cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-05-2017
Ran by Holidea (12-05-2017 16:47:05)
Running from C:\Users\Holidea\Desktop
Windows 10 Pro Version 1607 (X64) (2016-08-04 10:04:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1237337697-2235402892-2061835607-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1237337697-2235402892-2061835607-503 - Limited - Disabled)
Guest (S-1-5-21-1237337697-2235402892-2061835607-501 - Limited - Disabled)
Holidea (S-1-5-21-1237337697-2235402892-2061835607-1001 - Administrator - Enabled) => C:\Users\Holidea

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.0.1.188 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2017 (HKLM-x32\...\DRWV_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Assistant Mise à niveau de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17346 - Microsoft Corporation)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software)
Belgium e-ID middleware 4.1.10 (build 1698) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71698}) (Version: 4.1.1698 - Belgian Government)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
FileZilla Client 3.24.1 (HKLM-x32\...\FileZilla Client) (Version: 3.24.1 - Tim Kosse)
FortiClient (HKLM\...\{B5E0B33F-91D4-408B-BE40-46BCA75F3914}) (Version: 5.4.0.0780 - Fortinet Inc)
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Google Web Designer (HKLM\...\{811767F4-C586-4673-A41F-E9D767497222}) (Version: 1.3.10.0 - Google Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.551.2 - McAfee, Inc.)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.7967.2139 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60825 - Microsoft Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.60825 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0.2 (x86 fr) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 fr)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 fr) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 fr)) (Version: 45.8.0 - Mozilla)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Office Timeline (HKLM-x32\...\{DF5FA41E-B8BD-4C04-AC56-1B3FE70C6A04}) (Version: 3.13.0 - Office Timeline)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6738 - Realtek Semiconductor Corp.)
SAP Crystal Reports runtime engine for .NET Framework (64-bit) (HKLM\...\{1686CF99-0F26-4297-9204-7202ABDF9A7C}) (Version: 13.0.14.1720 - SAP)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.01.01 - Toshiba Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Driver Package - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6CB226C69644}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {120B2B55-7940-44C6-988A-6CFE0B9B20ED} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-04-28] (Microsoft Corporation)
Task: {1490EC5D-623F-431D-898A-9D9F53CCD7D1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {158D4237-1BB0-4173-9052-06298E2B94D3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {2A1CD424-65E1-45E7-918B-1E53AE46DF73} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {3113566B-53D4-4A3E-833C-D5721E796241} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {3AD41B19-BB81-464E-8404-E3A19E40D2AF} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-10] (Adobe Systems Incorporated)
Task: {3EF9F995-1717-490B-A057-3AB8D68BADDF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {4C5D6EEF-2F95-42F4-8E5F-86C4D6E69DD3} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-10] (AVAST Software)
Task: {6166D7F8-678F-4024-A4E6-0634BF1C06D6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {7224DF53-AB75-42E8-AFF8-0DAE48899A48} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {784EB57C-2716-4FE0-850C-7323306A1EB8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {A8350AAB-BDDB-44F1-BE41-6F2E171D8610} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {AC13F8AD-63BA-4E0C-99D3-1442B7EA1590} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-28] (AVAST Software)
Task: {BE0F2390-A170-437F-8CFE-4C4372EE80A3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {C460D7A1-8882-4C0F-B2C5-DC940A2540C9} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-PS28JVB-Holidea => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {C864F100-21B2-4F48-9533-FA0F85D73832} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-12] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Public\Desktop\SwingNET.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://192.168.178.10/servico -nomerge

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-11 10:25 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-11 10:25 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-04 12:15 - 2016-08-04 12:15 - 00959168 _____ () C:\Users\Holidea\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2017-03-31 10:36 - 2016-10-25 10:57 - 00491184 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-09-16 13:24 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 11:40 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 11:41 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 11:41 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 11:41 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-11 10:25 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-11 10:25 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 22:00 - 2017-03-09 02:16 - 00112264 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-05-09 09:52 - 2017-05-09 10:23 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 09:52 - 2017-05-09 10:23 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 09:52 - 2017-05-09 10:23 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 09:52 - 2017-05-09 10:23 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-03-31 10:36 - 2016-10-25 10:57 - 31723696 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2017-05-10 09:19 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-10 09:19 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2017-05-10 09:09 - 2017-05-01 12:59 - 31118328 _____ () C:\Users\Holidea\AppData\Local\Google\Chrome\User Data\PepperFlash\25.0.0.171\pepflashplayer.dll
2017-05-12 16:39 - 2017-05-12 16:39 - 02105344 _____ () C:\Users\Holidea\Downloads\ZHPDiag3.exe
2015-10-06 12:08 - 2015-10-06 12:08 - 00552978 _____ () C:\Program Files (x86)\Fortinet\FortiClient\sqlite3.dll
2017-05-10 17:15 - 2017-05-10 17:15 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-05-10 17:15 - 2017-05-10 17:15 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-05-10 17:15 - 2017-05-10 17:15 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-05-10 17:15 - 2017-05-10 17:15 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-05-10 17:15 - 2017-05-10 17:15 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-05-10 17:14 - 2017-05-10 17:14 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-05-10 17:15 - 2017-05-10 17:15 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-05-12 16:00 - 2017-05-12 16:00 - 00098816 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\win32api.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00110080 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\pywintypes27.dll
2017-05-12 16:00 - 2017-05-12 16:00 - 00364544 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\pythoncom27.dll
2017-05-12 16:00 - 2017-05-12 16:00 - 00320512 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\win32com.shell.shell.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00914432 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\_hashlib.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 01176576 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\wx._core_.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00806400 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\wx._gdi_.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00816128 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\wx._windows_.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 01067008 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\wx._controls_.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00733184 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\wx._misc_.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00682496 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\pysqlite2._sqlite.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00088064 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\_ctypes.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00686080 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\unicodedata.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00119808 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\win32file.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00108544 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\win32security.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00007168 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\hashobjs_ext.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00017920 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\thumbnails_ext.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00088064 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\usb_ext.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00012800 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\common.time34.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00018432 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\win32event.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00167936 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\win32gui.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00046080 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\_socket.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 01303552 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\_ssl.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00128512 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\_elementtree.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00127488 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\pyexpat.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00038912 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\win32inet.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00036864 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\_psutil_windows.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00524248 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\windows._lib_cacheinvalidation.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00011264 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\win32crypt.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00123392 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\wx._wizard.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00077312 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\wx._html2.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00027648 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\_multiprocessing.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00020480 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\_yappi.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00035840 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\win32process.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00078848 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\wx._animate.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00024064 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\win32pipe.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00010240 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\select.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00025600 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\win32pdh.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00017408 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\win32profile.pyd
2017-05-12 16:00 - 2017-05-12 16:00 - 00022528 ____R () C:\Users\Holidea\AppData\Local\Temp\_MEI71242\win32ts.pyd
2017-03-31 10:36 - 2017-03-14 09:31 - 52051544 ____N () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-03-31 10:47 - 2017-01-25 21:07 - 00118272 ____N () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-03-31 10:46 - 2017-01-25 21:07 - 00214528 ____N () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-03-31 10:45 - 2017-01-25 21:06 - 00117248 ____N () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-03-31 10:47 - 2017-01-25 21:07 - 00125952 ____N () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-03-31 10:46 - 2017-03-14 09:35 - 00099416 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-03-31 10:47 - 2017-01-25 21:07 - 00086528 ____N () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7936 more sites.

IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\...\123simsen.com -> www.123simsen.com

There are 7936 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-06 14:15 - 2017-05-12 14:09 - 00454852 ____R C:\WINDOWS\system32\Drivers\etc\hosts

185.47.28.49 voyages.demo-touring.com voyages.demo-myholidea.com voyages.demo-sodexo.com
185.47.28.49 reizen.demo-touring.com reizen.demo-myholidea.com reizen.demo-sodexo.com
192.168.1.100 voyages.majdi.holidea.devh.studioweb.tn
192.168.1.100 tmp.studioweb.tn
192.168.1.100 2advice.studioweb.tn
0.0.0.1 mssplus.mcafee.com127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info

There are 15603 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1237337697-2235402892-2061835607-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 217.112.180.1 - 217.112.180.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{939A16EC-F90D-4441-8EA1-B57FB1BB45D5}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortiesnac.exe
FirewallRules: [{13E66770-2921-41F2-89E4-708E1873746B}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiWad.exe
FirewallRules: [{951AD3F5-661E-4A91-8F1B-B9957B7A8B40}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\ipsec.exe
FirewallRules: [{760B31C6-03AA-440B-B748-6E965E173794}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe
FirewallRules: [{4BD3FB33-BE8C-433D-AB1C-EAC1EE0CA48A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AE6765D2-7D63-43D0-9060-1DF6FD66FA72}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{31CE30DB-8074-4D2B-8998-F3C258C0B463}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5F729758-B794-48D3-83ED-E9CD2636F257}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B6F0B8EB-891B-49FA-866D-27BBF32B6E52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7EA81650-77B4-4AE9-837F-99E8D7423C50}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C830A31A-97DB-47CE-BA88-791337DD9E64}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5BBB4DA3-BD48-4373-BE5E-2E829798D958}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{55644BED-BF22-4641-BE83-835F25C529DA}] => (Allow) LPort=2869
FirewallRules: [{A09EB565-4F11-4868-A44A-DE02C5AFD086}] => (Allow) LPort=1900
FirewallRules: [{EE0EE36F-A21C-49B3-BCFE-9C3A1F7E2E78}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E82764B8-E78B-4497-8E75-2AADB8DF4F8D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E73B404A-9F83-48AE-9257-11BBE8B462E3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2B241952-4EC7-4FD1-8F4B-8DBFE6B7266C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{6143D92E-B4C3-48BB-9E10-08EF80978812}C:\users\holidea\downloads\wap300n_win_setup_v1.3.0.0\wap300n_v1.3.0.0_20130702\setup.exe] => (Allow) C:\users\holidea\downloads\wap300n_win_setup_v1.3.0.0\wap300n_v1.3.0.0_20130702\setup.exe
FirewallRules: [UDP Query User{8BF93752-FB7C-4BEB-B671-2E18BC54BB7F}C:\users\holidea\downloads\wap300n_win_setup_v1.3.0.0\wap300n_v1.3.0.0_20130702\setup.exe] => (Allow) C:\users\holidea\downloads\wap300n_win_setup_v1.3.0.0\wap300n_v1.3.0.0_20130702\setup.exe
FirewallRules: [TCP Query User{69757EB8-47AF-49EF-A3B6-15FAA6FB2399}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe
FirewallRules: [UDP Query User{35B9DCC8-F496-4FA5-9F2F-A09CA4763D99}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe
FirewallRules: [{699E05FC-652C-416B-9336-284B249E1041}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{B11FEFB0-4721-4B07-A5C3-C0E60C5A6267}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

12-05-2017 16:07:36 Removed Composants de sécurité Isabel.

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2017 04:08:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/12/2017 03:56:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (05/12/2017 03:56:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante mbamservice.exe, version : 3.1.0.479, horodatage : 0x58f6af02
Nom du module défaillant : mbamservice.exe, version : 3.1.0.479, horodatage : 0x58f6af02
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0000000000048a86
ID du processus défaillant : 0xbcc
Heure de début de l’application défaillante : 0x01d2cb0d3878ead3
Chemin d’accès de l’application défaillante : C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Chemin d’accès du module défaillant: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
ID de rapport : 90d47837-f69e-49e8-b397-87dd8206af64
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (05/12/2017 03:54:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/12/2017 03:51:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante SDUpdSvc.exe, version : 2.5.44.79, horodatage : 0x57e24e33
Nom du module défaillant : rtl150.bpl, version : 15.0.3953.35171, horodatage : 0x4cca139f
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0000a116
ID du processus défaillant : 0x2690
Heure de début de l’application défaillante : 0x01d2cb100e682352
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
Chemin d’accès du module défaillant: C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl
ID de rapport : db94d560-9a5f-4efd-9891-d2dcfcf26e3e
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (05/12/2017 02:10:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.

Error: (05/12/2017 01:07:46 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: NT AUTHORITY)
Description: Impossible de redémarrer l’application ou le service « Spybot-S&D 2 Security Center Service ».

Error: (05/12/2017 10:38:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-PS28JVB)
Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2144927142 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (05/11/2017 10:35:30 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/11/2017 10:33:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.


System errors:
=============
Error: (05/12/2017 03:58:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Les paramètres d’autorisation application-specific n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID NT AUTHORITY\LOCAL SERVICE de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (Using LRPC) s’exécutant dans le SID Unavailable du conteneur d’applications (Unavailable). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/12/2017 03:58:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Les paramètres d’autorisation application-specific n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID NT AUTHORITY\LOCAL SERVICE de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (Using LRPC) s’exécutant dans le SID Unavailable du conteneur d’applications (Unavailable). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/12/2017 03:58:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Les paramètres d’autorisation application-specific n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
et l’APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
au SID NT AUTHORITY\SYSTEM de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (Using LRPC) s’exécutant dans le SID Unavailable du conteneur d’applications (Unavailable). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/12/2017 03:57:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Les paramètres d’autorisation application-specific n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID NT AUTHORITY\SYSTEM de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (Using LRPC) s’exécutant dans le SID Unavailable du conteneur d’applications (Unavailable). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/12/2017 02:02:42 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-PS28JVB)
Description: Les paramètres d’autorisation machine-default n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
et l’APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
au SID DESKTOP-PS28JVB\Holidea de l’utilisateur (S-1-5-21-1237337697-2235402892-2061835607-1001) depuis l’adresse LocalHost (Using LRPC) s’exécutant dans le SID Belgacom.ProximusTV0.1_1.6.1.0_x64__bcx4519w96y8m du conteneur d’applications (S-1-15-2-3415193010-897846972-353326390-45742235-3614588331-1517008707-1173303621). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/12/2017 01:07:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Spybot-S&D 2 Security Center Service n’a pas pu démarrer en raison de l’erreur :
Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé.

Error: (05/12/2017 12:54:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Les paramètres d’autorisation machine-default n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
et l’APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
au SID NT AUTHORITY\LOCAL SERVICE de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (Using LRPC) s’exécutant dans le SID Unavailable du conteneur d’applications (Unavailable). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/12/2017 12:54:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Les paramètres d’autorisation application-specific n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID NT AUTHORITY\LOCAL SERVICE de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (Using LRPC) s’exécutant dans le SID Unavailable du conteneur d’applications (Unavailable). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/12/2017 12:54:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Les paramètres d’autorisation machine-default n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
et l’APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
au SID NT AUTHORITY\LOCAL SERVICE de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (Using LRPC) s’exécutant dans le SID Unavailable du conteneur d’applications (Unavailable). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/12/2017 12:54:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Les paramètres d’autorisation application-specific n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID NT AUTHORITY\LOCAL SERVICE de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (Using LRPC) s’exécutant dans le SID Unavailable du conteneur d’applications (Unavailable). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.


CodeIntegrity:
===================================
Date: 2017-05-12 13:46:18.019
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-12 13:46:18.015
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-12 13:42:22.927
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-12 13:42:22.924
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-12 13:42:22.921
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-12 13:42:22.917
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-12 13:33:53.848
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-12 13:33:53.844
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-12 13:33:13.079
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-12 13:33:13.075
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2348M CPU @ 2.30GHz
Percentage of memory in use: 54%
Total physical RAM: 8073.3 MB
Available physical RAM: 3644 MB
Total Virtual: 10633.3 MB
Available Virtual: 6208.35 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:416.35 GB) (Free:285.19 GB) NTFS
Drive d: () (Fixed) (Total:48.83 GB) (Free:44.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C1E39A8F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=416.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=500 MB) - (Type=27)

==================== End of Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité