Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 31-07-2017 Exécuté par Diaby (administrateur) sur DIABY-PC (04-08-2017 20:15:11) Exécuté depuis C:\Users\Diaby\Downloads Profils chargés: Diaby (Profils disponibles: Diaby & 123 & Administrateur) Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut non détecté(e)!) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe (IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFSrvWsc.exe (Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe (Don HO don.h@free.fr) C:\Program Files\notepad2\notepad2.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe (© 2015 Microsoft Corporation) C:\Users\Diaby\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe (Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe (IObit) C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFTips.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [14696704 2016-05-26] (Realtek Semiconductor) HKLM\...\Run: [KeyScrambler] => C:\Program Files\KeyScrambler\keyscrambler.exe [515600 2017-04-23] (QFX Software Corporation) HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [5780256 2017-07-20] (IObit) HKLM\...\Run: [a689fa49fd42104e55e4ba78550f130f] => "C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\Microsoft Windows Audio Device Graphic Card Isolation.exe" .. HKLM\...\Run: [Malwarebytes TrayApp] => C:\Nouveau dossier\DBZ SAGAS\Anti-Malware\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [6047072 2017-07-31] (Emsisoft Ltd) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [918008 2017-07-04] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\Run: [BingSvc] => C:\Users\Diaby\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation) HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\Run: [4c121ab7] => C:\Users\Diaby\AppData\Roaming\Microsoft\Crypto\wscript.exe //B C:\Users\Diaby\AppData\Roaming\Microsoft\Crypto\Tray64Mem.wsf HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7658200 2017-06-30] (Piriform Ltd) HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\Policies\system: [EnableLUA] 0 HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 AppInit_DLLs: __C:\PROGRA~1\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => Pas de fichier IFEO\AvastSvc.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\AvastUI.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avcenter.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avconfig.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avgcsrvx.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avgidsagent.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avgnt.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avgrsx.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avguard.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avgui.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avgwdsvc.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avp.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avscan.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\bdagent.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\blindman.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\ccuac.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\ComboFix.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\egui.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\hijackthis.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\instup.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\keyscrambler.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\mbam.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\mbamgui.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\mbampt.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\mbamscheduler.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\mbamservice.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\MpCmdRun.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\MSASCui.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\MsMpEng.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\msseces.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\rstrui.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\SDFiles.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\SDMain.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\SDWinSec.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\spybotsd.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\wireshark.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\zlclient.exe: [Debugger] C:\Windows\System32\svchost.exe ShellExecuteHooks: Pas de nom - {005E7630-F1AE-11E6-8235-64006A5CFC23} - -> Pas de fichier Startup: C:\Users\Diaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\80d91522228fe370602cde456b4c43b9.exe [2014-07-10] () Startup: C:\Users\Diaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\windows update - Cópia (20) - Cópia.exe [2017-07-30] () Startup: C:\Users\Diaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\windows update - Cópia (30) - Cópia.exe [2017-07-30] () BootExecute: autocheck autochk * sdnclean.exe GroupPolicy: Restriction - Chrome <==== ATTENTION GroupPolicy\User: Restriction ? <==== ATTENTION GroupPolicyScripts\User: Restriction <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Fichier hosts non détecté dans le dossier par défaut Tcpip\..\Interfaces\{C9FA069C-0B47-4BBA-825B-47D487D5A075}: [DhcpNameServer] 192.168.0.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://google.com HKU\S-1-5-21-377985148-792701347-3327087119-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_af93cfd99b5b3984eb¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vFRdJCoXvmo9J6k4wVRdJCIXwVM4ISIYwVNdJGYXvFQ9GqYVNUI3wGYGwVM3vCIVvFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IXNVU9J6k4NVA4ICoXNVI9I6IWNVM9JaYWwVxdICk3wVNdICISwVI4ICIVwVQ9I6k4NVM4IGYWwVU4JmIVNVNdJ6IWvmk9JaQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGvFRdISoWwVU4IGYUvFE4ICISNVJdJ6k3vFE9I6oUNVQ4ISIVwVxdJqYVNVQ9JCISNVM3vqYYvFQ4IGYYwVQ4JmoWwVJdJGYYNoU9GqYYNVc3wCoUQGR7B6RoN9J8MWJaMqpbMGRoNqAsQGMVvDIlC6MuNGwuNGUuyDorQGR7y6MuwnEbQGMVMr5cQGR7y6NoN9ICzD4py6waQGQXMbFbJoYby7Aox6Mky74syZ%3D%3D¶m2=NGp6NWpcMWB8NJ%3D%3D&p={searchTerms} SearchScopes: HKU\S-1-5-21-377985148-792701347-3327087119-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_af93cfd99b5b3984eb¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vFRdJCoXvmo9J6k4wVRdJCIXwVM4ISIYwVNdJGYXvFQ9GqYVNUI3wGYGwVM3vCIVvFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IXNVU9J6k4NVA4ICoXNVI9I6IWNVM9JaYWwVxdICk3wVNdICISwVI4ICIVwVQ9I6k4NVM4IGYWwVU4JmIVNVNdJ6IWvmk9JaQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGvFRdISoWwVU4IGYUvFE4ICISNVJdJ6k3vFE9I6oUNVQ4ISIVwVxdJqYVNVQ9JCISNVM3vqYYvFQ4IGYYwVQ4JmoWwVJdJGYYNoU9GqYYNVc3wCoUQGR7B6RoN9J8MWJaMqpbMGRoNqAsQGMVvDIlC6MuNGwuNGUuyDorQGR7y6MuwnEbQGMVMr5cQGR7y6NoN9ICzD4py6waQGQXMbFbJoYby7Aox6Mky74syZ%3D%3D¶m2=NGp6NWpcMWB8NJ%3D%3D&p={searchTerms} SearchScopes: HKU\S-1-5-21-377985148-792701347-3327087119-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_af93cfd99b5b3984eb¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vFRdJCoXvmo9J6k4wVRdJCIXwVM4ISIYwVNdJGYXvFQ9GqYVNUI3wGYGwVM3vCIVvFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IXNVU9J6k4NVA4ICoXNVI9I6IWNVM9JaYWwVxdICk3wVNdICISwVI4ICIVwVQ9I6k4NVM4IGYWwVU4JmIVNVNdJ6IWvmk9JaQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGvFRdISoWwVU4IGYUvFE4ICISNVJdJ6k3vFE9I6oUNVQ4ISIVwVxdJqYVNVQ9JCISNVM3vqYYvFQ4IGYYwVQ4JmoWwVJdJGYYNoU9GqYYNVc3wCoUQGR7B6RoN9J8MWJaMqpbMGRoNqAsQGMVvDIlC6MuNGwuNGUuyDorQGR7y6MuwnEbQGMVMr5cQGR7y6NoN9ICzD4py6waQGQXMbFbJoYby7Aox6Mky74syZ%3D%3D¶m2=NGp6NWpcMWB8NJ%3D%3D&p={searchTerms} SearchScopes: HKU\S-1-5-21-377985148-792701347-3327087119-1001 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_af93cfd99b5b3984eb¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vFRdJCoXvmo9J6k4wVRdJCIXwVM4ISIYwVNdJGYXvFQ9GqYVNUI3wGYGwVM3vCIVvFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IXNVU9J6k4NVA4ICoXNVI9I6IWNVM9JaYWwVxdICk3wVNdICISwVI4ICIVwVQ9I6k4NVM4IGYWwVU4JmIVNVNdJ6IWvmk9JaQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGvFRdISoWwVU4IGYUvFE4ICISNVJdJ6k3vFE9I6oUNVQ4ISIVwVxdJqYVNVQ9JCISNVM3vqYYvFQ4IGYYwVQ4JmoWwVJdJGYYNoU9GqYYNVc3wCoUQGR7B6RoN9J8MWJaMqpbMGRoNqAsQGMVvDIlC6MuNGwuNGUuyDorQGR7y6MuwnEbQGMVMr5cQGR7y6NoN9ICzD4py6waQGQXMbFbJoYby7Aox6Mky74syZ%3D%3D¶m2=NGp6NWpcMWB8NJ%3D%3D&p={searchTerms} SearchScopes: HKU\S-1-5-21-377985148-792701347-3327087119-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10341__170706__yaie&p={searchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Pas de fichier Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Pas de fichier StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: zo5cs3w4.default FF ProfilePath: C:\Users\Diaby\AppData\Roaming\Mozilla\Firefox\Profiles\zo5cs3w4.default [2017-08-04] FF user.js: detected! => C:\Users\Diaby\AppData\Roaming\Mozilla\Firefox\Profiles\zo5cs3w4.default\user.js [2017-07-12] FF NewTab: Mozilla\Firefox\Profiles\zo5cs3w4.default -> hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10341__170706__yaff FF DefaultSearchEngine: Mozilla\Firefox\Profiles\zo5cs3w4.default -> Yahoo! Powered FF SelectedSearchEngine: Mozilla\Firefox\Profiles\zo5cs3w4.default -> Yahoo! Powered FF Homepage: Mozilla\Firefox\Profiles\zo5cs3w4.default -> hxxps://www.google.fr/?gws_rd=ssl FF Keyword.URL: Mozilla\Firefox\Profiles\zo5cs3w4.default -> user_pref("keyword.URL", true); FF Extension: (Avira Browser Safety) - C:\Users\Diaby\AppData\Roaming\Mozilla\Firefox\Profiles\zo5cs3w4.default\Extensions\abs@avira.com [2017-07-30] FF Extension: (Google Translator for Firefox) - C:\Users\Diaby\AppData\Roaming\Mozilla\Firefox\Profiles\zo5cs3w4.default\Extensions\translator@zoli.bod.xpi [2017-04-08] FF Extension: (Télécommande Virtuelle Freebox Révolution V6 / HD V5) - C:\Users\Diaby\AppData\Roaming\Mozilla\Firefox\Profiles\zo5cs3w4.default\Extensions\tvfreebox@ssofast.com.xpi [2017-07-30] FF Extension: (Adblock Plus) - C:\Users\Diaby\AppData\Roaming\Mozilla\Firefox\Profiles\zo5cs3w4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-07-28] FF HKLM\...\Firefox\Extensions: [daplinkchecker@speedbit.com] - C:\Program Files\DAP\daplinkchecker => non trouvé(e) FF HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files\DAP\DAPFireFox => non trouvé(e) FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-23] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.) FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2017-04-04] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation) FF Plugin HKU\S-1-5-21-377985148-792701347-3327087119-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Diaby\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS) StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR DefaultProfile: ChromeDefaultData CHR HomePage: ChromeDefaultData -> hxxp://www.trotux.com/?z=105418657de4b0cf3968743g4zbb1meg2qat3w0m7o&from=isr&uid=ST380013AS_5MR157QQXXXX5MR157QQ&type=hp CHR DefaultSearchURL: ChromeDefaultData -> hxxp://srch.bar/{searchTerms} CHR DefaultSuggestURL: ChromeDefaultData -> hxxp://srch.bar/?s={searchTerms} CHR Profile: C:\Users\Diaby\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-08-04] <==== ATTENTION CHR Extension: (Translate Selected Text) - C:\Users\Diaby\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fbimffnjoeobhjhochngikepgfejjmgj [2017-07-19] CHR Extension: (Télécommande Virtuelle Freebox Révolution/HD) - C:\Users\Diaby\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fdhpkpfbolhjcbejckjbiciinkcjlijj [2017-07-16] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Diaby\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-28] CHR Extension: (Gmail) - C:\Users\Diaby\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-06] CHR Extension: (Chrome Media Router) - C:\Users\Diaby\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-13] CHR Profile: C:\Users\Diaby\AppData\Local\Google\Chrome\User Data\Default [2017-08-04] CHR Extension: (Docs) - C:\Users\Diaby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-01] CHR Extension: (Google Drive) - C:\Users\Diaby\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-01] CHR Extension: (YouTube) - C:\Users\Diaby\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-01] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Diaby\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-01] CHR Extension: (Gmail) - C:\Users\Diaby\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-01] CHR HKLM\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files\DAP\DAPChrome\DAPChrome6.crx CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] - CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-377985148-792701347-3327087119-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-377985148-792701347-3327087119-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-377985148-792701347-3327087119-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [5953080 2017-07-31] (Emsisoft Ltd) S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1128432 2017-07-04] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [490968 2017-07-04] (Avira Operations GmbH & Co. KG) S2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [490968 2017-07-04] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1524216 2017-07-04] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG) S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [383016 2017-06-09] (EasyAntiCheat Ltd) R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [1768736 2017-07-18] (IObit) S3 npggsvc; C:\Windows\system32\GameMon.des [5691912 2016-05-18] (INCA Internet Co., Ltd.) R2 Ntp2NetSvc; C:\Program Files\notepad2\notepad2.exe [2340864 2017-02-16] (Don HO don.h@free.fr) [Fichier non signé] S2 Ntp2UpSvc; C:\Program Files\Common Files\ntp2UpSvc\notepad2.exe [2340864 2017-07-13] (Don HO don.h@free.fr) [Fichier non signé] S3 PSEXESVC; C:\Windows\PSEXESVC.exe [189792 2017-06-29] (Sysinternals) S3 QFXUpdateService; C:\Program Files\KeyScrambler\QFXUpdateService.exe [75792 2017-04-23] () R2 TermService; C:\Windows\system32\rdpwrap.dll [77312 2016-12-22] (Stas'M Corp.) [Fichier non signé] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) S3 ClientAnalyticsService; "C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe" [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [46440 2017-07-04] (Avira Operations GmbH & Co. KG) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [124232 2017-07-04] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [142712 2017-07-04] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35840 2017-07-04] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [59000 2017-07-04] (Avira Operations GmbH & Co. KG) R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [23304 2017-07-04] (Avira Operations GmbH & Co. KG) R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [47456 2014-03-11] (Baidu, Inc.) R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [105248 2016-11-23] (Emsisoft Ltd) R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [27968 2017-05-22] (LogMeIn, Inc.) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-05-26] (REALiX(tm)) R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [25120 2017-03-17] (IObit.com) R3 IMFDownProtect; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\IMFDownProtect.sys [20336 2017-03-08] (IObit.com) R3 IMFFilter; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\IMFFilter.sys [21392 2017-01-06] (IObit) R3 IMFForceDelete; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\IMFForceDelete.sys [14168 2017-06-30] (IObit.com) R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [220192 2017-02-19] (QFX Software Corporation) S3 ksapi; C:\Windows\system32\drivers\ksapi.sys [81768 2017-07-07] (Kingsoft Corporation) S3 NPPTNT2; C:\Windows\system32\npptNT2.sys [4682 2004-12-30] (INCA Internet Co., Ltd.) [Fichier non signé] R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32192 2016-12-15] (IObit.com) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [30696 2017-01-18] (The OpenVPN Project) R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [36944 2017-06-15] (Anchorfree Inc.) R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [113944 2017-07-17] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [177880 2017-07-17] (Oracle Corporation) S3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2009-07-25] (RealVNC Ltd.) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-08-04 18:16 - 2017-08-04 18:16 - 000000000 ____D C:\ProgramData\RL Vision 2017-08-04 18:15 - 2009-03-24 19:52 - 001069376 _____ (Microsoft Corporation) C:\Windows\system32\MSCOMCTL.OCX 2017-08-04 18:15 - 2009-03-24 19:52 - 000659264 _____ (Microsoft Corporation) C:\Windows\system32\mscomct2.ocx 2017-08-04 18:15 - 2004-03-08 23:00 - 000609824 _____ (Microsoft Corporation) C:\Windows\system32\COMCTL32.ocx 2017-08-04 18:15 - 1998-06-23 23:00 - 000164144 _____ (Microsoft Corporation) C:\Windows\system32\COMCT232.ocx 2017-08-04 18:09 - 2017-08-04 18:11 - 004092681 _____ (RL Vision ) C:\Users\Diaby\Downloads\FlashRenamer_Setup.exe 2017-08-04 16:06 - 2017-08-04 16:06 - 000000000 ____D C:\Users\Diaby\Documents\den4b 2017-08-04 16:03 - 2017-08-04 16:03 - 003609815 _____ (den4b Team ) C:\Users\Diaby\Downloads\renamer_6-7_en_19213.exe 2017-08-04 14:39 - 2017-08-04 14:39 - 000001994 _____ C:\Users\Diaby\Desktop\zio.LNK 2017-08-04 12:48 - 2017-07-06 22:44 - 000000131 _____ C:\Users\Diaby\Downloads\Instructions.txt 2017-08-04 12:14 - 2017-08-04 12:14 - 008636368 _____ (McAfee, Inc.) C:\Users\Diaby\Downloads\MCPR.exe 2017-08-04 10:05 - 2017-08-04 10:05 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\Avira 2017-08-04 09:59 - 2017-07-04 16:35 - 000142712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2017-08-04 09:59 - 2017-07-04 16:35 - 000124232 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2017-08-04 09:59 - 2017-07-04 16:35 - 000059000 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2017-08-04 09:59 - 2017-07-04 16:35 - 000046440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys 2017-08-04 09:59 - 2017-07-04 16:35 - 000035840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2017-08-04 09:59 - 2017-07-04 16:35 - 000023304 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys 2017-08-03 11:52 - 2017-08-03 11:55 - 004522337 _____ C:\Users\Diaby\Downloads\yangbug (1).rar 2017-08-02 20:55 - 2017-08-04 20:17 - 000023496 _____ C:\Users\Diaby\Downloads\FRST.txt 2017-08-02 20:53 - 2017-08-03 10:10 - 000016923 _____ C:\Users\Diaby\Downloads\Fixlog.txt 2017-08-02 19:10 - 2017-07-05 12:50 - 000090112 _____ C:\Users\Administrateur.Diaby-PC.000\Downloads\w2gf.m3d 2017-08-02 18:31 - 2017-08-02 18:31 - 000000285 _____ C:\Users\Diaby\Downloads\Search.txt 2017-08-02 14:22 - 2017-08-03 21:03 - 000057959 _____ C:\Users\Diaby\Downloads\Addition.txt 2017-08-02 14:19 - 2017-08-02 20:53 - 000016224 _____ C:\Users\Diaby\Downloads\fixlist.txt 2017-08-02 14:13 - 2017-08-04 20:15 - 000000000 ____D C:\FRST 2017-08-02 14:00 - 2017-08-02 14:06 - 001777664 _____ (Farbar) C:\Users\Diaby\Downloads\FRST.exe 2017-08-02 13:03 - 2017-08-02 13:13 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\AppData\LocalLow\Mozilla 2017-08-02 13:03 - 2017-08-02 13:08 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\AppData\Local\Mozilla 2017-08-02 13:03 - 2017-08-02 13:03 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\Mozilla 2017-08-02 12:50 - 2017-08-02 12:52 - 001499463 _____ C:\Users\Diaby\Downloads\YangBug.rar 2017-08-02 11:31 - 2017-08-02 11:31 - 000020910 _____ C:\Users\Diaby\Desktop\mb-check-results.zip 2017-08-02 11:30 - 2017-08-02 11:30 - 000031331 _____ C:\Users\Diaby\Downloads\MB-CheckResult.txt 2017-08-02 11:29 - 2017-08-02 11:30 - 002322896 _____ (Malwarebytes Corporation) C:\Users\Diaby\Downloads\mb-check-3.1.5.1001.exe 2017-08-02 10:56 - 2017-08-02 10:56 - 000001579 _____ C:\Users\Diaby\Desktop\ZHPCleaner.txt 2017-08-02 10:09 - 2017-08-02 10:09 - 000008360 _____ C:\Users\Diaby\Downloads\ZHPFixReport.txt 2017-08-02 10:02 - 2017-08-02 10:02 - 000000000 ____D C:\Users\Diaby\Downloads\Quarantine 2017-08-02 09:56 - 2017-08-02 09:59 - 003067264 _____ (Nicolas Coolman) C:\Users\Diaby\Downloads\zhpfix_2017-6-13-1.exe 2017-08-01 22:20 - 2017-08-02 11:05 - 000141255 _____ C:\Users\Diaby\Downloads\ZHPDiag.txt 2017-08-01 21:53 - 2017-08-01 21:53 - 002804096 _____ C:\Users\Diaby\Downloads\ZHPDiag3 (2).exe 2017-08-01 21:53 - 2017-08-01 21:53 - 002804096 _____ C:\Users\Diaby\Downloads\ZHPDiag3 (1).exe 2017-08-01 21:50 - 2017-08-01 21:50 - 002804096 _____ C:\Users\Diaby\ZHPDiag3.exe 2017-08-01 21:46 - 2017-08-01 21:48 - 064025992 _____ (Malwarebytes ) C:\Users\Diaby\Downloads\Non confirmé 862252.crdownload 2017-08-01 21:46 - 2017-08-01 21:48 - 064025992 _____ (Malwarebytes ) C:\Users\Diaby\Downloads\Non confirmé 185469.crdownload 2017-08-01 21:45 - 2017-08-01 21:46 - 064025992 _____ (Malwarebytes ) C:\Users\Diaby\Downloads\Non confirmé 594467.crdownload 2017-08-01 19:19 - 2017-08-01 19:19 - 000001818 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-08-01 16:06 - 2017-08-01 16:08 - 007178424 _____ (VS Revo Group ) C:\Users\Diaby\Downloads\revosetup (1).exe 2017-08-01 15:21 - 2017-08-01 15:23 - 064232976 _____ (Malwarebytes ) C:\Users\Diaby\Downloads\mb3-setup-adwc.adwc100.3.1.2.1733.exe 2017-08-01 14:31 - 2017-08-04 18:45 - 000000000 ____D C:\AdwCleaner 2017-08-01 14:29 - 2017-08-01 14:30 - 008185288 _____ (Malwarebytes) C:\Users\Diaby\Downloads\adwcleaner_7.0.1.0.exe 2017-08-01 12:50 - 2017-08-01 12:50 - 000000002 _____ C:\Windows\system32\stub.json 2017-08-01 12:16 - 2017-08-02 10:42 - 000000888 _____ C:\Users\Diaby\Desktop\ZHPCleaner.lnk 2017-08-01 11:53 - 2017-08-01 11:58 - 002830208 _____ C:\Users\Diaby\Downloads\zhpcleaner_2017.7.17.123.exe 2017-08-01 10:55 - 2017-08-01 10:56 - 000087870 _____ C:\Users\Administrateur.Diaby-PC.000\Downloads\w2gfv102.zip 2017-08-01 09:59 - 2017-08-01 10:01 - 001175194 _____ C:\Users\Administrateur.Diaby-PC.000\Downloads\BotBugYang v1.0.rar 2017-08-01 09:26 - 2017-08-01 09:27 - 000376891 _____ C:\Users\Administrateur.Diaby-PC.000\Downloads\python22.dll.zip 2017-08-01 09:24 - 2017-08-01 09:24 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\Documents\Lightshot 2017-07-31 22:29 - 2017-07-31 22:31 - 002600550 _____ C:\Users\Administrateur.Diaby-PC.000\Downloads\Hack Evolution2 UP.rar 2017-07-31 20:31 - 2017-08-01 11:21 - 000000192 _____ C:\Users\Diaby\Downloads\site.txt 2017-07-31 13:37 - 2017-07-31 13:41 - 140702312 _____ (Symantec Corporation) C:\Users\Diaby\Downloads\NSD_5D_22.5.2_SYMTB_PROMO_9_MRFTT_DD016_14236.exe 2017-07-31 12:00 - 2017-08-02 12:08 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\4vj4h3behrv 2017-07-31 10:10 - 2017-07-31 10:10 - 000071432 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT 2017-07-31 10:00 - 2017-07-31 23:02 - 000000000 ____D C:\ProgramData\Emsisoft 2017-07-31 09:59 - 2017-07-31 22:08 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\iun5lninoq1 2017-07-31 09:50 - 2017-07-31 09:50 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf 2017-07-31 09:36 - 2017-07-31 22:08 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\s3kqh1ko3vm 2017-07-31 09:21 - 2017-07-31 09:21 - 000001049 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2017-07-31 09:21 - 2017-07-31 09:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware 2017-07-31 09:20 - 2017-08-04 20:08 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware 2017-07-31 09:16 - 2017-07-31 09:20 - 268151280 _____ (Emsisoft Ltd. ) C:\Users\Diaby\Downloads\emsisoft-anti-malware_2017-6-0-7681_fr_378444.exe 2017-07-31 09:02 - 2017-08-01 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-07-31 09:02 - 2017-08-01 16:25 - 000000000 ____D C:\Anti-Malware 2017-07-31 09:02 - 2017-07-31 09:02 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-07-31 09:02 - 2017-05-25 11:58 - 000059936 _____ C:\Windows\system32\Drivers\mbae.sys 2017-07-31 08:59 - 2017-07-31 09:00 - 064025992 _____ (Malwarebytes ) C:\Users\Diaby\Downloads\mb3-setup-35891.35891-3.1.2.1733-1.0.139-1.0.2060 (1).exe 2017-07-31 08:46 - 2017-07-31 08:46 - 000028349 _____ C:\ProgramData\agent.1501483605.bdinstall.bin 2017-07-30 23:08 - 2017-08-04 18:44 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\AppData\LocalLow\IObit 2017-07-30 23:05 - 2017-07-31 22:08 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\ezsuhtc1otl 2017-07-30 22:55 - 2017-07-30 22:55 - 000001174 _____ C:\Users\Diaby\Desktop\Continuer Installation de Dragon Ball Z Sagas.lnk 2017-07-30 22:38 - 2017-07-30 22:38 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\WarThunder 2017-07-30 22:38 - 2017-07-30 22:38 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder 2017-07-30 22:37 - 2017-07-30 22:49 - 290906361 _____ C:\Users\Diaby\Downloads\dragonball-z-sagas-3789-jetelecharge.zip 2017-07-30 22:36 - 2017-07-30 22:36 - 001512977 _____ (Dolakepefo ) C:\Users\Diaby\Downloads\dragon-ball-z-sagas_2198152738.exe 2017-07-30 22:22 - 2017-07-30 23:07 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\IObit 2017-07-30 21:45 - 2017-07-30 22:04 - 000000000 ____D C:\Program Files\stinger 2017-07-30 21:29 - 2017-07-30 21:48 - 000000000 ____D C:\Users\Diaby\AppData\Local\ElevatedDiagnostics 2017-07-30 21:08 - 2017-07-30 21:08 - 000000248 _____ C:\Windows\Tasks\McAfee Remediation (Prepare).job 2017-07-30 20:59 - 2017-07-30 21:00 - 009301304 _____ (McAfee, Inc.) C:\Users\Diaby\Downloads\Setup_serial_UFuEhuQh6j-Wr1wjviL62g2_key_affid_0_akey.exe 2017-07-30 20:54 - 2017-07-30 20:54 - 000026031 _____ C:\ProgramData\agent.1501440881.bdinstall.bin 2017-07-30 20:53 - 2017-07-30 20:53 - 000026371 _____ C:\ProgramData\agent.1501440812.bdinstall.bin 2017-07-30 20:53 - 2017-07-30 20:53 - 000026370 _____ C:\ProgramData\agent.1501440797.bdinstall.bin 2017-07-30 20:53 - 2017-07-30 20:53 - 000026370 _____ C:\ProgramData\agent.1501440783.bdinstall.bin 2017-07-30 20:52 - 2017-07-30 20:52 - 000026369 _____ C:\ProgramData\agent.1501440730.bdinstall.bin 2017-07-30 20:51 - 2017-07-30 20:51 - 000044696 _____ C:\ProgramData\agent.1501440658.bdinstall.bin 2017-07-30 20:51 - 2017-07-30 20:51 - 000000000 ____D C:\ProgramData\Bitdefender Agent 2017-07-30 20:50 - 2017-07-30 20:50 - 007529736 _____ C:\Users\Diaby\Downloads\bitdefender_isecurity-2017-01n.exe 2017-07-30 20:28 - 2017-07-30 20:28 - 001175194 _____ C:\Users\Diaby\Downloads\BotBugYang v1.0.rar 2017-07-30 20:09 - 2017-03-17 12:31 - 000025120 _____ (IObit.com) C:\Windows\system32\Drivers\IMFCameraProtect.sys 2017-07-30 20:08 - 2017-07-30 20:08 - 000001131 _____ C:\Users\Diaby\Desktop\IObit Malware Fighter.lnk 2017-07-30 20:08 - 2017-07-30 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter 2017-07-30 20:08 - 2017-07-30 20:08 - 000000000 ____D C:\Program Files\Common Files\IObit 2017-07-30 20:07 - 2017-07-30 20:07 - 000000000 ____D C:\Program Files\IObit 2017-07-30 20:06 - 2017-07-30 20:06 - 040997600 _____ (IObit ) C:\Users\Diaby\Downloads\IObit-Malware-Fighter-Setup.exe 2017-07-30 19:53 - 2017-07-30 19:53 - 000100854 _____ C:\Users\Diaby\Documents\écoute.reg 2017-07-30 19:50 - 2017-07-30 19:50 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-07-30 19:50 - 2017-07-30 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-07-30 19:50 - 2017-07-30 19:50 - 000000000 ____D C:\Program Files\CCleaner 2017-07-30 19:49 - 2017-07-30 19:49 - 009747512 _____ (Piriform Ltd) C:\Users\Diaby\Downloads\ccsetup532.exe 2017-07-30 19:44 - 2017-07-30 19:44 - 000000000 ____D C:\ProgramData\Keylogger Detector 2017-07-30 19:41 - 2017-07-30 19:41 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Keylogger Detector 2017-07-30 19:41 - 2017-07-30 19:41 - 000000000 ____D C:\Program Files\Keylogger Detector 2017-07-30 19:40 - 2017-07-30 19:40 - 000613868 _____ C:\Users\Diaby\Downloads\inst_antispy.exe 2017-07-30 19:17 - 2017-07-30 19:17 - 000001132 _____ C:\Users\Public\Desktop\DarkComet Remover.lnk 2017-07-30 19:17 - 2017-07-30 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DarkComet RAT Remover 2017-07-30 19:17 - 2017-07-30 19:17 - 000000000 ____D C:\Program Files\PhrozenSoft 2017-07-30 19:15 - 2017-07-30 19:15 - 000866735 _____ C:\Users\Diaby\Downloads\DCRemoverV1_setup.zip 2017-07-30 18:29 - 2017-07-30 18:29 - 000013385 _____ C:\Users\Diaby\Downloads\GGEmi32CNIN_FRST---Raccourci.download 2017-07-30 18:01 - 2017-07-30 18:02 - 063035592 _____ (Malwarebytes ) C:\Users\Diaby\Downloads\mb3-setup-consumer-3.1.2.1733.exe 2017-07-30 17:37 - 2017-08-02 10:59 - 000000000 ____D C:\Users\Diaby\AppData\Local\ZHP 2017-07-30 17:37 - 2017-08-02 10:58 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\ZHP 2017-07-30 17:37 - 2017-08-01 21:50 - 000000625 _____ C:\Users\Diaby\Desktop\ZHPDiag.lnk 2017-07-30 17:35 - 2017-07-30 17:36 - 002800512 _____ C:\Users\Diaby\Downloads\ZHPDiag3.exe 2017-07-30 17:29 - 2017-07-30 17:29 - 000000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job 2017-07-30 17:29 - 2017-07-30 17:29 - 000000616 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job 2017-07-30 17:29 - 2017-07-30 17:29 - 000000446 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job 2017-07-30 17:28 - 2017-08-04 09:37 - 000000000 ____D C:\Program Files\Spybot - Search & Destroy 2 2017-07-30 17:27 - 2017-07-30 17:28 - 046525608 _____ (Safer-Networking Ltd. ) C:\Users\Diaby\Downloads\spybot-2-2.4.40.4.exe 2017-07-30 17:20 - 2017-08-04 09:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2017-07-30 17:20 - 2017-07-30 17:20 - 000001168 _____ C:\Users\Public\Desktop\Avira Connect.lnk 2017-07-30 17:19 - 2017-08-04 09:58 - 000000000 ____D C:\ProgramData\Avira 2017-07-30 17:19 - 2017-08-04 09:58 - 000000000 ____D C:\Program Files\Avira 2017-07-30 17:17 - 2017-07-30 17:18 - 004806912 _____ (Avira Operations GmbH & Co. KG) C:\Users\Diaby\Downloads\avira_fr_av_597dc63e5013e__ws.exe 2017-07-30 16:45 - 2017-07-30 16:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler 2017-07-30 16:45 - 2017-02-19 21:15 - 000220192 _____ (QFX Software Corporation) C:\Windows\system32\Drivers\keyscrambler.sys 2017-07-30 16:44 - 2017-07-30 16:45 - 000000000 ____D C:\Program Files\KeyScrambler 2017-07-30 16:42 - 2017-07-30 16:43 - 001607568 _____ C:\Users\Diaby\Downloads\KeyScrambler_Setup.exe 2017-07-30 15:52 - 2017-07-30 15:53 - 064025992 _____ (Malwarebytes ) C:\Users\Diaby\Downloads\mb3-setup-35891.35891-3.1.2.1733-1.0.139-1.0.2060.exe 2017-07-30 15:02 - 2017-07-30 15:02 - 000002091 _____ C:\Users\Diaby\Desktop\Crossfire Europe EU.lnk 2017-07-30 15:02 - 2017-07-30 15:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smilegate Europe 2017-07-30 13:40 - 2017-07-30 13:40 - 006654960 _____ (AVAST Software) C:\Users\Diaby\Downloads\avast_free_antivirus_setup_online (1).exe 2017-07-30 13:36 - 2017-07-30 13:37 - 006948656 _____ (AVAST Software) C:\Users\Diaby\Downloads\kal.exe 2017-07-30 13:14 - 2017-07-30 13:09 - 001424232 _____ (Baidu, Inc.) C:\ProgramData\BavPro_Setup_Mini_GL1.exe 2017-07-30 13:09 - 2017-07-30 13:09 - 000000000 ____D C:\ProgramData\Baidu 2017-07-30 13:07 - 2014-03-11 05:14 - 000047456 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bhbase.sys 2017-07-30 13:06 - 2017-07-30 13:15 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\Baidu Security 2017-07-30 13:05 - 2017-07-30 13:15 - 000000000 ____D C:\Users\Public\Documents\Baidu Security 2017-07-30 13:05 - 2017-07-30 13:15 - 000000000 ____D C:\ProgramData\Baidu Security 2017-07-30 13:05 - 2017-07-30 13:05 - 000000000 ____D C:\Users\Public\Documents\Baidu 2017-07-30 13:05 - 2017-07-30 13:05 - 000000000 ____D C:\Program Files\Baidu Security 2017-07-30 12:40 - 2017-07-30 12:41 - 022360128 _____ (Baidu, Inc.) C:\Users\Diaby\Downloads\PC_Faster_Setup_GL.exe 2017-07-30 12:29 - 2017-08-01 16:16 - 000000000 ____D C:\Program Files\VS Revo Group 2017-07-30 12:28 - 2017-07-30 12:29 - 007178424 _____ (VS Revo Group ) C:\Users\Diaby\Downloads\revosetup.exe 2017-07-30 11:52 - 2017-07-30 11:52 - 000000000 ____D C:\Program Files\Smilegate 2017-07-30 11:25 - 2017-07-30 11:25 - 005146430 _____ C:\Users\Diaby\Downloads\Crossfire Wallhack by Phobia (1).rar 2017-07-30 11:14 - 2017-07-31 13:09 - 000000000 ____D C:\ProgramData\PEZ 2017-07-30 11:12 - 2017-08-02 12:08 - 000000000 __SHD C:\ProgramData\NIINBP 2017-07-30 11:12 - 2017-07-30 11:13 - 013883721 _____ C:\Users\Diaby\Downloads\RF002.rar 2017-07-30 11:10 - 2017-07-30 11:11 - 017550167 _____ C:\Users\Diaby\Downloads\RF002.zip 2017-07-30 08:10 - 2017-07-30 10:03 - 000000000 ____D C:\Program Files\LAPTOP_KURT 2017-07-30 07:59 - 2017-07-31 13:26 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\kdjxa1vc5x4 2017-07-30 07:59 - 2017-07-30 17:04 - 000000000 ____D C:\Program Files\O9J4S1YMCM 2017-07-29 20:35 - 2017-07-29 20:35 - 007625193 _____ C:\Users\Diaby\Downloads\Hacks (1).rar 2017-07-29 20:17 - 2017-07-29 20:17 - 000051358 _____ C:\Users\Diaby\Downloads\CFEli_mpgh.net.rar 2017-07-29 19:54 - 2017-07-30 14:51 - 000000000 ____D C:\Fraps 2017-07-29 19:54 - 2017-07-29 19:54 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps 2017-07-29 19:51 - 2017-07-29 19:52 - 002601176 _____ C:\Users\Diaby\Downloads\Fraps 3.4.3.rar 2017-07-29 15:08 - 2017-07-29 15:09 - 007625193 _____ C:\Users\Diaby\Downloads\Hacks.rar 2017-07-29 14:45 - 2017-07-31 13:26 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\ywstcje510l 2017-07-29 09:22 - 2017-07-29 09:23 - 002496800 _____ (Beepa Pty Ltd) C:\Users\Diaby\Downloads\setup.exe 2017-07-28 18:21 - 2017-07-28 18:25 - 000000000 ____D C:\Program Files\0FQY9S87QG 2017-07-28 17:58 - 2017-07-28 18:23 - 000000000 ____D C:\Program Files\B3038TC274 2017-07-28 17:31 - 2017-07-31 22:08 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\rdqwiaalsm4 2017-07-28 17:23 - 2017-08-01 11:36 - 000000000 ____D C:\Program Files\cgmemeyesu2 2017-07-28 17:22 - 2017-07-28 17:49 - 061570560 ___SH (www.Bandisoft.com) C:\Users\Diaby\bdcam.dll 2017-07-28 17:21 - 2017-07-28 17:21 - 000003072 _____ C:\Users\Diaby\AppData\Local\uninstallce.exe 2017-07-28 17:15 - 2017-07-28 17:15 - 000183124 _____ C:\Users\Diaby\Downloads\killer.zip 2017-07-28 17:08 - 2017-07-28 17:08 - 041346560 ___SH (Bandicam Company) C:\Users\Diaby\bdfilters.dll 2017-07-27 03:14 - 2017-07-27 03:14 - 000442880 _____ C:\Windows\eebab301a0429b594721c657960fe2db.exe 2017-07-27 03:14 - 2017-07-27 03:14 - 000051625 _____ C:\Windows\uninstaller.dat 2017-07-25 11:18 - 2017-07-25 11:18 - 001130328 _____ (Google Inc.) C:\Users\Diaby\Downloads\ChromeSetup.exe 2017-07-24 22:53 - 2017-07-25 08:54 - 000000000 ____D C:\TEMP 2017-07-24 22:49 - 2017-07-24 22:49 - 000000000 ____D C:\App Chrome 2017-07-24 17:09 - 2017-07-24 17:13 - 099939036 _____ C:\Users\Diaby\Downloads\ARChon-v1.2-x86_32.zip 2017-07-24 14:42 - 2017-07-24 14:43 - 000266424 _____ (Mozilla) C:\Users\Diaby\Downloads\Firefox Setup Stub 54.0.1.exe 2017-07-24 14:42 - 2017-07-24 14:43 - 000266424 _____ (Mozilla) C:\Users\Diaby\Downloads\Firefox Setup Stub 54.0.1 (1).exe 2017-07-24 09:00 - 2017-07-24 09:00 - 038169881 _____ C:\Users\Diaby\Downloads\com.google.android.googlequicksearchbox-4.3.10.88581490.arm-300403395-minAPI16.apk 2017-07-23 22:03 - 2017-07-23 22:09 - 053850315 _____ C:\Users\Diaby\Downloads\gapps-jb-20130813-signed.zip.crdownload 2017-07-23 21:22 - 2017-07-23 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2017-07-23 21:22 - 2017-07-17 21:18 - 000806464 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys 2017-07-23 21:22 - 2017-07-17 21:18 - 000123856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2017-07-23 21:02 - 2017-07-23 21:05 - 123792216 _____ (Oracle Corporation) C:\Users\Diaby\Downloads\VirtualBox-5.1.24-117012-Win.exe 2017-07-23 21:01 - 2017-07-23 21:14 - 000059232 _____ C:\Users\Diaby\genymotion-log.zip 2017-07-23 20:58 - 2017-07-24 17:02 - 000000000 ____D C:\Users\Diaby\AppData\Local\Genymobile 2017-07-23 20:57 - 2017-07-24 17:02 - 000000000 ____D C:\Program Files\Genymobile 2017-07-23 20:54 - 2017-07-23 20:55 - 047848560 _____ (Genymobile ) C:\Users\Diaby\Downloads\genymotion-2.8.1.exe 2017-07-21 16:39 - 2017-07-31 10:31 - 000002042 _____ C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\Microsoft Windows Audio Device Graphic Card Isolation.exe.tmp 2017-07-21 16:39 - 2017-07-28 17:36 - 000000251 _____ C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\Windows Audio Device Graph.exe.tmp 2017-07-20 16:26 - 2017-07-20 16:28 - 1279857155 _____ C:\Users\Diaby\Downloads\Imperial MT2 3.3.zip 2017-07-18 22:13 - 2017-07-18 22:21 - 170052071 _____ C:\Users\Diaby\Downloads\CrossFire Europe Hack by sinkeV2.rar 2017-07-18 22:01 - 2017-07-18 22:01 - 000053691 _____ C:\Users\Diaby\Downloads\[RapidFiles]_57042.zip 2017-07-18 16:15 - 2017-07-18 16:15 - 004100432 _____ (Piriform Ltd) C:\Users\Diaby\Downloads\defraggler.exe 2017-07-18 11:43 - 2017-07-18 11:45 - 000316328 _____ C:\Windows\system32\FNTCACHE.DAT 2017-07-18 11:38 - 2017-07-18 11:38 - 000071432 _____ C:\Users\Diaby\AppData\Local\GDIPFONTCACHEV1.DAT 2017-07-18 11:32 - 2017-07-30 18:48 - 000000000 _____ C:\Users\Diaby\AppData\Roaming\Windows Audio Device Graph.exe.tmp 2017-07-18 10:27 - 2017-07-18 10:27 - 000000000 ____D C:\Users\Diaby\AppData\Local\Zaczero 2017-07-18 10:26 - 2017-07-30 18:48 - 000020480 _____ C:\Users\Diaby\AppData\Roaming\Microsoft Windows Audio Device Graphic Card Isolation.exe.tmp 2017-07-18 10:26 - 2017-07-18 10:26 - 000000000 ____D C:\Users\Diaby\Documents\DDX 2017-07-18 10:19 - 2017-07-18 10:20 - 005418336 _____ C:\Users\Diaby\Downloads\csGO_MltHack_v4.08_by_zukkygg.rar 2017-07-18 10:11 - 2017-07-18 10:37 - 654531245 _____ C:\Users\Diaby\Downloads\CF_HACK_v3.4_BY_ZUKKYY_GG.rar 2017-07-17 21:18 - 2017-07-17 21:18 - 000177880 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys 2017-07-17 21:18 - 2017-07-17 21:18 - 000113944 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys 2017-07-17 11:11 - 2017-07-17 11:11 - 000141979 _____ C:\Users\Diaby\Downloads\d3d_fox_v.17.2.zip 2017-07-17 11:04 - 2017-07-17 11:24 - 024324096 ___SH (Microsoft Corporation) C:\Users\Diaby\APPHELP.DLL 2017-07-17 10:40 - 2017-07-17 10:43 - 000003152 _____ C:\Users\Administrateur.Diaby-PC.000\Desktop\settings.xml 2017-07-17 10:37 - 2011-10-04 10:55 - 000252928 _____ (IntelleSoft) C:\Users\Administrateur.Diaby-PC.000\Desktop\BugTrap.dll 2017-07-17 10:34 - 2017-07-17 10:35 - 001490108 _____ C:\Users\Diaby\Downloads\Crossfire_Wall_hack_2017.rar 2017-07-15 15:32 - 2017-07-15 15:33 - 000000000 ____D C:\Users\Diaby\AppData\Local\chromium 2017-07-15 15:30 - 2017-07-15 15:30 - 000000000 ____D C:\Users\Diaby\Documents\My Cheat Tables 2017-07-15 15:26 - 2017-07-15 15:27 - 012024632 _____ (Cheat Engine ) C:\Users\Diaby\Downloads\CheatEngine67.exe 2017-07-14 13:41 - 2017-07-14 13:41 - 000000095 _____ C:\Users\Diaby\Downloads\Marver85.vcf 2017-07-14 13:36 - 2017-07-14 13:36 - 000000484 _____ C:\Users\Diaby\Downloads\url.htm 2017-07-13 20:51 - 2017-07-13 20:51 - 001268096 _____ C:\Users\Diaby\Downloads\process-explorer_16-12_fr_14566.zip 2017-07-13 16:21 - 2017-07-13 16:21 - 047483202 _____ C:\Users\Administrateur.Diaby-PC.000\Downloads\maj13072017.zip 2017-07-13 16:02 - 2017-07-13 16:02 - 000071432 _____ C:\Users\Administrateur.Diaby-PC.000\AppData\Local\GDIPFONTCACHEV1.DAT 2017-07-13 14:48 - 2017-07-13 14:48 - 000001064 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2017-07-13 13:46 - 2017-07-13 13:49 - 009301304 _____ (McAfee, Inc.) C:\Users\Diaby\Downloads\Setup_serial_8Vo9OkILcD2hHrpL92rDWw2_key.exe 2017-07-13 10:40 - 2017-07-24 14:46 - 000000000 ____D C:\Program Files\Mozilla Firefox 2017-07-13 10:40 - 2017-07-24 14:45 - 000001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-07-13 10:40 - 2017-07-24 14:45 - 000001105 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-07-12 22:06 - 2017-07-12 22:07 - 055962996 _____ (Vamos Production ) C:\Users\Diaby\Downloads\Non confirmé 841533.crdownload 2017-07-12 14:56 - 2017-07-12 14:58 - 000000000 ____D C:\vraix 2017-07-12 09:49 - 2017-07-12 09:49 - 000010823 _____ C:\Users\Diaby\Downloads\ltmsg.dll.zip 2017-07-12 09:37 - 2017-07-12 09:37 - 000118697 _____ C:\Users\Diaby\Downloads\BugTrap.rar 2017-07-12 09:28 - 2017-07-12 09:29 - 009843992 _____ C:\Users\Diaby\Downloads\CShell.dll 2017-07-12 09:27 - 2017-07-12 09:27 - 006722840 _____ C:\Users\Diaby\Downloads\Object.dll 2017-07-12 09:25 - 2017-07-12 09:25 - 000096584 _____ C:\Users\Diaby\Downloads\AegisDll64.dll 2017-07-12 09:22 - 2017-08-03 12:05 - 000000000 ____D C:\Nouveau dossier 2017-07-12 08:26 - 2017-07-31 21:38 - 000000000 ____D C:\Rez Editing tutorial 2017-07-12 08:24 - 2017-07-12 08:25 - 001774546 _____ C:\Users\Diaby\Downloads\Rez Editing tutorial Tools.rar 2017-07-11 14:09 - 2017-08-01 22:28 - 000000000 ____D C:\Users\Diaby\Desktop\Nouveau dossier 2017-07-10 22:22 - 2017-07-12 10:11 - 000004928 _____ C:\Users\Diaby\AppData\Roaming\Windows.exe.tmp 2017-07-10 22:14 - 2017-07-10 22:14 - 000011087 _____ C:\Users\Diaby\Downloads\Global Loader Ultra.rar 2017-07-10 22:06 - 2017-07-10 22:06 - 000017101 _____ C:\Users\Diaby\Downloads\SelectWnd.txt 2017-07-10 21:55 - 2017-07-10 21:55 - 000000267 _____ C:\Users\Diaby\Downloads\version.ini 2017-07-10 20:33 - 2017-07-10 20:33 - 000000000 ____D C:\Users\Diaby\AppData\Roamin 2017-07-10 20:29 - 2017-07-10 20:29 - 000565295 _____ C:\Users\Diaby\Downloads\RSS_227089847-.zip 2017-07-10 20:10 - 2017-07-10 20:10 - 005146430 _____ C:\Users\Diaby\Downloads\Crossfire Wallhack by Phobia.rar 2017-07-10 20:07 - 2017-08-02 12:08 - 000000000 ____D C:\Program Files\CF HACK 2017-07-10 14:41 - 2017-07-10 15:43 - 000000000 ____D C:\Program Files\CrossFire Installer 2017-07-10 13:16 - 2017-07-10 13:16 - 001311968 _____ C:\Users\Diaby\Downloads\Extreme Injector v3 (1).rar 2017-07-10 13:15 - 2017-07-10 13:16 - 000000080 _____ C:\Users\Diaby\Downloads\Zip file password.txt 2017-07-10 08:26 - 2017-07-10 08:26 - 000625602 _____ C:\Users\Diaby\Downloads\super fast knife.rar 2017-07-10 08:25 - 2017-07-10 08:26 - 000570156 _____ C:\Users\Diaby\Downloads\REZ Injector.rar 2017-07-09 22:20 - 2017-07-09 22:20 - 001311968 _____ C:\Users\Diaby\Downloads\Extreme Injector v3.rar 2017-07-09 22:20 - 2017-07-09 22:20 - 000059590 _____ C:\Users\Diaby\Downloads\EliCFNA v(3).rar 2017-07-09 08:35 - 2017-07-09 08:35 - 000029036 _____ C:\Users\Diaby\rpcsec_gss.c 2017-07-09 08:24 - 2017-07-09 08:24 - 000000081 _____ C:\Users\Diaby\VERSION.txt 2017-07-08 19:09 - 2017-07-08 19:10 - 048179170 _____ C:\Users\Diaby\auth 2017-07-08 18:51 - 2017-07-08 18:51 - 048179170 _____ C:\Users\Diaby\game 2017-07-08 18:44 - 2017-07-08 18:44 - 000033800 _____ C:\Users\Diaby\snmp_netgraph.so 2017-07-08 18:37 - 2017-07-10 16:09 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2017-07-08 18:37 - 2017-07-10 14:33 - 000000000 ____D C:\Program Files\FileZilla FTP Client 2017-07-08 18:21 - 2017-07-09 08:51 - 000000600 _____ C:\Users\Diaby\AppData\Local\PUTTY.RND 2017-07-08 13:14 - 2017-07-08 13:14 - 000000052 _____ C:\Users\Diaby\Downloads\adresse ip hamachi(ne pas supprimer.txt 2017-07-08 13:06 - 2017-07-08 13:06 - 002156048 _____ (Reloaded Technologies) C:\Users\Diaby\Downloads\Non confirmé 240087.crdownload 2017-07-08 10:54 - 2017-07-08 10:54 - 000000000 ____D C:\Users\Diaby\Desktop\CrossFire EU 2017-07-08 10:49 - 2017-07-08 10:49 - 002001544 _____ C:\Users\Diaby\Downloads\pc-decrapifier-3.0.1.exe 2017-07-08 09:34 - 2017-07-08 09:35 - 009598376 _____ (Piriform Ltd) C:\Users\Diaby\Downloads\ccsetup531.exe 2017-07-07 19:22 - 2017-07-07 19:24 - 010412032 _____ C:\Users\Diaby\Downloads\hamachi.msi 2017-07-07 19:18 - 2017-07-07 19:18 - 000001378 _____ C:\hamachi_test_report.txt 2017-07-07 18:55 - 2017-07-07 18:59 - 015721672 _____ (IObit ) C:\Users\Diaby\Downloads\driver_booster_setup.exe 2017-07-07 18:37 - 2017-07-07 18:37 - 000000308 _____ C:\Windows\Tasks\{C72D3418-B588-43B7-A737-F7D20991DE46}.job 2017-07-07 16:39 - 2017-07-07 17:40 - 000000000 ____D C:\Users\Diaby\AppData\Local\Razer 2017-07-07 16:31 - 2017-07-07 16:32 - 009581198 _____ C:\Users\Diaby\Downloads\Duplicate Cleaner Pro 4.0.1.rar 2017-07-07 16:26 - 2017-07-07 16:46 - 000003593 _____ C:\Users\Diaby\Documents\Duplicate Cleaner log.txt 2017-07-07 16:24 - 2017-07-07 16:24 - 005515464 _____ (DigitalVolcano Software Ltd) C:\Users\Diaby\Downloads\DuplicateCleaner_setup.exe 2017-07-07 16:21 - 2017-07-07 16:29 - 160946528 _____ (Razer Inc. ) C:\Users\Diaby\Downloads\RazerCortexSetup_8.1.7.462.exe 2017-07-07 15:34 - 2017-07-07 15:34 - 000000022 _____ C:\Windows\cmm.dat 2017-07-07 15:32 - 2017-07-08 09:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanMem 2017-07-07 15:32 - 2017-07-07 15:32 - 000000000 ____D C:\Windows\CleanMem 2017-07-07 15:32 - 2014-08-20 23:48 - 000061440 _____ (PcWinTech.com) C:\Windows\system32\CleanMem.exe 2017-07-07 15:32 - 2012-06-26 20:40 - 000000187 _____ C:\Windows\system32\CleanMem.ini 2017-07-07 15:32 - 2011-02-23 00:25 - 000000258 _____ C:\Windows\Tasks\Clean System Memory.job 2017-07-07 15:32 - 2009-02-22 07:53 - 000000565 _____ C:\Windows\system32\CleanMem.exe.manifest 2017-07-07 15:30 - 2017-07-07 15:31 - 003348185 _____ C:\Users\Diaby\Downloads\cleanmem_setup-2.5.0.exe 2017-07-07 15:18 - 2017-07-07 15:18 - 000292184 _____ (Microsoft Corporation) C:\Users\Diaby\Downloads\dxwebsetup.exe 2017-07-07 15:01 - 2017-07-29 15:23 - 000000000 ____D C:\Users\Diaby\Documents\Cross Fire 2017-07-07 14:34 - 2017-07-27 10:00 - 000000000 ____D C:\CFLog 2017-07-07 11:15 - 2017-07-10 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremiumSoft 2017-07-07 08:24 - 2017-08-02 20:37 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\AppData\Local\CrashDumps 2017-07-07 08:24 - 2017-07-07 08:31 - 000000000 ____D C:\ProgramData\GZG 2017-07-07 08:23 - 2017-07-07 08:24 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\Downloads\M2Chets 2017-07-07 08:23 - 2017-07-07 08:23 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\WinRAR 2017-07-07 08:22 - 2017-07-14 09:12 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\AppData\Local\Google 2017-07-07 08:22 - 2017-07-13 16:17 - 000002195 _____ C:\Users\Administrateur.Diaby-PC.000\Desktop\Google Chrome.lnk 2017-07-07 08:21 - 2017-07-07 08:21 - 000001425 _____ C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-07-07 08:21 - 2017-07-07 08:21 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\Adobe 2017-07-07 08:20 - 2017-07-08 22:47 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000 2017-07-07 08:20 - 2017-07-07 08:20 - 000001234 __RSH C:\Users\Administrateur.Diaby-PC.000\ntuser.pol 2017-07-07 08:20 - 2017-07-07 08:20 - 000000020 ___SH C:\Users\Administrateur.Diaby-PC.000\ntuser.ini 2017-07-07 08:20 - 2017-07-07 08:20 - 000000000 _SHDL C:\Users\Administrateur.Diaby-PC.000\Voisinage réseau 2017-07-07 08:20 - 2017-07-07 08:20 - 000000000 _SHDL C:\Users\Administrateur.Diaby-PC.000\Voisinage d'impression 2017-07-07 08:20 - 2017-07-07 08:20 - 000000000 _SHDL C:\Users\Administrateur.Diaby-PC.000\Modèles 2017-07-07 08:20 - 2017-07-07 08:20 - 000000000 _SHDL C:\Users\Administrateur.Diaby-PC.000\Mes documents 2017-07-07 08:20 - 2017-07-07 08:20 - 000000000 _SHDL C:\Users\Administrateur.Diaby-PC.000\Menu Démarrer 2017-07-07 08:20 - 2017-07-07 08:20 - 000000000 _SHDL C:\Users\Administrateur.Diaby-PC.000\Documents\Mes vidéos 2017-07-07 08:20 - 2017-07-07 08:20 - 000000000 _SHDL C:\Users\Administrateur.Diaby-PC.000\Documents\Mes images 2017-07-07 08:20 - 2017-07-07 08:20 - 000000000 _SHDL C:\Users\Administrateur.Diaby-PC.000\Documents\Ma musique 2017-07-07 08:20 - 2017-07-07 08:20 - 000000000 _SHDL C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2017-07-07 08:20 - 2017-07-07 08:20 - 000000000 _SHDL C:\Users\Administrateur.Diaby-PC.000\AppData\Local\Historique 2017-07-07 08:20 - 2017-06-07 17:18 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\.MemuHyperv 2017-07-07 08:20 - 2017-05-25 12:08 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\AppData\Local\LogMeIn Hamachi 2017-07-07 08:20 - 2017-05-25 07:36 - 000000170 _____ C:\Users\Administrateur.Diaby-PC.000\BullseyeCoverageError.txt 2017-07-07 08:20 - 2011-04-12 03:44 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\AppData\Roaming\Media Center Programs 2017-07-06 19:54 - 2017-07-08 12:21 - 000000000 ____D C:\Users\Diaby\VirtualBox VMs 2017-07-06 19:42 - 2017-07-24 17:00 - 000000000 ____D C:\Users\Diaby\.VirtualBox 2017-07-06 17:26 - 2017-07-06 17:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2017-07-06 10:43 - 2017-07-10 16:09 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\FileZilla 2017-07-06 10:43 - 2017-07-08 18:54 - 000000000 ____D C:\Users\Diaby\AppData\Local\FileZilla 2017-07-06 10:38 - 2017-07-06 10:39 - 010412032 _____ C:\Users\Diaby\Downloads\hamachi_2-2-0-578_fr_14515 (1).msi 2017-07-06 10:34 - 2017-07-07 15:50 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\Lavasoft 2017-07-06 10:34 - 2017-07-06 10:34 - 000000000 ____D C:\Users\Diaby\AppData\Local\Lavasoft 2017-07-05 11:49 - 2017-07-07 11:16 - 000000000 ____D C:\Users\Diaby\Documents\Navicat 2017-07-05 11:45 - 2017-07-05 11:45 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\FileZilla Server ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-08-04 20:15 - 2016-11-23 14:25 - 000000000 ____D C:\Users\Diaby\AppData\LocalLow\Mozilla 2017-08-04 20:09 - 2016-05-25 18:32 - 000000000 ____D C:\Users\Diaby\AppData\LocalLow\IObit 2017-08-04 19:49 - 2009-07-14 06:34 - 000041248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-08-04 19:49 - 2009-07-14 06:34 - 000041248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-08-04 18:48 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-08-04 14:09 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\system32\config\Journal 2017-08-04 09:34 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf 2017-08-04 09:31 - 2016-05-25 19:28 - 000000000 ____D C:\Program Files\Google 2017-08-04 09:22 - 2017-06-25 18:27 - 000000079 _____ C:\Windows\wininit.ini 2017-08-04 09:22 - 2017-06-25 18:23 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2017-08-04 08:53 - 2017-02-05 21:16 - 000000000 ____D C:\Users\Diaby\AppData\Local\CrashDumps 2017-08-02 12:08 - 2017-02-15 16:33 - 000000000 ____D C:\Program Files\f8dFmEojcp 2017-08-02 12:08 - 2016-05-27 22:43 - 000000000 ____D C:\Program Files\WinRAR 2017-08-01 21:50 - 2016-05-25 18:26 - 000000000 ____D C:\Users\Diaby 2017-08-01 17:18 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache 2017-07-31 22:17 - 2016-05-25 18:33 - 000000000 ____D C:\ProgramData\ProductData 2017-07-31 20:30 - 2017-04-06 16:13 - 000000000 __SHD C:\OamfbjHB2VOamfbjHB2V 2017-07-31 17:48 - 2017-02-24 18:23 - 000192716 _____ C:\Program Files\metadata 2017-07-31 17:45 - 2017-02-01 15:18 - 000000000 ____D C:\ProgramData\Norton 2017-07-30 20:39 - 2017-02-16 12:56 - 000000000 ____D C:\Program Files\Common Files\ntp2UpSvc 2017-07-30 20:08 - 2016-05-25 18:31 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\IObit 2017-07-30 20:07 - 2016-05-25 18:31 - 000000000 ____D C:\ProgramData\IObit 2017-07-30 17:29 - 2017-06-11 13:04 - 000000000 ____D C:\Users\Yasooz 2017-07-30 17:29 - 2017-05-31 17:37 - 000000000 ____D C:\Users\Administrateur.Diaby-PC 2017-07-30 17:18 - 2016-06-05 19:26 - 000000000 ____D C:\ProgramData\Package Cache 2017-07-30 15:01 - 2016-12-30 14:47 - 000000000 ____D C:\Users\Diaby\Desktop\Metin2World Official V.4 2017-07-30 13:11 - 2017-04-29 18:09 - 000000000 ____D C:\Windows\Downloaded Installations 2017-07-28 17:33 - 2017-06-19 17:50 - 000000000 ____D C:\Program Files\Notepad++ 2017-07-25 08:48 - 2016-11-23 14:25 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service 2017-07-24 09:33 - 2016-05-25 18:26 - 000000000 ____D C:\Users\Diaby\AppData\Local\VirtualStore 2017-07-22 17:36 - 2016-05-26 18:41 - 000000000 ____D C:\Windows\system32\RTCOM 2017-07-22 15:28 - 2016-05-26 18:41 - 000000000 ____D C:\Windows\system32\DAX2 2017-07-13 21:11 - 2017-05-15 20:18 - 000000270 _____ C:\Windows\Tasks\McAfeeLogon.job 2017-07-13 20:36 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\system32\NDF 2017-07-13 16:02 - 2016-09-24 22:03 - 000000000 ____D C:\Windows\system32\Windowds 2017-07-13 15:04 - 2017-05-25 07:39 - 000000000 ____D C:\Windows\system32\MRT 2017-07-13 15:02 - 2017-04-10 19:49 - 132532600 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-07-13 14:49 - 2016-10-23 08:22 - 000001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2017-07-13 14:49 - 2016-07-04 20:43 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2017-07-13 14:49 - 2016-07-04 20:43 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2017-07-13 14:48 - 2016-07-04 20:43 - 000000000 ____D C:\Windows\system32\Macromed 2017-07-13 14:24 - 2017-06-15 18:38 - 000827392 _____ (PythonLabs at Zope Corporation) C:\Users\Diaby\Downloads\python22.dll 2017-07-13 10:29 - 2017-05-25 21:04 - 000000152 _____ C:\Users\Diaby\BullseyeCoverageError.txt 2017-07-10 15:59 - 2017-03-16 12:48 - 000000000 ____D C:\ProgramData\Solid State Networks 2017-07-08 11:38 - 2016-12-01 15:52 - 098152608 _____ (LastPass) C:\Windows\system32\lastpass_1337.exe 2017-07-08 11:37 - 2016-12-01 15:52 - 001072128 _____ C:\Windows\system32\lastpass_downloader.exe 2017-07-08 09:40 - 2017-05-27 19:13 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2017-07-08 09:40 - 2017-05-20 09:27 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC 2017-07-08 09:40 - 2017-04-14 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express 2017-07-08 09:40 - 2017-04-05 11:32 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync 2017-07-07 21:05 - 2017-06-23 09:17 - 000000000 ____D C:\Users\Diaby\AppData\Roaming\Notepad++ 2017-07-07 19:05 - 2016-06-01 17:31 - 000000248 _____ C:\Windows\Tasks\Driver Booster SkipUAC (Diaby).job 2017-07-07 17:33 - 2016-06-22 10:46 - 000007626 _____ C:\Users\Diaby\AppData\Local\Resmon.ResmonCfg 2017-07-07 16:45 - 2017-05-31 15:19 - 000000000 ____D C:\Users\Diaby\.MemuHyperv 2017-07-07 16:45 - 2016-02-11 19:36 - 000000000 ____D C:\160a037b01503a72d0ed4e860e5e5f 2017-07-07 15:26 - 2017-02-26 19:38 - 000000000 ____D C:\Windows\system32\directx 2017-07-07 15:19 - 2017-02-26 19:38 - 000000000 ___HD C:\Windows\msdownld.tmp 2017-07-07 13:26 - 2017-03-16 08:56 - 000000326 _____ C:\Windows\rapport.txt 2017-07-07 13:13 - 2017-06-24 14:26 - 000000000 ____D C:\Program Files\Microvirt 2017-07-07 12:44 - 2016-08-18 19:28 - 000081768 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi.sys 2017-07-07 12:44 - 2016-08-18 19:28 - 000056680 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi64.sys 2017-07-07 08:51 - 2016-09-26 17:54 - 000000740 __RSH C:\ProgramData\ntuser.pol 2017-07-07 08:51 - 2016-07-12 16:10 - 000001234 __RSH C:\Users\Diaby\ntuser.pol 2017-07-07 08:22 - 2009-07-14 06:46 - 000001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2017-07-06 17:01 - 2017-04-26 18:00 - 000000000 ____D C:\ProgramData\Lavasoft 2017-07-06 10:19 - 2011-04-12 03:35 - 000748678 _____ C:\Windows\system32\perfh00C.dat 2017-07-06 10:19 - 2011-04-12 03:35 - 000150242 _____ C:\Windows\system32\perfc00C.dat 2017-07-06 10:19 - 2010-11-20 23:01 - 001667292 _____ C:\Windows\system32\PerfStringBackup.INI 2017-07-06 08:31 - 2017-05-31 17:38 - 000000000 ____D C:\Users\Administrateur.Diaby-PC\AppData\Local\Google ==================== Fichiers à la racine de certains dossiers ======= 2017-02-24 18:23 - 2017-07-31 17:48 - 000192716 _____ () C:\Program Files\metadata 2015-02-15 01:58 - 2015-03-12 01:20 - 000000165 _____ () C:\Program Files\Mods-ITST.ini 2015-02-15 01:58 - 2015-03-12 01:19 - 000000165 _____ () C:\Program Files\Mods.ini 2016-12-20 15:05 - 2016-12-20 15:05 - 002314121 _____ () C:\Program Files\nPwImRe.psd 2015-02-15 01:58 - 2014-06-04 04:36 - 000000038 _____ () C:\Program Files\Run_ITST_Mod.bat 2015-02-15 01:58 - 2015-01-31 10:02 - 000000031 _____ () C:\Program Files\Run_TE_Vanilla.bat 2015-02-15 01:58 - 2015-03-12 02:02 - 000000379 _____ () C:\Program Files\UnpackSound.bat 2016-05-29 08:04 - 2016-05-29 08:04 - 000000000 _____ () C:\Users\Diaby\AppData\Roaming\1.bin 2010-11-20 23:29 - 2010-11-20 23:29 - 001169224 _____ (Microsoft Corporation) C:\Users\Diaby\AppData\Roaming\DDos.exe 2017-02-11 16:28 - 2017-02-11 16:41 - 000003008 _____ () C:\Users\Diaby\AppData\Roaming\droid4xinstaller.log 2005-06-08 05:56 - 2017-05-15 20:30 - 004484050 ____H () C:\Users\Diaby\AppData\Roaming\logs.dat 2016-08-03 09:44 - 2017-02-07 21:05 - 000000003 _____ () C:\Users\Diaby\AppData\Roaming\Maintenance.log 2017-03-11 21:43 - 2017-04-14 13:05 - 000000002 _____ () C:\Users\Diaby\AppData\Roaming\Maintenance3.log 2017-07-18 10:26 - 2017-07-30 18:48 - 000020480 _____ () C:\Users\Diaby\AppData\Roaming\Microsoft Windows Audio Device Graphic Card Isolation.exe.tmp 2017-05-20 16:07 - 2017-05-25 21:01 - 000020601 _____ () C:\Users\Diaby\AppData\Roaming\skype.exe.tmp 2017-02-19 12:26 - 2017-03-03 19:08 - 000532842 _____ () C:\Users\Diaby\AppData\Roaming\spritesa 2017-05-20 11:37 - 2017-05-25 21:01 - 000020514 _____ () C:\Users\Diaby\AppData\Roaming\system.exe.tmp 2017-04-07 18:06 - 2017-04-07 18:07 - 013192536 ____N (TeamViewer GmbH) C:\Users\Diaby\AppData\Roaming\Team-Viewer_Setup_fr.exe 2017-02-10 10:43 - 2017-02-10 10:45 - 000033193 _____ () C:\Users\Diaby\AppData\Roaming\UserTile.png 2016-09-28 12:09 - 2017-05-13 08:52 - 000000301 _____ () C:\Users\Diaby\AppData\Roaming\WB.CFG 2017-07-18 11:32 - 2017-07-30 18:48 - 000000000 _____ () C:\Users\Diaby\AppData\Roaming\Windows Audio Device Graph.exe.tmp 2017-07-10 22:22 - 2017-07-12 10:11 - 000004928 _____ () C:\Users\Diaby\AppData\Roaming\Windows.exe.tmp 2016-05-28 20:05 - 2017-05-08 16:02 - 000005632 _____ () C:\Users\Diaby\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-07-08 18:21 - 2017-07-09 08:51 - 000000600 _____ () C:\Users\Diaby\AppData\Local\PUTTY.RND 2016-06-22 10:46 - 2017-07-07 17:33 - 000007626 _____ () C:\Users\Diaby\AppData\Local\Resmon.ResmonCfg 2016-09-02 16:25 - 2014-10-14 01:55 - 000061786 _____ () C:\Users\Diaby\AppData\Local\Tempcapturada5.png 2016-09-02 16:25 - 2007-06-13 21:37 - 000000111 _____ () C:\Users\Diaby\AppData\Local\Tempgrey.png 2016-09-02 16:25 - 2011-12-06 22:01 - 000012869 _____ () C:\Users\Diaby\AppData\Local\TempMBoxSkin.png 2016-09-02 16:25 - 2014-09-29 14:52 - 000161372 _____ () C:\Users\Diaby\AppData\Local\Tempv2.png 2017-07-28 17:21 - 2017-07-28 17:21 - 000003072 _____ () C:\Users\Diaby\AppData\Local\uninstallce.exe 2016-09-14 19:15 - 2016-09-14 19:15 - 000000003 _____ () C:\Users\Diaby\AppData\Local\updater.log 2016-09-14 19:15 - 2017-03-04 10:38 - 000000412 _____ () C:\Users\Diaby\AppData\Local\UserProducts.xml 2017-07-30 20:51 - 2017-07-30 20:51 - 000044696 _____ () C:\ProgramData\agent.1501440658.bdinstall.bin 2017-07-30 20:52 - 2017-07-30 20:52 - 000026369 _____ () C:\ProgramData\agent.1501440730.bdinstall.bin 2017-07-30 20:53 - 2017-07-30 20:53 - 000026370 _____ () C:\ProgramData\agent.1501440783.bdinstall.bin 2017-07-30 20:53 - 2017-07-30 20:53 - 000026370 _____ () C:\ProgramData\agent.1501440797.bdinstall.bin 2017-07-30 20:53 - 2017-07-30 20:53 - 000026371 _____ () C:\ProgramData\agent.1501440812.bdinstall.bin 2017-07-30 20:54 - 2017-07-30 20:54 - 000026031 _____ () C:\ProgramData\agent.1501440881.bdinstall.bin 2017-07-31 08:46 - 2017-07-31 08:46 - 000028349 _____ () C:\ProgramData\agent.1501483605.bdinstall.bin 2017-07-30 13:14 - 2017-07-30 13:09 - 001424232 _____ (Baidu, Inc.) C:\ProgramData\BavPro_Setup_Mini_GL1.exe 2016-05-26 18:41 - 2016-05-26 18:41 - 000000000 ____H () C:\ProgramData\DP45977C.lfl 2016-09-24 16:26 - 2016-10-08 08:24 - 000000002 ____H () C:\ProgramData\Entries.txt 2017-03-12 16:44 - 2017-03-12 16:44 - 000015875 _____ (Microsoft) C:\ProgramData\explorer.exe 2016-09-24 19:55 - 2016-11-02 16:07 - 000000000 _____ () C:\ProgramData\Gworm.vbs 2016-09-24 16:05 - 2016-09-24 17:18 - 000821200 _____ (Microsoft Corporation) C:\ProgramData\msvcp110d.dll 2016-09-24 16:05 - 2016-09-24 17:18 - 001697232 ____N (Microsoft Corporation) C:\ProgramData\msvcr110d.dll 2016-10-13 19:00 - 2016-10-23 22:16 - 000020834 _____ () C:\ProgramData\system.exe.tmp 2016-09-30 18:09 - 2016-11-02 16:07 - 000000000 _____ () C:\ProgramData\tmp98CA.tmp.vbs 2016-09-24 17:17 - 2016-11-02 16:07 - 000000000 _____ () C:\ProgramData\tmpAAE0.tmp.vbs 2016-09-24 16:26 - 2016-10-08 08:23 - 000000433 _____ () C:\ProgramData\update.bin 2016-09-24 16:15 - 2016-09-24 16:15 - 000645591 _____ () C:\ProgramData\windowsUpdate.dll Fichiers à déplacer ou supprimer: ==================== C:\ProgramData\BavPro_Setup_Mini_GL1.exe C:\ProgramData\explorer.exe C:\ProgramData\Gworm.vbs C:\ProgramData\msvcp110d.dll C:\ProgramData\msvcr110d.dll C:\ProgramData\tmp98CA.tmp.vbs C:\ProgramData\tmpAAE0.tmp.vbs C:\ProgramData\windowsUpdate.dll C:\Users\Diaby\APPHELP.DLL C:\Users\Diaby\bdcam.dll C:\Users\Diaby\bdfilters.dll C:\Users\Diaby\chroome.exe C:\Users\Diaby\ZHPDiag3.exe C:\Windows\Tasks\{04080DB5-B3A3-BA1E-9ECF-2C2F482411E3}.job C:\Windows\Tasks\{09E7DB74-84BA-4925-B16A-BDD9903CBA36}.job C:\Windows\Tasks\{1AC348B7-AD68-FF1C-B28E-D7154A60845C}.job C:\Windows\Tasks\{1BD3C577-AC78-72DC-73FA-BFCFD1282F09}.job C:\Windows\Tasks\{313B6D77-91B7-4729-A8CE-71B472DEFDFD}.job C:\Windows\Tasks\{35256B5B-A4F7-1A6B-BAA8-B9AFFA9C2D07}.job C:\Windows\Tasks\{3672E31A-81D9-54B1-59B6-288993C49B47}.job C:\Windows\Tasks\{3700379E-80AB-8035-7D42-73018BA78685}.job C:\Windows\Tasks\{3F82500D-8829-E7A6-8EED-8BD7AAAE4D4F}.job C:\Windows\Tasks\{45485F2B-F2E3-E880-D53A-70275FF51A73}.job C:\Windows\Tasks\{6705E622-D0AE-5189-F8C7-23139FAAF4C5}.job C:\Windows\Tasks\{6AE6823C-DD4D-3597-24AA-41F7824849F9}.job C:\Windows\Tasks\{72A2A6F2-C509-1159-E877-5A279F6B89A6}.job C:\Windows\Tasks\{803DA72D-3796-1086-18D9-B4B5A388E4CA}.job C:\Windows\Tasks\{811BEB6F-36B0-5CC4-6E67-2B54C8A88248}.job C:\Windows\Tasks\{8CE64007-3B4D-F7AC-70D3-46226CC128C3}.job C:\Windows\Tasks\{8DDB2B4C-2A59-4BD4-86E2-E3C071F88604}.job C:\Windows\Tasks\{B6D26BEC-0179-DC47-976C-B9812509626B}.job C:\Windows\Tasks\{B9CC9342-A99F-494E-BDC8-B0144B2136BA}.job C:\Windows\Tasks\{BC335264-0B98-E5CF-1BCD-CDF3A77DB74F}.job C:\Windows\Tasks\{BC5A07C5-0BF1-B06E-75C8-F2A9D4292B36}.job C:\Windows\Tasks\{C00DA454-77A6-13FF-9770-3F58EDDC6571}.job C:\Windows\Tasks\{C105346C-316B-4307-97C6-16882327ADA8}.job C:\Windows\Tasks\{C38ABE1B-7421-09B0-8E43-F48334855F6F}.job C:\Windows\Tasks\{C72D3418-B588-43B7-A737-F7D20991DE46}.job C:\Windows\Tasks\{D0B53B8D-671E-8C26-13D2-039C28EE9AD7}.job C:\Windows\Tasks\{D1F95EA7-6652-E90C-6809-87E1AD9F0189}.job C:\Windows\Tasks\{D7471C96-60EC-AB3D-6467-90C2A1FFEC24}.job C:\Windows\Tasks\{DA2F7091-AA65-4DA2-A47C-02D8DE44B460}.job C:\Windows\Tasks\{DC736D9A-6BD8-DA31-C4D2-9966D4182587}.job C:\Windows\Tasks\{EA9ACF9D-5D31-7836-8488-FD37BF743D2F}.job C:\Windows\Tasks\{F6C32E6E-4168-99C5-BFFD-82F34EAF93DB}.job Certains fichiers dans TEMP: ==================== 2017-05-31 17:31 - 2017-05-31 17:31 - 000008720 _____ () C:\Users\Administrateur\AppData\Local\Temp\BullseyeCoverage-2-x86.dll ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-08-01 17:09 ==================== Fin de FRST.txt ============================