Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 14-04-2023 Exécuté par MYSSA (16-04-2023 19:55:30) Run:1 Exécuté depuis C:\Users\MYSSA\Desktop Profils chargés: MYSSA & ricky Mode d'amorçage: Normal ============================================== fixlist contenu: ***************** start:: CreateRestorePoint: CloseProcesses: HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\...\Run: [MicrosoftEdgeAutoLaunch_23FD7C0DAAFCE67629188D6C40376B66] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4139936 2023-04-10] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2076251002-3686317591-2082796206-1005\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\ricky\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Pas de fichier) HKU\S-1-5-21-2076251002-3686317591-2082796206-1005\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\ricky\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier) HKU\S-1-5-21-2076251002-3686317591-2082796206-1005\...\RunOnce: [Uninstall 23.066.0326.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ricky\AppData\Local\Microsoft\OneDrive\23.066.0326.0005" (Pas de fichier) HKU\S-1-5-21-2076251002-3686317591-2082796206-1005\...\MountPoints2: {1c41b3ca-c2c6-11ec-90a5-001a7dda7115} - "F:\HiSuiteDownLoader.exe" HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: CNMLM9W.DLL (Pas de fichier) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\111.0.5563.111\Installer\chrmstp.exe [2023-03-26] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{209C1DCE-ED14-4B0F-A1F0-3A93797FA34C}" DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0CF29AEA-BA2A-4F0B-9A38-B70507632AE0}" DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{1285C4BB-B89A-46F9-8C35-6A8C6988CE4F}" DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E522C575-BD6C-4A21-B545-C14F5B173BFB}" DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\EPPShellEx DeleteKey: HKLM\Software\Classes\CLSID\{509FE1AF-ADD5-49EC-BC55-7CF81FD16E78} DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%windir%\system32\Control.exe DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%SFT_MNT%\140066.fra\Office14\MSOSYNC.EXE DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%commonprogramfiles%\microsoft shared\virtualization handler\OfficeVirt.exe DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%SFT_MNT%\140066.fra\Office14\ONENOTEM.EXE DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%commonprogramfiles%\microsoft shared\virtualization handler\MapiServer.exe DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%windir%\system32\cmd.exe DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%commonprogramfiles%\microsoft shared\virtualization handler\VirtualOWSSuppManager.exe DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%commonprogramfiles%\microsoft shared\virtualization handler\VirtualSearchHost.exe DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%systemroot%\system32\rundll32.exe DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|E:\EPSETUP.EXE.FriendlyAppName DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|E:\EPSETUP.EXE.ApplicationCompany DeleteValue: HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%windir%\system32\Control.exe DeleteValue: HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%SFT_MNT%\140066.fra\Office14\MSOSYNC.EXE DeleteValue: HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%commonprogramfiles%\microsoft shared\virtualization handler\OfficeVirt.exe DeleteValue: HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%SFT_MNT%\140066.fra\Office14\ONENOTEM.EXE DeleteValue: HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%commonprogramfiles%\microsoft shared\virtualization handler\MapiServer.exe DeleteValue: HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%windir%\system32\cmd.exe DeleteValue: HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%commonprogramfiles%\microsoft shared\virtualization handler\VirtualOWSSuppManager.exe DeleteValue: HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%commonprogramfiles%\microsoft shared\virtualization handler\VirtualSearchHost.exe DeleteValue: HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|Q:\%systemroot%\system32\rundll32.exe DeleteValue: HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|E:\EPSETUP.EXE.FriendlyAppName DeleteValue: HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|E:\EPSETUP.EXE.ApplicationCompany C:\Windows\Temp\2381BFBB-C409-495D-B064-9A9EFBBEEF4A\MpSigStub.exe Task: {A47F1BB3-1F9D-4E57-95EC-6E40E841C4FC} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier FF Extension: (Avast SafePrice) - C:\Users\MYSSA\AppData\Roaming\Mozilla\Firefox\Profiles\ohkt845k.default-1429128229846\Extensions\sp@avast.com.xpi [2017-06-02] [UpdateUrl:hxxps://firefoxextension.avast.com/sp/update.json] S3 MpKsl59b8903c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5CF29C64-107F-4C5F-95C2-479D970388EA}\MpKslDrv.sys [X] Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier EmptyTemp: end:: ***************** Le Point de restauration a été créé avec succès. Processus fermé avec succès. "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\StartCCC" => supprimé(es) avec succès HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => supprimé(es) avec succès "HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Microsoft\Windows\CurrentVersion\Run\\MicrosoftEdgeAutoLaunch_23FD7C0DAAFCE67629188D6C40376B66" => supprimé(es) avec succès "HKU\S-1-5-21-2076251002-3686317591-2082796206-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => supprimé(es) avec succès "HKU\S-1-5-21-2076251002-3686317591-2082796206-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Standalone Update Binary" => supprimé(es) avec succès "HKU\S-1-5-21-2076251002-3686317591-2082796206-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 23.066.0326.0005" => supprimé(es) avec succès HKU\S-1-5-21-2076251002-3686317591-2082796206-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c41b3ca-c2c6-11ec-90a5-001a7dda7115} => supprimé(es) avec succès HKLM\System\CurrentControlSet\Control\Print\Monitors\Canon BJ Language Monitor MP250 series => supprimé(es) avec succès HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => supprimé(es) avec succès "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => supprimé(es) avec succès "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{209C1DCE-ED14-4B0F-A1F0-3A93797FA34C}"" => non trouvé(e) "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0CF29AEA-BA2A-4F0B-9A38-B70507632AE0}"" => non trouvé(e) "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1285C4BB-B89A-46F9-8C35-6A8C6988CE4F}"" => non trouvé(e) "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E522C575-BD6C-4A21-B545-C14F5B173BFB}"" => non trouvé(e) HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\EPPShellEx => supprimé(es) avec succès HKLM\Software\Classes\CLSID\{509FE1AF-ADD5-49EC-BC55-7CF81FD16E78} => non trouvé(e) "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%windir%\system32\Control.exe" => supprimé(es) avec succès "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%SFT_MNT%\140066.fra\Office14\MSOSYNC.EXE" => supprimé(es) avec succès "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%commonprogramfiles%\microsoft shared\virtualization handler\OfficeVirt.exe" => supprimé(es) avec succès "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%SFT_MNT%\140066.fra\Office14\ONENOTEM.EXE" => supprimé(es) avec succès "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%commonprogramfiles%\microsoft shared\virtualization handler\MapiServer.exe" => supprimé(es) avec succès "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%windir%\system32\cmd.exe" => supprimé(es) avec succès "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%commonprogramfiles%\microsoft shared\virtualization handler\VirtualOWSSuppManager.exe" => supprimé(es) avec succès "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%commonprogramfiles%\microsoft shared\virtualization handler\VirtualSearchHost.exe" => supprimé(es) avec succès "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%systemroot%\system32\rundll32.exe" => supprimé(es) avec succès "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\EPSETUP.EXE.FriendlyAppName" => supprimé(es) avec succès "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\EPSETUP.EXE.ApplicationCompany" => supprimé(es) avec succès "HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%windir%\system32\Control.exe" => non trouvé(e) "HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%SFT_MNT%\140066.fra\Office14\MSOSYNC.EXE" => non trouvé(e) "HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%commonprogramfiles%\microsoft shared\virtualization handler\OfficeVirt.exe" => non trouvé(e) "HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%SFT_MNT%\140066.fra\Office14\ONENOTEM.EXE" => non trouvé(e) "HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%commonprogramfiles%\microsoft shared\virtualization handler\MapiServer.exe" => non trouvé(e) "HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%windir%\system32\cmd.exe" => non trouvé(e) "HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%commonprogramfiles%\microsoft shared\virtualization handler\VirtualOWSSuppManager.exe" => non trouvé(e) "HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%commonprogramfiles%\microsoft shared\virtualization handler\VirtualSearchHost.exe" => non trouvé(e) "HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\Q:\%systemroot%\system32\rundll32.exe" => non trouvé(e) "HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\EPSETUP.EXE.FriendlyAppName" => non trouvé(e) "HKU\S-1-5-21-2076251002-3686317591-2082796206-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\EPSETUP.EXE.ApplicationCompany" => non trouvé(e) "C:\Windows\Temp\2381BFBB-C409-495D-B064-9A9EFBBEEF4A\MpSigStub.exe" => non trouvé(e) "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A47F1BB3-1F9D-4E57-95EC-6E40E841C4FC}" => supprimé(es) avec succès "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A47F1BB3-1F9D-4E57-95EC-6E40E841C4FC}" => supprimé(es) avec succès "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => supprimé(es) avec succès C:\Users\MYSSA\AppData\Roaming\Mozilla\Firefox\Profiles\ohkt845k.default-1429128229846\Extensions\sp@avast.com.xpi => déplacé(es) avec succès HKLM\System\CurrentControlSet\Services\MpKsl59b8903c => supprimé(es) avec succès MpKsl59b8903c => service supprimé(es) avec succès HKLM\Software\Classes\PROTOCOLS\Handler\livecall => supprimé(es) avec succès HKLM\Software\Classes\PROTOCOLS\Handler\msnim => supprimé(es) avec succès =========== EmptyTemp: ========== FlushDNS => terminé(e) BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 185131808 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B Windows/system/drivers => 348390102 B Edge => 0 B Chrome => 262956952 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 377551384 B MYSSA => 568963809 B ricky => 1091528088 B DefaultAppPool => 1091528088 B RecycleBin => 495552 B EmptyTemp: => 3.7 GB données temporaires supprimées. ================================ Le système a dû redémarrer. ==== Fin de Fixlog 20:07:17 ====