Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 29-05-2021 01 Exécuté par chapp (30-05-2021 10:14:10) Exécuté depuis C:\Users\chapp\Downloads Windows 10 Home Version 2004 19041.985 (X64) (2020-12-08 03:23:57) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-1854758776-2209758393-3106339772-500 - Administrator - Disabled) chapp (S-1-5-21-1854758776-2209758393-3106339772-1001 - Administrator - Enabled) => C:\Users\chapp DefaultAccount (S-1-5-21-1854758776-2209758393-3106339772-503 - Limited - Disabled) Invité (S-1-5-21-1854758776-2209758393-3106339772-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1854758776-2209758393-3106339772-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.403 - Adobe) AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.15.4 - ICEpower a/s) Avira (HKLM-x32\...\{21098ed5-59e9-4203-b79e-63f3c373e022}) (Version: 1.2.155.4877 - Avira Operations GmbH & Co. KG) Hidden Avira (HKLM-x32\...\{2CA8B2E7-B4B7-4553-83E6-448A543EA5AD}) (Version: 1.2.155.4877 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2104.2083 - Avira Operations GmbH & Co. KG) Hidden Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.4.17510 - Avira Operations GmbH & Co. KG) Hidden Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.4.0.1962 - Avira Operations GmbH & Co. KG) Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.49.18598 - Avira Operations GmbH & Co. KG) Hidden Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;) Avira Software Updater (HKLM-x32\...\{5FFF909D-D88F-42B9-9A85-328A1290611C}) (Version: 2.0.6.48309 - Avira Operations GmbH & Co. KG) Hidden Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.10.0.11063 - Avira Operations GmbH & Co. KG) Hidden EPSON ET-2600 Series Printer Uninstall (HKLM\...\EPSON ET-2600 Series) (Version: - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{AB8BE3EA-01D3-44B7-8E77-A9601CBDEBDE}) (Version: 3.10.0085 - Seiko Epson Corporation) Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.) Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation) EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC) Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1826.12.0.1146 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.369.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{aa81bdf2-96a6-4400-a596-c7d1916ce9f7}) (Version: 1.50.369.0 - Intel Corporation) Hidden Intel® PROSet/Wireless Software (HKLM-x32\...\{50cfe76f-cfa2-4a73-b722-9e3874c61029}) (Version: 20.100.0.0u - Intel Corporation) KeePass Password Safe 2.42.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.42.1 - Dominik Reichl) Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes) Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.14026.20246 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.37 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.37 - Microsoft Corporation) Microsoft Office Professionnel Plus 2019 - fr-fr (HKLM\...\ProPlus2019Retail - fr-fr) (Version: 16.0.14026.20246 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1854758776-2209758393-3106339772-1001\...\OneDriveSetup.exe) (Version: 21.083.0425.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation) MovieStarPlanet version 1.0.8 (HKLM-x32\...\{FBF94616-28CB-4277-8FB5-DB2018FEDDF1}_is1) (Version: 1.0.8 - MovieStarPlanet ApS) Mozilla Firefox 88.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 88.0.1 (x64 fr)) (Version: 88.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0 - Mozilla) Mozilla Thunderbird 78.5.1 (x86 fr) (HKLM-x32\...\Mozilla Thunderbird 78.5.1 (x86 fr)) (Version: 78.5.1 - Mozilla) MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden Opera Stable 76.0.4017.154 (HKU\S-1-5-21-1854758776-2209758393-3106339772-1001\...\Opera 76.0.4017.154) (Version: 76.0.4017.154 - Opera Software) PeaZip 7.8.0 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 7.8.0 - Giorgio Tani) TreeSize Free V4.4.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.2 - JAM Software) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) Zoom (HKU\S-1-5-21-1854758776-2209758393-3106339772-1001\...\ZoomUMX) (Version: 5.6.1 (617) - Zoom Video Communications, Inc.) Packages: ========= AudioWizard -> C:\Program Files\WindowsApps\ICEpower.AudioWizard_1.5.28.0_x64__dxp88312j1fgj [2020-01-26] (ICEpower) Centre de configuration des graphiques Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt [2021-05-07] (INTEL CORP) [Startup Task] Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-06] (Microsoft Corporation) Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-18] (INTEL CORP) LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-08-24] (LinkedIn) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-24] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-24] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-23] (Microsoft Studios) [MS Ad] Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-06-09] (Adobe Systems Incorporated) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.7.199.0_x64__dt26b99r8h8gj [2021-01-07] (Realtek Semiconductor Corp) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-05-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-23] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-23] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-05-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2020-04-20 08:47 - 2020-04-20 08:47 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll 2020-04-20 08:47 - 2020-04-20 08:47 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll 2017-02-13 14:54 - 2017-02-13 14:54 - 000132096 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll 2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll 2019-02-22 18:01 - 2019-02-22 18:01 - 000704512 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\EPSON\MyEpson Portal\Configration_00000171\MepCfg.dll 2020-04-17 11:15 - 2020-04-17 11:15 - 000577536 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\EPSON\MyEpson Portal\MepUploader_00000542\MepUploader.dll 2019-02-22 16:09 - 2019-02-22 16:09 - 000475136 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\EPSON\MyEpson Portal\Online Manual_00000013\MepFAQ.dll 2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Fichier non signé] C:\WINDOWS\System32\enppmon.dll 2021-03-01 10:53 - 2021-03-01 10:53 - 000913920 _____ (ServiceStack) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\6c292287be71db1b89ac22e2a724e691\ServiceStack.Text.ni.dll ==================== Alternate Data Streams (Avec liste blanche) ======== (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\Users\chapp\Desktop\certificat L. Diago 2019-20.jpeg:3or4kl4x13tuuug3Byamue2s4b [85] AlternateDataStreams: C:\Users\chapp\Desktop\certificat L. Diago 2019-20.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\chapp\Desktop\Image (100).jpg:3or4kl4x13tuuug3Byamue2s4b [85] AlternateDataStreams: C:\Users\chapp\Desktop\Image (100).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\chapp\Desktop\Image (101).jpg:3or4kl4x13tuuug3Byamue2s4b [85] AlternateDataStreams: C:\Users\chapp\Desktop\Image (101).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\chapp\Desktop\Image (102).jpg:3or4kl4x13tuuug3Byamue2s4b [85] AlternateDataStreams: C:\Users\chapp\Desktop\Image (102).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\chapp\Desktop\Image (103).jpg:3or4kl4x13tuuug3Byamue2s4b [85] AlternateDataStreams: C:\Users\chapp\Desktop\Image (103).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\chapp\Desktop\Image (89).jpg:3or4kl4x13tuuug3Byamue2s4b [85] AlternateDataStreams: C:\Users\chapp\Desktop\Image (89).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\chapp\Desktop\Image (90).jpg:3or4kl4x13tuuug3Byamue2s4b [85] AlternateDataStreams: C:\Users\chapp\Desktop\Image (90).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\chapp\Desktop\Image (91).jpg:3or4kl4x13tuuug3Byamue2s4b [85] AlternateDataStreams: C:\Users\chapp\Desktop\Image (91).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\chapp\Desktop\Image (92).jpg:3or4kl4x13tuuug3Byamue2s4b [85] AlternateDataStreams: C:\Users\chapp\Desktop\Image (92).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\chapp\Desktop\Image (93).jpg:3or4kl4x13tuuug3Byamue2s4b [85] AlternateDataStreams: C:\Users\chapp\Desktop\Image (93).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\chapp\Desktop\Image (94).jpg:3or4kl4x13tuuug3Byamue2s4b [85] AlternateDataStreams: C:\Users\chapp\Desktop\Image (94).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\chapp\Desktop\Image (95).jpg:3or4kl4x13tuuug3Byamue2s4b [85] AlternateDataStreams: C:\Users\chapp\Desktop\Image (95).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\chapp\Desktop\Image (96).jpg:3or4kl4x13tuuug3Byamue2s4b [85] AlternateDataStreams: C:\Users\chapp\Desktop\Image (96).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\chapp\Desktop\Image (97).jpg:3or4kl4x13tuuug3Byamue2s4b [85] AlternateDataStreams: C:\Users\chapp\Desktop\Image (97).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\chapp\Desktop\Image (98).jpg:3or4kl4x13tuuug3Byamue2s4b [85] AlternateDataStreams: C:\Users\chapp\Desktop\Image (98).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\chapp\Desktop\Image (99).jpg:3or4kl4x13tuuug3Byamue2s4b [85] AlternateDataStreams: C:\Users\chapp\Desktop\Image (99).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKU\S-1-5-21-1854758776-2209758393-3106339772-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE HKU\S-1-5-21-1854758776-2209758393-3106339772-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE SearchScopes: HKU\S-1-5-21-1854758776-2209758393-3106339772-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1854758776-2209758393-3106339772-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ HKU\S-1-5-21-1854758776-2209758393-3106339772-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\chapp\AppData\Roaming\Mozilla\Firefox\Fond d’écran.bmp DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [UDP Query User{355FB4AA-DF8F-4874-9446-4BD6D6272B69}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [TCP Query User{214DB764-1B9A-469B-A89D-2FB97C48D0BE}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [UDP Query User{C1875650-7519-4926-B73D-38BA19FE664B}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{C8EA2631-4981-4D7B-A6B9-00AD9AA75599}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{E231CC4C-EBAB-425A-8779-828967B2D597}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{B767BE1A-223B-4C1D-A250-552961BBA847}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{540D0E18-9DF8-4631-B811-FAE7D6E9BE4B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0D28AA09-3CAD-4364-91E4-71B739D1E741}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{950D9F5B-F8EA-4063-BBE9-01383861ADBB}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [UDP Query User{CC24AF0D-6BC7-45E6-822E-5805E6EF40D0}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{79A8249F-9653-4E3F-97CA-81B54A6A4B50}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{63916BA3-6B5C-4D51-9327-FD9B0A7EDC58}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{00BA279A-244B-45F8-95A1-2D33641FFFF9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9EF6E11F-CE68-42F9-878E-3CD3D7D40F79}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{339EA8D2-CF93-432F-A76A-72681E3CE7A7}] => (Allow) C:\Users\chapp\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{0C749BC3-72D0-4928-8D72-F0CA6B1A08B9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{A698A5AD-6E4D-44F1-B830-C97F6F241798}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSLinkNear\AsusLinkNear.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{94A0D3F8-2728-498C-BE6A-9D385EC8F713}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​) FirewallRules: [{76F83F82-C344-4A10-A459-3BE899B4E2EC}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​) FirewallRules: [{496D1A3E-378F-4FDA-B092-C0A8174E9124}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{8E14F645-9D2F-4523-83AA-4D0C9703DFE1}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{23D665F6-8714-4815-9A3F-DEDFD0A1FFA7}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{ABFC5BEC-56F6-4449-8C85-F8DAFB83B508}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{817C50DB-3A46-4DE5-8A31-85926ABD545E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E14B148F-443D-43BC-B433-689285748D1B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0E8E7956-1338-4E24-A695-8BF27CB5B7F3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.37\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Points de restauration ========================= 21-05-2021 11:26:41 Point de contrôle planifié ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (05/30/2021 09:57:02 AM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center n'a pas pu valider l'appelant. Erreur %1. Error: (05/30/2021 09:31:16 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORITE NT) Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126). Error: (05/29/2021 10:28:31 AM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center n'a pas pu valider l'appelant. Erreur %1. Error: (05/28/2021 08:53:20 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORITE NT) Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126). Error: (05/27/2021 07:18:00 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORITE NT) Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126). Error: (05/26/2021 09:52:36 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . Error: (05/26/2021 09:52:36 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] Error: (05/26/2021 09:52:36 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . Erreurs système: ============= Error: (05/30/2021 09:31:01 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Le miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {e4d206af-4e8a-446b-b2d1-178174885b7e}, a eu l’événement 74 Error: (05/29/2021 05:17:28 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (05/29/2021 08:14:51 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Le miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {e4d206af-4e8a-446b-b2d1-178174885b7e}, a eu l’événement 74 Error: (05/28/2021 04:42:48 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Le miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {e4d206af-4e8a-446b-b2d1-178174885b7e}, a eu l’événement 74 Error: (05/28/2021 12:49:28 PM) (Source: disk) (EventID: 11) (User: ) Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR2. Error: (05/28/2021 12:47:40 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Le miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {e4d206af-4e8a-446b-b2d1-178174885b7e}, a eu l’événement 74 Error: (05/28/2021 12:23:43 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-VJSGF0LR) Description: Le serveur {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (05/28/2021 12:23:43 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-VJSGF0LR) Description: Le serveur {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. CodeIntegrity: =============== Date: 2021-05-27 16:26:29 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2021-05-25 07:42:51 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. UX331FA.304 10/16/2019 Carte mère: ASUSTeK COMPUTER INC. UX331FA Processeur: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz Pourcentage de mémoire utilisée: 67% Mémoire physique - RAM - totale: 8006.5 MB Mémoire physique - RAM - disponible: 2587.56 MB Mémoire virtuelle totale: 13382.5 MB Mémoire virtuelle disponible: 7176.75 MB ==================== Lecteurs ================================ Drive c: (OS) (Fixed) (Total:237.37 GB) (Free:146.76 GB) (Protected) NTFS \\?\Volume{c4352265-a866-49c9-837b-78d67da6b703}\ () (Fixed) (Total:0.83 GB) (Free:0.38 GB) NTFS \\?\Volume{c02e3ac6-ffa2-48a5-aea1-c8c6c0792194}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 68384152) Partition: GPT. ==================== Fin de Addition.txt =======================