Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 05-04-2020
Exécuté par gaetano (05-04-2020 15:14:55)
Exécuté depuis C:\Users\gaetano\Desktop
Windows 10 Home Version 1909 18363.720 (X64) (2019-06-17 11:46:55)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-2415965574-800504334-562860778-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2415965574-800504334-562860778-503 - Limited - Disabled)
gaetano (S-1-5-21-2415965574-800504334-562860778-1001 - Administrator - Enabled) => C:\Users\gaetano
Invité (S-1-5-21-2415965574-800504334-562860778-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2415965574-800504334-562860778-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 19.00 (HKLM-x32\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Architecture 3D 3.1 - Plan 2D (HKLM-x32\...\LiveCAD_3-Plan2D_is1) (Version: - LiveCAD)
Assistance pour l’iPod (HKLM\...\{BA5E603A-C647-4EA3-860A-15C5498361C2}) (Version: 120.7.3.55 - Apple Inc.)
Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Facebook Gameroom 1.22.7235.32722 (HKLM-x32\...\{2867E3AE-18BA-4BCF-8268-F797A401ED86}) (Version: 1.22.7235.32722 - Facebook)
HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Lexmark Pro200-S500 Series (HKLM\...\Lexmark Pro200-S500 Series) (Version: - Lexmark International, Inc.)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Mozilla Firefox 74.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 74.0.1 (x64 fr)) (Version: 74.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0 - Mozilla)
Mozilla Thunderbird 68.6.0 (x86 fr) (HKLM-x32\...\Mozilla Thunderbird 68.6.0 (x86 fr)) (Version: 68.6.0 - Mozilla)
NVIDIA Pilote audio HD : 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
OpenOffice 4.1.6 (HKLM-x32\...\{50D70A8D-0503-4AA6-97EF-09849E9FB520}) (Version: 4.16.9790 - Apache Software Foundation)
Panneau de configuration NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.5.0 - pdfforge GmbH)
PhotoFiltre 7 (HKU\S-1-5-21-2415965574-800504334-562860778-1001\...\PhotoFiltre 7) (Version: - )
Realtek USB Wireless LAN Driver (HKLM-x32\...\InstallShield_{DBCC4C27-F949-482b-B786-7B3B67587CD2}) (Version: Drv_3.00.0027 - REALTEK Semiconductor Corp.)
Realtek USB Wireless LAN Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: UI_1.00.0287 - REALTEK Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.3.0.1910 - Samsung Electronics)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{16FF3A8D-2E40-4652-B040-8FF3931909EE}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{EC4F72E8-52FE-454E-B70F-DBE5C0FA44C5}) (Version: 1.20.0.0 - Microsoft Corporation) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Packages:
=========
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-15] (Microsoft Corporation)
Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-07-31] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.671.0_x64__v10z8vjag6ke6 [2020-02-06] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa [2020-03-26] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft News: les actualités à ne pas manquer -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-27] (Microsoft Studios) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Pride 2019 -> C:\Program Files\WindowsApps\Microsoft.Pride2019_9.0.0.0_neutral__8wekyb3d8bbwe [2019-06-26] (Microsoft Corporation)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2020-01-29] (VideoLAN)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2018-11-13] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
==================== Modules chargés (Avec liste blanche) =============
2019-10-23 19:12 - 2019-10-23 19:12 - 000774656 _____ () [Fichier non signé] C:\Users\gaetano\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2019-10-23 19:12 - 2019-10-23 19:12 - 001184256 _____ () [Fichier non signé] C:\Users\gaetano\AppData\Local\Facebook\Games\CefSharp.Core.dll
2019-10-23 19:12 - 2019-10-23 19:12 - 071641088 _____ () [Fichier non signé] C:\Users\gaetano\AppData\Local\Facebook\Games\libcef.dll
2019-10-23 19:12 - 2019-10-23 19:12 - 000078848 _____ () [Fichier non signé] C:\Users\gaetano\AppData\Local\Facebook\Games\libegl.dll
2019-10-23 19:12 - 2019-10-23 19:12 - 003149824 _____ () [Fichier non signé] C:\Users\gaetano\AppData\Local\Facebook\Games\libglesv2.dll
2019-06-20 08:19 - 2019-06-20 08:19 - 000116736 _____ (pdfforge GmbH) [Fichier non signé] C:\WINDOWS\System32\pdfcmon.dll
2019-10-23 19:12 - 2019-10-23 19:12 - 000433664 _____ (The Chromium Authors) [Fichier non signé] C:\Users\gaetano\AppData\Local\Facebook\Games\chrome_elf.dll
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer sites de confiance/sensibles ==========
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\S-1-5-21-2415965574-800504334-562860778-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2415965574-800504334-562860778-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2015-07-31 00:42 - 2015-07-31 00:39 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-02-13 19:15 - 2019-02-13 19:15 - 000000442 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-2415965574-800504334-562860778-1001\Control Panel\Desktop\\Wallpaper -> c:\users\gaetano\appdata\roaming\mozilla\firefox\fond d’écran.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "lxebmon.exe"
HKLM\...\StartupApproved\Run: => "EzPrint"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "BrStsInd00"
HKU\S-1-5-21-2415965574-800504334-562860778-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-2415965574-800504334-562860778-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2415965574-800504334-562860778-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2415965574-800504334-562860778-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-2415965574-800504334-562860778-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{8A0B6F31-044B-40E5-98C8-9CDA3A39C564}] => (Allow) C:\WINDOWS\system32\LXEBcoms.exe (Lexmark International, Inc. -> )
FirewallRules: [{756EF414-4BBF-4834-AF6D-480DDA55B892}] => (Allow) C:\WINDOWS\system32\LXEBcoms.exe (Lexmark International, Inc. -> )
FirewallRules: [{D9D772A4-1A67-4C38-82A3-5BFB7F5CA8FE}] => (Allow) C:\WINDOWS\system32\lxebcoms.exe (Lexmark International, Inc. -> )
FirewallRules: [{874FD039-69FE-45C2-9196-A73254EBDDB4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DC8DDD03-7A31-4A11-928F-A1FFA7973C0D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{05314555-F865-4C99-92F4-A554F2D1A8FB}] => (Allow) C:\WINDOWS\system32\LXEBcoms.exe (Lexmark International, Inc. -> )
FirewallRules: [{E5770460-82CF-45DF-97D7-AD990049D3BE}] => (Allow) C:\WINDOWS\system32\LXEBcoms.exe (Lexmark International, Inc. -> )
FirewallRules: [{BCA878F2-944C-4023-8400-608FA7258ECF}] => (Allow) C:\WINDOWS\system32\LXEBcoms.exe (Lexmark International, Inc. -> )
FirewallRules: [{EF5BE184-216C-465E-9720-B78871A91CE9}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~2\RtWlan.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
FirewallRules: [{02862183-5796-4500-BE31-286CFA4C795E}] => (Allow) LPort=1542
FirewallRules: [{388152F5-23D9-49A7-8AA9-9C4211D369BD}] => (Allow) LPort=1542
FirewallRules: [{A600447C-FAC7-45A8-A7E8-78D7F1AE49D6}] => (Allow) LPort=53
FirewallRules: [{5FF252A2-AB49-4143-86F2-8EBD831E6582}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~2\Rtldhcp.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{879768E7-0DFD-4B31-8A89-D7C85AA1643C}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{96F34D44-26D5-47BD-8C41-EAC8AA068E3D}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{7638DBEB-8CBD-46ED-B218-8C52723023D6}] => (Allow) LPort=53
FirewallRules: [{35EAF6FA-4A02-49E3-B3F0-3253E0AFC65D}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{8C608C0F-D0B0-4A63-A322-09F9710CFAA8}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{B0605D78-E267-4622-9623-F58209908977}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{A18DC315-595E-4900-98AA-B216256E6EEC}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{FDC72E70-0D03-4302-B6DE-E70E49D5D4F7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3A9DBF39-6160-420D-91D7-2A453BFB5DD0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CE247833-2BEA-43E5-A9B8-7794E240F97A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8E9ABD21-0A2B-45DE-9DE8-A89884465F57}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{472FA12C-0EED-4A0D-86B5-437E6C759421}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{77E4E90C-9163-42F1-9DA5-A71311FEEA63}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{58EAEBB0-FDF1-415B-BEF7-80B1E2A0CA9A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8259D9DB-F1FA-44D8-83C3-AC0F1B9746D4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
==================== Points de restauration =========================
21-03-2020 20:13:41 Point de contrôle planifié
31-03-2020 18:21:36 Point de contrôle planifié
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (04/05/2020 02:54:48 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6124,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/05/2020 02:37:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5908,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/05/2020 01:59:05 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4336,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/05/2020 01:34:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9220,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/05/2020 12:37:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5372,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/05/2020 12:16:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10168,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/05/2020 09:30:37 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7916,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/05/2020 09:07:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8120,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Erreurs système:
=============
Error: (04/05/2020 08:27:08 AM) (Source: DCOM) (EventID: 10000) (User: GAETANO)
Description: Impossible de démarrer un serveur DCOM : {0358B920-0AC7-461F-98F4-58E32CD89148}. L’erreur
« 2147942767 »
s’est produite lors du démarrage de la commande :
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/05/2020 12:43:05 AM) (Source: DCOM) (EventID: 10005) (User: GAETANO)
Description: DCOM a reçu l’erreur « 1053 » lors de la tentative de démarrage du service BcastDVRUserService_4a8f97 avec les arguments « Non disponible » pour exécuter le serveur :
Windows.Media.Capture.Internal.AppCaptureShell
Error: (04/05/2020 12:43:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service utilisateur de diffusion et GameDVR_4a8f97 n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (04/05/2020 12:43:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Service utilisateur de diffusion et GameDVR_4a8f97.
Error: (04/03/2020 11:54:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Realtek DHCP Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (04/03/2020 11:54:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service lxebCATSCustConnectService n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (04/03/2020 11:54:01 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (45000 millisecondes) a été atteint lors de l’attente de la connexion du service lxebCATSCustConnectService.
Error: (04/03/2020 11:53:09 AM) (Source: DCOM) (EventID: 10005) (User: GAETANO)
Description: DCOM a reçu l’erreur « 1053 » lors de la tentative de démarrage du service BcastDVRUserService_2549d avec les arguments « Non disponible » pour exécuter le serveur :
Windows.Media.Capture.Internal.AppCaptureShell
CodeIntegrity:
===================================
Date: 2020-04-05 13:55:52.556
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-04-05 13:55:52.522
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-04-05 13:55:52.376
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-04-05 08:13:01.982
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-04-05 08:13:01.947
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-04-05 08:13:01.907
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-04-05 08:13:01.869
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-04-05 08:13:01.824
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Infos Mémoire ===========================
BIOS: American Megatrends Inc. V8.4 08/10/2016
Carte mère: MSI A68HM-E33 V2 (MS-7721)
Processeur: AMD Athlon(tm) X2 370K Dual Core Processor
Pourcentage de mémoire utilisée: 42%
Mémoire physique - RAM - totale: 8152.44 MB
Mémoire physique - RAM - disponible: 4661.19 MB
Mémoire virtuelle totale: 12760.44 MB
Mémoire virtuelle disponible: 7418.82 MB
==================== Lecteurs ================================
Drive c: (Disque local) (Fixed) (Total:110.87 GB) (Free:73.53 GB) NTFS
Drive e: (Disque documents) (Fixed) (Total:111.66 GB) (Free:85.92 GB) NTFS
\\?\Volume{008897f5-0000-0000-0000-100000000000}\ (Réservé au système) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{008897f5-0000-0000-0000-00be1b000000}\ () (Fixed) (Total:0.82 GB) (Free:0.42 GB) NTFS
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 008897F5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=838 MB) - (Type=27)
==========================================================
Disk: 1 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Fin de Addition.txt =======================
Exécuté par gaetano (05-04-2020 15:14:55)
Exécuté depuis C:\Users\gaetano\Desktop
Windows 10 Home Version 1909 18363.720 (X64) (2019-06-17 11:46:55)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-2415965574-800504334-562860778-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2415965574-800504334-562860778-503 - Limited - Disabled)
gaetano (S-1-5-21-2415965574-800504334-562860778-1001 - Administrator - Enabled) => C:\Users\gaetano
Invité (S-1-5-21-2415965574-800504334-562860778-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2415965574-800504334-562860778-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 19.00 (HKLM-x32\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Architecture 3D 3.1 - Plan 2D (HKLM-x32\...\LiveCAD_3-Plan2D_is1) (Version: - LiveCAD)
Assistance pour l’iPod (HKLM\...\{BA5E603A-C647-4EA3-860A-15C5498361C2}) (Version: 120.7.3.55 - Apple Inc.)
Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Facebook Gameroom 1.22.7235.32722 (HKLM-x32\...\{2867E3AE-18BA-4BCF-8268-F797A401ED86}) (Version: 1.22.7235.32722 - Facebook)
HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Lexmark Pro200-S500 Series (HKLM\...\Lexmark Pro200-S500 Series) (Version: - Lexmark International, Inc.)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Mozilla Firefox 74.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 74.0.1 (x64 fr)) (Version: 74.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0 - Mozilla)
Mozilla Thunderbird 68.6.0 (x86 fr) (HKLM-x32\...\Mozilla Thunderbird 68.6.0 (x86 fr)) (Version: 68.6.0 - Mozilla)
NVIDIA Pilote audio HD : 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
OpenOffice 4.1.6 (HKLM-x32\...\{50D70A8D-0503-4AA6-97EF-09849E9FB520}) (Version: 4.16.9790 - Apache Software Foundation)
Panneau de configuration NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.5.0 - pdfforge GmbH)
PhotoFiltre 7 (HKU\S-1-5-21-2415965574-800504334-562860778-1001\...\PhotoFiltre 7) (Version: - )
Realtek USB Wireless LAN Driver (HKLM-x32\...\InstallShield_{DBCC4C27-F949-482b-B786-7B3B67587CD2}) (Version: Drv_3.00.0027 - REALTEK Semiconductor Corp.)
Realtek USB Wireless LAN Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: UI_1.00.0287 - REALTEK Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.3.0.1910 - Samsung Electronics)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{16FF3A8D-2E40-4652-B040-8FF3931909EE}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{EC4F72E8-52FE-454E-B70F-DBE5C0FA44C5}) (Version: 1.20.0.0 - Microsoft Corporation) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Packages:
=========
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-15] (Microsoft Corporation)
Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-07-31] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.671.0_x64__v10z8vjag6ke6 [2020-02-06] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa [2020-03-26] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft News: les actualités à ne pas manquer -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-27] (Microsoft Studios) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Pride 2019 -> C:\Program Files\WindowsApps\Microsoft.Pride2019_9.0.0.0_neutral__8wekyb3d8bbwe [2019-06-26] (Microsoft Corporation)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2020-01-29] (VideoLAN)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2018-11-13] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
==================== Modules chargés (Avec liste blanche) =============
2019-10-23 19:12 - 2019-10-23 19:12 - 000774656 _____ () [Fichier non signé] C:\Users\gaetano\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2019-10-23 19:12 - 2019-10-23 19:12 - 001184256 _____ () [Fichier non signé] C:\Users\gaetano\AppData\Local\Facebook\Games\CefSharp.Core.dll
2019-10-23 19:12 - 2019-10-23 19:12 - 071641088 _____ () [Fichier non signé] C:\Users\gaetano\AppData\Local\Facebook\Games\libcef.dll
2019-10-23 19:12 - 2019-10-23 19:12 - 000078848 _____ () [Fichier non signé] C:\Users\gaetano\AppData\Local\Facebook\Games\libegl.dll
2019-10-23 19:12 - 2019-10-23 19:12 - 003149824 _____ () [Fichier non signé] C:\Users\gaetano\AppData\Local\Facebook\Games\libglesv2.dll
2019-06-20 08:19 - 2019-06-20 08:19 - 000116736 _____ (pdfforge GmbH) [Fichier non signé] C:\WINDOWS\System32\pdfcmon.dll
2019-10-23 19:12 - 2019-10-23 19:12 - 000433664 _____ (The Chromium Authors) [Fichier non signé] C:\Users\gaetano\AppData\Local\Facebook\Games\chrome_elf.dll
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer sites de confiance/sensibles ==========
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\S-1-5-21-2415965574-800504334-562860778-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2415965574-800504334-562860778-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2015-07-31 00:42 - 2015-07-31 00:39 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-02-13 19:15 - 2019-02-13 19:15 - 000000442 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-2415965574-800504334-562860778-1001\Control Panel\Desktop\\Wallpaper -> c:\users\gaetano\appdata\roaming\mozilla\firefox\fond d’écran.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "lxebmon.exe"
HKLM\...\StartupApproved\Run: => "EzPrint"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "BrStsInd00"
HKU\S-1-5-21-2415965574-800504334-562860778-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-2415965574-800504334-562860778-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2415965574-800504334-562860778-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2415965574-800504334-562860778-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-2415965574-800504334-562860778-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{8A0B6F31-044B-40E5-98C8-9CDA3A39C564}] => (Allow) C:\WINDOWS\system32\LXEBcoms.exe (Lexmark International, Inc. -> )
FirewallRules: [{756EF414-4BBF-4834-AF6D-480DDA55B892}] => (Allow) C:\WINDOWS\system32\LXEBcoms.exe (Lexmark International, Inc. -> )
FirewallRules: [{D9D772A4-1A67-4C38-82A3-5BFB7F5CA8FE}] => (Allow) C:\WINDOWS\system32\lxebcoms.exe (Lexmark International, Inc. -> )
FirewallRules: [{874FD039-69FE-45C2-9196-A73254EBDDB4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DC8DDD03-7A31-4A11-928F-A1FFA7973C0D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{05314555-F865-4C99-92F4-A554F2D1A8FB}] => (Allow) C:\WINDOWS\system32\LXEBcoms.exe (Lexmark International, Inc. -> )
FirewallRules: [{E5770460-82CF-45DF-97D7-AD990049D3BE}] => (Allow) C:\WINDOWS\system32\LXEBcoms.exe (Lexmark International, Inc. -> )
FirewallRules: [{BCA878F2-944C-4023-8400-608FA7258ECF}] => (Allow) C:\WINDOWS\system32\LXEBcoms.exe (Lexmark International, Inc. -> )
FirewallRules: [{EF5BE184-216C-465E-9720-B78871A91CE9}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~2\RtWlan.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
FirewallRules: [{02862183-5796-4500-BE31-286CFA4C795E}] => (Allow) LPort=1542
FirewallRules: [{388152F5-23D9-49A7-8AA9-9C4211D369BD}] => (Allow) LPort=1542
FirewallRules: [{A600447C-FAC7-45A8-A7E8-78D7F1AE49D6}] => (Allow) LPort=53
FirewallRules: [{5FF252A2-AB49-4143-86F2-8EBD831E6582}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~2\Rtldhcp.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{879768E7-0DFD-4B31-8A89-D7C85AA1643C}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{96F34D44-26D5-47BD-8C41-EAC8AA068E3D}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{7638DBEB-8CBD-46ED-B218-8C52723023D6}] => (Allow) LPort=53
FirewallRules: [{35EAF6FA-4A02-49E3-B3F0-3253E0AFC65D}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{8C608C0F-D0B0-4A63-A322-09F9710CFAA8}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{B0605D78-E267-4622-9623-F58209908977}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{A18DC315-595E-4900-98AA-B216256E6EEC}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{FDC72E70-0D03-4302-B6DE-E70E49D5D4F7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3A9DBF39-6160-420D-91D7-2A453BFB5DD0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CE247833-2BEA-43E5-A9B8-7794E240F97A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8E9ABD21-0A2B-45DE-9DE8-A89884465F57}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{472FA12C-0EED-4A0D-86B5-437E6C759421}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{77E4E90C-9163-42F1-9DA5-A71311FEEA63}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{58EAEBB0-FDF1-415B-BEF7-80B1E2A0CA9A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8259D9DB-F1FA-44D8-83C3-AC0F1B9746D4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
==================== Points de restauration =========================
21-03-2020 20:13:41 Point de contrôle planifié
31-03-2020 18:21:36 Point de contrôle planifié
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (04/05/2020 02:54:48 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6124,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/05/2020 02:37:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5908,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/05/2020 01:59:05 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4336,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/05/2020 01:34:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9220,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/05/2020 12:37:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5372,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/05/2020 12:16:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10168,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/05/2020 09:30:37 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7916,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/05/2020 09:07:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8120,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Erreurs système:
=============
Error: (04/05/2020 08:27:08 AM) (Source: DCOM) (EventID: 10000) (User: GAETANO)
Description: Impossible de démarrer un serveur DCOM : {0358B920-0AC7-461F-98F4-58E32CD89148}. L’erreur
« 2147942767 »
s’est produite lors du démarrage de la commande :
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/05/2020 12:43:05 AM) (Source: DCOM) (EventID: 10005) (User: GAETANO)
Description: DCOM a reçu l’erreur « 1053 » lors de la tentative de démarrage du service BcastDVRUserService_4a8f97 avec les arguments « Non disponible » pour exécuter le serveur :
Windows.Media.Capture.Internal.AppCaptureShell
Error: (04/05/2020 12:43:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service utilisateur de diffusion et GameDVR_4a8f97 n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (04/05/2020 12:43:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Service utilisateur de diffusion et GameDVR_4a8f97.
Error: (04/03/2020 11:54:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Realtek DHCP Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (04/03/2020 11:54:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service lxebCATSCustConnectService n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (04/03/2020 11:54:01 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (45000 millisecondes) a été atteint lors de l’attente de la connexion du service lxebCATSCustConnectService.
Error: (04/03/2020 11:53:09 AM) (Source: DCOM) (EventID: 10005) (User: GAETANO)
Description: DCOM a reçu l’erreur « 1053 » lors de la tentative de démarrage du service BcastDVRUserService_2549d avec les arguments « Non disponible » pour exécuter le serveur :
Windows.Media.Capture.Internal.AppCaptureShell
CodeIntegrity:
===================================
Date: 2020-04-05 13:55:52.556
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-04-05 13:55:52.522
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-04-05 13:55:52.376
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-04-05 08:13:01.982
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-04-05 08:13:01.947
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-04-05 08:13:01.907
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-04-05 08:13:01.869
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-04-05 08:13:01.824
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Infos Mémoire ===========================
BIOS: American Megatrends Inc. V8.4 08/10/2016
Carte mère: MSI A68HM-E33 V2 (MS-7721)
Processeur: AMD Athlon(tm) X2 370K Dual Core Processor
Pourcentage de mémoire utilisée: 42%
Mémoire physique - RAM - totale: 8152.44 MB
Mémoire physique - RAM - disponible: 4661.19 MB
Mémoire virtuelle totale: 12760.44 MB
Mémoire virtuelle disponible: 7418.82 MB
==================== Lecteurs ================================
Drive c: (Disque local) (Fixed) (Total:110.87 GB) (Free:73.53 GB) NTFS
Drive e: (Disque documents) (Fixed) (Total:111.66 GB) (Free:85.92 GB) NTFS
\\?\Volume{008897f5-0000-0000-0000-100000000000}\ (Réservé au système) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{008897f5-0000-0000-0000-00be1b000000}\ () (Fixed) (Total:0.82 GB) (Free:0.42 GB) NTFS
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 008897F5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=838 MB) - (Type=27)
==========================================================
Disk: 1 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Fin de Addition.txt =======================