Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2017 01
Ran by Administrator (28-09-2017 08:44:05)
Running from C:\Users\Administrator.BOULET\Desktop
Windows Server 2008 R2 Standard Service Pack 1 (X64) (2010-08-24 22:00:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4052908577-887183366-1266489224-500 - Administrator - Enabled)
Guest (S-1-5-21-4052908577-887183366-1266489224-501 - Administrator - Disabled)
krbtgt (0 - Administrator - Disabled) => %systemroot%\system32\config\systemprofile
IWAM_BOULETSRV (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
IUSR_BOULETSRV (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
marco (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
charles (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
alexis (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Sforest (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
richard (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
rogerb (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
caroll (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
pierre (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
raymond (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
mimi (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Gabrielle (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Portable (0 - Administrator - Disabled) => %systemroot%\system32\config\systemprofile
backup (0 - Administrator - Disabled) => %systemroot%\system32\config\systemprofile
andre (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Production (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Yanick (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
admin (0 - Administrator - Disabled) => %systemroot%\system32\config\systemprofile
sylvie (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
PierreB (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
adm1 (0 - Administrator - Disabled) => %systemroot%\system32\config\systemprofile
sysdb (0 - Administrator - Disabled) => %systemroot%\system32\config\systemprofile
Melodie (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Jerome (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
pvanier (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
salle-montre (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Punch (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
MicheleH (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Vannak (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
MichelleT (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Alexandra (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
vannak2 (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
_services (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Services (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
JulieD (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
StephanieG (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
temp (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
sebastien (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
taher (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
eda (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
UpdateUser (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Options (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Access (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
xerdox (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Senior (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
DB_ADMIN (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
PhilippeS (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Francois (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
FRANCOISP (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
BOULETSRV$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
PIERRE$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
CONFERENCE$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
SERGE$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
VANNAK$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
AHALMAI$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
MIMI$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
PROD-MARCO$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
YANICK$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
ALEXIS$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
SONIA$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
CHARLES$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
RAYMOND$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
GABRIELLE$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
RICHARD$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
MACHINE$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
SOFT-NY0S4K31CR$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
ORDI-XPSP2$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
CAROLLSEGUIN$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
ROGER$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
SYLVIE$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
D6PSX6G1$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
ALEXIS-ENTREPOT$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
YANICKVOSTRO410$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
SOUDEUSE-AC0F23$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
ALEXISVOSTRO430$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
NOUV_SEBASTIEN$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
SEBASTIE-FC2118$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
SEBASTIEN-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
PORTESETFENETRE$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
DC01$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
PIERRE-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
PASCAL-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
ORDI-PRODUCTION$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
BOULET-D83F7FC3$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
MANDRE-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
CHARLES-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
RAYMOND-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
GEORGES-XP$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
MICHELLE-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
YANICK2-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
SERGE-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
PVANIER-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
VANNAK-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
MELO-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
TAHER-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
JEROMELEMIRE-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
BCK01$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
TS01$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
CAROLL$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
RICHARD-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
ASUSM11AA$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
GEORGE-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
TAHER$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
MELODIE-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
FRANCOIS-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
DESKTOP-1MVN7SJ$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
BOULET-9DA6FB24$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
BOULET-CA99C036$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
TAHER-A9D7AA9A6$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
YANICK-E3DE98E2$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
DESKTOP-69LIO7T$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
DESKTOP-JCR17CF$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
BCK02$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
mac-alexis$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{3138F992-045B-4F55-825C-53B231E647CA}) (Version: 13.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Bitdefender Endpoint Security Tools (HKLM\...\Endpoint Security) (Version: 6.2.25.944 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Dyn Updater (HKLM-x32\...\DynUpdater) (Version: 4.1.10 - Dyn, Inc.)
Free DWG Viewer 7.0 (HKLM-x32\...\{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}) (Version: 7.0.1 - IGC)
HP Officejet Pro X551dw Printer Basic Device Software (HKLM\...\{68401FEC-E430-4DA0-8912-FAAAEE790D3D}) (Version: 29.1.973.39397 - Hewlett-Packard Co.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - )
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
OKI Color Swatch Utility (HKLM-x32\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.15.0000 - Okidata)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
PayClock (HKLM\...\{CD257C96-8CF2-46EB-ACE9-0533B6B5F8A1}) (Version: 6.3.1 - Lathem Time Corporation)
Printer DCA (HKLM-x32\...\{D8D6CA44-79AE-4CFD-885B-1BD50A77AB34}) (Version: 4.1.20573 - PrintFleet Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
VMware Tools (HKLM\...\{2CC6DDCE-708B-416C-8DA6-D1862544668D}) (Version: 9.4.15.2827462 - VMware, Inc.)
VMware vSphere Client 4.0 (HKLM-x32\...\{C40698F9-A861-4531-9F8C-FA7F8961375B}) (Version: 4.0.0.12305 - VMware, Inc.)
WatchGuard Fireware v11.10.2 for XTM 3 devices (HKLM-x32\...\WatchGuard XTM XTM3 11.10.2_is1) (Version: - WatchGuard Technologies, Inc.)
WatchGuard Fireware XTM OS for Edge e-Series 11.3.3 (HKLM-x32\...\WatchGuard Fireware XTM OS for Edge e-Series 11.3.3_is1) (Version: - WatchGuard Technologies, Inc.)
WatchGuard Fireware XTM OS for Edge e-Series 11.3.4 (HKLM-x32\...\WatchGuard Fireware XTM OS for Edge e-Series 11.3.4_is1) (Version: - WatchGuard Technologies, Inc.)
WatchGuard System Manager 11.11.4 (HKLM-x32\...\WatchGuard System Manager 11.11_is1) (Version: - WatchGuard Technologies, Inc.)
WinRAR 5.40 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.4 - win.rar GmbH)
WinSCP 4.3.2 (HKLM-x32\...\winscp3_is1) (Version: 4.3.2 - Martin Prikryl)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-07] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-07] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-07] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-07] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {63EE8552-A444-4BA2-8E1E-C8350D6D412A} - System32\Tasks\Microsoft\Windows\Server Manager\ServerManager => C:\Windows\system32\ServerManagerLauncher.exe [2009-07-13] (Microsoft Corporation)
Task: {69110D7B-41DC-4E9D-BDD3-C826C7DB613B} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Server\ServerRoleUsageCollector => C:\Windows\system32\ceipdata.exe [2010-11-20] (Microsoft Corporation)
Task: {A2E56698-33ED-4BF2-B4EA-A785F189193C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-08] (Adobe Systems Incorporated)
Task: {AFECE848-8DA2-461B-B5E6-CBEF57A4DF7D} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Server\ServerRoleCollector => C:\Windows\system32\ceiprole.exe [2010-11-20] (Microsoft Corporation)
Task: {C348952E-D9A1-4D2C-8BDE-BCBCE455287E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {D49A10DA-0F70-4779-BD96-B2D976A4F2E3} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Server\ServerCeipAssistant => C:\Windows\system32\ceipdata.exe [2010-11-20] (Microsoft Corporation)
Task: {DD56266B-8394-4D65-B6B4-76159A9CA2DD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Administrator.BOULET\Desktop\Symantec Endpoint Protection Manager Console.lnk -> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\bin\sesm.bat (No File)
==================== Loaded Modules (Whitelisted) ==============
2017-09-28 00:52 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-09-27 09:58 - 2017-09-27 09:55 - 000280576 _____ () C:\Program Files\Bitdefender\Endpoint Security\txmlutil.dll
2017-09-27 09:58 - 2015-10-06 16:56 - 000279608 _____ () C:\Program Files\Bitdefender\Endpoint Security\zlib.dll
2017-09-27 22:46 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-09-27 22:46 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-09-27 22:46 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-09-27 22:46 - 2017-05-12 11:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Administrator.BOULET\Downloads\avcertclean_1.1.2.exe:BDU [0]
AlternateDataStreams: C:\Users\Administrator.BOULET\Downloads\HijackThis.exe:BDU [0]
AlternateDataStreams: C:\Users\Administrator.BOULET\Downloads\mb3-setup-consumer-3.2.2.2029.exe:BDU [0]
AlternateDataStreams: C:\Users\Administrator.BOULET\Downloads\spybotsd-2.6.46.exe:BDU [0]
AlternateDataStreams: C:\Users\Administrator.BOULET\Downloads\ZHPDiag3.exe:BDU [0]
AlternateDataStreams: C:\ProgramData\TEMP:FCA8C9CD [146]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-500\...\fenetresconcerto.ca -> hxxp://www.fenetresconcerto.ca
IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-500\...\meteomedia.com -> hxxp://www.meteomedia.com
IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-500\...\microsoft.com -> fullproduct.download.microsoft.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2009-06-10 17:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-606344767-3282361405-600652822-1117\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-606344767-3282361405-600652822-500\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 127.0.0.1 - 192.168.0.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SCW-Allow-Inbound-Access-To-ScsHost-TCP-RPC] => (Allow) %systemroot%\system32\scshost.exe
FirewallRules: [SCW-Allow-Inbound-Access-To-ScsHost-TCP-RPC-EndPointMapper] => (Allow) %systemroot%\system32\scshost.exe
FirewallRules: [ComPlusRemoteAdministration-DCOM-In] => (Allow) %systemroot%\system32\dllhost.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [DfsMgmt-In-TCP] => (Allow) %systemroot%\system32\dfsfrsHost.exe
FirewallRules: [DFSR-DFSRSvc-In-TCP] => (Allow) %SystemRoot%\system32\dfsrs.exe
FirewallRules: [NTFRS-NTFRSSvc-In-TCP] => (Allow) %SystemRoot%\system32\NTFRS.exe
FirewallRules: [ADWS-TCP-In] => (Allow) %systemroot%\ADWS\Microsoft.ActiveDirectory.WebServices.exe
FirewallRules: [ADWS-TCP-Out] => (Allow) %systemroot%\ADWS\Microsoft.ActiveDirectory.WebServices.exe
FirewallRules: [DNSSrv-DNS-TCP-In] => (Allow) %systemroot%\System32\dns.exe
FirewallRules: [DNSSrv-DNS-UDP-In] => (Allow) %systemroot%\System32\dns.exe
FirewallRules: [DNSSrv-RPC-TCP-In] => (Allow) %systemroot%\System32\dns.exe
FirewallRules: [DNSSrv-TCP-Out] => (Allow) %systemroot%\System32\dns.exe
FirewallRules: [DNSSrv-UDP-Out] => (Allow) %systemroot%\System32\dns.exe
FirewallRules: [{0A7CAA76-DB14-4B18-8063-AC9FB3AF60AE}] => (Allow) LPort=6160
FirewallRules: [{F8B9CC18-E038-4114-9406-728D26B3F1CE}] => (Allow) LPort=6160
FirewallRules: [{F6A15FAE-A30F-445A-9B45-B5BE016B75F3}] => (Allow) C:\Punch\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{D7C02281-340B-4394-811B-7B0D28D5D348}] => (Allow) C:\Punch\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{F81B97A5-9517-4971-BE12-56EA17960CEF}] => (Allow) C:\Punch\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{FDF1C8C0-C6CA-4790-A36E-3FF5DCCB2D57}] => (Allow) C:\Punch\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{CBD1009C-53FE-4BF8-A840-423BE1BBFB71}] => (Allow) C:\Punch\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{31828B91-5025-441E-8E1E-1B5F51FF990F}] => (Allow) C:\Punch\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{BE97A6C4-F45D-4950-93EB-C14389208369}] => (Allow) C:\Punch\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{6C909B49-0582-4FBA-BEF4-1D96D7E98D60}] => (Allow) C:\Punch\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{CEA9DAD6-5B7E-4921-84DB-2945E438434E}] => (Allow) C:\Program Files\HP\HP Officejet Pro X551dw Printer\Bin\DeviceSetup.exe
FirewallRules: [{A54B9C9C-DE70-491A-81F9-23C918531B6A}] => (Allow) C:\Program Files\HP\HP Officejet Pro X551dw Printer\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [FSRM-SrmReports-In (RPC)] => (Allow) %systemroot%\system32\srmhost.exe
FirewallRules: [{86AF2FA9-4CC8-4B1F-A403-97ED04B40774}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{0D1823B9-2259-42D3-B859-A22E213EF4E4}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{F7D60CAD-C870-44DC-9E41-F0985870E184}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{B353C5C7-5953-4D91-8B14-1E51FDF1A588}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{2133BDF9-91A5-4DB0-93BB-78ECFF89AA55}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{CE28AE02-32A7-4AC7-8221-CA19C1F003CA}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{6E42465A-3BF1-4FD6-B6AE-B4D47270C01B}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{A35FB6BB-114F-494C-99EF-F8926ABD45D9}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{7CC1ACE1-810E-4DEB-ADB2-BE8CAA39E9E3}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{537C76BF-D08C-486A-8E91-70D4041A4E05}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{DEE53802-DDE9-467E-8A42-50B3078DF0F9}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{8FACDD42-BA21-4674-BA7B-AF9F8BAB444D}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{DC90B11D-333A-4078-BFFD-F40C5473E9F4}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{2891A508-4C6C-4764-9B1C-A8D844CFFFC0}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{34DFAA0E-DFA2-433D-9B29-880E95DDBD40}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{B90D6D62-6E1A-481B-B8CD-7AEF5D8ECBBC}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{9F316D83-6D56-40FD-A092-051B5D685685}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{5410F433-5819-40CE-8DDA-4C38FB32373E}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{05584627-32F9-4F37-A869-9D4DB536600A}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{B3D74FB5-84AD-4A2D-B54A-14EEA2F0B866}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{A9B37260-E174-4C52-9EA0-FB6FE1235BC9}] => (Allow) C:\Program Files\Lathem Time Corporation\PayClock\PayclockV6.exe
FirewallRules: [{714AC6B5-0119-471F-8F00-27C83EF874A9}] => (Allow) C:\Program Files\Lathem Time Corporation\PayClock\PayclockV6.exe
FirewallRules: [{61A58892-7A34-4396-91E4-3CF31ED89917}] => (Allow) C:\Program Files\Lathem Time Corporation\PayClock\LicenseManager.exe
FirewallRules: [{03D58CAE-AE20-4287-A01C-965FA57A063C}] => (Allow) C:\Program Files\Lathem Time Corporation\PayClock\LicenseManager.exe
FirewallRules: [{002277C9-951B-48DF-A19B-699010562504}] => (Allow) C:\Program Files\Lathem Time Corporation\PayClock\RegistrationWizard.exe
FirewallRules: [{78DF469F-8E88-4F0F-8E1F-9FCB575DA845}] => (Allow) C:\Program Files\Lathem Time Corporation\PayClock\RegistrationWizard.exe
FirewallRules: [{BCC86D8F-7DDD-4163-9F76-D75D43F308D1}] => (Allow) C:\Program Files\Lathem Time Corporation\PayClock\Dbsrv11.exe
FirewallRules: [{85A7E890-C5E2-443A-80B6-E124EA5EC177}] => (Allow) C:\Program Files\Lathem Time Corporation\PayClock\Dbsrv11.exe
FirewallRules: [{72963966-82AC-4FC0-B948-0E4A565BF289}] => (Allow) LPort=7350
FirewallRules: [{AA6B486C-E326-4BF7-AF22-462404ECB385}] => (Allow) LPort=7350
FirewallRules: [{D41D5223-A37D-4A77-80D5-4CAE6B4CD123}] => (Allow) LPort=7351
FirewallRules: [{8BF4CF94-01F4-469B-B1E9-21B2910F5103}] => (Allow) LPort=7351
FirewallRules: [{E691601F-4D99-4A13-B341-341728303BDD}] => (Allow) LPort=7352
FirewallRules: [{98DF54AA-1CA9-41AB-A9C6-44BF587EE05C}] => (Allow) LPort=7352
FirewallRules: [{298C6E04-E6D9-43ED-A049-41A9043BD185}] => (Allow) LPort=9156
FirewallRules: [{BBBC710D-3613-4972-8B88-8FDA359F5943}] => (Allow) LPort=9156
FirewallRules: [{6785EB7E-1CDD-48BF-85B7-BF76677F6A8D}] => (Allow) LPort=9157
FirewallRules: [{60DC7C5C-BBE7-480C-9799-FB76E9F5BDD6}] => (Allow) LPort=9157
FirewallRules: [{2090102E-0BD6-42D7-8B92-ECC65096927E}] => (Allow) LPort=9158
FirewallRules: [{6F1C3E0F-33A0-4525-A4D8-73F4F2FF31E3}] => (Allow) LPort=9158
FirewallRules: [{4F213D42-0C00-48AD-AE92-892051F99921}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{35CA0366-5603-46D8-8F02-7DCC66E16C3C}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{22707390-4796-4803-9CD9-417473BF35CB}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{04601FEC-F55C-4A90-A853-3FAC37FDEF01}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{A77AADA8-49A9-4DCC-AE13-74DA2CD0869D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [Smtpsvc-Service-In-TCP] => (Allow) %windir%\system32\inetsrv\inetinfo.exe
FirewallRules: [{55A184F8-D29D-4814-8526-EA310E056DBE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
ATTENTION: System Restore is disabled
Check "winmgmt" service or repair WMI.
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/28/2017 08:12:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme CKScanner.exe version 0.0.0.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.
ID de processus : e64
Heure de début : 01d33851a9a1373e
Heure de fin : 94
Chemin d’accès de l’application : P:\Sebastien\nETTOYAGE\CKScanner.exe
ID de rapport : 4e5bf92d-a446-11e7-8e37-000c29df97fd
Error: (09/28/2017 07:39:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme SDFiles.exe version 2.6.46.135 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.
ID de processus : 868
Heure de début : 01d3384b0f0c6d34
Heure de fin : 47
Chemin d’accès de l’application : C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe
ID de rapport : bf35d542-a441-11e7-8e37-000c29df97fd
Error: (09/28/2017 04:12:38 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\Tools.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\Tools.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.
Error: (09/28/2017 04:12:37 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDWinLogon.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDWinLogon.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.
Error: (09/28/2017 04:12:36 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDTasks.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDTasks.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.
Error: (09/28/2017 04:12:33 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDResources.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDResources.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.
Error: (09/28/2017 04:12:32 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDLists.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDLists.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.
Error: (09/28/2017 04:12:32 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDLicense.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDLicense.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.
Error: (09/28/2017 04:12:31 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDImmunizeLibrary.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDImmunizeLibrary.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.
Error: (09/28/2017 04:12:30 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDFileScanLibrary.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDFileScanLibrary.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.
System errors:
=============
Error: (09/28/2017 08:44:19 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: L’alerte fatale suivante a été générée : 10. L’état d’erreur interne est 1203.
Error: (09/28/2017 08:44:19 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: L’alerte fatale suivante a été générée : 10. L’état d’erreur interne est 1203.
Error: (09/28/2017 08:44:07 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: L’alerte fatale suivante a été générée : 10. L’état d’erreur interne est 1203.
Error: (09/28/2017 08:44:07 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: L’alerte fatale suivante a été générée : 10. L’état d’erreur interne est 1203.
Error: (09/28/2017 07:07:53 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Le pilote Send to Microsoft OneNote 15 Driver requis pour l’imprimante Send To OneNote 2013 est inconnu. Contactez l’administrateur pour installer le pilote avant de vous reconnecter.
Error: (09/28/2017 07:07:46 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Le pilote HP Universal Printing PS (v5.0) requis pour l’imprimante !!DC01!HP_ETIQ_2 est inconnu. Contactez l’administrateur pour installer le pilote avant de vous reconnecter.
Error: (09/28/2017 07:07:43 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Le pilote HP Universal Printing PS (v5.0) requis pour l’imprimante !!Bouletsrv!HP_ETIQ_2 est inconnu. Contactez l’administrateur pour installer le pilote avant de vous reconnecter.
Error: (09/28/2017 07:07:27 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Le pilote HP Universal Printing PS (v5.0) requis pour l’imprimante !!BOULETSRV!HP_Job_2 est inconnu. Contactez l’administrateur pour installer le pilote avant de vous reconnecter.
Error: (09/28/2017 07:07:15 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Le pilote Datamax-O'Neil M-4206 Mark II requis pour l’imprimante !!PASCAL-PC!Datamax-O'Neil M-4206 Mark II est inconnu. Contactez l’administrateur pour installer le pilote avant de vous reconnecter.
Error: (09/28/2017 07:07:13 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Le pilote HP LaserJet Professional P1606dn requis pour l’imprimante !!PVANIER-PC!HP LaserJet Professional P1606dn est inconnu. Contactez l’administrateur pour installer le pilote avant de vous reconnecter.
==================== Memory info ===========================
Processor: Intel(R) Xeon(R) CPU E5520 @ 2.27GHz
Percentage of memory in use: 75%
Total physical RAM: 4095.55 MB
Available physical RAM: 1013.33 MB
Total Virtual: 8189.29 MB
Available Virtual: 4082.55 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:179.9 GB) (Free:11.04 GB) NTFS
Drive f: () (Network) (Total:179.9 GB) (Free:11.04 GB) NTFS
Drive h: () (Network) (Total:179.9 GB) (Free:11.04 GB) NTFS
Drive p: () (Network) (Total:179.9 GB) (Free:11.04 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 180 GB) (Disk ID: 54C1B2A4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=179.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Administrator (28-09-2017 08:44:05)
Running from C:\Users\Administrator.BOULET\Desktop
Windows Server 2008 R2 Standard Service Pack 1 (X64) (2010-08-24 22:00:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4052908577-887183366-1266489224-500 - Administrator - Enabled)
Guest (S-1-5-21-4052908577-887183366-1266489224-501 - Administrator - Disabled)
krbtgt (0 - Administrator - Disabled) => %systemroot%\system32\config\systemprofile
IWAM_BOULETSRV (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
IUSR_BOULETSRV (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
marco (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
charles (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
alexis (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Sforest (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
richard (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
rogerb (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
caroll (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
pierre (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
raymond (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
mimi (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Gabrielle (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Portable (0 - Administrator - Disabled) => %systemroot%\system32\config\systemprofile
backup (0 - Administrator - Disabled) => %systemroot%\system32\config\systemprofile
andre (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Production (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Yanick (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
admin (0 - Administrator - Disabled) => %systemroot%\system32\config\systemprofile
sylvie (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
PierreB (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
adm1 (0 - Administrator - Disabled) => %systemroot%\system32\config\systemprofile
sysdb (0 - Administrator - Disabled) => %systemroot%\system32\config\systemprofile
Melodie (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Jerome (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
pvanier (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
salle-montre (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Punch (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
MicheleH (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Vannak (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
MichelleT (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Alexandra (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
vannak2 (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
_services (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Services (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
JulieD (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
StephanieG (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
temp (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
sebastien (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
taher (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
eda (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
UpdateUser (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Options (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Access (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
xerdox (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Senior (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
DB_ADMIN (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
PhilippeS (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
Francois (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
FRANCOISP (0 - Administrator - Enabled) => %systemroot%\system32\config\systemprofile
BOULETSRV$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
PIERRE$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
CONFERENCE$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
SERGE$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
VANNAK$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
AHALMAI$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
MIMI$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
PROD-MARCO$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
YANICK$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
ALEXIS$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
SONIA$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
CHARLES$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
RAYMOND$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
GABRIELLE$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
RICHARD$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
MACHINE$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
SOFT-NY0S4K31CR$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
ORDI-XPSP2$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
CAROLLSEGUIN$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
ROGER$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
SYLVIE$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
D6PSX6G1$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
ALEXIS-ENTREPOT$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
YANICKVOSTRO410$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
SOUDEUSE-AC0F23$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
ALEXISVOSTRO430$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
NOUV_SEBASTIEN$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
SEBASTIE-FC2118$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
SEBASTIEN-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
PORTESETFENETRE$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
DC01$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
PIERRE-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
PASCAL-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
ORDI-PRODUCTION$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
BOULET-D83F7FC3$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
MANDRE-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
CHARLES-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
RAYMOND-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
GEORGES-XP$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
MICHELLE-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
YANICK2-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
SERGE-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
PVANIER-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
VANNAK-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
MELO-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
TAHER-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
JEROMELEMIRE-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
BCK01$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
TS01$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
CAROLL$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
RICHARD-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
ASUSM11AA$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
GEORGE-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
TAHER$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
MELODIE-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
FRANCOIS-PC$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
DESKTOP-1MVN7SJ$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
BOULET-9DA6FB24$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
BOULET-CA99C036$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
TAHER-A9D7AA9A6$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
YANICK-E3DE98E2$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
DESKTOP-69LIO7T$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
DESKTOP-JCR17CF$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
BCK02$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
mac-alexis$ (0 - Limited - Enabled) => %systemroot%\system32\config\systemprofile
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{3138F992-045B-4F55-825C-53B231E647CA}) (Version: 13.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Bitdefender Endpoint Security Tools (HKLM\...\Endpoint Security) (Version: 6.2.25.944 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Dyn Updater (HKLM-x32\...\DynUpdater) (Version: 4.1.10 - Dyn, Inc.)
Free DWG Viewer 7.0 (HKLM-x32\...\{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}) (Version: 7.0.1 - IGC)
HP Officejet Pro X551dw Printer Basic Device Software (HKLM\...\{68401FEC-E430-4DA0-8912-FAAAEE790D3D}) (Version: 29.1.973.39397 - Hewlett-Packard Co.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - )
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
OKI Color Swatch Utility (HKLM-x32\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.15.0000 - Okidata)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
PayClock (HKLM\...\{CD257C96-8CF2-46EB-ACE9-0533B6B5F8A1}) (Version: 6.3.1 - Lathem Time Corporation)
Printer DCA (HKLM-x32\...\{D8D6CA44-79AE-4CFD-885B-1BD50A77AB34}) (Version: 4.1.20573 - PrintFleet Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
VMware Tools (HKLM\...\{2CC6DDCE-708B-416C-8DA6-D1862544668D}) (Version: 9.4.15.2827462 - VMware, Inc.)
VMware vSphere Client 4.0 (HKLM-x32\...\{C40698F9-A861-4531-9F8C-FA7F8961375B}) (Version: 4.0.0.12305 - VMware, Inc.)
WatchGuard Fireware v11.10.2 for XTM 3 devices (HKLM-x32\...\WatchGuard XTM XTM3 11.10.2_is1) (Version: - WatchGuard Technologies, Inc.)
WatchGuard Fireware XTM OS for Edge e-Series 11.3.3 (HKLM-x32\...\WatchGuard Fireware XTM OS for Edge e-Series 11.3.3_is1) (Version: - WatchGuard Technologies, Inc.)
WatchGuard Fireware XTM OS for Edge e-Series 11.3.4 (HKLM-x32\...\WatchGuard Fireware XTM OS for Edge e-Series 11.3.4_is1) (Version: - WatchGuard Technologies, Inc.)
WatchGuard System Manager 11.11.4 (HKLM-x32\...\WatchGuard System Manager 11.11_is1) (Version: - WatchGuard Technologies, Inc.)
WinRAR 5.40 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.4 - win.rar GmbH)
WinSCP 4.3.2 (HKLM-x32\...\winscp3_is1) (Version: 4.3.2 - Martin Prikryl)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-07] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-07] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-07] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-07] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {63EE8552-A444-4BA2-8E1E-C8350D6D412A} - System32\Tasks\Microsoft\Windows\Server Manager\ServerManager => C:\Windows\system32\ServerManagerLauncher.exe [2009-07-13] (Microsoft Corporation)
Task: {69110D7B-41DC-4E9D-BDD3-C826C7DB613B} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Server\ServerRoleUsageCollector => C:\Windows\system32\ceipdata.exe [2010-11-20] (Microsoft Corporation)
Task: {A2E56698-33ED-4BF2-B4EA-A785F189193C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-08] (Adobe Systems Incorporated)
Task: {AFECE848-8DA2-461B-B5E6-CBEF57A4DF7D} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Server\ServerRoleCollector => C:\Windows\system32\ceiprole.exe [2010-11-20] (Microsoft Corporation)
Task: {C348952E-D9A1-4D2C-8BDE-BCBCE455287E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {D49A10DA-0F70-4779-BD96-B2D976A4F2E3} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Server\ServerCeipAssistant => C:\Windows\system32\ceipdata.exe [2010-11-20] (Microsoft Corporation)
Task: {DD56266B-8394-4D65-B6B4-76159A9CA2DD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Administrator.BOULET\Desktop\Symantec Endpoint Protection Manager Console.lnk -> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\bin\sesm.bat (No File)
==================== Loaded Modules (Whitelisted) ==============
2017-09-28 00:52 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-09-27 09:58 - 2017-09-27 09:55 - 000280576 _____ () C:\Program Files\Bitdefender\Endpoint Security\txmlutil.dll
2017-09-27 09:58 - 2015-10-06 16:56 - 000279608 _____ () C:\Program Files\Bitdefender\Endpoint Security\zlib.dll
2017-09-27 22:46 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-09-27 22:46 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-09-27 22:46 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-09-27 22:46 - 2017-05-12 11:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Administrator.BOULET\Downloads\avcertclean_1.1.2.exe:BDU [0]
AlternateDataStreams: C:\Users\Administrator.BOULET\Downloads\HijackThis.exe:BDU [0]
AlternateDataStreams: C:\Users\Administrator.BOULET\Downloads\mb3-setup-consumer-3.2.2.2029.exe:BDU [0]
AlternateDataStreams: C:\Users\Administrator.BOULET\Downloads\spybotsd-2.6.46.exe:BDU [0]
AlternateDataStreams: C:\Users\Administrator.BOULET\Downloads\ZHPDiag3.exe:BDU [0]
AlternateDataStreams: C:\ProgramData\TEMP:FCA8C9CD [146]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-500\...\fenetresconcerto.ca -> hxxp://www.fenetresconcerto.ca
IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-500\...\meteomedia.com -> hxxp://www.meteomedia.com
IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-500\...\microsoft.com -> fullproduct.download.microsoft.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2009-06-10 17:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-606344767-3282361405-600652822-1117\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-606344767-3282361405-600652822-500\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 127.0.0.1 - 192.168.0.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SCW-Allow-Inbound-Access-To-ScsHost-TCP-RPC] => (Allow) %systemroot%\system32\scshost.exe
FirewallRules: [SCW-Allow-Inbound-Access-To-ScsHost-TCP-RPC-EndPointMapper] => (Allow) %systemroot%\system32\scshost.exe
FirewallRules: [ComPlusRemoteAdministration-DCOM-In] => (Allow) %systemroot%\system32\dllhost.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [DfsMgmt-In-TCP] => (Allow) %systemroot%\system32\dfsfrsHost.exe
FirewallRules: [DFSR-DFSRSvc-In-TCP] => (Allow) %SystemRoot%\system32\dfsrs.exe
FirewallRules: [NTFRS-NTFRSSvc-In-TCP] => (Allow) %SystemRoot%\system32\NTFRS.exe
FirewallRules: [ADWS-TCP-In] => (Allow) %systemroot%\ADWS\Microsoft.ActiveDirectory.WebServices.exe
FirewallRules: [ADWS-TCP-Out] => (Allow) %systemroot%\ADWS\Microsoft.ActiveDirectory.WebServices.exe
FirewallRules: [DNSSrv-DNS-TCP-In] => (Allow) %systemroot%\System32\dns.exe
FirewallRules: [DNSSrv-DNS-UDP-In] => (Allow) %systemroot%\System32\dns.exe
FirewallRules: [DNSSrv-RPC-TCP-In] => (Allow) %systemroot%\System32\dns.exe
FirewallRules: [DNSSrv-TCP-Out] => (Allow) %systemroot%\System32\dns.exe
FirewallRules: [DNSSrv-UDP-Out] => (Allow) %systemroot%\System32\dns.exe
FirewallRules: [{0A7CAA76-DB14-4B18-8063-AC9FB3AF60AE}] => (Allow) LPort=6160
FirewallRules: [{F8B9CC18-E038-4114-9406-728D26B3F1CE}] => (Allow) LPort=6160
FirewallRules: [{F6A15FAE-A30F-445A-9B45-B5BE016B75F3}] => (Allow) C:\Punch\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{D7C02281-340B-4394-811B-7B0D28D5D348}] => (Allow) C:\Punch\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{F81B97A5-9517-4971-BE12-56EA17960CEF}] => (Allow) C:\Punch\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{FDF1C8C0-C6CA-4790-A36E-3FF5DCCB2D57}] => (Allow) C:\Punch\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{CBD1009C-53FE-4BF8-A840-423BE1BBFB71}] => (Allow) C:\Punch\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{31828B91-5025-441E-8E1E-1B5F51FF990F}] => (Allow) C:\Punch\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{BE97A6C4-F45D-4950-93EB-C14389208369}] => (Allow) C:\Punch\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{6C909B49-0582-4FBA-BEF4-1D96D7E98D60}] => (Allow) C:\Punch\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{CEA9DAD6-5B7E-4921-84DB-2945E438434E}] => (Allow) C:\Program Files\HP\HP Officejet Pro X551dw Printer\Bin\DeviceSetup.exe
FirewallRules: [{A54B9C9C-DE70-491A-81F9-23C918531B6A}] => (Allow) C:\Program Files\HP\HP Officejet Pro X551dw Printer\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [FSRM-SrmReports-In (RPC)] => (Allow) %systemroot%\system32\srmhost.exe
FirewallRules: [{86AF2FA9-4CC8-4B1F-A403-97ED04B40774}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{0D1823B9-2259-42D3-B859-A22E213EF4E4}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{F7D60CAD-C870-44DC-9E41-F0985870E184}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{B353C5C7-5953-4D91-8B14-1E51FDF1A588}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{2133BDF9-91A5-4DB0-93BB-78ECFF89AA55}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{CE28AE02-32A7-4AC7-8221-CA19C1F003CA}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{6E42465A-3BF1-4FD6-B6AE-B4D47270C01B}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{A35FB6BB-114F-494C-99EF-F8926ABD45D9}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{7CC1ACE1-810E-4DEB-ADB2-BE8CAA39E9E3}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{537C76BF-D08C-486A-8E91-70D4041A4E05}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{DEE53802-DDE9-467E-8A42-50B3078DF0F9}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{8FACDD42-BA21-4674-BA7B-AF9F8BAB444D}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{DC90B11D-333A-4078-BFFD-F40C5473E9F4}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{2891A508-4C6C-4764-9B1C-A8D844CFFFC0}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{34DFAA0E-DFA2-433D-9B29-880E95DDBD40}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{B90D6D62-6E1A-481B-B8CD-7AEF5D8ECBBC}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{9F316D83-6D56-40FD-A092-051B5D685685}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{5410F433-5819-40CE-8DDA-4C38FB32373E}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{05584627-32F9-4F37-A869-9D4DB536600A}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{B3D74FB5-84AD-4A2D-B54A-14EEA2F0B866}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{A9B37260-E174-4C52-9EA0-FB6FE1235BC9}] => (Allow) C:\Program Files\Lathem Time Corporation\PayClock\PayclockV6.exe
FirewallRules: [{714AC6B5-0119-471F-8F00-27C83EF874A9}] => (Allow) C:\Program Files\Lathem Time Corporation\PayClock\PayclockV6.exe
FirewallRules: [{61A58892-7A34-4396-91E4-3CF31ED89917}] => (Allow) C:\Program Files\Lathem Time Corporation\PayClock\LicenseManager.exe
FirewallRules: [{03D58CAE-AE20-4287-A01C-965FA57A063C}] => (Allow) C:\Program Files\Lathem Time Corporation\PayClock\LicenseManager.exe
FirewallRules: [{002277C9-951B-48DF-A19B-699010562504}] => (Allow) C:\Program Files\Lathem Time Corporation\PayClock\RegistrationWizard.exe
FirewallRules: [{78DF469F-8E88-4F0F-8E1F-9FCB575DA845}] => (Allow) C:\Program Files\Lathem Time Corporation\PayClock\RegistrationWizard.exe
FirewallRules: [{BCC86D8F-7DDD-4163-9F76-D75D43F308D1}] => (Allow) C:\Program Files\Lathem Time Corporation\PayClock\Dbsrv11.exe
FirewallRules: [{85A7E890-C5E2-443A-80B6-E124EA5EC177}] => (Allow) C:\Program Files\Lathem Time Corporation\PayClock\Dbsrv11.exe
FirewallRules: [{72963966-82AC-4FC0-B948-0E4A565BF289}] => (Allow) LPort=7350
FirewallRules: [{AA6B486C-E326-4BF7-AF22-462404ECB385}] => (Allow) LPort=7350
FirewallRules: [{D41D5223-A37D-4A77-80D5-4CAE6B4CD123}] => (Allow) LPort=7351
FirewallRules: [{8BF4CF94-01F4-469B-B1E9-21B2910F5103}] => (Allow) LPort=7351
FirewallRules: [{E691601F-4D99-4A13-B341-341728303BDD}] => (Allow) LPort=7352
FirewallRules: [{98DF54AA-1CA9-41AB-A9C6-44BF587EE05C}] => (Allow) LPort=7352
FirewallRules: [{298C6E04-E6D9-43ED-A049-41A9043BD185}] => (Allow) LPort=9156
FirewallRules: [{BBBC710D-3613-4972-8B88-8FDA359F5943}] => (Allow) LPort=9156
FirewallRules: [{6785EB7E-1CDD-48BF-85B7-BF76677F6A8D}] => (Allow) LPort=9157
FirewallRules: [{60DC7C5C-BBE7-480C-9799-FB76E9F5BDD6}] => (Allow) LPort=9157
FirewallRules: [{2090102E-0BD6-42D7-8B92-ECC65096927E}] => (Allow) LPort=9158
FirewallRules: [{6F1C3E0F-33A0-4525-A4D8-73F4F2FF31E3}] => (Allow) LPort=9158
FirewallRules: [{4F213D42-0C00-48AD-AE92-892051F99921}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{35CA0366-5603-46D8-8F02-7DCC66E16C3C}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClockInstaller.exe
FirewallRules: [{22707390-4796-4803-9CD9-417473BF35CB}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{04601FEC-F55C-4A90-A853-3FAC37FDEF01}] => (Allow) C:\Punch\BakupMars2016\PayClock V631\PayClock V631\PayClock.msi
FirewallRules: [{A77AADA8-49A9-4DCC-AE13-74DA2CD0869D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [Smtpsvc-Service-In-TCP] => (Allow) %windir%\system32\inetsrv\inetinfo.exe
FirewallRules: [{55A184F8-D29D-4814-8526-EA310E056DBE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
ATTENTION: System Restore is disabled
Check "winmgmt" service or repair WMI.
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/28/2017 08:12:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme CKScanner.exe version 0.0.0.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.
ID de processus : e64
Heure de début : 01d33851a9a1373e
Heure de fin : 94
Chemin d’accès de l’application : P:\Sebastien\nETTOYAGE\CKScanner.exe
ID de rapport : 4e5bf92d-a446-11e7-8e37-000c29df97fd
Error: (09/28/2017 07:39:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme SDFiles.exe version 2.6.46.135 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.
ID de processus : 868
Heure de début : 01d3384b0f0c6d34
Heure de fin : 47
Chemin d’accès de l’application : C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe
ID de rapport : bf35d542-a441-11e7-8e37-000c29df97fd
Error: (09/28/2017 04:12:38 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\Tools.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\Tools.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.
Error: (09/28/2017 04:12:37 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDWinLogon.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDWinLogon.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.
Error: (09/28/2017 04:12:36 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDTasks.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDTasks.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.
Error: (09/28/2017 04:12:33 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDResources.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDResources.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.
Error: (09/28/2017 04:12:32 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDLists.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDLists.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.
Error: (09/28/2017 04:12:32 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDLicense.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDLicense.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.
Error: (09/28/2017 04:12:31 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDImmunizeLibrary.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDImmunizeLibrary.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.
Error: (09/28/2017 04:12:30 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDFileScanLibrary.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDFileScanLibrary.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.
System errors:
=============
Error: (09/28/2017 08:44:19 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: L’alerte fatale suivante a été générée : 10. L’état d’erreur interne est 1203.
Error: (09/28/2017 08:44:19 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: L’alerte fatale suivante a été générée : 10. L’état d’erreur interne est 1203.
Error: (09/28/2017 08:44:07 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: L’alerte fatale suivante a été générée : 10. L’état d’erreur interne est 1203.
Error: (09/28/2017 08:44:07 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: L’alerte fatale suivante a été générée : 10. L’état d’erreur interne est 1203.
Error: (09/28/2017 07:07:53 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Le pilote Send to Microsoft OneNote 15 Driver requis pour l’imprimante Send To OneNote 2013 est inconnu. Contactez l’administrateur pour installer le pilote avant de vous reconnecter.
Error: (09/28/2017 07:07:46 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Le pilote HP Universal Printing PS (v5.0) requis pour l’imprimante !!DC01!HP_ETIQ_2 est inconnu. Contactez l’administrateur pour installer le pilote avant de vous reconnecter.
Error: (09/28/2017 07:07:43 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Le pilote HP Universal Printing PS (v5.0) requis pour l’imprimante !!Bouletsrv!HP_ETIQ_2 est inconnu. Contactez l’administrateur pour installer le pilote avant de vous reconnecter.
Error: (09/28/2017 07:07:27 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Le pilote HP Universal Printing PS (v5.0) requis pour l’imprimante !!BOULETSRV!HP_Job_2 est inconnu. Contactez l’administrateur pour installer le pilote avant de vous reconnecter.
Error: (09/28/2017 07:07:15 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Le pilote Datamax-O'Neil M-4206 Mark II requis pour l’imprimante !!PASCAL-PC!Datamax-O'Neil M-4206 Mark II est inconnu. Contactez l’administrateur pour installer le pilote avant de vous reconnecter.
Error: (09/28/2017 07:07:13 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Le pilote HP LaserJet Professional P1606dn requis pour l’imprimante !!PVANIER-PC!HP LaserJet Professional P1606dn est inconnu. Contactez l’administrateur pour installer le pilote avant de vous reconnecter.
==================== Memory info ===========================
Processor: Intel(R) Xeon(R) CPU E5520 @ 2.27GHz
Percentage of memory in use: 75%
Total physical RAM: 4095.55 MB
Available physical RAM: 1013.33 MB
Total Virtual: 8189.29 MB
Available Virtual: 4082.55 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:179.9 GB) (Free:11.04 GB) NTFS
Drive f: () (Network) (Total:179.9 GB) (Free:11.04 GB) NTFS
Drive h: () (Network) (Total:179.9 GB) (Free:11.04 GB) NTFS
Drive p: () (Network) (Total:179.9 GB) (Free:11.04 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 180 GB) (Disk ID: 54C1B2A4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=179.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================