471e9 ID du processus défaillant : 0x2674 Heure de début de l’application défaillante : 0x01d6310d811d4c26 Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : f36befee-489e-4f4a-a41b-44357da867a3 Nom complet du package défaillant : Microsoft.Windows.StartMenuExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App Error: (05/23/2020 11:14:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante dwm.exe, version : 10.0.18362.387, horodatage : 0x8e064b77 Nom du module défaillant : dwmcore.dll, version : 10.0.18362.752, horodatage : 0x179e3b3c Code d’exception : 0xc00001ad Décalage d’erreur : 0x000000000015b85a ID du processus défaillant : 0x2e14 Heure de début de l’application défaillante : 0x01d6314714970eed Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\dwm.exe Chemin d’accès du module défaillant: C:\WINDOWS\system32\dwmcore.dll ID de rapport : cc0427c1-2bba-4742-b926-0fef6b85715b Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (05/23/2020 11:13:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante dwm.exe, version : 10.0.18362.387, horodatage : 0x8e064b77 Nom du module défaillant : dwmcore.dll, version : 10.0.18362.752, horodatage : 0x179e3b3c Code d’exception : 0xc00001ad Décalage d’erreur : 0x000000000015b85a ID du processus défaillant : 0x2ab8 Heure de début de l’application défaillante : 0x01d63147097baacc Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\dwm.exe Chemin d’accès du module défaillant: C:\WINDOWS\system32\dwmcore.dll ID de rapport : cfdc0843-999c-4585-88f5-af73c36798de Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (05/23/2020 11:13:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante dwm.exe, version : 10.0.18362.387, horodatage : 0x8e064b77 Nom du module défaillant : dwmcore.dll, version : 10.0.18362.752, horodatage : 0x179e3b3c Code d’exception : 0xc00001ad Décalage d’erreur : 0x000000000015b85a ID du processus défaillant : 0xaec Heure de début de l’application défaillante : 0x01d63147001b8f5d Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\dwm.exe Chemin d’accès du module défaillant: C:\WINDOWS\system32\dwmcore.dll ID de rapport : 0baa50f6-6727-4fa3-bc7c-68dc961e7977 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (05/23/2020 11:13:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante dwm.exe, version : 10.0.18362.387, horodatage : 0x8e064b77 Nom du module défaillant : dwmcore.dll, version : 10.0.18362.752, horodatage : 0x179e3b3c Code d’exception : 0xc00001ad Décalage d’erreur : 0x000000000015b85a ID du processus défaillant : 0x26a0 Heure de début de l’application défaillante : 0x01d63146ee84e4d7 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\dwm.exe Chemin d’accès du module défaillant: C:\WINDOWS\system32\dwmcore.dll ID de rapport : 6de9ed25-1616-4730-a7c4-89d202c092e0 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (05/23/2020 11:12:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante dwm.exe, version : 10.0.18362.387, horodatage : 0x8e064b77 Nom du module défaillant : dwmcore.dll, version : 10.0.18362.752, horodatage : 0x179e3b3c Code d’exception : 0xc00001ad Décalage d’erreur : 0x000000000015b85a ID du processus défaillant : 0x2ba8 Heure de début de l’application défaillante : 0x01d63146e4d0a8cf Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\dwm.exe Chemin d’accès du module défaillant: C:\WINDOWS\system32\dwmcore.dll ID de rapport : 945a81f0-027e-422a-ae03-2de4245e1806 Nom complet du package défaillant : ID de l’application relative au package défaillant : Erreurs système: ============= Error: (05/23/2020 10:47:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Avast Antivirus s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 5000 millisecondes : Redémarrer le service. Error: (05/23/2020 06:13:15 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Les clichés instantanés du volume C: ont été annulés car le stockage du cliché instantané n’a pas pu s’agrandir en raison d’une limite utilisateur. Error: (05/23/2020 06:00:37 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DKLRMGF) Description: Le serveur Windows.Internal.WebRuntime.ContentProcess#{00021402-0002-0000-EADF-5A0000000000} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (05/23/2020 05:41:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Serveur de trame de la Caméra Windows s’est terminé de façon inattendue pour la 1ème fois. Error: (05/23/2020 05:29:11 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: AUTORITE NT) Description: ??\Device\HarddiskVolumeShadowCopy22 Error: (05/23/2020 04:34:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DKLRMGF) Description: Le serveur {1FFE4FFD-25B1-40B1-A1EA-EF633353BB4E} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (05/23/2020 04:32:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DKLRMGF) Description: Le serveur {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (05/23/2020 04:30:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service WpnUserService_f971f s’est terminé de manière inattendue. Ceci s’est produit 2 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Windows Defender: =================================== Date: 2020-05-14 18:47:01.748 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Execution!rfn&threatid=2147745900&enterprise=0 Nom : Trojan:Win32/Execution!rfn ID : 2147745900 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_C:\Users\ivanita lomeli\Downloads\SkinPack Auto UXThemePatcher 5.0.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Système Utilisateur : AUTORITE NT\Système Nom du processus : Unknown Version de la veille de sécurité : AV: 1.315.630.0, AS: 1.315.630.0, NIS: 1.315.630.0 Version du moteur : AM: 1.1.17000.7, NIS: 1.1.17000.7 Date: 2020-05-14 18:44:13.221 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Virus:DOS/EICAR_Test_File&threatid=2147519003&enterprise=0 Nom : Virus:DOS/EICAR_Test_File ID : 2147519003 Gravité : Grave Catégorie : Virus Chemin : containerfile:_C:\Program Files (x86)\Eicar Test Files\eicarcom2.zip; file:_C:\Program Files (x86)\Eicar Test Files\eicarcom2.zip->(Zip)->(Zip); file:_C:\Program Files (x86)\Eicar Test Files\eicarcom2.zip->eicar_com.zip->eicar.com Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : DESKTOP-DKLRMGF\ivanita lomeli Nom du processus : C:\Windows\explorer.exe Version de la veille de sécurité : AV: 1.315.630.0, AS: 1.315.630.0, NIS: 1.315.630.0 Version du moteur : AM: 1.1.17000.7, NIS: 1.1.17000.7 Date: 2020-05-14 18:44:07.616 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Virus:DOS/EICAR_Test_File&threatid=2147519003&enterprise=0 Nom : Virus:DOS/EICAR_Test_File ID : 2147519003 Gravité : Grave Catégorie : Virus Chemin : containerfile:_C:\Program Files (x86)\Eicar Test Files\eicarcom2.zip; file:_C:\Program Files (x86)\Eicar Test Files\eicarcom2.zip->(Zip)->(Zip) Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : DESKTOP-DKLRMGF\ivanita lomeli Nom du processus : C:\Windows\explorer.exe Version de la veille de sécurité : AV: 1.315.630.0, AS: 1.315.630.0, NIS: 1.315.630.0 Version du moteur : AM: 1.1.17000.7, NIS: 1.1.17000.7 Date: 2020-05-14 15:42:48.146 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Execution!rfn&threatid=2147745900&enterprise=0 Nom : Trojan:Win32/Execution!rfn ID : 2147745900 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_C:\Users\ivanita lomeli\Downloads\SkinPack Auto UXThemePatcher 5.0.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : DESKTOP-DKLRMGF\ivanita lomeli Nom du processus : C:\Windows\explorer.exe Version de la veille de sécurité : AV: 1.315.630.0, AS: 1.315.630.0, NIS: 1.315.630.0 Version du moteur : AM: 1.1.17000.7, NIS: 1.1.17000.7 Date: 2020-05-14 15:42:32.780 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Execution!rfn&threatid=2147745900&enterprise=0 Nom : Trojan:Win32/Execution!rfn ID : 2147745900 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_C:\Users\ivanita lomeli\Downloads\SkinPack Auto UXThemePatcher 5.0.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : DESKTOP-DKLRMGF\ivanita lomeli Nom du processus : C:\Users\ivanita lomeli\Downloads\UXThemePatcher.sfx.exe Version de la veille de sécurité : AV: 1.315.630.0, AS: 1.315.630.0, NIS: 1.315.630.0 Version du moteur : AM: 1.1.17000.7, NIS: 1.1.17000.7 CodeIntegrity: =================================== Date: 2020-05-23 23:07:19.753 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-05-23 23:07:19.623 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.2.57\symamsi.dll that did not meet the Windows signing level requirements. Date: 2020-05-23 22:57:16.965 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-05-23 22:57:16.897 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.2.57\symamsi.dll that did not meet the Windows signing level requirements. Date: 2020-05-23 22:48:19.332 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-05-23 22:48:18.845 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.2.57\symamsi.dll that did not meet the Windows signing level requirements. Date: 2020-05-23 22:47:32.465 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-05-23 22:47:32.415 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.2.57\symamsi.dll that did not meet the Windows signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. P04HAC.000.180220.WY.1219 02/20/2018 Carte mère: SAMSUNG ELECTRONICS CO., LTD. SM-W720NZKBXEF Processeur: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz Pourcentage de mémoire utilisée: 94% Mémoire physique - RAM - totale: 3997.93 MB Mémoire physique - RAM - disponible: 221.07 MB Mémoire virtuelle totale: 10249.8 MB Mémoire virtuelle disponible: 183.88 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:48.84 GB) (Free:1.29 GB) NTFS Drive d: (widen 5) (Fixed) (Total:44.49 GB) (Free:0.99 GB) NTFS Drive e: (applemonkey - jjad & nathalie en) (Fixed) (Total:1.41 GB) (Free:0.36 GB) NTFS Drive g: (EMTECh YUMI wintobootic) (Removable) (Total:57.7 GB) (Free:34.05 GB) NTFS Drive h: (jjad naamfuw famfuw pub3amfuw bn) (Fixed) (Total:2.14 GB) (Free:0.7 GB) NTFS Drive j: (tfm2) (Fixed) (Total:6.07 GB) (Free:3.81 GB) NTFS Drive k: (tfm21 (virtualbox mac + start me) (Fixed) (Total:2.29 GB) (Free:1.02 GB) NTFS Drive l: (tfm16) (Fixed) (Total:0.87 GB) (Free:0.66 GB) NTFS Drive m: (TFM3) (Fixed) (Total:1.1 GB) (Free:1.07 GB) NTFS Drive o: (FTV 96 ELEVATORS 22CASSIGN) (Fixed) (Total:19 GB) (Free:1.7 GB) NTFS Drive s: (tfm16) (Fixed) (Total:0.49 GB) (Free:0.41 GB) NTFS Drive t: (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 Drive v: (VERBATIM HD) (Fixed) (Total:7369.87 GB) (Free:1889.38 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] \\?\Volume{ce29ef87-8ee2-4624-a514-2a4806d3b314}\ () (Fixed) (Total:0 GB) (Free:0 GB) \\?\Volume{d48a4231-6c35-4220-4173-636c65706975}\ () (Fixed) (Total:0 GB) (Free:0 GB) ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: 26EA9241) Partition: GPT. ========================================================== Disk: 2 (Size: 57.7 GB) (Disk ID: 005590AA) Partition: GPT. ========================================================== Disk: 3 (Size: 7452 GB) (Disk ID: C8AA1957) Partition: GPT. ==================== Fin de Addition.txt =======================