Est-ce que cette url correspond à ta demande ?https://www.virustotal.com/gui/file/b81 ... /detection
salut kupfi.dk
Lance Farbar
Copies les lignes suivantes dans le cadre rouge
start::
CloseProcesses:
CreateRestorePoint:
C:\Users\kupfi\AppData\Roaming\Tenorshare\Service\configs\TenorshareWinAdService.exe
SearchScopes: HKU\S-1-5-21-4272053494-859559233-1451017248-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4272053494-859559233-1451017248-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
R2 TenorshareWinAdService; C:\Users\kupfi\AppData\Roaming\Tenorshare\Service\configs\TenorshareWinAdService.exe [40448 2017-06-01] (Tenorshare Co,Ltd) [Fichier non signé]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
2018-11-26 22:37 - 2017-06-01 03:46 - 000040448 _____ (Tenorshare Co,Ltd) [Fichier non signé] C:\Users\kupfi\AppData\Roaming\Tenorshare\Service\configs\TenorshareWinAdService.exe
FirewallRules: [{5FF19BA1-F33B-4D97-9207-E4A4666991CC}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Pas de fichier
FirewallRules: [{07629F1F-C5AC-45AB-8FED-6CAE1C4C6C2E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Pas de fichier
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|GoogleChromeAutoLaunch_E8B0141B6D680C0070539A02811317EC
DeleteValue: HKEY_USERS\S-1-5-21-4272053494-859559233-1451017248-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|GoogleChromeAutoLaunch_E8B0141B6D680C0070539A02811317EC
C:\Users\kupfi\AppData\Local\OneDrive
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\WinRAR
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5898ADFB-8D56-4943-AAF6-C8AE02CCC47F}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5FF19BA1-F33B-4D97-9207-E4A4666991CC}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{07629F1F-C5AC-45AB-8FED-6CAE1C4C6C2E}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\WinRAR
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
C:\Users\kupfi\AppData\Local\Google\Chrome\User Data\Default\File System\000
C:\Users\kupfi\AppData\Local\Google\Chrome\User Data\Default\File System\001
C:\Users\kupfi\AppData\Local\Google\Chrome\User Data\Default\File System\002
C:\Users\kupfi\AppData\Local\Google\Chrome\User Data\Default\File System\003
EmptyTemp:
end::
Corrige et heberge le rapport fixlog
@+
Didier