Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 13-09-2020
Exécuté par Hubert ADAM (16-09-2020 10:54:10)
Exécuté depuis C:\Users\Hubert ADAM\OneDrive\Bureau\Entretien du P C
Windows 10 Home Version 2004 19041.508 (X64) (2020-08-06 16:49:58)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-2054349979-2097359801-3439916128-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2054349979-2097359801-3439916128-503 - Limited - Disabled)
huada (S-1-5-21-2054349979-2097359801-3439916128-1003 - Limited - Disabled)
Hubert ADAM (S-1-5-21-2054349979-2097359801-3439916128-1001 - Administrator - Enabled) => C:\Users\Hubert ADAM
Invité (S-1-5-21-2054349979-2097359801-3439916128-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2054349979-2097359801-3439916128-504 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.53 - NVIDIA Corporation) Hidden
Apple Application Support (32 bits) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.030 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
ELAN Touchpad 11.5.20.3_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.20.3 - ELAN Microelectronic Corp.)
Étude pour l'amélioration du produit HP OfficeJet Pro 8720 (HKLM\...\{8EF5BA77-FFC0-4BA8-BE64-DE3708148897}) (Version: 40.12.1161.1896 - HP Inc.)
Extension Système de Microsoft Money (HKLM-x32\...\{CF5193FE-6B37-11D5-B7D2-00AA00A204F1}) (Version: 10.0.150 - Microsoft)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
HP Dropbox Plugin (HKLM-x32\...\{6401399A-F5DA-4C04-87AA-E8107DF00751}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{63BCC696-0FB4-4E9C-8144-2DA4F248FC17}) (Version: 36.0.41.58587 - HP)
HP OfficeJet Pro 8720 Aide (HKLM-x32\...\{7C912A52-95C1-4F4F-8A20-9B7AD7BA4D65}) (Version: 38.0.0 - HP)
I.R.I.S. OCR (HKLM-x32\...\{D5CFF630-2F9B-4EE5-8F2F-EFBDFCE413CC}) (Version: 12.3.7.0 - HP)
iTunes (HKLM\...\{CEC7613B-E286-4A31-BEE3-3F7798488D9F}) (Version: 12.1.3.6 - Apple Inc.)
Logiciel de base du périphérique HP OfficeJet Pro 8720 (HKLM\...\{70F864C7-EF6A-4675-A24E-5AE261C62892}) (Version: 40.12.1161.1896 - HP Inc.)
Malwarebytes version 4.2.0.82 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.0.82 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Money (HKLM-x32\...\{E7298FDF-1386-11D5-8D6C-0050DAD32D95}) (Version: 10.0.150 - Microsoft)
Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.13127.20408 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mises à jour NVIDIA 25.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.0.0.0 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.53 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA Pilote graphique 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.53 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20378 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Panneau de configuration NVIDIA 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.53 - NVIDIA Corporation) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-2054349979-2097359801-3439916128-1001\...\PhotoFiltre 7) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7576 - Realtek Semiconductor Corp.)
RLinkToolbox 3.3.0.1896 (HKLM-x32\...\RLinkToolbox) (Version: 3.3.0.1896 - TomTom)
Samsung DeX (HKLM-x32\...\{011B9130-F4CA-4245-8BDE-8D6CE4149F92}) (Version: 1.0.2.23 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{0dd3314d-90c2-4482-b6d3-f9f7a5427b3e}) (Version: 1.0.2.23 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.31.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.8.3 - TeamViewer)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-08-09] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-21] (Microsoft Studios) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.21.1.0_x64__nfy108tqq3p12 [2020-08-26] (Thumbmunkeys Ltd)
Porsche 911 GT2 RS - Forza Motorsport 7 -> C:\Program Files\WindowsApps\MicrosoftCorporation.Porsche911GT2RS-ForzaMotorspo_1.0.0.0_neutral__8wekyb3d8bbwe [2020-08-06] (Microsoft Corporation)

==================== Personnalisé CLSID (Avec liste blanche): ==============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-09-15] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-06-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-09-15] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Avec liste blanche) ====================

==================== Raccourcis & WMI ========================

==================== Modules chargés (Avec liste blanche) =============

2020-08-06 22:14 - 2020-08-06 22:14 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2020-08-06 22:14 - 2020-08-06 22:14 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2020-08-07 14:35 - 2017-06-08 01:38 - 000869016 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2020-08-07 14:36 - 2017-06-08 01:38 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr64.dll

==================== Alternate Data Streams (Avec liste blanche) ========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\Users\Hubert ADAM\Downloads\SamsungDeXSetupWin.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Hubert ADAM\Downloads\TeamViewer_Setup.exe:SmartScreen [7]

==================== Mode sans échec (Avec liste blanche) ==================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Avec liste blanche) =================

==================== Internet Explorer (Avec liste blanche) ==========

HKU\S-1-5-21-2054349979-2097359801-3439916128-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Pas de nom -> {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} -> C:\Program Files (x86)\Microsoft Money\System\mnyviewer.dll [2001-07-25] (Microsoft Corporation) [Fichier non signé]
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts contenu: =========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Autres zones ===========================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-2054349979-2097359801-3439916128-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Hubert ADAM\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "MoneyStartUp10.0"
HKU\S-1-5-21-2054349979-2097359801-3439916128-1001\...\StartupApproved\Run: => "Samsung DeX"

==================== RèglesPare-feu (Avec liste blanche) ================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{006B34C2-5DBC-4504-8B18-E3D0FF36ED8D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{34557A2C-98AA-4309-AAFD-296047110910}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F52BFB47-2DF4-4DD1-80B2-BF8063F64B26}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B68F2FAC-FEF1-4F77-94FA-C080B5CFA8CE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D8A8DE7E-D657-481A-864F-3162FD40D0F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D003C282-9EF9-4323-988B-F1684D040CC6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FBD23CAD-F9E9-499D-B67E-C0DB42D6B7E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7F750ABD-7B67-4508-8CAE-022F47CA25A7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BF3BB193-1750-47B4-9B57-76A502BFB8AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A5E597AE-4362-4D56-B1DF-8B7FD4F490E0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F1B21605-3FEC-44FD-BC2F-BB1B8BE77186}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{094B65E3-39F6-4FF3-9229-71823C506270}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B1363E3D-4B40-4A33-8821-487399559AD2}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{9C222B36-AD88-4F4B-9F06-6D47589A84FB}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{DC3259DA-CC77-4144-82C6-FC9DA6ECB26A}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{DF6691A1-62A7-40DD-A474-F6ED69AF4523}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{18C8FB67-4202-498C-AEAD-330D75AA1272}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{8919C7E6-BD76-4A9F-AA76-1D1147B51F99}] => (Allow) LPort=5357
FirewallRules: [{F7870BFB-DCF3-4FBE-97B1-071061C64279}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [TCP Query User{FED2A8DB-374A-47E5-B603-D4E1367D1863}C:\program files (x86)\samsung\samsung dex\samsungdex.exe] => (Allow) C:\program files (x86)\samsung\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [UDP Query User{C2D98A34-1605-40F6-903E-3A22591FA579}C:\program files (x86)\samsung\samsung dex\samsungdex.exe] => (Allow) C:\program files (x86)\samsung\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{837BCBB5-EDD5-4190-AC6F-C83D0BE24A8C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AF11459C-CEB6-42B6-86A7-3595474C47B5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{99769FFF-029B-4A27-BFCA-26ED01D45977}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{952CC701-77C6-447E-A76E-3E47652C2F9C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6CB2DFF1-742F-49C1-ACE5-7F804EDBEA4B}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A6B7FD00-89F2-4D6E-9160-B05E04B40BE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D93EB80F-A35F-4EC4-95A7-AEF23F337E3F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Points de restauration =========================

13-09-2020 19:00:09 Sauvegarde Windows

==================== Éléments en erreur du Gestionnaire de périphériques ============


==================== Erreurs du Journal des événements: ========================

Erreurs Application:
==================
Error: (09/16/2020 07:58:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname HA-1951.local already in use; will try HA-1985.local instead

Error: (09/16/2020 07:58:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 HA-1951.local. Addr 192.168.1.21

Error: (09/16/2020 07:58:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.21:5353 16 HA-1951.local. AAAA 2A01:CB08:8AEF:1600:A028:E6D2:E26F:9CF9

Error: (09/16/2020 07:58:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 HA-1951.local. AAAA FE80:0000:0000:0000:A028:E6D2:E26F:9CF9

Error: (09/16/2020 07:58:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.21:5353 16 HA-1951.local. AAAA 2A01:CB08:8AEF:1600:A028:E6D2:E26F:9CF9

Error: (09/16/2020 07:58:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 HA-1951.local. Addr 192.168.1.21

Error: (09/16/2020 07:58:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.21:5353 16 HA-1951.local. AAAA 2A01:CB08:8AEF:1600:A028:E6D2:E26F:9CF9

Error: (09/15/2020 05:50:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname HA-1951.local already in use; will try HA-2024.local instead


Erreurs système:
=============
Error: (09/15/2020 07:46:42 PM) (Source: disk) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR4.

Error: (09/15/2020 01:36:15 PM) (Source: disk) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk3\DR3.

Error: (09/15/2020 01:21:18 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 12:40:25 le ‎15/‎09/‎2020 n’était pas prévu.

Error: (09/15/2020 01:21:10 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: AUTORITE NT)
Description: 3221225684Une erreur irrécupérable s’est produite pendant le traitement des données de restauration.

Error: (09/15/2020 12:47:16 PM) (Source: disk) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk3\DR3.

Error: (09/15/2020 11:20:29 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: AUTORITE NT)
Description: Vérification du volume chiffré : impossible de lire les informations de volume sur G:.

Error: (09/15/2020 11:20:22 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: AUTORITE NT)
Description: Vérification du volume chiffré : impossible de lire les informations de volume sur G:.

Error: (09/15/2020 11:20:18 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: AUTORITE NT)
Description: Vérification du volume chiffré : impossible de lire les informations de volume sur G:.


Windows Defender:
===================================
Date: 2020-09-15 08:21:32.5330000Z
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {0D9639A3-6D1C-4C84-BE39-76F77B8DE1D3}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2020-09-14 08:45:54.9500000Z
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {C671216D-7E8C-43C3-B627-58F50187440A}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2020-09-12 10:12:15.0140000Z
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {5FA13577-CBBF-4EE1-95AA-69FC98D2632B}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2020-09-10 08:25:05.9080000Z
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {0D148B42-0B9C-4921-8F8B-FAF2A55F3F9E}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2020-09-09 08:28:06.3480000Z
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {C624FCBA-4892-4038-A068-8F1BA000AF51}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2020-08-12 14:23:30.0970000Z
Description:
Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.321.1221.0
Source de mise à jour : Serveur Microsoft Update
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.17300.4
Code d’erreur : 0x8024402c
Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support.

CodeIntegrity:
===================================

Date: 2020-09-16 10:41:45.3530000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-16 10:41:45.3480000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-16 10:41:44.9740000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-16 10:41:44.9700000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-16 10:39:25.2820000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-16 10:39:25.2800000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-16 10:39:24.9970000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-16 10:39:24.9950000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Infos Mémoire ===========================

BIOS: American Megatrends Inc. G751JT.213 06/11/2019
Carte mère: ASUSTeK COMPUTER INC. G751JT
Processeur: Intel(R) Core(TM) i7-4720HQ CPU @ 2.60GHz
Pourcentage de mémoire utilisée: 30%
Mémoire physique - RAM - totale: 16333.16 MB
Mémoire physique - RAM - disponible: 11279.25 MB
Mémoire virtuelle totale: 18765.16 MB
Mémoire virtuelle disponible: 13403.26 MB

==================== Lecteurs ================================

Drive c: () (Fixed) (Total:237.43 GB) (Free:134.41 GB) NTFS
Drive e: (Disque Actif) (Fixed) (Total:465.75 GB) (Free:233.93 GB) NTFS
Drive f: (Sauvegarde ) (Fixed) (Total:465.76 GB) (Free:125.08 GB) NTFS
Drive g: () (Removable) (Total:1.88 GB) (Free:1.06 GB) NTFS
Drive j: (COMPTA) (Removable) (Total:29.45 GB) (Free:24.06 GB) NTFS

\\?\Volume{85d95f71-9077-41e6-8d5f-1e1dc42e21f3}\ (Récupération) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{d8486512-166b-4ef9-ba18-fde360d82d6b}\ () (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{2b416b2e-3704-4f23-a833-32a370973e04}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Table des partitions ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 4F78595F)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 1B98C892)

Partition: GPT.

==========================================================
Disk: 2 (Size: 1.9 GB) (Disk ID: 04030201)
Partition 1: (Not Active) - (Size=1.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 29.5 GB) (Disk ID: 10BC5128)
Partition 1: (Not Active) - (Size=29.4 GB) - (Type=07 NTFS)

==================== Fin de Addition.txt =======================