Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-06-2017 01
Ran by Salma (10-06-2017 12:50:33)
Running from C:\Users\Salma\Desktop
Windows 10 Pro Version 1703 (X64) (2017-06-05 02:30:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-321738506-1789406464-3067570155-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-321738506-1789406464-3067570155-503 - Limited - Disabled)
Guest (S-1-5-21-321738506-1789406464-3067570155-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-321738506-1789406464-3067570155-1002 - Limited - Enabled)
Salma (S-1-5-21-321738506-1789406464-3067570155-1000 - Administrator - Enabled) => C:\Users\Salma
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.201.1611.252 - Alps Electric)
Amazon Assistant (HKLM-x32\...\{065E406C-5309-4CE8-9935-189A1EAE1004}) (Version: 10.17.0228 - Amazon) <==== ATTENTION
Avast Antivirus Gratuit (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Cisco Packet Tracer 6.2 Instructor (HKLM-x32\...\Cisco Packet Tracer 6.2 Instructor_is1) (Version: - Cisco Systems, Inc.)
Cisco Packet Tracer 7.0 64Bit (HKLM\...\Cisco Packet Tracer 7.0 64Bit_is1) (Version: - Cisco Systems, Inc.)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.3.50 - Lenovo)
Energy Management (x32 Version: 8.0.3.50 - Lenovo) Hidden
GNS3 2.0.0 (HKLM-x32\...\GNS3) (Version: 2.0.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Icecream Image Resizer version 1.46 (HKLM-x32\...\{2F8F5694-F482-481A-B05F-4A6D8A275B84}_is1) (Version: 1.46 - Icecream Apps)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1327.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0358 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{bc9808f5-afda-4f96-b90e-da5bfb2ef8da}) (Version: 16.1.4 - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio Viewer 2007 (HKLM-x32\...\{95120000-0052-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-321738506-1789406464-3067570155-1000\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
Mozilla Firefox 47.0.2 (x86 fr) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 fr)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
My Connection (HKLM-x32\...\IAM Aegean My Connection_is1) (Version: - IAM)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.2.17 - Symantec Corporation)
NVIDIA Graphics Driver 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Opera Stable 45.0.2552.888 (HKLM-x32\...\Opera 45.0.2552.888) (Version: 45.0.2552.888 - Opera Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7514 - Realtek Semiconductor Corp.)
Restaurant POS Demo 13 (HKLM-x32\...\Restaurant POS Demo 13_is1) (Version: - Denver Research)
SafeZone Stable 1.51.2220.47 (x32 Version: 1.51.2220.47 - Avast Software) Hidden
SolarWinds Response Time Viewer (HKLM-x32\...\{5B415E10-D1C1-4E54-9061-AE0FB3D7F2B2}) (Version: 1.0.0.162 - SolarWinds)
Streaming Audio Recorder version 3.4.5 (HKLM-x32\...\{B6D9D06B-4B4D-4B41-B963-C056B627F704}_is1) (Version: 3.4.5 - APOWERSOFT LIMITED)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visionneuse Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Visual Studio 2005 Tools pour Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMware Player (HKLM\...\{B5D82DF0-AC2F-469F-8E97-599653947166}) (Version: 12.5.5 - VMware, Inc.)
VMware VIX (HKLM-x32\...\{F99FC179-EA67-4BBC-8955-BDDA0CB94B88}) (Version: 1.15.0.00000 - VMware, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wireshark 2.2.1 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.1 - The Wireshark developer community, hxxps://www.wireshark.org)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-321738506-1789406464-3067570155-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Salma\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {048B3BBE-9E36-4415-9036-B55A183540B7} - System32\Tasks\Norton Security Scan for Salma => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.2.17\Nss.exe [2017-05-15] (Symantec Corporation)
Task: {085AC5EE-1030-40B6-8A4B-EA8B796EF4FD} - System32\Tasks\{FFDC0F8B-4D33-4431-B72D-9B18A209E278} => pcalua.exe -a C:\Users\Salma\Downloads\kav15.0.2.361fr_7379.exe -d C:\Users\Salma\Downloads
Task: {08BF6F18-7F18-4DBE-917A-74C201F6DADD} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0F1CD8DC-764A-47D3-AB65-40C1A6D4293C} - System32\Tasks\{EA74CDFD-AC46-4E7F-977F-FB849154956C} => pcalua.exe -a "C:\Users\Salma\Downloads\chromeinstall-8u31 (1).exe" -d C:\Users\Salma\Downloads
Task: {10D55A38-9062-4D9A-A641-87178B02E4B7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {166388FE-2EF9-4003-BA74-6EA5F4711F70} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-08] (Google Inc.)
Task: {1ED096B8-5B33-4C5B-9A01-BF51803CA02A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {32F98FFE-839F-41B6-B4AC-573C163B2C64} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {45406629-62D4-47C2-8FBD-0874215423E3} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {53CFAB68-8150-41AB-A189-E8E1CBF34F82} - System32\Tasks\avastBCLRestartS-1-5-21-321738506-1789406464-3067570155-1000 => Chrome.exe
Task: {65091EBD-05C5-4ADC-BDE4-B435A9E3D188} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {6DAAFB99-7D36-45EE-94DD-5F321A437C68} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8116ACAF-B6FF-464A-BCC2-3BA631D25676} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-23] (Microsoft Corporation)
Task: {8136326A-932B-4BD5-88E3-A994A2BC7CE7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-13] (AVAST Software)
Task: {84BC3296-704B-496D-B3D1-2C04F5C23AEE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {88C8BE96-090F-450A-AFB6-F298BB1C7798} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {893A4A62-39F1-479D-885A-98BF60AC31C5} - System32\Tasks\Opera scheduled Autoupdate 1424294240 => C:\Program Files (x86)\Opera\launcher.exe [2017-05-31] (Opera Software)
Task: {8975007E-F84F-4A3F-B4BD-710DA3CA0CF5} - System32\Tasks\SafeZone scheduled Autoupdate 1465917142 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-09] (Avast Software)
Task: {8981B298-3404-455D-834D-C61AAA6F41D0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8E7ED482-BA3D-4D1F-9DC4-4F5342093E0B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9BBC7F8C-F2A7-4473-A1CF-1BF487D8E5F4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-08] (Google Inc.)
Task: {9BDF80F4-2F90-44A5-AC0C-48484C8C04A9} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A5F96C8C-D581-4373-9DF2-951601165288} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A80D02C7-05EA-4FF1-B058-1AB91F0B75BE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {AA8CEB4F-A632-47EF-87DF-78C7D7BE3609} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {B6D68429-0964-4561-86D3-F2E1CA25D4D6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8DB3DD1-ACD9-497F-90CD-2C3CB84777A1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8E52478-52DE-49B8-AAF0-655DA640FDDE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-08-24] (AVAST Software)
Task: {C9FA866F-E775-4BA9-B173-A4E4519ADBD6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D19A753E-3BF5-42C7-88F3-EC49829486A3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DBCE1800-E6C7-4B8A-8A1E-576823A14028} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {E363473E-1AEB-4BDF-8FC9-7423F1708574} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F8A42D58-4A9F-4529-8757-C474C0F17133} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {FDE69CEA-AF43-4A7F-BE48-E5325F9F87E8} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FFFB4F07-5689-426F-B0EE-01D4B71D3464} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Salma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.LNK -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.bahaty.com/red/f.php
==================== Loaded Modules (Whitelisted) ==============
2015-03-29 11:47 - 2012-03-14 12:05 - 00053312 _____ () C:\Program Files (x86)\My Connection\BackgroundService\ServiceManager.exe
2017-02-28 15:19 - 2017-02-28 15:19 - 00102064 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
2017-02-28 15:20 - 2017-02-28 15:20 - 00141488 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\aaLoader64.dll
2017-06-05 02:00 - 2016-12-29 13:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-18 20:58 - 2017-03-18 20:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-11-01 23:05 - 2016-11-01 23:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-03-18 20:59 - 2017-03-19 02:30 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-07 23:30 - 2017-06-07 23:31 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-07 23:30 - 2017-06-07 23:31 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-12 07:39 - 2017-05-12 07:39 - 06557184 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_5.9.1042.0_x64__8wekyb3d8bbwe\WhatsNew.Store.dll
2017-05-12 07:39 - 2017-05-12 07:39 - 00024576 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_5.9.1042.0_x64__8wekyb3d8bbwe\SkuInterop.dll
2017-05-08 08:21 - 2017-05-08 08:23 - 00054272 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2015-03-29 11:47 - 2012-09-26 19:36 - 00126056 _____ () C:\Program Files (x86)\My Connection\BackgroundService\ModemListener.exe
2016-08-24 11:50 - 2016-08-24 11:50 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-06-09 21:39 - 2017-06-09 21:39 - 06101864 _____ () c:\program files\avast software\avast\defs\17060904\algo.dll
2016-08-24 11:50 - 2016-08-24 11:50 - 00482928 _____ () c:\program files\avast software\avast\ffl2.dll
2016-07-01 02:10 - 2016-07-01 02:10 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 02:34 - 2015-03-21 15:46 - 00000878 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-321738506-1789406464-3067570155-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "BLEServicesCtrl"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "USB3MON"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{FFFFD31A-29B4-4CF8-9DDE-C3842C77044E}] => (Allow) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe
FirewallRules: [{22E65E44-B95B-49A4-83FA-41C1C3D2140A}] => (Allow) C:\Program Files (x86)\Opera\45.0.2552.881\opera.exe
FirewallRules: [{66033DF2-CA9C-4AF1-83C8-B562EC23F633}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D7CC513B-EBBE-412E-A740-48C16E0F7ADD}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{58422A82-489C-4911-A170-DCDAE4ED1355}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{5DE6AFDB-7EAE-4269-8805-594D4E4A17C5}] => (Allow) C:\Program Files\GNS3\qemu-2.4.0\qemu-system-x86_64w.exe
FirewallRules: [{6A67F03A-CD05-4DAE-A6E3-DCA4D3DE0614}] => (Allow) C:\Program Files\GNS3\qemu-2.4.0\qemu-system-x86_64w.exe
FirewallRules: [{EA31D54F-A941-4175-8693-3C233598E6BC}] => (Allow) C:\Program Files\GNS3\qemu-2.4.0\qemu-system-i386w.exe
FirewallRules: [{05764222-750B-4AD6-8E0D-F795813915C9}] => (Allow) C:\Program Files\GNS3\qemu-2.4.0\qemu-system-i386w.exe
FirewallRules: [{2E1043AC-13F3-4F13-A618-22E81F1CCBEB}] => (Allow) C:\Program Files\GNS3\qemu-0.11.0\qemu.exe
FirewallRules: [{47CF9235-3300-47B6-8C9D-9BAE77711592}] => (Allow) C:\Program Files\GNS3\qemu-0.11.0\qemu.exe
FirewallRules: [{99F2DDF7-EE60-4DC5-ABEE-7E9C31BA53CD}] => (Allow) C:\Program Files\GNS3\vpcs\vpcs.exe
FirewallRules: [{E8378CEF-A274-4DF5-BCBF-41983D9E1E82}] => (Allow) C:\Program Files\GNS3\vpcs\vpcs.exe
FirewallRules: [{89473BD8-6F88-4513-AA78-B8C67C23590E}] => (Allow) C:\Program Files\GNS3\dynamips\dynamips.exe
FirewallRules: [{7CD36E00-9DD3-4449-9328-220951D4F868}] => (Allow) C:\Program Files\GNS3\dynamips\dynamips.exe
FirewallRules: [{9DAA9348-628D-4412-8F86-7848F457B03F}] => (Allow) C:\Program Files\GNS3\ubridge.exe
FirewallRules: [{21AD35D3-EBD6-4881-B339-BE6525C9B8CD}] => (Allow) C:\Program Files\GNS3\ubridge.exe
FirewallRules: [{A2A0FAD5-711C-4AAB-A9A8-431B281619DB}] => (Allow) C:\Program Files\GNS3\gns3server.exe
FirewallRules: [{8BB3AF51-EC95-4C08-9FEF-FDCA3E7951F2}] => (Allow) C:\Program Files\GNS3\gns3server.exe
FirewallRules: [UDP Query User{DD4125D8-4F4C-407F-A2EF-B4BA56F4F13C}C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe
FirewallRules: [TCP Query User{97A2CF6E-2603-4276-819B-706EA65D6A7C}C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe
FirewallRules: [UDP Query User{0064FECB-EE4E-4325-8E2E-C713FE83207D}C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe
FirewallRules: [TCP Query User{A26200C9-E00A-43E6-963D-3F2D63D5D7D7}C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe
FirewallRules: [{051897E7-0DAE-4B55-9C1E-3E102531C505}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E304CF23-A13D-451E-A761-BE05EF458467}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{85D720C3-D80C-469C-9712-0C3A6C27532C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{36C58C3D-5AB6-4CF1-8BAB-D4AB2338C681}C:\users\salma\downloads\kav15.0.2.361fr_7379.exe] => (Block) C:\users\salma\downloads\kav15.0.2.361fr_7379.exe
FirewallRules: [UDP Query User{464ABC1B-2227-4A63-9A7E-D37D10501D44}C:\users\salma\downloads\kav15.0.2.361fr_7379.exe] => (Block) C:\users\salma\downloads\kav15.0.2.361fr_7379.exe
FirewallRules: [TCP Query User{A188FF09-2305-4A41-ACBA-47B62DC4C207}C:\users\salma\downloads\kav15.0.2.361en.exe] => (Block) C:\users\salma\downloads\kav15.0.2.361en.exe
FirewallRules: [UDP Query User{41636971-4441-424A-9271-6235C5592418}C:\users\salma\downloads\kav15.0.2.361en.exe] => (Block) C:\users\salma\downloads\kav15.0.2.361en.exe
FirewallRules: [TCP Query User{7373FC71-F008-4EF8-8178-43B378581FEC}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{33940356-666E-4AF6-A03D-AF737A412372}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{1FB49316-120D-4ADC-8F66-30261078E665}] => (Allow) C:\Users\Salma\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{9849474B-CD47-40AE-94C9-95BD727754A3}] => (Allow) C:\Users\Salma\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{9BC03B21-0750-4E56-BE43-CEDBB6547CE8}C:\program files\maple 2015\jre\bin\javaw.exe] => (Allow) C:\program files\maple 2015\jre\bin\javaw.exe
FirewallRules: [UDP Query User{D21D88A7-A459-4160-8A0D-A241FFBA68D5}C:\program files\maple 2015\jre\bin\javaw.exe] => (Allow) C:\program files\maple 2015\jre\bin\javaw.exe
FirewallRules: [{262C413A-F1A6-4D9C-84FF-6A14D5D41CED}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{F8B193B1-4B0A-4714-844E-E83854F305CF}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [TCP Query User{77FC2499-8C59-49E1-943A-E4CCCFD358D8}C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe
FirewallRules: [UDP Query User{EB9EB425-0A0D-4290-B7B1-27447A5F6C18}C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe
FirewallRules: [TCP Query User{CFB9274F-2D2A-46BD-AB03-F0B6D0C1F7AC}C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe
FirewallRules: [UDP Query User{4B6A8A6E-F538-4CB4-85D5-FBA397EB9E0F}C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe
==================== Restore Points =========================
05-06-2017 11:55:43 Installé Microsoft Office Visio Viewer 2007
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/09/2017 09:41:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante launcher.exe_Avast SafeZone Browser, version : 1.51.2220.53, horodatage : 0x57a8aaa1
Nom du module défaillant : launcher.exe, version : 1.51.2220.53, horodatage : 0x57a8aaa1
Code d’exception : 0x80000003
Décalage d’erreur : 0x00023ef9
ID du processus défaillant : 0x1638
Heure de début de l’application défaillante : 0x01d2e1692a14f698
Chemin d’accès de l’application défaillante : C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Chemin d’accès du module défaillant: C:\Program Files\AVAST Software\SZBrowser\launcher.exe
ID de rapport : cad986c3-4823-47ca-b696-2ec40690198b
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (06/08/2017 11:45:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Microsoft.Photos.exe, version : 1.0.1705.24002, horodatage : 0x5926017a
Nom du module défaillant : igd10iumd64.dll, version : 20.19.15.4531, horodatage : 0x57ed27c8
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0000000000031686
ID du processus défaillant : 0x888
Heure de début de l’application défaillante : 0x01d2e08f40be6295
Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\igd10iumd64.dll
ID de rapport : 924cf5b8-732a-4ad3-ae12-ecafeb5b056f
Nom complet du package défaillant : Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe
ID de l’application relative au package défaillant : App
Error: (06/08/2017 04:20:06 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.
Error: (06/08/2017 03:09:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante launcher.exe_Avast SafeZone Browser, version : 1.51.2220.53, horodatage : 0x57a8aaa1
Nom du module défaillant : launcher.exe, version : 1.51.2220.53, horodatage : 0x57a8aaa1
Code d’exception : 0x80000003
Décalage d’erreur : 0x00023ef9
ID du processus défaillant : 0x2344
Heure de début de l’application défaillante : 0x01d2e0692c3a7efe
Chemin d’accès de l’application défaillante : C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Chemin d’accès du module défaillant: C:\Program Files\AVAST Software\SZBrowser\launcher.exe
ID de rapport : 2862781c-93c4-453e-b3b7-03e0fe654868
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (06/08/2017 11:12:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante launcher.exe_Avast SafeZone Browser, version : 1.51.2220.53, horodatage : 0x57a8aaa1
Nom du module défaillant : launcher.exe, version : 1.51.2220.53, horodatage : 0x57a8aaa1
Code d’exception : 0x80000003
Décalage d’erreur : 0x00023ef9
ID du processus défaillant : 0x2420
Heure de début de l’application défaillante : 0x01d2e0482665b9fe
Chemin d’accès de l’application défaillante : C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Chemin d’accès du module défaillant: C:\Program Files\AVAST Software\SZBrowser\launcher.exe
ID de rapport : 7917ce1d-1f36-4cd5-bc49-a4c4aab390a7
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (06/08/2017 11:10:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante launcher.exe_Avast SafeZone Browser, version : 1.51.2220.53, horodatage : 0x57a8aaa1
Nom du module défaillant : launcher.exe, version : 1.51.2220.53, horodatage : 0x57a8aaa1
Code d’exception : 0x80000003
Décalage d’erreur : 0x00023ef9
ID du processus défaillant : 0x1960
Heure de début de l’application défaillante : 0x01d2e047de62f473
Chemin d’accès de l’application défaillante : C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Chemin d’accès du module défaillant: C:\Program Files\AVAST Software\SZBrowser\launcher.exe
ID de rapport : 2ac1dc28-ac8a-4c96-b0f7-a7268b740145
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (06/08/2017 11:05:02 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme PacketTracer7.exe version 0.0.0.0 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance.
ID de processus : 14ac
Heure de début : 01d2e046ef20c70f
Heure de fin : 9
Chemin d'accès de l'application : C:\Program Files\Cisco Packet Tracer 7.0\bin\PacketTracer7.exe
ID de rapport : cf445b8a-b0a9-4c07-8a22-8c4a98cee0b3
Nom complet du package défaillant :
ID de l'application relative au package défaillant :
Error: (06/08/2017 04:04:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Salma-PC)
Description: Le package Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe+App a été interrompu, car sa suspension a été trop longue.
Error: (06/07/2017 06:22:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Salma-PC)
Description: Échec de l’activation de l’application Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen avec l’erreur : -2144927142 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (06/07/2017 06:22:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Salma-PC)
Description: L’application Microsoft.LockApp_10.0.15063.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen n’a pas été lancée dans le délai qui lui était imparti.
System errors:
=============
Error: (06/10/2017 12:48:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service CldFlt n’a pas pu démarrer en raison de l’erreur :
Cette demande n’est pas prise en charge.
Error: (06/10/2017 12:47:23 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (06/10/2017 12:46:11 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (06/10/2017 12:45:40 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (06/10/2017 12:45:10 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (06/10/2017 12:41:39 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (06/10/2017 12:37:15 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (06/10/2017 12:35:23 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (06/10/2017 12:34:37 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (06/10/2017 12:33:18 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 46%
Total physical RAM: 3852.36 MB
Available physical RAM: 2042.23 MB
Total Virtual: 8204.36 MB
Available Virtual: 6421.97 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.34 GB) (Free:407.36 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=1000 MB) - (Type=0B)
Partition 2: (Not Active) - (Size=464.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================
Ran by Salma (10-06-2017 12:50:33)
Running from C:\Users\Salma\Desktop
Windows 10 Pro Version 1703 (X64) (2017-06-05 02:30:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-321738506-1789406464-3067570155-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-321738506-1789406464-3067570155-503 - Limited - Disabled)
Guest (S-1-5-21-321738506-1789406464-3067570155-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-321738506-1789406464-3067570155-1002 - Limited - Enabled)
Salma (S-1-5-21-321738506-1789406464-3067570155-1000 - Administrator - Enabled) => C:\Users\Salma
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.201.1611.252 - Alps Electric)
Amazon Assistant (HKLM-x32\...\{065E406C-5309-4CE8-9935-189A1EAE1004}) (Version: 10.17.0228 - Amazon) <==== ATTENTION
Avast Antivirus Gratuit (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Cisco Packet Tracer 6.2 Instructor (HKLM-x32\...\Cisco Packet Tracer 6.2 Instructor_is1) (Version: - Cisco Systems, Inc.)
Cisco Packet Tracer 7.0 64Bit (HKLM\...\Cisco Packet Tracer 7.0 64Bit_is1) (Version: - Cisco Systems, Inc.)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.3.50 - Lenovo)
Energy Management (x32 Version: 8.0.3.50 - Lenovo) Hidden
GNS3 2.0.0 (HKLM-x32\...\GNS3) (Version: 2.0.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Icecream Image Resizer version 1.46 (HKLM-x32\...\{2F8F5694-F482-481A-B05F-4A6D8A275B84}_is1) (Version: 1.46 - Icecream Apps)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1327.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0358 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{bc9808f5-afda-4f96-b90e-da5bfb2ef8da}) (Version: 16.1.4 - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio Viewer 2007 (HKLM-x32\...\{95120000-0052-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-321738506-1789406464-3067570155-1000\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
Mozilla Firefox 47.0.2 (x86 fr) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 fr)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
My Connection (HKLM-x32\...\IAM Aegean My Connection_is1) (Version: - IAM)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.2.17 - Symantec Corporation)
NVIDIA Graphics Driver 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Opera Stable 45.0.2552.888 (HKLM-x32\...\Opera 45.0.2552.888) (Version: 45.0.2552.888 - Opera Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7514 - Realtek Semiconductor Corp.)
Restaurant POS Demo 13 (HKLM-x32\...\Restaurant POS Demo 13_is1) (Version: - Denver Research)
SafeZone Stable 1.51.2220.47 (x32 Version: 1.51.2220.47 - Avast Software) Hidden
SolarWinds Response Time Viewer (HKLM-x32\...\{5B415E10-D1C1-4E54-9061-AE0FB3D7F2B2}) (Version: 1.0.0.162 - SolarWinds)
Streaming Audio Recorder version 3.4.5 (HKLM-x32\...\{B6D9D06B-4B4D-4B41-B963-C056B627F704}_is1) (Version: 3.4.5 - APOWERSOFT LIMITED)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visionneuse Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Visual Studio 2005 Tools pour Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMware Player (HKLM\...\{B5D82DF0-AC2F-469F-8E97-599653947166}) (Version: 12.5.5 - VMware, Inc.)
VMware VIX (HKLM-x32\...\{F99FC179-EA67-4BBC-8955-BDDA0CB94B88}) (Version: 1.15.0.00000 - VMware, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wireshark 2.2.1 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.1 - The Wireshark developer community, hxxps://www.wireshark.org)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-321738506-1789406464-3067570155-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Salma\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {048B3BBE-9E36-4415-9036-B55A183540B7} - System32\Tasks\Norton Security Scan for Salma => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.2.17\Nss.exe [2017-05-15] (Symantec Corporation)
Task: {085AC5EE-1030-40B6-8A4B-EA8B796EF4FD} - System32\Tasks\{FFDC0F8B-4D33-4431-B72D-9B18A209E278} => pcalua.exe -a C:\Users\Salma\Downloads\kav15.0.2.361fr_7379.exe -d C:\Users\Salma\Downloads
Task: {08BF6F18-7F18-4DBE-917A-74C201F6DADD} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0F1CD8DC-764A-47D3-AB65-40C1A6D4293C} - System32\Tasks\{EA74CDFD-AC46-4E7F-977F-FB849154956C} => pcalua.exe -a "C:\Users\Salma\Downloads\chromeinstall-8u31 (1).exe" -d C:\Users\Salma\Downloads
Task: {10D55A38-9062-4D9A-A641-87178B02E4B7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {166388FE-2EF9-4003-BA74-6EA5F4711F70} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-08] (Google Inc.)
Task: {1ED096B8-5B33-4C5B-9A01-BF51803CA02A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {32F98FFE-839F-41B6-B4AC-573C163B2C64} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {45406629-62D4-47C2-8FBD-0874215423E3} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {53CFAB68-8150-41AB-A189-E8E1CBF34F82} - System32\Tasks\avastBCLRestartS-1-5-21-321738506-1789406464-3067570155-1000 => Chrome.exe
Task: {65091EBD-05C5-4ADC-BDE4-B435A9E3D188} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {6DAAFB99-7D36-45EE-94DD-5F321A437C68} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8116ACAF-B6FF-464A-BCC2-3BA631D25676} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-23] (Microsoft Corporation)
Task: {8136326A-932B-4BD5-88E3-A994A2BC7CE7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-13] (AVAST Software)
Task: {84BC3296-704B-496D-B3D1-2C04F5C23AEE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {88C8BE96-090F-450A-AFB6-F298BB1C7798} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {893A4A62-39F1-479D-885A-98BF60AC31C5} - System32\Tasks\Opera scheduled Autoupdate 1424294240 => C:\Program Files (x86)\Opera\launcher.exe [2017-05-31] (Opera Software)
Task: {8975007E-F84F-4A3F-B4BD-710DA3CA0CF5} - System32\Tasks\SafeZone scheduled Autoupdate 1465917142 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-09] (Avast Software)
Task: {8981B298-3404-455D-834D-C61AAA6F41D0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8E7ED482-BA3D-4D1F-9DC4-4F5342093E0B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9BBC7F8C-F2A7-4473-A1CF-1BF487D8E5F4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-08] (Google Inc.)
Task: {9BDF80F4-2F90-44A5-AC0C-48484C8C04A9} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A5F96C8C-D581-4373-9DF2-951601165288} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A80D02C7-05EA-4FF1-B058-1AB91F0B75BE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {AA8CEB4F-A632-47EF-87DF-78C7D7BE3609} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {B6D68429-0964-4561-86D3-F2E1CA25D4D6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8DB3DD1-ACD9-497F-90CD-2C3CB84777A1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8E52478-52DE-49B8-AAF0-655DA640FDDE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-08-24] (AVAST Software)
Task: {C9FA866F-E775-4BA9-B173-A4E4519ADBD6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D19A753E-3BF5-42C7-88F3-EC49829486A3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DBCE1800-E6C7-4B8A-8A1E-576823A14028} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {E363473E-1AEB-4BDF-8FC9-7423F1708574} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F8A42D58-4A9F-4529-8757-C474C0F17133} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {FDE69CEA-AF43-4A7F-BE48-E5325F9F87E8} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FFFB4F07-5689-426F-B0EE-01D4B71D3464} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Salma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.LNK -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.bahaty.com/red/f.php
==================== Loaded Modules (Whitelisted) ==============
2015-03-29 11:47 - 2012-03-14 12:05 - 00053312 _____ () C:\Program Files (x86)\My Connection\BackgroundService\ServiceManager.exe
2017-02-28 15:19 - 2017-02-28 15:19 - 00102064 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
2017-02-28 15:20 - 2017-02-28 15:20 - 00141488 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\aaLoader64.dll
2017-06-05 02:00 - 2016-12-29 13:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-18 20:58 - 2017-03-18 20:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-11-01 23:05 - 2016-11-01 23:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-03-18 20:59 - 2017-03-19 02:30 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-07 23:30 - 2017-06-07 23:31 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-07 23:30 - 2017-06-07 23:31 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-12 07:39 - 2017-05-12 07:39 - 06557184 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_5.9.1042.0_x64__8wekyb3d8bbwe\WhatsNew.Store.dll
2017-05-12 07:39 - 2017-05-12 07:39 - 00024576 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_5.9.1042.0_x64__8wekyb3d8bbwe\SkuInterop.dll
2017-05-08 08:21 - 2017-05-08 08:23 - 00054272 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2015-03-29 11:47 - 2012-09-26 19:36 - 00126056 _____ () C:\Program Files (x86)\My Connection\BackgroundService\ModemListener.exe
2016-08-24 11:50 - 2016-08-24 11:50 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-06-09 21:39 - 2017-06-09 21:39 - 06101864 _____ () c:\program files\avast software\avast\defs\17060904\algo.dll
2016-08-24 11:50 - 2016-08-24 11:50 - 00482928 _____ () c:\program files\avast software\avast\ffl2.dll
2016-07-01 02:10 - 2016-07-01 02:10 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 02:34 - 2015-03-21 15:46 - 00000878 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-321738506-1789406464-3067570155-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "BLEServicesCtrl"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "USB3MON"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{FFFFD31A-29B4-4CF8-9DDE-C3842C77044E}] => (Allow) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe
FirewallRules: [{22E65E44-B95B-49A4-83FA-41C1C3D2140A}] => (Allow) C:\Program Files (x86)\Opera\45.0.2552.881\opera.exe
FirewallRules: [{66033DF2-CA9C-4AF1-83C8-B562EC23F633}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D7CC513B-EBBE-412E-A740-48C16E0F7ADD}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{58422A82-489C-4911-A170-DCDAE4ED1355}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{5DE6AFDB-7EAE-4269-8805-594D4E4A17C5}] => (Allow) C:\Program Files\GNS3\qemu-2.4.0\qemu-system-x86_64w.exe
FirewallRules: [{6A67F03A-CD05-4DAE-A6E3-DCA4D3DE0614}] => (Allow) C:\Program Files\GNS3\qemu-2.4.0\qemu-system-x86_64w.exe
FirewallRules: [{EA31D54F-A941-4175-8693-3C233598E6BC}] => (Allow) C:\Program Files\GNS3\qemu-2.4.0\qemu-system-i386w.exe
FirewallRules: [{05764222-750B-4AD6-8E0D-F795813915C9}] => (Allow) C:\Program Files\GNS3\qemu-2.4.0\qemu-system-i386w.exe
FirewallRules: [{2E1043AC-13F3-4F13-A618-22E81F1CCBEB}] => (Allow) C:\Program Files\GNS3\qemu-0.11.0\qemu.exe
FirewallRules: [{47CF9235-3300-47B6-8C9D-9BAE77711592}] => (Allow) C:\Program Files\GNS3\qemu-0.11.0\qemu.exe
FirewallRules: [{99F2DDF7-EE60-4DC5-ABEE-7E9C31BA53CD}] => (Allow) C:\Program Files\GNS3\vpcs\vpcs.exe
FirewallRules: [{E8378CEF-A274-4DF5-BCBF-41983D9E1E82}] => (Allow) C:\Program Files\GNS3\vpcs\vpcs.exe
FirewallRules: [{89473BD8-6F88-4513-AA78-B8C67C23590E}] => (Allow) C:\Program Files\GNS3\dynamips\dynamips.exe
FirewallRules: [{7CD36E00-9DD3-4449-9328-220951D4F868}] => (Allow) C:\Program Files\GNS3\dynamips\dynamips.exe
FirewallRules: [{9DAA9348-628D-4412-8F86-7848F457B03F}] => (Allow) C:\Program Files\GNS3\ubridge.exe
FirewallRules: [{21AD35D3-EBD6-4881-B339-BE6525C9B8CD}] => (Allow) C:\Program Files\GNS3\ubridge.exe
FirewallRules: [{A2A0FAD5-711C-4AAB-A9A8-431B281619DB}] => (Allow) C:\Program Files\GNS3\gns3server.exe
FirewallRules: [{8BB3AF51-EC95-4C08-9FEF-FDCA3E7951F2}] => (Allow) C:\Program Files\GNS3\gns3server.exe
FirewallRules: [UDP Query User{DD4125D8-4F4C-407F-A2EF-B4BA56F4F13C}C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe
FirewallRules: [TCP Query User{97A2CF6E-2603-4276-819B-706EA65D6A7C}C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe
FirewallRules: [UDP Query User{0064FECB-EE4E-4325-8E2E-C713FE83207D}C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe
FirewallRules: [TCP Query User{A26200C9-E00A-43E6-963D-3F2D63D5D7D7}C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe
FirewallRules: [{051897E7-0DAE-4B55-9C1E-3E102531C505}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E304CF23-A13D-451E-A761-BE05EF458467}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{85D720C3-D80C-469C-9712-0C3A6C27532C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{36C58C3D-5AB6-4CF1-8BAB-D4AB2338C681}C:\users\salma\downloads\kav15.0.2.361fr_7379.exe] => (Block) C:\users\salma\downloads\kav15.0.2.361fr_7379.exe
FirewallRules: [UDP Query User{464ABC1B-2227-4A63-9A7E-D37D10501D44}C:\users\salma\downloads\kav15.0.2.361fr_7379.exe] => (Block) C:\users\salma\downloads\kav15.0.2.361fr_7379.exe
FirewallRules: [TCP Query User{A188FF09-2305-4A41-ACBA-47B62DC4C207}C:\users\salma\downloads\kav15.0.2.361en.exe] => (Block) C:\users\salma\downloads\kav15.0.2.361en.exe
FirewallRules: [UDP Query User{41636971-4441-424A-9271-6235C5592418}C:\users\salma\downloads\kav15.0.2.361en.exe] => (Block) C:\users\salma\downloads\kav15.0.2.361en.exe
FirewallRules: [TCP Query User{7373FC71-F008-4EF8-8178-43B378581FEC}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{33940356-666E-4AF6-A03D-AF737A412372}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{1FB49316-120D-4ADC-8F66-30261078E665}] => (Allow) C:\Users\Salma\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{9849474B-CD47-40AE-94C9-95BD727754A3}] => (Allow) C:\Users\Salma\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{9BC03B21-0750-4E56-BE43-CEDBB6547CE8}C:\program files\maple 2015\jre\bin\javaw.exe] => (Allow) C:\program files\maple 2015\jre\bin\javaw.exe
FirewallRules: [UDP Query User{D21D88A7-A459-4160-8A0D-A241FFBA68D5}C:\program files\maple 2015\jre\bin\javaw.exe] => (Allow) C:\program files\maple 2015\jre\bin\javaw.exe
FirewallRules: [{262C413A-F1A6-4D9C-84FF-6A14D5D41CED}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{F8B193B1-4B0A-4714-844E-E83854F305CF}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [TCP Query User{77FC2499-8C59-49E1-943A-E4CCCFD358D8}C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe
FirewallRules: [UDP Query User{EB9EB425-0A0D-4290-B7B1-27447A5F6C18}C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe
FirewallRules: [TCP Query User{CFB9274F-2D2A-46BD-AB03-F0B6D0C1F7AC}C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe
FirewallRules: [UDP Query User{4B6A8A6E-F538-4CB4-85D5-FBA397EB9E0F}C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe
==================== Restore Points =========================
05-06-2017 11:55:43 Installé Microsoft Office Visio Viewer 2007
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/09/2017 09:41:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante launcher.exe_Avast SafeZone Browser, version : 1.51.2220.53, horodatage : 0x57a8aaa1
Nom du module défaillant : launcher.exe, version : 1.51.2220.53, horodatage : 0x57a8aaa1
Code d’exception : 0x80000003
Décalage d’erreur : 0x00023ef9
ID du processus défaillant : 0x1638
Heure de début de l’application défaillante : 0x01d2e1692a14f698
Chemin d’accès de l’application défaillante : C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Chemin d’accès du module défaillant: C:\Program Files\AVAST Software\SZBrowser\launcher.exe
ID de rapport : cad986c3-4823-47ca-b696-2ec40690198b
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (06/08/2017 11:45:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Microsoft.Photos.exe, version : 1.0.1705.24002, horodatage : 0x5926017a
Nom du module défaillant : igd10iumd64.dll, version : 20.19.15.4531, horodatage : 0x57ed27c8
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0000000000031686
ID du processus défaillant : 0x888
Heure de début de l’application défaillante : 0x01d2e08f40be6295
Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\igd10iumd64.dll
ID de rapport : 924cf5b8-732a-4ad3-ae12-ecafeb5b056f
Nom complet du package défaillant : Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe
ID de l’application relative au package défaillant : App
Error: (06/08/2017 04:20:06 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.
Error: (06/08/2017 03:09:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante launcher.exe_Avast SafeZone Browser, version : 1.51.2220.53, horodatage : 0x57a8aaa1
Nom du module défaillant : launcher.exe, version : 1.51.2220.53, horodatage : 0x57a8aaa1
Code d’exception : 0x80000003
Décalage d’erreur : 0x00023ef9
ID du processus défaillant : 0x2344
Heure de début de l’application défaillante : 0x01d2e0692c3a7efe
Chemin d’accès de l’application défaillante : C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Chemin d’accès du module défaillant: C:\Program Files\AVAST Software\SZBrowser\launcher.exe
ID de rapport : 2862781c-93c4-453e-b3b7-03e0fe654868
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (06/08/2017 11:12:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante launcher.exe_Avast SafeZone Browser, version : 1.51.2220.53, horodatage : 0x57a8aaa1
Nom du module défaillant : launcher.exe, version : 1.51.2220.53, horodatage : 0x57a8aaa1
Code d’exception : 0x80000003
Décalage d’erreur : 0x00023ef9
ID du processus défaillant : 0x2420
Heure de début de l’application défaillante : 0x01d2e0482665b9fe
Chemin d’accès de l’application défaillante : C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Chemin d’accès du module défaillant: C:\Program Files\AVAST Software\SZBrowser\launcher.exe
ID de rapport : 7917ce1d-1f36-4cd5-bc49-a4c4aab390a7
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (06/08/2017 11:10:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante launcher.exe_Avast SafeZone Browser, version : 1.51.2220.53, horodatage : 0x57a8aaa1
Nom du module défaillant : launcher.exe, version : 1.51.2220.53, horodatage : 0x57a8aaa1
Code d’exception : 0x80000003
Décalage d’erreur : 0x00023ef9
ID du processus défaillant : 0x1960
Heure de début de l’application défaillante : 0x01d2e047de62f473
Chemin d’accès de l’application défaillante : C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Chemin d’accès du module défaillant: C:\Program Files\AVAST Software\SZBrowser\launcher.exe
ID de rapport : 2ac1dc28-ac8a-4c96-b0f7-a7268b740145
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (06/08/2017 11:05:02 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme PacketTracer7.exe version 0.0.0.0 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance.
ID de processus : 14ac
Heure de début : 01d2e046ef20c70f
Heure de fin : 9
Chemin d'accès de l'application : C:\Program Files\Cisco Packet Tracer 7.0\bin\PacketTracer7.exe
ID de rapport : cf445b8a-b0a9-4c07-8a22-8c4a98cee0b3
Nom complet du package défaillant :
ID de l'application relative au package défaillant :
Error: (06/08/2017 04:04:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Salma-PC)
Description: Le package Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe+App a été interrompu, car sa suspension a été trop longue.
Error: (06/07/2017 06:22:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Salma-PC)
Description: Échec de l’activation de l’application Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen avec l’erreur : -2144927142 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (06/07/2017 06:22:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Salma-PC)
Description: L’application Microsoft.LockApp_10.0.15063.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen n’a pas été lancée dans le délai qui lui était imparti.
System errors:
=============
Error: (06/10/2017 12:48:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service CldFlt n’a pas pu démarrer en raison de l’erreur :
Cette demande n’est pas prise en charge.
Error: (06/10/2017 12:47:23 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (06/10/2017 12:46:11 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (06/10/2017 12:45:40 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (06/10/2017 12:45:10 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (06/10/2017 12:41:39 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (06/10/2017 12:37:15 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (06/10/2017 12:35:23 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (06/10/2017 12:34:37 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (06/10/2017 12:33:18 PM) (Source: DCOM) (EventID: 10010) (User: Salma-PC)
Description: Le serveur {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 46%
Total physical RAM: 3852.36 MB
Available physical RAM: 2042.23 MB
Total Virtual: 8204.36 MB
Available Virtual: 6421.97 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.34 GB) (Free:407.36 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=1000 MB) - (Type=0B)
Partition 2: (Not Active) - (Size=464.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================