Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 16-06-2022 Exécuté par amanouchka (17-06-2022 13:56:47) Exécuté depuis C:\Users\amano\Downloads Microsoft Windows 10 Famille Version 21H1 19043.1706 (X64) (2020-09-21 07:49:02) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-3277189310-1464520338-3198985289-500 - Administrator - Disabled) amanouchka (S-1-5-21-3277189310-1464520338-3198985289-1001 - Administrator - Enabled) => C:\Users\amano DefaultAccount (S-1-5-21-3277189310-1464520338-3198985289-503 - Limited - Disabled) Invité (S-1-5-21-3277189310-1464520338-3198985289-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3277189310-1464520338-3198985289-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Bitdefender Antivirus (Enabled - Up to date) {D5850CAC-23D9-65DA-E344-16F6C4C09E68} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1036-1033-7760-BC15014EA700}) (Version: 22.001.20117 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Biblio Manuels version 3.3.2 (HKLM-x32\...\24E53B05-258A-419A-B2FE-F3F059C85B4C_is1) (Version: 3.3.2 - Sejer) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 26.0.1.222 - Bitdefender) Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 23.0.22.97 - Bitdefender) Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 25.5.4.4 - Bitdefender) CCleaner (HKLM\...\CCleaner) (Version: 6.00 - Piriform) Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 102.0.5005.115 - Google LLC) Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation) LibreOffice 6.2 Help Pack (French) (HKLM\...\{2060FD1A-5A58-4C98-B787-5BB45137D6A2}) (Version: 6.2.4.2 - The Document Foundation) Microsoft Access MUI (French) 2013 (HKLM\...\{90150000-0015-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft DCF MUI (French) 2013 (HKLM\...\{90150000-0090-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 102.0.1245.41 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 101.0.1210.53 - Microsoft Corporation) Microsoft Excel MUI (French) 2013 (HKLM\...\{90150000-0016-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation) Microsoft Groove MUI (French) 2013 (HKLM\...\{90150000-00BA-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft InfoPath MUI (French) 2013 (HKLM\...\{90150000-0044-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Lync MUI (French) 2013 (HKLM\...\{90150000-012B-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office OSM MUI (French) 2013 (HKLM\...\{90150000-00E1-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office OSM UX MUI (French) 2013 (HKLM\...\{90150000-00E2-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Office Proofing (French) 2013 (HKLM\...\{90150000-002C-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - Español (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - Nederlands (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - اللغة العربية (HKLM\...\{90150000-001F-0401-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Shared 32-bit MUI (French) 2013 (HKLM\...\{90150000-00C1-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (French) 2013 (HKLM\...\{90150000-006E-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft OneNote MUI (French) 2013 (HKLM\...\{90150000-00A1-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Outlook MUI (French) 2013 (HKLM\...\{90150000-001A-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft PowerPoint MUI (French) 2013 (HKLM\...\{90150000-0018-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Publisher MUI (French) 2013 (HKLM\...\{90150000-0019-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Teams (HKU\S-1-5-21-3277189310-1464520338-3198985289-1001\...\Teams) (Version: 1.5.00.11163 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29325 (HKLM\...\{26AF0C35-55EC-4025-8D83-349E8FB1419F}) (Version: 14.28.29325 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29325 (HKLM\...\{7D0362D5-C699-4403-BC09-0C1DAD1D93AB}) (Version: 14.28.29325 - Microsoft Corporation) Hidden Microsoft Word MUI (French) 2013 (HKLM\...\{90150000-001B-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 101.0.1 (x64 fr)) (Version: 101.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 90.0.1 - Mozilla) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.0.1 - OBS Project) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden paint.net (HKLM\...\{893D9E06-E352-4BE4-B8E4-CFADC08B8DBF}) (Version: 4.2.1 - dotPDN LLC) Skype version 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN) WhatsApp (HKU\S-1-5-21-3277189310-1464520338-3198985289-1001\...\WhatsApp) (Version: 2.2117.5 - WhatsApp) Zoom (HKU\S-1-5-21-3277189310-1464520338-3198985289-1001\...\ZoomUMX) (Version: 5.8.1 (1435) - Zoom Video Communications, Inc.) Packages: ========= ASUS Keyboard Hotkeys -> C:\Program Files\WindowsApps\B9ECED6F.ASUSKeyboardHotkeys_1.0.12.0_x86__qmba6cd70vzyy [2019-09-19] (ASUSTeK COMPUTER INC.) [Startup Task] Biblio Manuels -> C:\Program Files\WindowsApps\EditionsRetz.BiblioManuels_3.10.1.0_x64__xsgm94zvvhr4g [2022-05-30] (S.E.J.E.R) Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-04-15] (Canon Inc.) Centre de configuration des graphiques Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-04-20] (INTEL CORP) [Startup Task] eManual -> C:\Program Files\WindowsApps\B9ECED6F.eManual_2.0.3.0_x86__qmba6cd70vzyy [2019-05-13] (ASUSTeK COMPUTER INC.) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-04-30] (HP Inc.) Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-10-17] (INTEL CORP) LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-05-13] (LinkedIn) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-10] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-10] (Microsoft Corporation) [MS Ad] Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.15225.20204.0_x86__8wekyb3d8bbwe [2022-06-01] (Microsoft Corporation) Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.15225.20204.0_x86__8wekyb3d8bbwe [2022-06-01] (Microsoft Corporation) Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.15225.20204.0_x86__8wekyb3d8bbwe [2022-06-01] (Microsoft Corporation) Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.15225.20204.0_x86__8wekyb3d8bbwe [2022-06-01] (Microsoft Corporation) Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.15225.20204.0_x86__8wekyb3d8bbwe [2022-06-01] (Microsoft Corporation) MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.4.0_x64__qmba6cd70vzyy [2022-05-10] (ASUSTeK COMPUTER INC.) PowerPoint Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.PowerPoint_16001.14326.21018.0_x64__8wekyb3d8bbwe [2022-06-15] (Microsoft Corporation) Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-04-14] (Adobe Systems Incorporated) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj [2020-02-02] (Realtek Semiconductor Corp) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-3277189310-1464520338-3198985289-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\amano\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22062.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3277189310-1464520338-3198985289-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\amano\AppData\Local\Microsoft\OneDrive\19.062.0331.0006\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-3277189310-1464520338-3198985289-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\amano\AppData\Local\Microsoft\OneDrive\19.062.0331.0006\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-3277189310-1464520338-3198985289-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\amano\AppData\Local\Microsoft\OneDrive\19.062.0331.0006\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-3277189310-1464520338-3198985289-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\amano\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\amano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2" ==================== Modules chargés (Avec liste blanche) ============= ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3277189310-1464520338-3198985289-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\S-1-5-21-3277189310-1464520338-3198985289-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3277189310-1464520338-3198985289-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2022-05-12] (Bitdefender SRL -> Bitdefender) BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2022-06-07] (Bitdefender SRL -> Bitdefender) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-05-10] (Oracle America, Inc. -> Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-05-10] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2022-05-12] (Bitdefender SRL -> Bitdefender) BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2022-06-07] (Bitdefender SRL -> Bitdefender) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2022-06-07] (Bitdefender SRL -> Bitdefender) Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2022-06-07] (Bitdefender SRL -> Bitdefender) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2018-04-12 01:38 - 2022-06-10 17:24 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts 2019-08-20 20:40 - 2021-11-25 16:43 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-3277189310-1464520338-3198985289-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 198.51.100.1 - 192.168.0.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKU\S-1-5-21-3277189310-1464520338-3198985289-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-3277189310-1464520338-3198985289-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-3277189310-1464520338-3198985289-1001\...\StartupApproved\Run: => "Skype for Desktop" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{9D601CAB-7B56-4F1D-B451-E985787A3216}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{AEB9F3D4-9C48-4398-B48B-D89898D194F5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8D236FDE-E080-4562-9298-582216BCE9BC}] => (Allow) C:\Users\amano\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier FirewallRules: [{7FD72A2D-7CD8-4EB4-BE36-1A25235D67F4}] => (Allow) C:\Users\amano\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [UDP Query User{E0938695-A17F-4325-940F-34A2B6331498}C:\users\amano\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\amano\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{D6A753C7-C526-4984-BE78-1250CE8890F5}C:\users\amano\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\amano\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7A14EF48-5F56-4AF9-B695-0F00AA156AC5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{558C2575-B59C-4D3B-B558-93A3EEA8677F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{50B49969-673E-49D7-973D-63E618B998C3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{54D36C37-210A-4B3C-A2D5-542B4AC60BA2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{1F910A4D-9B3E-4451-9098-C16B7E9DABD5}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe => Pas de fichier FirewallRules: [UDP Query User{2AAE4B35-9703-43D2-B774-4FD2D684C948}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe => Pas de fichier FirewallRules: [{50BD7056-DA50-4129-9DAF-2A3ED2930E5A}] => (Block) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{03A43C0A-0126-48CA-91B8-CB7CA53CF738}] => (Block) C:\Program Files\Microsoft Office\Office15\FIRSTRUN.EXE (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3F2E60F3-7279-42B7-BBFB-719F56C83AD3}] => (Block) C:\Program Files\Microsoft Office\Office15\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{601E7111-AFC1-41D3-8458-141A60ACC836}] => (Block) C:\Program Files\Microsoft Office\Office15\MSACCESS.EXE (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F4B86F92-8F8C-47B2-AEF2-E593F05504A7}] => (Block) C:\Program Files\Microsoft Office\Office15\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{196CE7D7-AD0C-4872-9A71-7BBBB8BE172B}] => (Block) C:\Program Files\Microsoft Office\Office15\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C920C7A8-3CCC-4090-B5CC-F629FD3944AF}] => (Block) C:\Program Files\Microsoft Office\Office15\POWERPNT.EXE (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C62C67A1-AD98-4F08-9BA4-98C273C5616D}] => (Block) C:\Program Files\Microsoft Office\Office15\PPTICO.EXE (Microsoft Corporation -> ) FirewallRules: [{B8AF4A14-7B45-4942-A96C-9E2E797213FE}] => (Block) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{A5946D92-F919-42F2-8575-025EB0FE98EC}C:\users\amano\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\amano\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{725F7BB4-15EE-4576-A062-96C09D0C39BF}C:\users\amano\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\amano\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8448EF41-8AF3-4B2B-909D-EC6A823ADB7B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{ADFFE0F7-18A7-477A-A3FF-A40AF3E1BD26}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{4F4E74D1-0C28-45D5-A71F-073C2BDD9A08}C:\users\amano\appdata\local\temp\7zs5ad9\enterprisedu.exe] => (Block) C:\users\amano\appdata\local\temp\7zs5ad9\enterprisedu.exe => Pas de fichier FirewallRules: [UDP Query User{47A69DC5-7B47-4B14-BCC0-84DD43AE3CE0}C:\users\amano\appdata\local\temp\7zs5ad9\enterprisedu.exe] => (Block) C:\users\amano\appdata\local\temp\7zs5ad9\enterprisedu.exe => Pas de fichier FirewallRules: [TCP Query User{446A2D79-14D0-4584-B318-507E17C21C85}C:\users\amano\appdata\local\temp\7zs654e\enterprisedu.exe] => (Allow) C:\users\amano\appdata\local\temp\7zs654e\enterprisedu.exe => Pas de fichier FirewallRules: [UDP Query User{3BA85A5B-3106-476D-A0EF-1488655E4504}C:\users\amano\appdata\local\temp\7zs654e\enterprisedu.exe] => (Allow) C:\users\amano\appdata\local\temp\7zs654e\enterprisedu.exe => Pas de fichier FirewallRules: [TCP Query User{2132262D-3105-4FF5-8BBE-ED717082260B}C:\users\amano\downloads\anydesk.exe] => (Block) C:\users\amano\downloads\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [UDP Query User{99F10767-BDBA-4C35-A191-21B97860FEC9}C:\users\amano\downloads\anydesk.exe] => (Block) C:\users\amano\downloads\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{CAD4E4B1-5380-4E1E-9330-7F9CFF0465B7}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.4.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Fichier non signé] FirewallRules: [{019F35AB-60A7-4EFE-8445-DAD1CB091EEE}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.4.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Fichier non signé] FirewallRules: [{4B13D046-F9D0-42C5-903B-6B5EE1F46078}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.4.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Fichier non signé] FirewallRules: [{6D750B07-2D69-4011-8B59-22279F38C459}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.4.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Fichier non signé] FirewallRules: [{BC2A2D60-8261-446C-A4B9-7D1D9CA81624}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0AEAA89D-5A3A-4095-8798-9865E97063BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.15225.20204.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{52557EBC-A03C-4DE9-AE61-5283BDCACC1B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{03FAEB08-E853-4130-A1C8-DB3273B1F2CD}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_32d8af0cc5250776\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) FirewallRules: [{7BBFA5E7-FF48-4003-92CB-2ACC96B65C7B}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_32d8af0cc5250776\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) FirewallRules: [{B8F2E66E-A6D8-4001-A855-749545153A08}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_32d8af0cc5250776\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) FirewallRules: [{BEBBF57B-B0B5-4429-B70F-19D187C1D0CA}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_32d8af0cc5250776\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) FirewallRules: [{86ADB4FE-2DA3-48BB-AEE8-7E72C4C208BA}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_32d8af0cc5250776\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) ==================== Points de restauration ========================= ATTENTION: La Restauration système est désactivée (Total:118.19 GB) (Free:25.58 GB) (22%) ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (06/17/2022 09:50:49 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (06/16/2022 09:03:10 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (06/16/2022 09:02:20 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante explorer.exe, version : 10.0.19041.1682, horodatage : 0x7a09c6db Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x6c1277d0 ID du processus défaillant : 0x4b60 Heure de début de l’application défaillante : 0x01d8814ee98719fe Chemin d’accès de l’application défaillante : C:\WINDOWS\SysWOW64\explorer.exe Chemin d’accès du module défaillant: unknown ID de rapport : 6727365a-a08f-4e09-b7a6-3470629baf5f Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (06/15/2022 03:16:29 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (06/14/2022 07:02:04 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (06/13/2022 11:10:58 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (06/12/2022 09:23:17 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (06/11/2022 03:47:26 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Erreurs système: ============= Error: (06/17/2022 10:57:26 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-IT9HBES6) Description: Le serveur {72B66649-3DBF-429F-BD6F-7774A9784B78} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (06/12/2022 09:20:33 AM) (Source: NetBT) (EventID: 4307) (User: ) Description: L’initialisation a échoué car le transport a refusé d’ouvrir les adresses initiales. Error: (06/10/2022 06:08:15 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-IT9HBES6) Description: Le serveur {72B66649-3DBF-429F-BD6F-7774A9784B78} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (06/10/2022 06:07:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Mozilla Maintenance Service s’est arrêté avec l’erreur : Fonction incorrecte. Error: (06/10/2022 05:52:56 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-IT9HBES6) Description: Le serveur {72B66649-3DBF-429F-BD6F-7774A9784B78} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (06/09/2022 10:12:39 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-IT9HBES6) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (06/09/2022 10:12:39 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-IT9HBES6) Description: Le serveur {72B66649-3DBF-429F-BD6F-7774A9784B78} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (06/09/2022 08:36:46 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-IT9HBES6) Description: DCOM a reçu l’erreur « 87 » lors de la tentative de démarrage du service GamingServices avec les arguments « Non disponible » pour exécuter le serveur : {3E8C9ABE-9226-4609-BF5B-60288A391DEE} CodeIntegrity: =============== Date: 2022-06-17 07:39:08 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\265982087069927908\antimalware_provider64.dll that did not meet the Windows signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. X430UA.304 05/22/2019 Carte mère: ASUSTeK COMPUTER INC. X430UA Processeur: Intel(R) Core(TM) i3-8130U CPU @ 2.20GHz Pourcentage de mémoire utilisée: 90% Mémoire physique - RAM - totale: 3978.25 MB Mémoire physique - RAM - disponible: 388.54 MB Mémoire virtuelle totale: 7946.25 MB Mémoire virtuelle disponible: 2173.15 MB ==================== Lecteurs ================================ Drive c: (OS) (Fixed) (Total:118.19 GB) (Free:25.58 GB) (Model: SanDisk SD9SN8W128G1002) NTFS \\?\Volume{e7571305-74c1-47f8-8e4b-14567cc12b65}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.28 GB) NTFS \\?\Volume{121d2545-959d-4643-a7d9-614d28953cfb}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: 74312879) Partition: GPT. ==================== Fin de Addition.txt =======================