Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 23-12-2022 Exécuté par Claude (28-12-2022 07:25:21) Exécuté depuis C:\Users\Claude\Desktop Microsoft Windows 10 Professionnel Version 22H2 19045.2364 (X64) (2020-07-04 16:09:21) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-236189216-5393697-1295916501-500 - Administrator - Disabled) Claude (S-1-5-21-236189216-5393697-1295916501-1001 - Administrator - Enabled) => C:\Users\Claude DefaultAccount (S-1-5-21-236189216-5393697-1295916501-503 - Limited - Disabled) Invité (S-1-5-21-236189216-5393697-1295916501-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-236189216-5393697-1295916501-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) ABBYY PDF Transformer 3.0 (HKLM\...\{FA300000-0001-6400-0000-074957833700}) (Version: 3.00.317.68010 - ABBYY) Hidden ABBYY PDF Transformer 3.0 (HKLM-x32\...\ABBYY PDF Transformer 3.0) (Version: 3.00.317.68010 - ABBYY) Amazon Kindle (HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\Amazon Kindle) (Version: 1.33.0.62002 - Amazon) Antidote - Connectix 11 (HKLM\...\{2643823D-D15F-4046-8388-401756A5C924}) (Version: 11.3.327 - Druide informatique inc.) Antidote 11 - English module (HKLM\...\{2643823D-D15F-4046-8388-401756A5C923}) (Version: 11.3.327 - Druide informatique inc.) Antidote 11 - Module français (HKLM\...\{2643823D-D15F-4046-8388-401756A5C922}) (Version: 11.3.327 - Druide informatique inc.) Antidote 11 (HKLM\...\{2643823D-D15F-4046-8388-401756A5C921}) (Version: 11.3.327 - Druide informatique inc.) AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 5.5.3 - philandro Software GmbH) Assistant de téléchargement (HKLM-x32\...\{92154A3C-9BB7-49D7-A571-4EB6373FA5AD}) (Version: 6.65.13 - Druide informatique inc.) Assistant de téléchargement (HKLM-x32\...\{93154A3C-9BB7-49D7-A571-4EB6373FA601}) (Version: 6.70.0 - Druide informatique inc.) Avast Antivirus Gratuit (HKLM\...\Avast Antivirus) (Version: 22.12.6044 - Avast Software) chartInstall (HKLM-x32\...\{BDE0AFD4-53BC-42EB-B966-DB8F36C3B397}) (Version: 1.5.7 - MEMSOFT) Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft) COMODO Firewall (HKLM\...\{529CC629-B436-4886-B322-4BE75B97783D}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation) Copernic Desktop Search - Home (HKLM-x32\...\CopernicDesktopSearch2) (Version: - Copernic Inc.) CyberGestion (HKLM-x32\...\{C964A549-C74A-11D3-B88A-00A0C9379093}) (Version: - ) doPDF (HKLM\...\{92E67E6C-F19A-48D2-9013-49E49BE4D39D}) (Version: 10.8.127 - Softland) Hidden doPDF 10 (HKLM-x32\...\{b3eeeabb-7afa-4ba5-aa55-02490274d55e}) (Version: 10.8.127 - Softland) doPDF 10 add-in for Microsoft Office (x64) (HKLM\...\{D88B84B4-2DF5-4890-853E-583FE4CD8694}) (Version: 10.8.127 - Softland) doPDF 10 add-in for Microsoft Office (x86) (HKLM-x32\...\{596E329D-12D3-46FA-8EFE-829678C7E5F7}) (Version: 10.8.127 - Softland) doPDF 10 Printer Driver (HKLM\...\{DE0C2815-728E-4C29-8922-50E8F1ED9335}) (Version: 10.8.127 - Softland) EasyBCD 2.4 (HKLM-x32\...\EasyBCD) (Version: 2.4 - NeoSmart Technologies) FileZilla Client 3.53.1 (HKLM-x32\...\FileZilla Client) (Version: 3.53.1 - Tim Kosse) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.0.0.35798 - Foxit Software Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC) HP Dropbox Plugin (HKLM-x32\...\{6401399A-F5DA-4C04-87AA-E8107DF00751}) (Version: 36.0.41.58587 - HP) HP Google Drive Plugin (HKLM-x32\...\{63BCC696-0FB4-4E9C-8144-2DA4F248FC17}) (Version: 36.0.41.58587 - HP) HP OfficeJet Pro 8710 Aide (HKLM-x32\...\{026F7B85-93B9-4F72-A5ED-6D155BAC85A3}) (Version: 38.0.0 - HP) I.R.I.S. OCR (HKLM-x32\...\{D5CFF630-2F9B-4EE5-8F2F-EFBDFCE413CC}) (Version: 12.3.7.0 - HP) IcoSauve (HKLM-x32\...\IcoSauve_is1) (Version: - Pierre TORRIS) iRotate (HKLM-x32\...\iRotate) (Version: - ) Logiciel de base du périphérique HP OfficeJet Pro 8710 (HKLM\...\{BBDBE96F-5BEE-4883-BC12-6543AB446BC1}) (Version: 40.12.1161.1896 - HP Inc.) Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.14701.20262 - Microsoft Corporation) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.22.27821 (HKLM\...\{6E2C7A8E-B17A-4637-9CE9-F0B1157CF378}) (Version: 14.22.27821 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.22.27821 (HKLM\...\{0093C20C-273D-4397-B623-515CB8616CB9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden Mozilla Firefox (x64 fr) (HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\Mozilla Firefox 108.0.1 (x64 fr)) (Version: 108.0.1 - Mozilla) Nero 8 (HKLM-x32\...\{3C5F1B30-B10B-4579-86DD-D00F662E1036}) (Version: 8.3.179 - Nero AG) neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation) NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA nView 141.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.36 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation) NVIDIA Pilote graphique 473.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 473.47 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.14701.20248 - Microsoft Corporation) Hidden OpenOffice.org 3.4.1 (HKLM-x32\...\{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}) (Version: 3.41.9593 - Apache Software Foundation) Oxygène 10.08 (HKLM-x32\...\Oxygène) (Version: 10.08 - Memsoft) PhotoFiltre 7 (HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\PhotoFiltre 7) (Version: - ) TomTom MyDrive Connect 4.2.13.4348 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.13.4348 - TomTom) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation) VCRedistSetup (HKLM-x32\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN) Win10 Spy Disabler v1.5 (HKLM\...\Win10 Spy Disabler_is1) (Version: 1.5.0.0 - site2unblock.com) Packages: ========= Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-26] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-06] (HP Inc.) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa [2022-12-16] (Apple Inc.) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-07-04] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-07-04] (Microsoft Corporation) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-24] (NVIDIA Corp.) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad] ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{38626B40-64E1-4F8C-AEDA-CFF32F38602E}\localserver32 -> "C:\Program Files (x86)\Druide\Antidote 10\Application\Bin64\AgentAntidote.exe" -activex => Pas de fichier CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{414022CB-AE34-4682-BBDB-653EACAFA0CA}\InprocServer32 -> C:\Program Files\Druide\Connectix 11\Connect\Excel\Bin\Antidote.Excel.P500_64.dll (Druide informatique inc. -> Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{5563940C-ABF0-47B4-BB0E-B5D8680B570A}\localserver32 -> "C:\Program Files (x86)\Druide\Connectix 10\Application\Bin64\MoteurIntegration.exe" -activex => Pas de fichier CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{5563940D-49FD-4F1A-96AA-147B474290EE}\localserver32 -> "C:\Program Files (x86)\Druide\Connectix 10\Application\Bin64\MoteurIntegration.exe" -activex => Pas de fichier CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> C:\Program Files\Druide\Connectix 11\Application\Bin64\AgentConnectix.exe (Druide informatique inc. -> Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> C:\Program Files\Druide\Connectix 11\Application\Bin64\AgentConnectix.exe (Druide informatique inc. -> Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{A9694941-C924-4D17-8F67-80F4A27642BC}\InprocServer32 -> C:\Program Files\Druide\Connectix 11\Connect\PowerPoint\Bin\Antidote.PowerPoint.P500_64.dll (Druide informatique inc. -> Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{AD630E0F-BF29-4791-AD3B-A289E884E37C}\localserver32 -> "C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\Antidote.exe" -activex => Pas de fichier CustomCLSID: HKU\S-1-5-21-236189216-5393697-1295916501-1001_Classes\CLSID\{FEA8F8D1-3ADB-4B77-908F-C2E811EE12E1}\InprocServer32 -> C:\Program Files\Druide\Connectix 11\Connect\Word\Bin\Antidote.Word.P500_64.dll (Druide informatique inc. -> Druide informatique inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) ContextMenuHandlers1-x32: [PDFTransformer3ContextMenu] -> {2DC8E5F2-C89C-4730-82C9-19120DEE5B0A} => C:\Program Files (x86)\ABBYY PDF Transformer 3.0\PDFTContextMenu.dll [2010-03-25] (ABBYY SOLUTIONS LIMITED -> ABBYY) ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2015-06-29] (NVIDIA Corporation -> ) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7ac81bdb2c36ac80\nvshext.dll [2022-04-27] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] ==================== Codecs (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [280864 2007-02-03] (Logitech Inc -> Logitech Inc.) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [264992 2007-02-03] (Logitech Inc -> Logitech Inc.) ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2022-12-28 07:04 - 2022-12-28 07:04 - 000008704 _____ () [Fichier non signé] C:\Users\Claude\AppData\Local\Temp\nsm3282.tmp\newadvsplash.dll 2022-12-28 07:04 - 2022-12-28 07:04 - 000029696 _____ () [Fichier non signé] C:\Users\Claude\AppData\Local\Temp\nsm3282.tmp\registry.dll 2022-12-28 07:04 - 2022-12-28 07:04 - 000012288 _____ () [Fichier non signé] C:\Users\Claude\AppData\Local\Temp\nsm3282.tmp\System.dll 2018-07-15 12:15 - 2018-07-15 12:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicExplorer64.dll 2018-07-15 12:15 - 2018-07-15 12:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll 2020-08-03 11:31 - 2020-08-03 11:31 - 000018944 _____ (Softland) [Fichier non signé] C:\Windows\System32\novamn10.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-12-27] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-12-07 10:14 - 2021-07-22 10:28 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps HKU\S-1-5-21-236189216-5393697-1295916501-1001\Control Panel\Desktop\\Wallpaper -> C:\Raccourcis\FR-wp5.jpg DNS Servers: 156.154.70.25 - 156.154.71.25 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Le Pare-feu est activé. Network Binding: ============= Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled) ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "IseUI" HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{1C12069E-A13B-42DC-B4FE-C7CE53DFD9E9}] => (Allow) C:\Users\Claude\AppData\Local\Temp\7zS5D2A\HP.EasyStart.exe => Pas de fichier FirewallRules: [{41A337CB-7E3E-4B45-A3A9-83574F945548}] => (Allow) C:\Users\Claude\AppData\Local\Temp\7zS7690\HP.EasyStart.exe => Pas de fichier FirewallRules: [{53436F74-BD01-4688-B00B-E57C41A4733B}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{52C851A0-8626-4C71-933C-F7229A2A47A8}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{53B2625C-3980-45D2-8619-C2AD7CBEC4B9}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\SendAFax.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{12919180-5FA1-4CFA-B92E-C5CAFF9AE19D}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{23477A70-5AFA-43E6-9508-6DB1BD959B24}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{08D59876-5F32-46EE-895B-229ECBE37A6B}] => (Allow) LPort=5357 FirewallRules: [{26BFF7C0-AFE3-4CA0-8B25-6DAAF0429865}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{41C1F66D-C17B-439F-95FE-6E7789A91738}] => (Allow) LPort=8501 FirewallRules: [{EB98C094-D6D6-46DD-B91B-3D117461999D}] => (Allow) LPort=8501 FirewallRules: [{21A1541C-C9D9-4F2E-B458-8540019D6A11}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom) FirewallRules: [{480C6602-A8F0-4CD4-AA2D-AB8069EA5E9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{9E6EFAB9-EFA3-4B1E-B67D-E4ECCBA59176}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{01DF0815-250E-4BEF-A399-C43432F6D46B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{C9B70DF6-3CB5-42AC-9DE3-6A0E1C192420}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{E32E59FC-F448-4BB5-AD78-5DFFE36DCA97}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DF5E2A64-4641-4EF6-8B2F-B0F4C7EA6FB3}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{BFBA7578-FA33-4BDB-A2A1-A5501332530D}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{BCB758B9-16E3-44FB-A197-D0BB54FF47EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{7A733EE2-5886-406F-900E-8940A8663731}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{910CDE1C-DF53-414A-A56C-6B7ECF22FFBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{7D2FBA68-DD06-4CC2-A326-ED4C4DE51A96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{54A57B15-C001-4645-86A4-3464A808C85D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{4A77BDC9-051A-4405-8E43-76FC40B41C8E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{7FA05540-5E20-421C-A64D-1F8F9D3E67D2}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe => Pas de fichier FirewallRules: [{FBD2907B-92A9-440D-AAB5-26A1F05AFE78}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.2\ABService.exe => Pas de fichier FirewallRules: [{5E4280ED-ECB8-4D55-860C-486C177BADDF}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{2654E93E-34BC-4FC5-B094-66211AE54877}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{8E398410-2ED2-4564-956F-2B0F04B5AF3C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{AC5C1936-E79E-4E0C-8370-98D589921B46}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{2F7F2E46-EE65-43EE-84D2-B5B5D38E648A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{3B39DC35-1A1D-4ED0-BC58-6E40172A884B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{92293619-027E-40E0-9CAA-6067523A77A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{CCE609FD-3315-4ACB-84EC-3B1AEC6942A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{57692E53-EC26-46C9-AF3B-CFE6871C1FA4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{DA6C551D-6F30-493F-AC37-47F3F858D90B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{49C92E42-E761-49D5-A633-31F64697D2CA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{F12C04D5-763C-4C31-9F00-DC482B6CAECD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{964F7464-F7E5-4050-941F-51E32AAD967C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{4227BFE9-3773-4AB2-AB21-6E3FC2C35308}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{327EB8E2-6841-4AE9-8185-9700116D9DAF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{FA792849-6FF1-4CA3-97F0-5D5F887ECAFA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{BF16BC57-826E-49CE-8417-DC6F94839361}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C5C640F3-0A25-4B54-8336-AAF28F6C8FC1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{3CB913E0-2119-46C1-B669-6C1E09D5A761}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Points de restauration ========================= ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (12/27/2022 01:16:55 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (12/27/2022 10:28:37 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme ZHPSuite.exe version 2022.12.22.90 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : ed4 Heure de début : 01d919d46b47968d Heure d'arrêt : 40 Chemin d'accès à l'application : C:\Users\Claude\Desktop\ZHPSuite.exe ID de rapport : c33636c6-a598-4766-85b6-ec3a45ac90e7 Nom complet du package défectueux : ID de l'application relative à un package défectueux : Type de blocage : Unknown Error: (12/27/2022 07:14:09 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur Donnees2 (E:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A) Error: (12/27/2022 07:13:34 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur Donnees500 (F:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A) Error: (12/27/2022 07:13:28 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur PourVM (G:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A) Error: (12/27/2022 07:12:49 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur Donnees1 (D:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A) Error: (12/26/2022 06:51:54 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur Donnees1 (D:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A) Error: (12/26/2022 03:09:19 PM) (Source: Firefox Default Browser Agent) (EventID: 12057) (User: ) Description: Event-ID 12057 Erreurs système: ============= Error: (12/27/2022 09:09:42 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE) Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (12/26/2022 06:56:41 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Les clichés instantanés du volume C: ont été annulés car le stockage du cliché instantané n’a pas pu s’agrandir en raison d’une limite utilisateur. Error: (12/26/2022 06:12:49 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 07:08:46 le ‎25/‎12/‎2022 n’était pas prévu. Error: (12/24/2022 11:36:24 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE) Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (12/24/2022 11:36:24 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE) Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (12/24/2022 09:05:27 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE) Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (12/24/2022 09:05:27 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE) Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (12/24/2022 09:05:27 PM) (Source: DCOM) (EventID: 10010) (User: PC-MONIQUE) Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. CodeIntegrity: =============== Date: 2022-12-28 07:23:02 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2022-12-28 07:22:07 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2022-12-28 07:04:06 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2022-12-28 07:03:09 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume7\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== BIOS: Award Software International, Inc. F3 10/16/2009 Carte mère: Gigabyte Technology Co., Ltd. P55A-UD4 Processeur: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz Pourcentage de mémoire utilisée: 16% Mémoire physique - RAM - totale: 32763.48 MB Mémoire physique - RAM - disponible: 27439.77 MB Mémoire virtuelle totale: 37627.48 MB Mémoire virtuelle disponible: 30732.01 MB ==================== Lecteurs ================================ Drive c: (Win10SSD) (Fixed) (Total:113 GB) (Free:36.25 GB) (Model: Samsung SSD 850 PRO 128GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] Drive d: (Donnees1) (Fixed) (Total:729.98 GB) (Free:662.37 GB) (Model: TOSHIBA HDWA120) NTFS Drive e: (Donnees2) (Fixed) (Total:729.98 GB) (Free:207.41 GB) (Model: TOSHIBA HDWA120) NTFS Drive f: (Donnees500) (Fixed) (Total:352.76 GB) (Free:230.74 GB) (Model: WDC WD5000AAKX-08U6AA0) NTFS Drive g: (PourVM) (Fixed) (Total:388.05 GB) (Free:361.53 GB) (Model: TOSHIBA HDWA120) NTFS ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 73A7569E) Partition 1: (Active) - (Size=113 GB) - (Type=83) Partition 2: (Not Active) - (Size=352.8 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 145231DD) Partition 1: (Not Active) - (Size=730 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=730 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=15 GB) - (Type=82) Partition 4: (Not Active) - (Size=388.1 GB) - (Type=0F Extended) ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 50B436FE) Partition 1: (Active) - (Size=113 GB) - (Type=07 NTFS) ==================== Fin de Addition.txt =======================