Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-05-2017 Ran by C Brindamour (10-05-2017 14:00:35) Running from E:\ Windows 7 Ultimate Service Pack 1 (X64) (2017-01-22 01:04:26) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3143673030-1198614311-2239899035-500 - Administrator - Disabled) C Brindamour (S-1-5-21-3143673030-1198614311-2239899035-1000 - Administrator - Enabled) => C:\Users\C Brindamour Guest (S-1-5-21-3143673030-1198614311-2239899035-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-3143673030-1198614311-2239899035-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189} AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated) Adobe Audition 3.0 Vista Compatibility (HKLM\...\{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb) (Version: - ) Adobe Connect 9 Add-in (HKU\S-1-5-21-3143673030-1198614311-2239899035-1000\...\Adobe Connect 9 Add-in) (Version: 11.9.976.299 - Adobe Systems Incorporated) Allway Sync version 10.3.25 (HKLM\...\Allway Sync_is1) (Version: - Botkind Inc) Antidote 9 - English module (HKLM-x32\...\{BFA17B4C-70D3-480F-8476-76197F614AB8}) (Version: 9.4.3427 - Druide informatique inc.) Antidote 9 - Module français (HKLM-x32\...\{BFA17B4C-70D3-480F-8476-76197F614AB7}) (Version: 9.4.3427 - Druide informatique inc.) Antidote 9 (HKLM-x32\...\{BFA17B4C-70D3-480F-8476-76197F614AB6}) (Version: 9.4.3507 - Druide informatique inc.) Assistant de téléchargement (HKLM-x32\...\{93154A3C-9BB7-49D7-A571-4EB6373FA600}) (Version: 6.1.0 - Druide informatique inc.) BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.7.2.28499 - BitTorrent Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform) Core Temp 1.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.7 - ALCPU) Driver Booster 4.2 (HKLM-x32\...\Driver Booster_is1) (Version: 4.2.0 - IObit) EaseUS Todo Backup Free 10.0 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 10.0 - CHENGDU YIWO Tech Development Co., Ltd) Easy CD-DA Extractor 16 (HKLM-x32\...\Easy CD-DA Extractor 16) (Version: 16 - Poikosoft) Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.96 - Google Inc.) Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Herramientas de corrección de Microsoft Office 2016: español (x32 Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) Malwarebytes version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes) M-Audio Delta 6.0.8 (x64) (HKLM\...\{16B2C43D-6C49-4A56-957D-E40CEAA2AC06}) (Version: 6.0.8 - M-Audio) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office Professionnel Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24516 (HKLM-x32\...\{b8e12890-118d-4721-8e54-05d978086712}) (Version: 14.0.24516.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24516 (HKLM-x32\...\{c325004c-5538-45b3-a7ad-94473a4dcd3b}) (Version: 14.0.24516.0 - Microsoft Corporation) Mozilla Firefox 53.0.2 (x86 fr) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 fr)) (Version: 53.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation) Outils de vérification linguistique 2016 de Microsoft Office - Français (x32 Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Revo Uninstaller Pro 3.0.8 (HKLM\...\Revo Uninstaller Pro PREACTIVATED by .:sHaRe:. @~1067B756_is1) (Version: 3.0.8 - VS Revo Group, Ltd.) SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital) Taalprogramma's voor Microsoft Office 2016 - Nederlands (x32 Version: 16.0.4266.1001 - Microsoft Corporation) Hidden TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.77242 - TeamViewer) WhereIsIt? 2014 (HKLM-x32\...\whereisit-wii_is1) (Version: 2014 - Robert Galle) Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc) Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3143673030-1198614311-2239899035-1000_Classes\CLSID\{5563940C-ABF0-47B4-BB0E-B5D8680B570A}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\MoteurIntegration.exe (Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-3143673030-1198614311-2239899035-1000_Classes\CLSID\{5563940D-49FD-4F1A-96AA-147B474290EE}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\MoteurIntegration.exe (Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-3143673030-1198614311-2239899035-1000_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\AgentAntidote.exe (Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-3143673030-1198614311-2239899035-1000_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\Antidote.exe (Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-3143673030-1198614311-2239899035-1000_Classes\CLSID\{AD630E0F-BF29-4791-AD3B-A289E884E37C}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\Antidote.exe (Druide informatique inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {088B95E8-3D0A-4A97-AB9F-B80DC7646CE1} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation) Task: {1665CE2B-B07B-4C94-A6A3-05A91FCAAA58} - System32\Tasks\Driver Booster SkipUAC (C Brindamour) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe [2017-01-10] (IObit) Task: {1CEADCF4-90E4-4DC3-9FF5-A577060758F4} - System32\Tasks\{6A62082A-DDC9-BF81-1398-0C144AB7525F} => C:\ProgramData\{FCF46683-4B5F-D128-384B-2BC8BB6DA958}\0CA873C7-BB03-C46C-2F83-1C311736C710.exe [2017-05-10] () <==== ATTENTION Task: {25A3B2FA-759F-4600-A0BA-BC1AEADA6E8E} - \{0A0A7D47-7A04-090D-0B11-0A040F0F1109} -> No File <==== ATTENTION Task: {2C32F97C-14C1-43D1-A934-A2FBBADBA614} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {410CECF2-FFE0-40E2-805C-220489526414} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {43BC633C-EE83-40AA-953C-8F3AE1728BC3} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation) Task: {4D850F8C-63AD-44DB-9336-EB37C5EB161E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {4FC0E6CF-E66F-48EC-BDFD-68698A743DE2} - System32\Tasks\{A668F157-6833-536B-F6FA-C418BE177D11} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\9729f04a\acae52ef.dll" <==== ATTENTION Task: {59D17435-E435-4B0B-A558-0CBBCB901BB8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd) Task: {5D5263D4-1ABB-4B85-A9A7-9CAFED1E1E8C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software) Task: {7AE90632-1BBA-430E-8316-FB3C64512BD8} - System32\Tasks\Loop Photo Recovery => Rundll32.exe "C:\Program Files\Loop Photo Recovery\Loop Photo Recovery.dll",utiFtYnj Task: {850EBAFA-4B57-41E9-AFAE-89BB9963BBAC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {8CE1CD04-0DA5-4CE9-BD83-BF1332112298} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\VideoMemoryDiagnostic => C:\\ProgramData\\VideoMemoryDiagnostic\\vmdiag.exe Task: {9AB3679E-E54F-406F-9850-747025844A23} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe Task: {A21581BC-8D7E-4DFA-A277-E615C2D7D432} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {B65CC15B-BECF-4FEC-A500-52ECF08187E8} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\Scheduler.exe [2016-12-14] (IObit) Task: {E8B283C4-14C8-4925-9D8A-4249B7727565} - System32\Tasks\{ED672AD0-88E8-4B67-8F47-4AFD8F2D9EDE} => pcalua.exe -a E:\Télécharg\WhereIsIt\RegSetup.exe -d E:\Télécharg\WhereIsIt Task: {F8B07E3D-2BC7-4628-BD9C-6A67CB3FF364} - System32\Tasks\Core Temp Autostart C Brindamour => C:\Program Files\Core Temp\Core Temp.exe [2017-03-18] (ALCPU) Task: {FECFAC72-2210-44EA-86AE-6CB121836E7D} - System32\Tasks\VXVYWhBSVc => C:\Program Files (x86)\lP2uKhTJMy\updengine.exe <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION Task: C:\Windows\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION Task: C:\Windows\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION Task: C:\Windows\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\C Brindamour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl ==================== Loaded Modules (Whitelisted) ============== 2017-01-23 02:30 - 2017-04-25 04:35 - 00020208 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 00087368 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\libQtDispatchDruide9.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 00088392 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\libxdispatchDruide9.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 00063816 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\libdispatchDruide9.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 00467784 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\boost_locale-vc120-mt-1_58-Druide9.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 00025928 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\boost_system-vc120-mt-1_58-Druide9.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 00036168 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\boost_chrono-vc120-mt-1_58-Druide9.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 00108360 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\boost_thread-vc120-mt-1_58-Druide9.dll 2017-03-10 14:58 - 2017-03-10 14:58 - 00108136 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\libwebsocketsDruide9.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 00021360 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\LibrairiesQt\libEGL.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 02021744 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\LibrairiesQt\libGLESv2.dll 2016-11-22 14:16 - 2016-11-22 14:16 - 00118384 _____ () C:\Program Files (x86)\Druide\Antidote 9\LingEN\Bin64\libYamChaDruide9.dll 2017-01-23 02:02 - 2014-08-05 21:04 - 01441792 _____ () C:\Program Files\Everything\Everything.exe 2012-01-25 19:33 - 2012-01-25 19:33 - 00237872 _____ () C:\Windows\SysWOW64\DeltaIITray.exe 2017-01-28 15:59 - 2016-12-06 03:46 - 00259264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe 2017-01-23 01:54 - 2017-04-25 19:46 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2017-01-28 15:59 - 2016-03-01 15:00 - 00080936 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll 2017-01-28 15:59 - 2016-03-07 19:08 - 01291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll 2017-01-28 15:59 - 2004-10-05 04:08 - 00055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00019648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll 2017-01-28 15:59 - 2016-12-06 03:44 - 00090816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00024768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00188608 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00182976 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00163520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt_RTTO.dll 2017-01-28 15:59 - 2016-12-06 03:44 - 00056000 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00018112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00122048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll 2017-01-28 15:59 - 2016-12-06 03:44 - 00085696 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00032960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll 2017-01-28 15:59 - 2016-12-06 03:44 - 00070336 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll 2017-01-28 15:59 - 2016-12-06 03:44 - 00160448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00296640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00078528 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll 2017-01-28 15:59 - 2016-12-09 10:09 - 00305856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSUtil.dll 2017-01-28 15:59 - 2016-12-06 03:44 - 00210112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00026304 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CallbackOperator.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00074432 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll 2017-01-28 15:59 - 2016-12-06 03:44 - 00142016 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00040128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00737984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00195776 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00414400 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00162496 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00029376 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll 2017-01-28 15:59 - 2016-12-06 03:44 - 00114368 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll 2017-01-28 15:59 - 2016-12-06 03:44 - 00026816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00022720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00034496 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll 2017-01-28 15:59 - 2016-12-06 03:44 - 00054464 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll 2017-01-28 15:59 - 2016-12-06 03:44 - 00066240 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00026816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll 2017-01-28 15:59 - 2016-12-06 03:44 - 00074944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00221376 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00079040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00020672 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll 2017-01-28 15:59 - 2016-12-06 03:44 - 00138432 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll 2017-01-28 15:59 - 2016-12-06 03:43 - 00021696 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll 2017-01-28 15:59 - 2016-12-06 03:44 - 00045248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 00076616 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\libQtDispatchDruide9.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 00077128 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\libxdispatchDruide9.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 00054600 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\libdispatchDruide9.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 00373576 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\boost_locale-vc120-mt-1_58-Druide9.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 00022856 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\boost_system-vc120-mt-1_58-Druide9.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 00033096 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\boost_chrono-vc120-mt-1_58-Druide9.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 00089928 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\boost_thread-vc120-mt-1_58-Druide9.dll 2017-03-10 14:58 - 2017-03-10 14:58 - 00093288 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\libwebsocketsDruide9.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 00020336 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\LibrairiesQt\libEGL.dll 2016-09-15 08:58 - 2016-09-15 08:58 - 01654128 _____ () C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\LibrairiesQt\libGLESv2.dll 2017-01-28 15:59 - 2016-12-06 03:44 - 00210112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll 2017-05-10 12:55 - 2017-05-10 12:55 - 00098816 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\win32api.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00110080 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\pywintypes27.dll 2017-05-10 12:55 - 2017-05-10 12:55 - 00364544 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\pythoncom27.dll 2017-05-10 12:55 - 2017-05-10 12:55 - 00320512 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\win32com.shell.shell.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00914432 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\_hashlib.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 01176576 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\wx._core_.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00806400 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\wx._gdi_.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00816128 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\wx._windows_.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 01067008 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\wx._controls_.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00733184 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\wx._misc_.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00682496 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\pysqlite2._sqlite.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00088064 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\_ctypes.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00686080 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\unicodedata.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00119808 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\win32file.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00108544 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\win32security.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00007168 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\hashobjs_ext.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00017920 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\thumbnails_ext.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00088064 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\usb_ext.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00012800 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\common.time34.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00018432 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\win32event.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00167936 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\win32gui.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00046080 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\_socket.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 01303552 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\_ssl.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00128512 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\_elementtree.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00127488 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\pyexpat.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00038912 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\win32inet.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00036864 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\_psutil_windows.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00524248 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\windows._lib_cacheinvalidation.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00011264 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\win32crypt.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00123392 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\wx._wizard.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00077312 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\wx._html2.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00027648 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\_multiprocessing.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00020480 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\_yappi.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00035840 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\win32process.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00078848 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\wx._animate.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00024064 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\win32pipe.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00010240 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\select.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00025600 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\win32pdh.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00017408 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\win32profile.pyd 2017-05-10 12:55 - 2017-05-10 12:55 - 00022528 ____R () C:\Users\C Brindamour\AppData\Local\Temp\_MEI29642\win32ts.pyd 2017-03-15 16:43 - 2017-03-15 16:43 - 01114136 _____ () C:\Users\C Brindamour\AppData\Roaming\Mozilla\Firefox\Profiles\ut7sqc58.default-1489610351132\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:15B79D44 [398] AlternateDataStreams: C:\ProgramData\TEMP:ADAB671B [394] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3143673030-1198614311-2239899035-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: Adobe LM Service => 3 MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{D3D1C020-BB2D-4D7C-B914-43088E8C85C4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{737ABAD2-8F04-4F70-A9AF-D5E2A80C6438}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe FirewallRules: [{B2D1CF79-0A78-4737-BD23-A87E16B5B57A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe FirewallRules: [{B96A8050-305A-4956-AABE-731539DB69F6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe FirewallRules: [{E0A14FE1-A0F8-4073-A169-BB397BEA4C19}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe FirewallRules: [{22D24440-0E65-4CA4-B7A7-438F1F673D44}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe FirewallRules: [{5F11C186-B61F-482A-B41D-9FA3EB4F1AEE}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe FirewallRules: [{40ADD057-1A03-4174-A183-ED1CDEE23D81}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{B5EE90CF-B3D6-4BE2-A22E-AE20E77C8868}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{803AADD0-DB1A-4A9F-B8B5-356DB9B171EC}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{84238DEF-B62D-45BC-8E19-2F03B0036771}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{522087BD-A702-49E3-A25C-C068E459887C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{7105F539-14BB-4D47-A864-770E0C25707C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{AB72A041-A65A-42EB-9D1A-9973476CB314}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe FirewallRules: [{81B2D999-966D-4F61-9D63-EA4970280C18}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe FirewallRules: [{E1C389D9-A73D-477D-8D68-5A24C437AA04}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe FirewallRules: [{6A7FB8B9-F9A2-4EA9-85D8-F03D1E25897F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe FirewallRules: [{E587D41E-BF82-4BBB-83F9-971B20CEB62B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{6102D08A-650A-424A-97AC-4560501A6D2B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe FirewallRules: [TCP Query User{2D7FCD06-4FBC-4D16-821D-F6DB3D593EA7}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{3883ECA4-D50F-4C01-8BBA-B25DDA6B8D75}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [{42DD256B-D704-4027-9765-0DD85A16F4B5}] => (Block) C:\program files (x86)\winamp\winamp.exe FirewallRules: [{36F73E2B-293A-45BC-B53E-716AEFC651C2}] => (Block) C:\program files (x86)\winamp\winamp.exe FirewallRules: [{D1E3C3A4-8A8B-476B-94ED-74D41D1FFEAC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{6ADA86A2-4597-4A21-8054-80FCB1C67010}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{A7A32455-358B-4DA4-95CB-2401F92E115B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{D8CDC991-1D43-4B09-AC42-955B5DBF98E5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{807D84B4-BFBC-412E-A7E8-08C8C45991D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{3DC968EE-E8F4-4285-8F37-582B1DBE7CDF}] => (Allow) C:\Windows\system32\rundll32.exe FirewallRules: [{BDB14CC5-EDDA-441D-B216-CF6E970383A2}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{A4168391-4E1B-4CB0-9485-4CE41BE084F2}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{24849D5C-3CB7-45B4-A1AC-A2C651777199}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9E350F2D-5CB8-4231-BD93-99450331B54C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Restore Points ========================= 10-05-2017 12:13:03 Revo Uninstaller Pro's restore point - 1.0.0.1 10-05-2017 12:14:17 Revo Uninstaller Pro's restore point - AppTrailers - AppTrailers for Desktop 10-05-2017 12:15:30 Revo Uninstaller Pro's restore point - encemuis 10-05-2017 12:16:33 Revo Uninstaller Pro's restore point - EZSearch 10-05-2017 12:17:37 Revo Uninstaller Pro's restore point - EZSearch 10-05-2017 12:18:58 Revo Uninstaller Pro's restore point - VAB Downloader 10-05-2017 12:20:40 Revo Uninstaller Pro's restore point - InterStat 10-05-2017 12:23:45 Revo Uninstaller Pro's restore point - VAB Downloader 10-05-2017 12:25:15 Revo Uninstaller Pro's restore point - SafeFinder 10-05-2017 12:26:32 Revo Uninstaller Pro's restore point - One System Care 10-05-2017 12:31:17 Revo Uninstaller Pro's restore point - Mozilla Firefox 53.0.2 (x64 fr) 10-05-2017 12:33:27 Revo Uninstaller Pro's restore point - Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 10-05-2017 12:34:46 Revo Uninstaller Pro's restore point - Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 10-05-2017 12:42:48 Revo Uninstaller Pro's restore point - PcRegBoost version 1.3 10-05-2017 13:31:13 Revo Uninstaller Pro's restore point - AdBlocker ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/10/2017 01:31:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddWin32ServiceFiles: Unable to back up image of service Service Google Update (gupdatem) since QueryServiceConfig API failed System Error: The system cannot find the file specified. . Error: (05/10/2017 01:31:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddWin32ServiceFiles: Unable to back up image of service Service Google Update (gupdate) since QueryServiceConfig API failed System Error: The system cannot find the file specified. . Error: (05/10/2017 01:31:11 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Access is denied. . Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {5acbed3f-1bd2-495c-b8e9-68763449d90a} Error: (05/10/2017 12:23:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante explorer.exe, version : 6.1.7601.23537, horodatage : 0x57c44efe Nom du module défaillant : MSVCR90.dll, version : 9.0.30729.6161, horodatage : 0x4dace4e7 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000001e1ac ID du processus défaillant : 0xd4c Heure de début de l’application défaillante : 0x01d2c9a97fe07088 Chemin d’accès de l’application défaillante : C:\Windows\explorer.exe Chemin d’accès du module défaillant: C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll ID de rapport : f3212b28-359c-11e7-8f29-0026184c43bd Error: (05/10/2017 12:06:58 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Access is denied. . Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {99d2e1ce-c285-491e-974b-bf043ed70026} Error: (05/05/2017 01:36:16 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\microsoft office\Office16\lync.exe.Manifest ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\microsoft office\Office16\UccApi.DLL » à la ligne 1. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". La définition est UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (05/02/2017 12:19:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante explorer.exe, version : 6.1.7601.23537, horodatage : 0x57c44efe Nom du module défaillant : MSVCR90.dll, version : 9.0.30729.6161, horodatage : 0x4dace4e7 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000001e1ac ID du processus défaillant : 0xfe8 Heure de début de l’application défaillante : 0x01d2c35fd623e218 Chemin d’accès de l’application défaillante : C:\Windows\explorer.exe Chemin d’accès du module défaillant: C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll ID de rapport : 1ced4018-2f53-11e7-a6be-0026184c43bd Error: (05/02/2017 08:17:25 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\microsoft office\Office16\lync.exe.Manifest ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\microsoft office\Office16\UccApi.DLL » à la ligne 1. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". La définition est UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (04/18/2017 12:33:51 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\microsoft office\Office16\lync.exe.Manifest ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\microsoft office\Office16\UccApi.DLL » à la ligne 1. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". La définition est UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (04/17/2017 03:32:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante AgentAntidote.exe, version : 9.4.3427.15772, horodatage : 0x58348f34 Nom du module défaillant : libwebsocketsDruide9.dll, version : 9.1.1.0, horodatage : 0x53ab1685 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000003930 ID du processus défaillant : 0xb10 Heure de début de l’application défaillante : 0x01d2b6312461a730 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\AgentAntidote.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\libwebsocketsDruide9.dll ID de rapport : 13b09c30-2340-11e7-a62f-0026184c43bd System errors: ============= Error: (05/10/2017 01:55:21 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local. Error: (05/10/2017 01:34:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service AdBlockerService n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (05/10/2017 01:34:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service AdBlockerService s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 5000 millisecondes : Restart the service. Error: (05/10/2017 12:57:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Service Google Update (gupdate) n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (05/10/2017 12:56:19 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local. Error: (05/10/2017 12:55:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Malwarebytes Service n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (05/10/2017 12:55:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Malwarebytes Service. Error: (05/10/2017 12:54:58 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local. Error: (05/10/2017 12:54:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Licensing and Software Update System for CORE Products n’a pas pu démarrer en raison de l’erreur : Le chemin d’accès spécifié est introuvable. Error: (05/10/2017 12:53:39 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local. CodeIntegrity: =================================== Date: 2017-01-23 22:54:49.917 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\VIASysFx.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2017-01-23 22:54:49.901 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\VIASysFx.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2017-01-23 12:40:09.736 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\VIASysFx.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2017-01-23 12:40:09.722 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\VIASysFx.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2017-01-23 12:39:30.348 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\VIASysFx.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2017-01-23 12:39:30.341 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\VIASysFx.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2017-01-23 12:39:23.584 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\VIASysFx.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2017-01-23 12:39:23.542 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\VIASysFx.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2017-01-23 12:39:20.695 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\VIASysFx.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2017-01-23 12:39:20.686 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\VIASysFx.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. ==================== Memory info =========================== Processor: AMD Phenom(tm) 9650 Quad-Core Processor Percentage of memory in use: 29% Total physical RAM: 8191.18 MB Available physical RAM: 5753.02 MB Total Virtual: 16380.54 MB Available Virtual: 13973.89 MB ==================== Drives ================================ Drive c: (SYSTEME) (Fixed) (Total:117.28 GB) (Free:67.9 GB) NTFS Drive e: (BUREAU) (Fixed) (Total:78.12 GB) (Free:75.91 GB) NTFS Drive f: (SECUNDO) (Fixed) (Total:387.63 GB) (Free:107.15 GB) NTFS Drive g: (TERTIO ) (Fixed) (Total:232.88 GB) (Free:32.22 GB) NTFS Drive h: (JOCE) (Fixed) (Total:233.76 GB) (Free:35.94 GB) NTFS Drive i: (RED) (Fixed) (Total:1862.98 GB) (Free:1005.57 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E0017E31) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=OF Extended) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 117.4 GB) (Disk ID: D64BABFE) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=117.3 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 232.9 GB) (Disk ID: F685F685) Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (MBR Code: Windows XP) (Size: 233.8 GB) (Disk ID: E5CDD8A3) Partition 1: (Active) - (Size=233.8 GB) - (Type=07 NTFS) ======================================================== Disk: 4 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: C8B628CC) Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================