Addition-04-08-2017-20.21.44.txt

Document joint : GHesBLWKBQp_Addition-04-08-2017-20.21.44.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x86) Version: 31-07-2017
Exécuté par Diaby (04-08-2017 20:18:23)
Exécuté depuis C:\Users\Diaby\Downloads
Microsoft Windows 7 Professionnel Service Pack 1 (X86) (2016-05-25 16:25:53)
Mode d'amorçage: Normal
==========================================================

==================== Comptes: =============================

123 (S-1-5-21-377985148-792701347-3327087119-1003 - Administrator - Enabled) => C:\Users\123
Administrateur (S-1-5-21-377985148-792701347-3327087119-500 - Administrator - Enabled) => C:\Users\Administrateur.Diaby-PC.000
Diaby (S-1-5-21-377985148-792701347-3327087119-1001 - Administrator - Enabled) => C:\Users\Diaby
HomeGroupUser$ (S-1-5-21-377985148-792701347-3327087119-1002 - Limited - Enabled)
Invité (S-1-5-21-377985148-792701347-3327087119-501 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Avira Antivirus (Disabled - Out of date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Emsisoft Anti-Malware (Enabled - Up to date) {701CB209-EBBC-AADC-11E6-DE73E7AF4C9D}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {CB7D53ED-CD86-A552-2B56-E5019C280620}
AS: Avira Antivirus (Disabled - Out of date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 26 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.28.28 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
Bandicam (HKLM\...\Bandicam) (Version: 3.1.0.1064 - Bandisoft.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
CleanMem (HKLM\...\CleanMem) (Version: v2.5.0 - PcWinTech.com)
Crossfire Europe EU (HKLM\...\Crossfire Europe EU_is1) (Version: V1502 - Smilegate Europe)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DarkComet RAT Remover version 1.0 (HKLM\...\DarkComet RAT Remover_is1) (Version: 1.0 - Phrozen ® Software 2012.)
DragonBoost (HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\119) (Version: - ) <==== ATTENTION
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 2017.6 - Emsisoft Ltd.)
Galerie de photos (HKLM\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
IObit Malware Fighter 5 (HKLM\...\IObit Malware Fighter_is1) (Version: 5.2 - IObit)
Junk Mail filter update (HKLM\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Keylogger Detector (HKLM\...\Keylogger Detector) (Version: - )
KeyScrambler (HKLM\...\KeyScrambler) (Version: 3.11.0.3 - QFX Software Corporation)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Metin2client 9.1 (HKLM\...\Metin2client 9.1) (Version: 9.1 - HackMetin2)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{D9D937B0-E842-4130-9588-B948E876904A}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{0266CCBE-BBD8-416C-A48F-7FC47C6DB566}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{CC1DB186-550F-3CFE-A2A9-EBA5E5A34BC1}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Module linguistique de la visionneuse d'aide Microsoft 1.0 - FRA (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - FRA) (Version: 1.0.30319 - Microsoft Corporation)
Movie Maker (HKLM\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 54.0.1 (x86 fr) (HKLM\...\Mozilla Firefox 54.0.1 (x86 fr)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
Objets de gestion Microsoft SQL Server 2008 R2 (HKLM\...\{B01A7AFC-0356-43AF-A333-C65912AEA8DC}) (Version: 10.50.1447.4 - Microsoft Corporation)
Oracle VM VirtualBox 5.1.24 (HKLM\...\{F57B99A8-C19B-4A3B-A7BE-BA20AD768EAB}) (Version: 5.1.24 - Oracle Corporation)
Outils Microsoft Visual Studio 2010 ADO.NET Entity Framework (HKLM\...\{3BA7E387-9401-3371-9464-5E224D243FC5}) (Version: 10.0.30319 - Microsoft Corporation)
Package de pilotes Windows - Intel Corporation (iegdmini) Display (10/26/2009 10.2.2.1450) (HKLM\...\7C12B3CB54A17AB537E54C97DA273A2685545A6C) (Version: 10/26/2009 10.2.2.1450 - Intel Corporation)
paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCD}) (Version: 4.0.12 - dotPDN LLC)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7745 - Realtek Semiconductor Corp.)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 FRA (HKLM\...\{D60023FA-3DF1-4537-93DD-13024CC4E366}) (Version: 4.0.8080.0 - Microsoft Corporation)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Diaby\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Diaby\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Diaby\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Diaby\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Diaby\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Diaby\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\FileSyncApi.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-06-18] ()
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2017-07-04] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers3: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Nouveau dossier\DBZ SAGAS\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Intel Corporation)
ContextMenuHandlers6: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Nouveau dossier\DBZ SAGAS\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2017-07-04] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {39E1D631-4996-447D-9CE3-3AFEA13A9600} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe
Task: {3DF3DC04-E24C-4D03-85D9-55921202ABAD} - System32\Tasks\Uninstaller_SkipUac_Diaby => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {60C57FB4-AC86-4288-91D3-FC3CA7F62DDB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {63A82D28-6501-4EF2-86CA-ED0BF04F85DE} - System32\Tasks\ASC9_SkipUac_Diaby => C:\Program Files\IObit\Advanced SystemCare\ASC.exe
Task: {8E191A9E-39C9-4CCB-9F98-4AD2013DEE5B} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare\Monitor.exe
Task: {CABC0647-C85E-4D8D-B2C8-4DF6C07BF4D0} - System32\Tasks\Driver Booster SkipUAC (Diaby) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Arkoghtpeguther.job => msiexecc i HtTp /d2buh1bf1g584w cloudfront net msi rel php ST380013AS_5MR157QQXXXX5MR157QQ 2017215 /qSystemArkoghtpeguther
Task: C:\Windows\Tasks\bvyvdvge.job => C:\Users\Diaby\AppData\Local\bvyvdvge\bvyvdvge.exe <==== ATTENTION
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Chrome Cleanup Tool logs upload retry.job => c:\users\mcdiaby\downloads\chrome_cleanup_tool.exe
Task: C:\Windows\Tasks\Clean System Memory.job => C:\WINDOWS\system32\CleanMem.exe
Task: C:\Windows\Tasks\Driver Booster SkipUAC (Diaby).job => C:\Program Files\IObit\Driver Booster\4.4.0\DriverBooster.exe
Task: C:\Windows\Tasks\Fevuphmervly Launcher.job => C:\Program Files\Holush\tugesh.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1bffee1ac4c3e.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1c000120ba96b.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d22066d30bdfad.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d2206738002651.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\McAfee Remediation (Prepare).job => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe
Task: C:\Windows\Tasks\McAfeeLogon.job => C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\Windows\Tasks\SidebarExecute.job => C:\Program Files\Windows Sidebar\sidebar.exe
Task: C:\Windows\Tasks\update-S-1-5-21-377985148-792701347-3327087119-1001.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\{04080DB5-B3A3-BA1E-9ECF-2C2F482411E3}.job => C:\ProgramData\{5D3FBC1B-EA94-0BB0-4697-C277095FC0B9}\BAAA0AD1-0D01-BD7A-E248-7C414E82C7A9.exe <==== ATTENTION
Task: C:\Windows\Tasks\{09E7DB74-84BA-4925-B16A-BDD9903CBA36}.job => c:\program files\google\chrome\application\chrome.exeJhxxp:/ui.skype.com/ui/0/7.25.85.106/fr/
Task: C:\Windows\Tasks\{1AC348B7-AD68-FF1C-B28E-D7154A60845C}.job => C:\ProgramData\{2ADA52B2-9D71-E519-B68B-EFE74E52E84A}\EFB82B81-5813-9C2A-BF51-6206F3DEFB7C.exe <==== ATTENTION
Task: C:\Windows\Tasks\{1BD3C577-AC78-72DC-73FA-BFCFD1282F09}.job => C:\ProgramData\{0A964816-BD3D-FFBD-BDCA-6C8656F7CE43}\D4C33FDF-6368-8874-57D1-DBADB47B1F7C.exe <==== ATTENTION
Task: C:\Windows\Tasks\{313B6D77-91B7-4729-A8CE-71B472DEFDFD}.job => c:\program files\mozilla firefox\firefox.exeKhxxps:/ui.skype.com/ui/0/7.30.80.105/fr/
Task: C:\Windows\Tasks\{35256B5B-A4F7-1A6B-BAA8-B9AFFA9C2D07}.job => C:\Windows\system32\regsvr32.exe2/s /n /i:/rt C:\PROGRA~2\24eb7141\8ef16ab.dll <==== ATTENTION
Task: C:\Windows\Tasks\{3672E31A-81D9-54B1-59B6-288993C49B47}.job => C:\ProgramData\{FEB2EEB1-4919-591A-050F-E1F613B5BBBA}\AAABC715-1D00-70BE-3D0D-A39CF865579B.exe <==== ATTENTION
Task: C:\Windows\Tasks\{3700379E-80AB-8035-7D42-73018BA78685}.job => C:\ProgramData\{C73B4B53-7090-FCF8-CE7A-92F193FBB1A6}\1C3DB022-AB96-0789-BA12-2FB945D9983A.exe <==== ATTENTION
Task: C:\Windows\Tasks\{3F82500D-8829-E7A6-8EED-8BD7AAAE4D4F}.job => C:\ProgramData\{3D643B4E-8ACF-8CE5-241F-49E64EEF689C}\F02F1B9B-4784-AC30-F39C-9E36064BA576.exe <==== ATTENTION
Task: C:\Windows\Tasks\{45485F2B-F2E3-E880-D53A-70275FF51A73}.job => C:\ProgramData\{38F2913E-8F59-2695-881F-B3DD7AF58906}\69941886-DE3F-AF2D-17D5-9FD11F3C79D8.exe <==== ATTENTION
Task: C:\Windows\Tasks\{6705E622-D0AE-5189-F8C7-23139FAAF4C5}.job => C:\ProgramData\{569560EE-E13E-D745-591F-72542F10399B}\58BAE327-EF11-548C-D0AE-074EDFA33E67.exe <==== ATTENTION
Task: C:\Windows\Tasks\{6AE6823C-DD4D-3597-24AA-41F7824849F9}.job => C:\ProgramData\{5489DA41-E322-6DEA-5282-E82ECC03789E}\1BA81A55-AC03-ADFE-89FB-35FEE2BFD88F.exe <==== ATTENTION
Task: C:\Windows\Tasks\{72A2A6F2-C509-1159-E877-5A279F6B89A6}.job => C:\ProgramData\{468CE655-F127-51FE-0A19-2AE671D4E195}\A52D55AE-1286-E205-080C-C068E5AFDEC9.exe <==== ATTENTION
Task: C:\Windows\Tasks\{803DA72D-3796-1086-18D9-B4B5A388E4CA}.job => C:\ProgramData\{E9C21179-5E69-A6D2-D749-CFDBBE1BDD20}\635CD343-D4F7-64E8-1A6E-BF8DD38E85A8.exe <==== ATTENTION
Task: C:\Windows\Tasks\{811BEB6F-36B0-5CC4-6E67-2B54C8A88248}.job => C:\ProgramData\{628A9872-D521-2FD9-353E-AF963088CA20}\D2C5448C-656E-F327-DDC2-A054A5D12A47.exe <==== ATTENTION
Task: C:\Windows\Tasks\{8CE64007-3B4D-F7AC-70D3-46226CC128C3}.job => C:\ProgramData\{B30F16F6-04A4-A15D-95BE-C6BDD0100C69}\1496588C-A33D-EF27-3B4A-C241CAD9A7CB.exe <==== ATTENTION
Task: C:\Windows\Tasks\{8DDB2B4C-2A59-4BD4-86E2-E3C071F88604}.job => c:\program files\mozilla firefox\firefox.exeKhxxps:/ui.skype.com/ui/0/7.30.80.105/fr/
Task: C:\Windows\Tasks\{B6D26BEC-0179-DC47-976C-B9812509626B}.job => C:\ProgramData\{9184BAC3-262F-0D68-46BE-627B3F7A829B}\AEF659C6-195D-EE6D-67FA-84071644728C.exe <==== ATTENTION
Task: C:\Windows\Tasks\{B9CC9342-A99F-494E-BDC8-B0144B2136BA}.job => c:\program files\mozilla firefox\firefox.exeKhxxps:/ui.skype.com/ui/0/7.30.80.105/fr/
Task: C:\Windows\Tasks\{BC335264-0B98-E5CF-1BCD-CDF3A77DB74F}.job => C:\ProgramData\{B9A92DBE-0E02-9A15-BFA7-6AE572100A97}\ED051D5F-5AAE-AAF4-904E-E9F75A6CB9E7.exe <==== ATTENTION
Task: C:\Windows\Tasks\{BC5A07C5-0BF1-B06E-75C8-F2A9D4292B36}.job => C:\ProgramData\{31AB411D-8600-F6B6-64FB-F7FC0B322FD5}\DDFC3FBF-6A57-8814-502A-B010479A09F4.exe <==== ATTENTION
Task: C:\Windows\Tasks\{C00DA454-77A6-13FF-9770-3F58EDDC6571}.job => C:\ProgramData\{497C8777-FED7-30DC-D3F1-8E44E4C657ED}\145BF631-A3F0-419A-6D12-0B5318A793BC.exe <==== ATTENTION
Task: C:\Windows\Tasks\{C105346C-316B-4307-97C6-16882327ADA8}.job => c:\program files\google\chrome\application\chrome.exe_hxxp:/ui.skype.com/ui/0/7.24.0.104/fr/
Task: C:\Windows\Tasks\{C38ABE1B-7421-09B0-8E43-F48334855F6F}.job => C:\ProgramData\{79102ABB-CEBB-9D10-6AEC-55BDC884F946}\7B174E98-CCBC-F933-5465-0CD7663A3494.exe <==== ATTENTION
Task: C:\Windows\Tasks\{C72D3418-B588-43B7-A737-F7D20991DE46}.job => Iexplore exe3https /ui skype com ui 0 7 37 103 fr/
Task: C:\Windows\Tasks\{D0B53B8D-671E-8C26-13D2-039C28EE9AD7}.job => C:\ProgramData\{FFF45F86-485F-E82D-8C41-8779A1BD2E0A}\45CA3D03-F261-8AA8-11D6-CD6247A66E73.exe <==== ATTENTION
Task: C:\Windows\Tasks\{D1F95EA7-6652-E90C-6809-87E1AD9F0189}.job => C:\ProgramData\{2C572639-9BFC-9192-B446-5F136B69EC58}\9C2974EA-2B82-C341-7748-620E472CF6A4.exe <==== ATTENTION
Task: C:\Windows\Tasks\{D7471C96-60EC-AB3D-6467-90C2A1FFEC24}.job => C:\ProgramData\{8CB97737-3B12-C09C-5E2D-BF6C9EC40C1A}\1B614C5F-ACCA-FBF4-330F-E58BEC505FAC.exe <==== ATTENTION
Task: C:\Windows\Tasks\{DA2F7091-AA65-4DA2-A47C-02D8DE44B460}.job => c:\program files\mozilla firefox\firefox.exeKhxxps:/ui.skype.com/ui/0/7.30.80.105/fr/
Task: C:\Windows\Tasks\{DC736D9A-6BD8-DA31-C4D2-9966D4182587}.job => C:\ProgramData\{4B11775E-FCBA-C0F5-C26F-8A2BEF93D7E1}\3FCD172C-8866-A087-F779-CF33A408E177.exe <==== ATTENTION
Task: C:\Windows\Tasks\{EA9ACF9D-5D31-7836-8488-FD37BF743D2F}.job => C:\ProgramData\{386F9E0C-8FC4-29A7-6F6E-4EB2066B904E}\CC5AD77B-7BF1-60D0-7162-198937D7110E.exe <==== ATTENTION
Task: C:\Windows\Tasks\{F6C32E6E-4168-99C5-BFFD-82F34EAF93DB}.job => C:\ProgramData\{7FC06DF5-C86B-DA5E-7D26-088EB8EB7485}\EB18B799-5CB3-0032-095D-6BA79023F5EE.exe <==== ATTENTION

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

==================== Modules chargés (Avec liste blanche) ==============

2017-06-12 19:51 - 2017-06-12 19:51 - 000048296 ____N () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2017-07-30 20:07 - 2016-08-10 17:13 - 000188704 _____ () C:\Program Files\IObit\IObit Malware Fighter\unrar.dll
2017-07-30 20:07 - 2016-08-10 17:13 - 000899872 _____ () C:\Program Files\IObit\IObit Malware Fighter\webres.dll
2017-07-30 20:07 - 2016-08-10 17:13 - 000151840 _____ () C:\Program Files\IObit\IObit Malware Fighter\zlibwapi.dll
2017-07-30 20:07 - 2017-05-09 10:59 - 000631584 _____ () C:\Program Files\IObit\IObit Malware Fighter\ProductStatistics.dll
2017-07-30 20:07 - 2016-12-12 16:52 - 000442144 _____ () C:\Program Files\IObit\IObit Malware Fighter\madExcept_.bpl
2017-07-30 20:07 - 2016-12-12 16:52 - 000210720 _____ () C:\Program Files\IObit\IObit Malware Fighter\madBasic_.bpl
2017-07-30 20:07 - 2016-12-12 16:52 - 000059680 _____ () C:\Program Files\IObit\IObit Malware Fighter\madDisAsm_.bpl
2017-06-30 13:22 - 2017-06-30 13:22 - 000077824 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ASCAntivirusSrv => "@"="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IMFservice => "@"="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)

==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Il y a 7865 plus de sites.

IE trusted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\123simsen.com -> www.123simsen.com

Il y a 7865 plus de sites.

==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-377985148-792701347-3327087119-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

MSCONFIG\Services: AdvancedSystemCareService9 => 2
MSCONFIG\Services: cmcore => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: sgbupt => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: cmsc => "c:\program files\cmcm\Clean Master\cmtray.exe" -autorun
MSCONFIG\startupreg: ISS Manager => C:\Program Files\ISS Manager\issmgr.exe

==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{13D5E591-777C-4D09-81EA-2E95B83C392E}] => (Allow) C:\Users\Diaby\chroome.exe
FirewallRules: [{C2DD3C54-CDD0-43BD-914A-28C6105522B2}] => (Allow) C:\Users\Diaby\chroome.exe
FirewallRules: [{A276F1FE-7447-4542-9645-85FAD1C61135}] => (Allow) C:\Users\Diaby\chroome.exe
FirewallRules: [{FCB48A8F-86C2-460D-AFDA-A12582B97AAE}] => (Allow) C:\Users\Diaby\chroome.exe
FirewallRules: [{A3A5F400-B983-435A-B9D2-EC339DD1DF94}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9EA9160C-89B3-4C45-9BE1-EDE57F6D0E4E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{95112EFF-A2A6-4DAC-8ADA-A97652F76509}] => (Allow) C:\Users\Diaby\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{8F8ADF90-4648-4668-B017-A188EB62B383}] => (Allow) LPort=2869
FirewallRules: [{B0F585EB-33CA-4135-B460-D22552F3BC07}] => (Allow) LPort=1900
FirewallRules: [{473FF260-66B7-49EB-B8A3-82AC4EC484EE}] => (Allow) LPort=3389
FirewallRules: [TCP Query User{7B1C26BC-3BB8-461F-A25D-CC944425EFE3}C:\users\diaby\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Allow) C:\users\diaby\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [UDP Query User{3D2EC04A-9B82-4A09-8B17-19F643C99971}C:\users\diaby\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Allow) C:\users\diaby\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [{9C1CFC25-BC0C-414C-A9E9-5AA66A8B5EA9}] => (Block) C:\users\diaby\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [{25215BA6-17A2-4733-9CBC-06BCC7D8EA0A}] => (Allow) LPort=58172
FirewallRules: [{4ED1B5CA-1072-45CB-A9A8-7BAEA016166E}] => (Allow) LPort=1489
FirewallRules: [{4BF2DABB-0972-4584-954C-E264B71589A3}] => (Allow) LPort=5000
FirewallRules: [{7DC51F9C-5CFC-4DE2-B009-E6332AF9A905}] => (Allow) C:\ProgramData\explorer.exe
FirewallRules: [{F0E2C042-ED87-4025-8634-0AB4C57127C7}] => (Allow) C:\ProgramData\explorer.exe
FirewallRules: [{1A30E93B-67E9-49C5-903C-757DADAF9AAC}] => (Allow) C:\ProgramData\explorer.exe
FirewallRules: [{BA773F82-D89F-41A7-9856-6AD9E119C464}] => (Allow) C:\ProgramData\explorer.exe
FirewallRules: [{793CECE7-5872-47A9-9D57-D87D9D7C7454}] => (Allow) njRAT
FirewallRules: [{EF108834-64F2-4193-8EC3-85F9CAA65631}] => (Allow) LPort=1177
FirewallRules: [{F2BAA59A-6E9F-4F1A-A2CD-6121FC6A306B}] => (Allow) LPort=1177
FirewallRules: [{2D940863-3BD6-4878-8051-1681849891EB}] => (Allow) njRAT
FirewallRules: [{1C0E8907-2486-4047-9E44-DC75E6BB0227}] => (Allow) LPort=1127
FirewallRules: [{2A190711-91C3-489F-8078-E814AB435CE0}] => (Allow) LPort=1127
FirewallRules: [{A3D3CB4B-923B-4757-B5F9-4CE0E30794FB}] => (Allow) njRAT
FirewallRules: [{466FDE28-6E47-49C0-A57B-F2DF9ECB3D30}] => (Allow) LPort=1127
FirewallRules: [{D47638C0-5326-4988-96B8-34273ECF2C55}] => (Allow) LPort=1127
FirewallRules: [{3928AA91-BCDD-4BAA-BCCF-DF8DA51A3D6D}] => (Allow) NanoCore
FirewallRules: [{0B08E21F-473A-413A-A89C-F101CE2F9DE4}] => (Allow) LPort=1127
FirewallRules: [{BCA3307E-18AF-478F-B9A0-249E5A2E0795}] => (Allow) LPort=1127
FirewallRules: [{EBADB93D-194D-4D25-B2F1-18B30856213C}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\Aegis.exe
FirewallRules: [{05829CC3-711E-4510-9F9C-4D78414F26C2}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\Aegis.exe
FirewallRules: [{B8D4B917-3F6A-4FBE-99DC-791734E73E8A}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\Aegis64.exe
FirewallRules: [{4CDBDC0F-D7D6-446B-B8CC-1F06BCA66975}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\Aegis64.exe
FirewallRules: [{463FA5B2-5EE8-4077-B8CC-56AD0D60CC45}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\CF_SGI.exe
FirewallRules: [{6A26E352-8FF7-4167-A886-4762952C5A3E}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\CF_SGI.exe
FirewallRules: [{BFE1D465-A215-431D-B60D-EBA250CE5E37}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\CF_SGIN.exe
FirewallRules: [{4C178425-8BBE-43AD-81F0-351E254B0028}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\CF_SGIN.exe
FirewallRules: [{F14929DF-532C-4BCD-A294-2345D33CFF0D}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\crossfire.exe
FirewallRules: [{D8EE6208-5DFD-4347-B4D3-58CC48E6FCCA}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\crossfire.exe
FirewallRules: [{C4CDB097-37A8-4062-86DD-25628C2959A5}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\HGWC.exe
FirewallRules: [{73CC62E5-F114-4BCF-BF2B-8C2E1A42F056}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\HGWC.exe
FirewallRules: [{24559BC8-8856-45C1-BE4B-178CFB1DAFB3}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\HGWC.exe
FirewallRules: [{2FC97218-D1B0-441B-AEE4-59CCAA0796E2}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\HGWC.exe
FirewallRules: [{15482131-C439-4CEE-82AB-6C1D1CA68F35}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\patcher_cf.exe
FirewallRules: [{D46A9BCC-05FD-4EF6-8217-8B4D13156C94}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\patcher_cf.exe
FirewallRules: [{CC5484FF-EB00-4ABE-8331-B9293F848B0D}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\SelfUpdate.exe
FirewallRules: [{0199540C-44DB-41ED-BC1D-E4F211835B88}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\SelfUpdate.exe
FirewallRules: [{CCEE74C3-EE4A-474A-870F-FF677A73B561}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\SelfUpdate.exe
FirewallRules: [{26858C60-644D-4D01-B059-6C98A95F311D}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\SelfUpdate.exe
FirewallRules: [{3D427CF5-89C5-4FB9-B724-A34CD435B5A4}] => (Allow) C:\Users\Diaby\AppData\Roaming\Microsoft Windows Audio Device Graphic Card Isolation.exe
FirewallRules: [{C9B16962-A746-452F-8266-6052C8AF3770}] => (Allow) C:\Users\Diaby\AppData\Roaming\Microsoft Windows Audio Device Graphic Card Isolation.exe
FirewallRules: [{F51AC3C7-2C05-4F4B-82A9-6D7D00860F56}] => (Allow) C:\Users\Diaby\AppData\Roaming\Microsoft Windows Audio Device Graphic Card Isolation.exe
FirewallRules: [{C933D294-62EF-4DB1-9403-9AC5FDCFB046}] => (Allow) C:\Users\Diaby\AppData\Roaming\Microsoft Windows Audio Device Graphic Card Isolation.exe
FirewallRules: [{ED9FD8B6-8C16-47A6-8760-249B66230751}] => (Allow) C:\Users\Diaby\AppData\Roaming\Windows Audio Device Graph.exe
FirewallRules: [{A3135243-BCCC-47C6-9D90-457070296462}] => (Allow) C:\Users\Diaby\AppData\Roaming\Windows Audio Device Graph.exe
FirewallRules: [{100498FD-C1D0-4737-BB95-FDC967F1E44E}] => (Allow) C:\Users\Diaby\AppData\Roaming\Windows Audio Device Graph.exe
FirewallRules: [{77883A27-0B1C-4C30-A90D-5F2E27376D8B}] => (Allow) C:\Users\Diaby\AppData\Roaming\Windows Audio Device Graph.exe
FirewallRules: [{2AA295E6-3E97-4218-B4AD-E95D580B990A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{6FDC1552-9457-436D-A1D6-91396DAD3585}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{B2C4C927-E74C-4C15-B54B-AE89A763D3E3}] => (Allow) C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\Windows Audio Device Graph.exe
FirewallRules: [{31617CB1-65E6-4D5E-80D2-3021EB321B4D}] => (Allow) C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\Windows Audio Device Graph.exe
FirewallRules: [{F3B6761E-389B-43CB-BB90-BA3F01FFAE66}] => (Allow) C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\Windows Audio Device Graph.exe
FirewallRules: [{ACB1C313-5B0F-4FA4-B234-D64FD552041E}] => (Allow) C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\Windows Audio Device Graph.exe
FirewallRules: [{74C9CC5A-DAF3-4B7E-AB83-17F89EF3FFD2}] => (Allow) C:\Program Files\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{396AC777-33A5-49F0-949A-A265E225F9B5}] => (Allow) C:\Program Files\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{F1BB84CB-9ECC-4302-83FF-DE6637C446E2}] => (Allow) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{9DAB0D8F-0486-4E70-94E3-52C647B6DC58}] => (Allow) C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\Microsoft Windows Audio Device Graphic Card Isolation.exe
FirewallRules: [{DF01D074-3F3E-4576-906F-16039E622166}] => (Allow) C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\Microsoft Windows Audio Device Graphic Card Isolation.exe
FirewallRules: [{C412DB7A-1E44-4FD4-8455-2F5718DC2197}] => (Allow) C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\Microsoft Windows Audio Device Graphic Card Isolation.exe
FirewallRules: [{A5D6C0D6-8813-4765-997E-C64DDB74BC94}] => (Allow) C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\Microsoft Windows Audio Device Graphic Card Isolation.exe
FirewallRules: [{942FAE31-F36D-41D9-913A-25FB4000938B}] => (Allow) C:\Nouveau dossier\DBZ SAGAS\Anti-Malware\mbam.exe
FirewallRules: [{05D82388-A01A-4660-A3CA-17EA60D55A36}] => (Allow) C:\Nouveau dossier\DBZ SAGAS\Anti-Malware\mbam.exe
FirewallRules: [{50887E8B-57D6-4119-8AA5-4387B1C5F82C}] => (Allow) C:\Nouveau dossier\DBZ SAGAS\Anti-Malware\mbam.exe
FirewallRules: [{B1C5D157-AA60-478C-A9A6-78FC71DD3C8A}] => (Allow) C:\Nouveau dossier\DBZ SAGAS\Anti-Malware\mbam.exe
FirewallRules: [{C82258BB-8EDE-4BE2-B7EF-C504B9B0A6AC}] => (Allow) C:\Nouveau dossier\DBZ SAGAS\Anti-Malware\kal.exe
FirewallRules: [{68018B1C-733B-4A18-926B-103866128C08}] => (Allow) C:\Nouveau dossier\DBZ SAGAS\Anti-Malware\kal.exe
FirewallRules: [{AA1888BC-102F-488F-B541-4B09D991D5BD}] => (Allow) C:\Nouveau dossier\DBZ SAGAS\Anti-Malware\kal.exe
FirewallRules: [{4A56B5B2-A675-4BFB-B44E-71BF99C233DE}] => (Allow) C:\Nouveau dossier\DBZ SAGAS\Anti-Malware\kal.exe
FirewallRules: [{99532E7F-B023-43EF-AD95-045406B93081}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\patcher_cf.exe
FirewallRules: [{7F874D86-4EE6-42EC-BA67-3DDB45FA418D}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\patcher_cf.exe
FirewallRules: [{456F0D01-B6D9-492A-B30C-78802AB253FF}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\patcher_cf.exe
FirewallRules: [{2D3B54B7-31C1-42BA-8B83-34FD0A8DA68E}] => (Allow) C:\Program Files\Smilegate\Crossfire Europe EU\patcher_cf.exe
StandardProfile\AuthorizedApplications: [C:\Users\Diaby\AppData\Roaming\DDos.exe] => Enabled:Windows Messanger
StandardProfile\AuthorizedApplications: [C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe] => Enabled:Windows Messanger

==================== Points de restauration =========================

04-08-2017 15:32:26 Point de contrôle planifié

==================== Éléments en erreur du Gestionnaire de périphériques =============

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Souris compatible PS/2
Description: Souris compatible PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (08/04/2017 06:50:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.

Error: (08/04/2017 03:32:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service McAfee Module Core Service since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.
.

Error: (08/04/2017 03:32:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service McAfee Validation Trust Protection Service since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.
.

Error: (08/04/2017 03:32:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service McAfee Service Controller since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.
.

Error: (08/04/2017 03:32:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service McAfee Firewall Core Service since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.
.

Error: (08/04/2017 03:32:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service McAfee Proxy Service since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.
.

Error: (08/04/2017 03:32:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service McAfee Home Network since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.
.

Error: (08/04/2017 03:32:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary McAfee Inc. mfewfpk.

System Error:
Le fichier spécifié est introuvable.
.

Error: (08/04/2017 03:32:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary McAfee Inc. mfehidk.

System Error:
Le fichier spécifié est introuvable.
.

Error: (08/04/2017 02:29:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante ModuleCoreService.exe, version : 1.8.140.0, horodatage : 0x592f3a47
Nom du module défaillant : GenericPlugin.dll, version : 1.4.410.0, horodatage : 0x59647060
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00020cf5
ID du processus défaillant : 0x6ac
Heure de début de l’application défaillante : 0x01d30d0c39548117
Chemin d’accès de l’application défaillante : C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
Chemin d’accès du module défaillant: C:\Program Files\Common Files\McAfee\Sustainability\GenericPlugin.dll
ID de rapport : 9ed08a5c-7910-11e7-a73d-00163560a5a2

Erreurs système:
=============
Error: (08/04/2017 08:13:51 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT)
Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local.

Error: (08/04/2017 08:11:11 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT)
Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local.

Error: (08/04/2017 08:09:20 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT)
Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local.

Error: (08/04/2017 07:54:16 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT)
Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local.

Error: (08/04/2017 07:52:16 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT)
Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local.

Error: (08/04/2017 07:51:46 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT)
Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local.

Error: (08/04/2017 07:33:48 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT)
Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local.

Error: (08/04/2017 07:31:38 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT)
Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local.

Error: (08/04/2017 06:53:03 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT)
Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local.

Error: (08/04/2017 06:52:59 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Le service 'WMPNetworkSvc' n’a pas démarré correctement car la fonction CoCreateInstance(CLSID_UPnPDeviceFinder) a détecté l’erreur '0x80070422'. Vérifiez que le service UpnPHost s’exécute et que le composant UPnPHost de Windows est correctement installé.

CodeIntegrity:
===================================
Date: 2017-08-04 20:20:12.971
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2017-08-04 18:44:22.984
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2017-08-04 18:13:01.187
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2017-08-04 17:55:06.090
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2017-08-04 15:49:29.084
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2017-08-04 14:25:32.027
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2017-08-04 12:16:28.406
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2017-08-04 11:18:44.688
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2017-08-04 11:00:44.717
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2017-08-04 10:55:19.931
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

==================== Infos Mémoire ===========================

Processeur: Intel(R) Pentium(R) 4 CPU 3.00GHz
Pourcentage de mémoire utilisée: 62%
Mémoire physique - RAM - totale: 1015.43 MB
Mémoire physique - RAM - disponible: 376.36 MB
Mémoire virtuelle totale: 2319.43 MB
Mémoire virtuelle disponible: 1034.21 MB

==================== Lecteurs ================================

Drive c: () (Fixed) (Total:74.5 GB) (Free:13.89 GB) NTFS ==>[lecteur avec composants d'amorçage (obtenu depuis BCD)]

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: B5B42789)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)

==================== Fin de Addition.txt ============================

Signaler le contenu de ce document