Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 23-12-2022
Exécuté par Claude (28-12-2022 07:25:21)
Exécuté depuis C:\Users\Claude\Desktop
Microsoft Windows 10 Professionnel Version 22H2 19045.2364 (X64) (2020-07-04 16:09:21)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrateur (S-1-5-21-236189216-5393697-1295916501-500 - Administrator - Disabled)
Claude (S-1-5-21-236189216-5393697-1295916501-1001 - Administrator - Enabled) => C:\Users\Claude
DefaultAccount (S-1-5-21-236189216-5393697-1295916501-503 - Limited - Disabled)
Invité (S-1-5-21-236189216-5393697-1295916501-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-236189216-5393697-1295916501-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
ABBYY PDF Transformer 3.0 (HKLM\...\{FA300000-0001-6400-0000-074957833700}) (Version: 3.00.317.68010 - ABBYY) Hidden
ABBYY PDF Transformer 3.0 (HKLM-x32\...\ABBYY PDF Transformer 3.0) (Version: 3.00.317.68010 - ABBYY)
Amazon Kindle (HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\Amazon Kindle) (Version: 1.33.0.62002 - Amazon)
Antidote - Connectix 11 (HKLM\...\{2643823D-D15F-4046-8388-401756A5C924}) (Version: 11.3.327 - Druide informatique inc.)
Antidote 11 - English module (HKLM\...\{2643823D-D15F-4046-8388-401756A5C923}) (Version: 11.3.327 - Druide informatique inc.)
Antidote 11 - Module français (HKLM\...\{2643823D-D15F-4046-8388-401756A5C922}) (Version: 11.3.327 - Druide informatique inc.)
Antidote 11 (HKLM\...\{2643823D-D15F-4046-8388-401756A5C921}) (Version: 11.3.327 - Druide informatique inc.)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 5.5.3 - philandro Software GmbH)
Assistant de téléchargement (HKLM-x32\...\{92154A3C-9BB7-49D7-A571-4EB6373FA5AD}) (Version: 6.65.13 - Druide informatique inc.)
Assistant de téléchargement (HKLM-x32\...\{93154A3C-9BB7-49D7-A571-4EB6373FA601}) (Version: 6.70.0 - Druide informatique inc.)
Avast Antivirus Gratuit (HKLM\...\Avast Antivirus) (Version: 22.12.6044 - Avast Software)
chartInstall (HKLM-x32\...\{BDE0AFD4-53BC-42EB-B966-DB8F36C3B397}) (Version: 1.5.7 - MEMSOFT)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
COMODO Firewall (HKLM\...\{529CC629-B436-4886-B322-4BE75B97783D}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Copernic Desktop Search - Home (HKLM-x32\...\CopernicDesktopSearch2) (Version: - Copernic Inc.)
CyberGestion (HKLM-x32\...\{C964A549-C74A-11D3-B88A-00A0C9379093}) (Version: - )
doPDF (HKLM\...\{92E67E6C-F19A-48D2-9013-49E49BE4D39D}) (Version: 10.8.127 - Softland) Hidden
doPDF 10 (HKLM-x32\...\{b3eeeabb-7afa-4ba5-aa55-02490274d55e}) (Version: 10.8.127 - Softland)
doPDF 10 add-in for Microsoft Office (x64) (HKLM\...\{D88B84B4-2DF5-4890-853E-583FE4CD8694}) (Version: 10.8.127 - Softland)
doPDF 10 add-in for Microsoft Office (x86) (HKLM-x32\...\{596E329D-12D3-46FA-8EFE-829678C7E5F7}) (Version: 10.8.127 - Softland)
doPDF 10 Printer Driver (HKLM\...\{DE0C2815-728E-4C29-8922-50E8F1ED9335}) (Version: 10.8.127 - Softland)
EasyBCD 2.4 (HKLM-x32\...\EasyBCD) (Version: 2.4 - NeoSmart Technologies)
FileZilla Client 3.53.1 (HKLM-x32\...\FileZilla Client) (Version: 3.53.1 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.0.0.35798 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC)
HP Dropbox Plugin (HKLM-x32\...\{6401399A-F5DA-4C04-87AA-E8107DF00751}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{63BCC696-0FB4-4E9C-8144-2DA4F248FC17}) (Version: 36.0.41.58587 - HP)
HP OfficeJet Pro 8710 Aide (HKLM-x32\...\{026F7B85-93B9-4F72-A5ED-6D155BAC85A3}) (Version: 38.0.0 - HP)
I.R.I.S. OCR (HKLM-x32\...\{D5CFF630-2F9B-4EE5-8F2F-EFBDFCE413CC}) (Version: 12.3.7.0 - HP)
IcoSauve (HKLM-x32\...\IcoSauve_is1) (Version: - Pierre TORRIS)
iRotate (HKLM-x32\...\iRotate) (Version: - )
Logiciel de base du périphérique HP OfficeJet Pro 8710 (HKLM\...\{BBDBE96F-5BEE-4883-BC12-6543AB446BC1}) (Version: 40.12.1161.1896 - HP Inc.)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.22.27821 (HKLM\...\{6E2C7A8E-B17A-4637-9CE9-F0B1157CF378}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.22.27821 (HKLM\...\{0093C20C-273D-4397-B623-515CB8616CB9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 fr) (HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\Mozilla Firefox 108.0.1 (x64 fr)) (Version: 108.0.1 - Mozilla)
Nero 8 (HKLM-x32\...\{3C5F1B30-B10B-4579-86DD-D00F662E1036}) (Version: 8.3.179 - Nero AG)
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA nView 141.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.36 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Pilote graphique 473.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 473.47 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.14701.20248 - Microsoft Corporation) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}) (Version: 3.41.9593 - Apache Software Foundation)
Oxygène 10.08 (HKLM-x32\...\Oxygène) (Version: 10.08 - Memsoft)
PhotoFiltre 7 (HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\PhotoFiltre 7) (Version: - )
TomTom MyDrive Connect 4.2.13.4348 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.13.4348 - TomTom)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
VCRedistSetup (HKLM-x32\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Win10 Spy Disabler v1.5 (HKLM\...\Win10 Spy Disabler_is1) (Version: 1.5.0.0 - site2unblock.com)
Packages:
=========
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-26] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-06] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa [2022-12-16] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-07-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-07-04] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-24] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad]
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{38626B40-64E1-4F8C-AEDA-CFF32F38602E}\localserver32 -> "C:\Program Files (x86)\Druide\Antidote 10\Application\Bin64\AgentAntidote.exe" -activex => Pas de fichier
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{414022CB-AE34-4682-BBDB-653EACAFA0CA}\InprocServer32 -> C:\Program Files\Druide\Connectix 11\Connect\Excel\Bin\Antidote.Excel.P500_64.dll (Druide informatique inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{5563940C-ABF0-47B4-BB0E-B5D8680B570A}\localserver32 -> "C:\Program Files (x86)\Druide\Connectix 10\Application\Bin64\MoteurIntegration.exe" -activex => Pas de fichier
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{5563940D-49FD-4F1A-96AA-147B474290EE}\localserver32 -> "C:\Program Files (x86)\Druide\Connectix 10\Application\Bin64\MoteurIntegration.exe" -activex => Pas de fichier
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> C:\Program Files\Druide\Connectix 11\Application\Bin64\AgentConnectix.exe (Druide informatique inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> C:\Program Files\Druide\Connectix 11\Application\Bin64\AgentConnectix.exe (Druide informatique inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{A9694941-C924-4D17-8F67-80F4A27642BC}\InprocServer32 -> C:\Program Files\Druide\Connectix 11\Connect\PowerPoint\Bin\Antidote.PowerPoint.P500_64.dll (Druide informatique inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{AD630E0F-BF29-4791-AD3B-A289E884E37C}\localserver32 -> "C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\Antidote.exe" -activex => Pas de fichier
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{FEA8F8D1-3ADB-4B77-908F-C2E811EE12E1}\InprocServer32 -> C:\Program Files\Druide\Connectix 11\Connect\Word\Bin\Antidote.Word.P500_64.dll (Druide informatique inc. -> Druide informatique inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1-x32: [PDFTransformer3ContextMenu] -> {2DC8E5F2-C89C-4730-82C9-19120DEE5B0A} => C:\Program Files (x86)\ABBYY PDF Transformer 3.0\PDFTContextMenu.dll [2010-03-25] (ABBYY SOLUTIONS LIMITED -> ABBYY)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2015-06-29] (NVIDIA Corporation -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7ac81bdb2c36ac80\nvshext.dll [2022-04-27] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
==================== Codecs (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [280864 2007-02-03] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [264992 2007-02-03] (Logitech Inc -> Logitech Inc.)
==================== Raccourcis & WMI ========================
==================== Modules chargés (Avec liste blanche) =============
2022-12-28 07:04 - 2022-12-28 07:04 - 000008704 _____ () [Fichier non signé] C:\Users\Claude\AppData\Local\Temp\nsm3282.tmp\newadvsplash.dll
2022-12-28 07:04 - 2022-12-28 07:04 - 000029696 _____ () [Fichier non signé] C:\Users\Claude\AppData\Local\Temp\nsm3282.tmp\registry.dll
2022-12-28 07:04 - 2022-12-28 07:04 - 000012288 _____ () [Fichier non signé] C:\Users\Claude\AppData\Local\Temp\nsm3282.tmp\System.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2020-08-03 11:31 - 2020-08-03 11:31 - 000018944 _____ (Softland) [Fichier non signé] C:\Windows\System32\novamn10.dll
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2019-12-07 10:14 - 2021-07-22 10:28 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-236189216-5393697-1295916501-1001\Control Panel\Desktop\\Wallpaper -> C:\Raccourcis\FR-wp5.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Le Pare-feu est activé.
Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "IseUI"
HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{1C12069E-A13B-42DC-B4FE-C7CE53DFD9E9}] => (Allow) C:\Users\Claude\AppData\Local\Temp\7zS5D2A\HP.EasyStart.exe => Pas de fichier
FirewallRules: [{41A337CB-7E3E-4B45-A3A9-83574F945548}] => (Allow) C:\Users\Claude\AppData\Local\Temp\7zS7690\HP.EasyStart.exe => Pas de fichier
FirewallRules: [{53436F74-BD01-4688-B00B-E57C41A4733B}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{52C851A0-8626-4C71-933C-F7229A2A47A8}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{53B2625C-3980-45D2-8619-C2AD7CBEC4B9}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{12919180-5FA1-4CFA-B92E-C5CAFF9AE19D}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{23477A70-5AFA-43E6-9508-6DB1BD959B24}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{08D59876-5F32-46EE-895B-229ECBE37A6B}] => (Allow) LPort=5357
FirewallRules: [{26BFF7C0-AFE3-4CA0-8B25-6DAAF0429865}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{41C1F66D-C17B-439F-95FE-6E7789A91738}] => (Allow) LPort=8501
FirewallRules: [{EB98C094-D6D6-46DD-B91B-3D117461999D}] => (Allow) LPort=8501
FirewallRules: [{21A1541C-C9D9-4F2E-B458-8540019D6A11}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom)
FirewallRules: [{480C6602-A8F0-4CD4-AA2D-AB8069EA5E9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{9E6EFAB9-EFA3-4B1E-B67D-E4ECCBA59176}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{01DF0815-250E-4BEF-A399-C43432F6D46B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{C9B70DF6-3CB5-42AC-9DE3-6A0E1C192420}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{E32E59FC-F448-4BB5-AD78-5DFFE36DCA97}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DF5E2A64-4641-4EF6-8B2F-B0F4C7EA6FB3}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BFBA7578-FA33-4BDB-A2A1-A5501332530D}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BCB758B9-16E3-44FB-A197-D0BB54FF47EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7A733EE2-5886-406F-900E-8940A8663731}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{910CDE1C-DF53-414A-A56C-6B7ECF22FFBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7D2FBA68-DD06-4CC2-A326-ED4C4DE51A96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{54A57B15-C001-4645-86A4-3464A808C85D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4A77BDC9-051A-4405-8E43-76FC40B41C8E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7FA05540-5E20-421C-A64D-1F8F9D3E67D2}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe => Pas de fichier
FirewallRules: [{FBD2907B-92A9-440D-AAB5-26A1F05AFE78}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe => Pas de fichier
FirewallRules: [{5E4280ED-ECB8-4D55-860C-486C177BADDF}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{2654E93E-34BC-4FC5-B094-66211AE54877}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{8E398410-2ED2-4564-956F-2B0F04B5AF3C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{AC5C1936-E79E-4E0C-8370-98D589921B46}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{2F7F2E46-EE65-43EE-84D2-B5B5D38E648A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{3B39DC35-1A1D-4ED0-BC58-6E40172A884B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{92293619-027E-40E0-9CAA-6067523A77A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CCE609FD-3315-4ACB-84EC-3B1AEC6942A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{57692E53-EC26-46C9-AF3B-CFE6871C1FA4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DA6C551D-6F30-493F-AC37-47F3F858D90B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49C92E42-E761-49D5-A633-31F64697D2CA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F12C04D5-763C-4C31-9F00-DC482B6CAECD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{964F7464-F7E5-4050-941F-51E32AAD967C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4227BFE9-3773-4AB2-AB21-6E3FC2C35308}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{327EB8E2-6841-4AE9-8185-9700116D9DAF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FA792849-6FF1-4CA3-97F0-5D5F887ECAFA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BF16BC57-826E-49CE-8417-DC6F94839361}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C5C640F3-0A25-4B54-8336-AAF28F6C8FC1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3CB913E0-2119-46C1-B669-6C1E09D5A761}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Points de restauration =========================
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (12/27/2022 01:16:55 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/27/2022 10:28:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme ZHPSuite.exe version 2022.12.22.90 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance.
ID de processus : ed4
Heure de début : 01d919d46b47968d
Heure d'arrêt : 40
Chemin d'accès à l'application : C:\Users\Claude\Desktop\ZHPSuite.exe
ID de rapport : c33636c6-a598-4766-85b6-ec3a45ac90e7
Nom complet du package défectueux :
ID de l'application relative à un package défectueux :
Type de blocage : Unknown
Error: (12/27/2022 07:14:09 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur Donnees2 (E:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A)
Error: (12/27/2022 07:13:34 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur Donnees500 (F:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A)
Error: (12/27/2022 07:13:28 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur PourVM (G:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A)
Error: (12/27/2022 07:12:49 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur Donnees1 (D:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A)
Error: (12/26/2022 06:51:54 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur Donnees1 (D:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A)
Error: (12/26/2022 03:09:19 PM) (Source: Firefox Default Browser Agent) (EventID: 12057) (User: )
Description: Event-ID 12057
Erreurs système:
=============
Error: (12/27/2022 09:09:42 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE)
Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/26/2022 06:56:41 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Les clichés instantanés du volume C: ont été annulés car le stockage du cliché instantané n’a pas pu s’agrandir en raison d’une limite utilisateur.
Error: (12/26/2022 06:12:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 07:08:46 le 25/12/2022 n’était pas prévu.
Error: (12/24/2022 11:36:24 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE)
Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/24/2022 11:36:24 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE)
Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/24/2022 09:05:27 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE)
Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/24/2022 09:05:27 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE)
Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/24/2022 09:05:27 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE)
Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
CodeIntegrity:
===============
Date: 2022-12-28 07:23:02
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-12-28 07:22:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-12-28 07:04:06
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2022-12-28 07:03:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume7\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Infos Mémoire ===========================
BIOS: Award Software International, Inc. F3 10/16/2009
Carte mère: Gigabyte Technology Co., Ltd. P55A-UD4
Processeur: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Pourcentage de mémoire utilisée: 16%
Mémoire physique - RAM - totale: 32763.48 MB
Mémoire physique - RAM - disponible: 27439.77 MB
Mémoire virtuelle totale: 37627.48 MB
Mémoire virtuelle disponible: 30732.01 MB
==================== Lecteurs ================================
Drive c: (Win10SSD) (Fixed) (Total:113 GB) (Free:36.25 GB) (Model: Samsung SSD 850 PRO 128GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive d: (Donnees1) (Fixed) (Total:729.98 GB) (Free:662.37 GB) (Model: TOSHIBA HDWA120) NTFS
Drive e: (Donnees2) (Fixed) (Total:729.98 GB) (Free:207.41 GB) (Model: TOSHIBA HDWA120) NTFS
Drive f: (Donnees500) (Fixed) (Total:352.76 GB) (Free:230.74 GB) (Model: WDC WD5000AAKX-08U6AA0) NTFS
Drive g: (PourVM) (Fixed) (Total:388.05 GB) (Free:361.53 GB) (Model: TOSHIBA HDWA120) NTFS
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 73A7569E)
Partition 1: (Active) - (Size=113 GB) - (Type=83)
Partition 2: (Not Active) - (Size=352.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 145231DD)
Partition 1: (Not Active) - (Size=730 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=730 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=82)
Partition 4: (Not Active) - (Size=388.1 GB) - (Type=0F Extended)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 50B436FE)
Partition 1: (Active) - (Size=113 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt =======================
Exécuté par Claude (28-12-2022 07:25:21)
Exécuté depuis C:\Users\Claude\Desktop
Microsoft Windows 10 Professionnel Version 22H2 19045.2364 (X64) (2020-07-04 16:09:21)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrateur (S-1-5-21-236189216-5393697-1295916501-500 - Administrator - Disabled)
Claude (S-1-5-21-236189216-5393697-1295916501-1001 - Administrator - Enabled) => C:\Users\Claude
DefaultAccount (S-1-5-21-236189216-5393697-1295916501-503 - Limited - Disabled)
Invité (S-1-5-21-236189216-5393697-1295916501-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-236189216-5393697-1295916501-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
ABBYY PDF Transformer 3.0 (HKLM\...\{FA300000-0001-6400-0000-074957833700}) (Version: 3.00.317.68010 - ABBYY) Hidden
ABBYY PDF Transformer 3.0 (HKLM-x32\...\ABBYY PDF Transformer 3.0) (Version: 3.00.317.68010 - ABBYY)
Amazon Kindle (HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\Amazon Kindle) (Version: 1.33.0.62002 - Amazon)
Antidote - Connectix 11 (HKLM\...\{2643823D-D15F-4046-8388-401756A5C924}) (Version: 11.3.327 - Druide informatique inc.)
Antidote 11 - English module (HKLM\...\{2643823D-D15F-4046-8388-401756A5C923}) (Version: 11.3.327 - Druide informatique inc.)
Antidote 11 - Module français (HKLM\...\{2643823D-D15F-4046-8388-401756A5C922}) (Version: 11.3.327 - Druide informatique inc.)
Antidote 11 (HKLM\...\{2643823D-D15F-4046-8388-401756A5C921}) (Version: 11.3.327 - Druide informatique inc.)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 5.5.3 - philandro Software GmbH)
Assistant de téléchargement (HKLM-x32\...\{92154A3C-9BB7-49D7-A571-4EB6373FA5AD}) (Version: 6.65.13 - Druide informatique inc.)
Assistant de téléchargement (HKLM-x32\...\{93154A3C-9BB7-49D7-A571-4EB6373FA601}) (Version: 6.70.0 - Druide informatique inc.)
Avast Antivirus Gratuit (HKLM\...\Avast Antivirus) (Version: 22.12.6044 - Avast Software)
chartInstall (HKLM-x32\...\{BDE0AFD4-53BC-42EB-B966-DB8F36C3B397}) (Version: 1.5.7 - MEMSOFT)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
COMODO Firewall (HKLM\...\{529CC629-B436-4886-B322-4BE75B97783D}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Copernic Desktop Search - Home (HKLM-x32\...\CopernicDesktopSearch2) (Version: - Copernic Inc.)
CyberGestion (HKLM-x32\...\{C964A549-C74A-11D3-B88A-00A0C9379093}) (Version: - )
doPDF (HKLM\...\{92E67E6C-F19A-48D2-9013-49E49BE4D39D}) (Version: 10.8.127 - Softland) Hidden
doPDF 10 (HKLM-x32\...\{b3eeeabb-7afa-4ba5-aa55-02490274d55e}) (Version: 10.8.127 - Softland)
doPDF 10 add-in for Microsoft Office (x64) (HKLM\...\{D88B84B4-2DF5-4890-853E-583FE4CD8694}) (Version: 10.8.127 - Softland)
doPDF 10 add-in for Microsoft Office (x86) (HKLM-x32\...\{596E329D-12D3-46FA-8EFE-829678C7E5F7}) (Version: 10.8.127 - Softland)
doPDF 10 Printer Driver (HKLM\...\{DE0C2815-728E-4C29-8922-50E8F1ED9335}) (Version: 10.8.127 - Softland)
EasyBCD 2.4 (HKLM-x32\...\EasyBCD) (Version: 2.4 - NeoSmart Technologies)
FileZilla Client 3.53.1 (HKLM-x32\...\FileZilla Client) (Version: 3.53.1 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.0.0.35798 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC)
HP Dropbox Plugin (HKLM-x32\...\{6401399A-F5DA-4C04-87AA-E8107DF00751}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{63BCC696-0FB4-4E9C-8144-2DA4F248FC17}) (Version: 36.0.41.58587 - HP)
HP OfficeJet Pro 8710 Aide (HKLM-x32\...\{026F7B85-93B9-4F72-A5ED-6D155BAC85A3}) (Version: 38.0.0 - HP)
I.R.I.S. OCR (HKLM-x32\...\{D5CFF630-2F9B-4EE5-8F2F-EFBDFCE413CC}) (Version: 12.3.7.0 - HP)
IcoSauve (HKLM-x32\...\IcoSauve_is1) (Version: - Pierre TORRIS)
iRotate (HKLM-x32\...\iRotate) (Version: - )
Logiciel de base du périphérique HP OfficeJet Pro 8710 (HKLM\...\{BBDBE96F-5BEE-4883-BC12-6543AB446BC1}) (Version: 40.12.1161.1896 - HP Inc.)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.22.27821 (HKLM\...\{6E2C7A8E-B17A-4637-9CE9-F0B1157CF378}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.22.27821 (HKLM\...\{0093C20C-273D-4397-B623-515CB8616CB9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 fr) (HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\Mozilla Firefox 108.0.1 (x64 fr)) (Version: 108.0.1 - Mozilla)
Nero 8 (HKLM-x32\...\{3C5F1B30-B10B-4579-86DD-D00F662E1036}) (Version: 8.3.179 - Nero AG)
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA nView 141.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.36 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Pilote graphique 473.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 473.47 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.14701.20248 - Microsoft Corporation) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}) (Version: 3.41.9593 - Apache Software Foundation)
Oxygène 10.08 (HKLM-x32\...\Oxygène) (Version: 10.08 - Memsoft)
PhotoFiltre 7 (HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\PhotoFiltre 7) (Version: - )
TomTom MyDrive Connect 4.2.13.4348 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.13.4348 - TomTom)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
VCRedistSetup (HKLM-x32\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Win10 Spy Disabler v1.5 (HKLM\...\Win10 Spy Disabler_is1) (Version: 1.5.0.0 - site2unblock.com)
Packages:
=========
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-26] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-06] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa [2022-12-16] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-07-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-07-04] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-24] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad]
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{38626B40-64E1-4F8C-AEDA-CFF32F38602E}\localserver32 -> "C:\Program Files (x86)\Druide\Antidote 10\Application\Bin64\AgentAntidote.exe" -activex => Pas de fichier
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{414022CB-AE34-4682-BBDB-653EACAFA0CA}\InprocServer32 -> C:\Program Files\Druide\Connectix 11\Connect\Excel\Bin\Antidote.Excel.P500_64.dll (Druide informatique inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{5563940C-ABF0-47B4-BB0E-B5D8680B570A}\localserver32 -> "C:\Program Files (x86)\Druide\Connectix 10\Application\Bin64\MoteurIntegration.exe" -activex => Pas de fichier
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{5563940D-49FD-4F1A-96AA-147B474290EE}\localserver32 -> "C:\Program Files (x86)\Druide\Connectix 10\Application\Bin64\MoteurIntegration.exe" -activex => Pas de fichier
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> C:\Program Files\Druide\Connectix 11\Application\Bin64\AgentConnectix.exe (Druide informatique inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> C:\Program Files\Druide\Connectix 11\Application\Bin64\AgentConnectix.exe (Druide informatique inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{A9694941-C924-4D17-8F67-80F4A27642BC}\InprocServer32 -> C:\Program Files\Druide\Connectix 11\Connect\PowerPoint\Bin\Antidote.PowerPoint.P500_64.dll (Druide informatique inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{AD630E0F-BF29-4791-AD3B-A289E884E37C}\localserver32 -> "C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\Antidote.exe" -activex => Pas de fichier
CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{FEA8F8D1-3ADB-4B77-908F-C2E811EE12E1}\InprocServer32 -> C:\Program Files\Druide\Connectix 11\Connect\Word\Bin\Antidote.Word.P500_64.dll (Druide informatique inc. -> Druide informatique inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1-x32: [PDFTransformer3ContextMenu] -> {2DC8E5F2-C89C-4730-82C9-19120DEE5B0A} => C:\Program Files (x86)\ABBYY PDF Transformer 3.0\PDFTContextMenu.dll [2010-03-25] (ABBYY SOLUTIONS LIMITED -> ABBYY)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2015-06-29] (NVIDIA Corporation -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7ac81bdb2c36ac80\nvshext.dll [2022-04-27] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
==================== Codecs (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [280864 2007-02-03] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [264992 2007-02-03] (Logitech Inc -> Logitech Inc.)
==================== Raccourcis & WMI ========================
==================== Modules chargés (Avec liste blanche) =============
2022-12-28 07:04 - 2022-12-28 07:04 - 000008704 _____ () [Fichier non signé] C:\Users\Claude\AppData\Local\Temp\nsm3282.tmp\newadvsplash.dll
2022-12-28 07:04 - 2022-12-28 07:04 - 000029696 _____ () [Fichier non signé] C:\Users\Claude\AppData\Local\Temp\nsm3282.tmp\registry.dll
2022-12-28 07:04 - 2022-12-28 07:04 - 000012288 _____ () [Fichier non signé] C:\Users\Claude\AppData\Local\Temp\nsm3282.tmp\System.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2020-08-03 11:31 - 2020-08-03 11:31 - 000018944 _____ (Softland) [Fichier non signé] C:\Windows\System32\novamn10.dll
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2019-12-07 10:14 - 2021-07-22 10:28 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-236189216-5393697-1295916501-1001\Control Panel\Desktop\\Wallpaper -> C:\Raccourcis\FR-wp5.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Le Pare-feu est activé.
Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "IseUI"
HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{1C12069E-A13B-42DC-B4FE-C7CE53DFD9E9}] => (Allow) C:\Users\Claude\AppData\Local\Temp\7zS5D2A\HP.EasyStart.exe => Pas de fichier
FirewallRules: [{41A337CB-7E3E-4B45-A3A9-83574F945548}] => (Allow) C:\Users\Claude\AppData\Local\Temp\7zS7690\HP.EasyStart.exe => Pas de fichier
FirewallRules: [{53436F74-BD01-4688-B00B-E57C41A4733B}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{52C851A0-8626-4C71-933C-F7229A2A47A8}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{53B2625C-3980-45D2-8619-C2AD7CBEC4B9}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{12919180-5FA1-4CFA-B92E-C5CAFF9AE19D}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{23477A70-5AFA-43E6-9508-6DB1BD959B24}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{08D59876-5F32-46EE-895B-229ECBE37A6B}] => (Allow) LPort=5357
FirewallRules: [{26BFF7C0-AFE3-4CA0-8B25-6DAAF0429865}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{41C1F66D-C17B-439F-95FE-6E7789A91738}] => (Allow) LPort=8501
FirewallRules: [{EB98C094-D6D6-46DD-B91B-3D117461999D}] => (Allow) LPort=8501
FirewallRules: [{21A1541C-C9D9-4F2E-B458-8540019D6A11}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom)
FirewallRules: [{480C6602-A8F0-4CD4-AA2D-AB8069EA5E9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{9E6EFAB9-EFA3-4B1E-B67D-E4ECCBA59176}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{01DF0815-250E-4BEF-A399-C43432F6D46B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{C9B70DF6-3CB5-42AC-9DE3-6A0E1C192420}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{E32E59FC-F448-4BB5-AD78-5DFFE36DCA97}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DF5E2A64-4641-4EF6-8B2F-B0F4C7EA6FB3}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BFBA7578-FA33-4BDB-A2A1-A5501332530D}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BCB758B9-16E3-44FB-A197-D0BB54FF47EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7A733EE2-5886-406F-900E-8940A8663731}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{910CDE1C-DF53-414A-A56C-6B7ECF22FFBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7D2FBA68-DD06-4CC2-A326-ED4C4DE51A96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{54A57B15-C001-4645-86A4-3464A808C85D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4A77BDC9-051A-4405-8E43-76FC40B41C8E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7FA05540-5E20-421C-A64D-1F8F9D3E67D2}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe => Pas de fichier
FirewallRules: [{FBD2907B-92A9-440D-AAB5-26A1F05AFE78}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe => Pas de fichier
FirewallRules: [{5E4280ED-ECB8-4D55-860C-486C177BADDF}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{2654E93E-34BC-4FC5-B094-66211AE54877}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{8E398410-2ED2-4564-956F-2B0F04B5AF3C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{AC5C1936-E79E-4E0C-8370-98D589921B46}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{2F7F2E46-EE65-43EE-84D2-B5B5D38E648A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{3B39DC35-1A1D-4ED0-BC58-6E40172A884B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{92293619-027E-40E0-9CAA-6067523A77A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CCE609FD-3315-4ACB-84EC-3B1AEC6942A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{57692E53-EC26-46C9-AF3B-CFE6871C1FA4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DA6C551D-6F30-493F-AC37-47F3F858D90B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49C92E42-E761-49D5-A633-31F64697D2CA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F12C04D5-763C-4C31-9F00-DC482B6CAECD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{964F7464-F7E5-4050-941F-51E32AAD967C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4227BFE9-3773-4AB2-AB21-6E3FC2C35308}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{327EB8E2-6841-4AE9-8185-9700116D9DAF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FA792849-6FF1-4CA3-97F0-5D5F887ECAFA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BF16BC57-826E-49CE-8417-DC6F94839361}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C5C640F3-0A25-4B54-8336-AAF28F6C8FC1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3CB913E0-2119-46C1-B669-6C1E09D5A761}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Points de restauration =========================
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (12/27/2022 01:16:55 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/27/2022 10:28:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme ZHPSuite.exe version 2022.12.22.90 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance.
ID de processus : ed4
Heure de début : 01d919d46b47968d
Heure d'arrêt : 40
Chemin d'accès à l'application : C:\Users\Claude\Desktop\ZHPSuite.exe
ID de rapport : c33636c6-a598-4766-85b6-ec3a45ac90e7
Nom complet du package défectueux :
ID de l'application relative à un package défectueux :
Type de blocage : Unknown
Error: (12/27/2022 07:14:09 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur Donnees2 (E:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A)
Error: (12/27/2022 07:13:34 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur Donnees500 (F:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A)
Error: (12/27/2022 07:13:28 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur PourVM (G:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A)
Error: (12/27/2022 07:12:49 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur Donnees1 (D:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A)
Error: (12/26/2022 06:51:54 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur Donnees1 (D:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A)
Error: (12/26/2022 03:09:19 PM) (Source: Firefox Default Browser Agent) (EventID: 12057) (User: )
Description: Event-ID 12057
Erreurs système:
=============
Error: (12/27/2022 09:09:42 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE)
Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/26/2022 06:56:41 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Les clichés instantanés du volume C: ont été annulés car le stockage du cliché instantané n’a pas pu s’agrandir en raison d’une limite utilisateur.
Error: (12/26/2022 06:12:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 07:08:46 le 25/12/2022 n’était pas prévu.
Error: (12/24/2022 11:36:24 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE)
Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/24/2022 11:36:24 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE)
Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/24/2022 09:05:27 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE)
Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/24/2022 09:05:27 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE)
Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/24/2022 09:05:27 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE)
Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
CodeIntegrity:
===============
Date: 2022-12-28 07:23:02
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-12-28 07:22:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-12-28 07:04:06
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2022-12-28 07:03:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume7\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Infos Mémoire ===========================
BIOS: Award Software International, Inc. F3 10/16/2009
Carte mère: Gigabyte Technology Co., Ltd. P55A-UD4
Processeur: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Pourcentage de mémoire utilisée: 16%
Mémoire physique - RAM - totale: 32763.48 MB
Mémoire physique - RAM - disponible: 27439.77 MB
Mémoire virtuelle totale: 37627.48 MB
Mémoire virtuelle disponible: 30732.01 MB
==================== Lecteurs ================================
Drive c: (Win10SSD) (Fixed) (Total:113 GB) (Free:36.25 GB) (Model: Samsung SSD 850 PRO 128GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive d: (Donnees1) (Fixed) (Total:729.98 GB) (Free:662.37 GB) (Model: TOSHIBA HDWA120) NTFS
Drive e: (Donnees2) (Fixed) (Total:729.98 GB) (Free:207.41 GB) (Model: TOSHIBA HDWA120) NTFS
Drive f: (Donnees500) (Fixed) (Total:352.76 GB) (Free:230.74 GB) (Model: WDC WD5000AAKX-08U6AA0) NTFS
Drive g: (PourVM) (Fixed) (Total:388.05 GB) (Free:361.53 GB) (Model: TOSHIBA HDWA120) NTFS
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 73A7569E)
Partition 1: (Active) - (Size=113 GB) - (Type=83)
Partition 2: (Not Active) - (Size=352.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 145231DD)
Partition 1: (Not Active) - (Size=730 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=730 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=82)
Partition 4: (Not Active) - (Size=388.1 GB) - (Type=0F Extended)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 50B436FE)
Partition 1: (Active) - (Size=113 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt =======================