ComboFix 17-08-04.01 - Diaby 11/08/2017  19:28:12.1.2 - x86
Microsoft Windows 7 Professionnel   6.1.7601.1.1252.33.1036.18.1015.288 [GMT 2:00]
Lancé depuis: c:\users\Diaby\Desktop\ComboFix.exe
AV: Emsisoft Anti-Malware *Disabled/Updated* {701CB209-EBBC-AADC-11E6-DE73E7AF4C9D}
SP: Emsisoft Anti-Malware *Disabled/Updated* {CB7D53ED-CD86-A552-2B56-E5019C280620}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Un nouveau point de restauration a été créé
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
C:\Microsoft
c:\programdata\ntuser.pol
c:\programdata\system.exe.tmp
c:\programdata\WindowsData
c:\users\Administrateur.Diaby-PC.000\AppData\Roaming\Microsoft Windows Audio Device Graphic Card Isolation.exe.tmp
c:\users\Administrateur.Diaby-PC.000\AppData\Roaming\Windows Audio Device Graph.exe.tmp
c:\users\Diaby\AppData\Local\uninstallce.exe
c:\users\Diaby\AppData\LocalZKWaqEnYsq.jpg
c:\users\Diaby\AppData\Roaming\dclogs
c:\users\Diaby\AppData\Roaming\dclogs\2016-07-12-3.dc
c:\users\Diaby\AppData\Roaming\dclogs\2016-07-13-4.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-02-23-5.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-02-24-6.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-02-25-7.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-02-26-1.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-02-27-2.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-02-28-3.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-03-01-4.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-03-02-5.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-03-03-6.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-03-04-7.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-03-05-1.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-03-06-2.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-04-06-5.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-04-07-6.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-05-21-1.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-05-22-2.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-05-23-3.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-05-24-4.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-05-25-5.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-05-26-6.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-05-27-7.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-05-28-1.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-05-29-2.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-05-30-3.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-05-31-4.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-06-01-5.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-06-03-7.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-06-05-2.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-06-08-5.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-06-10-7.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-06-11-1.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-06-12-2.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-06-13-3.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-06-14-4.dc
c:\users\Diaby\AppData\Roaming\dclogs\2017-06-15-5.dc
c:\users\Diaby\AppData\Roaming\ddos.exe
c:\users\Diaby\AppData\Roaming\logs.dat
c:\users\Diaby\AppData\Roaming\Microsoft Windows Audio Device Graphic Card Isolation.exe.tmp
c:\users\Diaby\AppData\Roaming\Microsoft\Crypto\wscript.exe
c:\users\Diaby\AppData\Roaming\skype.exe.tmp
c:\users\Diaby\AppData\Roaming\system.exe.tmp
c:\users\Diaby\AppData\Roaming\Windows Audio Device Graph.exe.tmp
c:\users\Diaby\AppData\Roaming\Windows.exe.tmp
c:\windows\eebab301a0429b594721c657960fe2db.exe
c:\windows\msdownld.tmp
c:\windows\security\Database\tmp.edb
c:\windows\system32\Core.dll
c:\windows\system32\xd.dll
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2017-07-11 au 2017-08-11  ))))))))))))))))))))))))))))))))))))
.
.
2017-08-11 17:45 . 2017-08-11 17:45	--------	d-----w-	c:\users\Default\AppData\Local\temp
2017-08-11 17:45 . 2017-08-11 17:45	--------	d-----w-	c:\users\Administrateur\AppData\Local\temp
2017-08-11 17:45 . 2017-08-11 17:51	--------	d-----w-	c:\users\Diaby\AppData\Local\temp
2017-08-11 17:45 . 2017-08-11 17:45	--------	d-----w-	c:\users\Administrateur.Diaby-PC.000\AppData\Local\temp
2017-08-11 17:45 . 2017-08-11 17:45	--------	d-----w-	c:\users\123\AppData\Local\temp
2017-08-05 11:41 . 2017-08-05 11:41	--------	d-----w-	c:\programdata\SWCUTemp
2017-08-05 11:21 . 2017-08-05 11:21	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1408.dll
2017-08-05 10:55 . 2017-08-05 10:55	--------	d-----w-	c:\users\Diaby\AppData\Roaming\QFX Software
2017-08-05 10:55 . 2017-08-05 10:55	--------	d-----w-	c:\programdata\QFX Software
2017-08-05 10:44 . 2017-08-05 10:44	--------	d-----w-	C:\found.002
2017-08-04 18:58 . 2017-08-04 18:58	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.3704.dll
2017-08-04 16:16 . 2017-08-04 16:16	--------	d-----w-	c:\programdata\RL Vision
2017-08-04 16:15 . 1998-06-23 21:00	164144	----a-w-	c:\windows\system32\COMCT232.ocx
2017-08-04 16:15 . 2004-03-08 21:00	609824	----a-w-	c:\windows\system32\COMCTL32.ocx
2017-08-04 16:15 . 2009-03-24 17:52	659264	----a-w-	c:\windows\system32\mscomct2.ocx
2017-08-04 16:15 . 2009-03-24 17:52	1069376	----a-w-	c:\windows\system32\MSCOMCTL.OCX
2017-08-04 07:08 . 2017-08-04 07:08	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.2332.dll
2017-08-03 07:06 . 2017-08-03 07:07	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.2720.dll
2017-08-02 16:13 . 2017-08-02 16:14	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.2500.dll
2017-08-02 12:13 . 2017-08-05 10:54	--------	d-----w-	C:\FRST
2017-08-02 11:03 . 2017-08-02 11:08	--------	d-----w-	c:\users\Administrateur.Diaby-PC.000\AppData\Local\Mozilla
2017-08-02 08:30 . 2017-08-02 08:30	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.2792.dll
2017-08-01 13:45 . 2017-08-01 13:45	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.2824.dll
2017-08-01 12:36 . 2017-08-01 12:36	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.2864.dll
2017-08-01 12:31 . 2017-08-05 19:57	--------	d-----w-	C:\AdwCleaner
2017-08-01 10:29 . 2017-08-01 10:29	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.2596.dll
2017-08-01 07:02 . 2017-08-01 07:02	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.2372.dll
2017-07-31 20:57 . 2017-07-31 20:57	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.2608.dll
2017-07-31 11:59 . 2017-07-31 11:59	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.2748.dll
2017-07-31 10:00 . 2017-08-02 10:08	--------	d-----w-	c:\users\Administrateur.Diaby-PC.000\AppData\Roaming\4vj4h3behrv
2017-07-31 08:37 . 2017-07-31 08:37	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.3748.dll
2017-07-31 08:00 . 2017-07-31 21:02	--------	d-----w-	c:\programdata\Emsisoft
2017-07-31 07:59 . 2017-07-31 20:08	--------	d-----w-	c:\users\Administrateur.Diaby-PC.000\AppData\Roaming\iun5lninoq1
2017-07-31 07:36 . 2017-07-31 20:08	--------	d-----w-	c:\users\Administrateur.Diaby-PC.000\AppData\Roaming\s3kqh1ko3vm
2017-07-31 07:20 . 2017-08-11 17:49	--------	d-----w-	c:\program files\Emsisoft Anti-Malware
2017-07-31 07:02 . 2017-05-25 09:58	59936	----a-w-	c:\windows\system32\drivers\mbae.sys
2017-07-31 07:02 . 2017-08-01 14:25	--------	d-----w-	C:\Anti-Malware
2017-07-31 07:02 . 2017-07-31 07:02	--------	d-----w-	c:\programdata\Malwarebytes
2017-07-31 06:46 . 2017-07-31 06:46	28349	----a-w-	c:\programdata\agent.1501483605.bdinstall.bin
2017-07-31 06:25 . 2017-07-31 06:25	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1000.dll
2017-07-30 21:05 . 2017-07-31 20:08	--------	d-----w-	c:\users\Administrateur.Diaby-PC.000\AppData\Roaming\ezsuhtc1otl
2017-07-30 20:38 . 2017-07-30 20:38	--------	d-----w-	c:\users\Diaby\AppData\Roaming\WarThunder
2017-07-30 20:22 . 2017-07-30 21:07	--------	d-----w-	c:\users\Administrateur.Diaby-PC.000\AppData\Roaming\IObit
2017-07-30 19:45 . 2017-07-30 20:04	--------	d-----w-	c:\program files\stinger
2017-07-30 19:29 . 2017-07-30 19:48	--------	d-----w-	c:\users\Diaby\AppData\Local\ElevatedDiagnostics
2017-07-30 18:54 . 2017-07-30 18:54	26031	----a-w-	c:\programdata\agent.1501440881.bdinstall.bin
2017-07-30 18:53 . 2017-07-30 18:53	26371	----a-w-	c:\programdata\agent.1501440812.bdinstall.bin
2017-07-30 18:53 . 2017-07-30 18:53	26370	----a-w-	c:\programdata\agent.1501440797.bdinstall.bin
2017-07-30 18:53 . 2017-07-30 18:53	26370	----a-w-	c:\programdata\agent.1501440783.bdinstall.bin
2017-07-30 18:52 . 2017-07-30 18:52	26369	----a-w-	c:\programdata\agent.1501440730.bdinstall.bin
2017-07-30 18:51 . 2017-07-30 18:51	44696	----a-w-	c:\programdata\agent.1501440658.bdinstall.bin
2017-07-30 18:51 . 2017-07-30 18:51	--------	d-----w-	c:\programdata\Bitdefender Agent
2017-07-30 18:08 . 2017-07-30 18:08	--------	d-----w-	c:\program files\Common Files\IObit
2017-07-30 18:07 . 2017-07-30 18:07	--------	d-----w-	c:\program files\IObit
2017-07-30 17:50 . 2017-07-30 17:50	--------	d-----w-	c:\program files\CCleaner
2017-07-30 16:51 . 2017-07-30 16:51	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1168.dll
2017-07-30 16:37 . 2017-07-30 16:37	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1924.dll
2017-07-30 15:37 . 2017-08-02 08:59	--------	d-----w-	c:\users\Diaby\AppData\Local\ZHP
2017-07-30 15:37 . 2017-08-02 08:58	--------	d-----w-	c:\users\Diaby\AppData\Roaming\ZHP
2017-07-30 15:28 . 2017-08-04 07:37	--------	d-----w-	c:\program files\Spybot - Search & Destroy 2
2017-07-30 15:25 . 2017-07-30 15:25	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1124.dll
2017-07-30 15:18 . 2017-07-30 15:18	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.296.dll
2017-07-30 14:57 . 2017-07-30 14:57	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.336.dll
2017-07-30 14:45 . 2017-02-19 19:15	220192	----a-w-	c:\windows\system32\drivers\keyscrambler.sys
2017-07-30 14:44 . 2017-07-30 14:45	--------	d-----w-	c:\program files\KeyScrambler
2017-07-30 11:09 . 2017-07-30 11:09	--------	d-----w-	c:\programdata\Baidu
2017-07-30 11:07 . 2014-03-11 03:14	47456	----a-w-	c:\windows\system32\drivers\Bhbase.sys
2017-07-30 11:06 . 2017-07-30 11:15	--------	d-----w-	c:\users\Diaby\AppData\Roaming\Baidu Security
2017-07-30 11:05 . 2017-07-30 11:05	--------	d-----w-	c:\program files\Baidu Security
2017-07-30 11:05 . 2017-07-30 11:15	--------	d-----w-	c:\programdata\Baidu Security
2017-07-30 10:29 . 2017-08-01 14:16	--------	d-----w-	c:\program files\VS Revo Group
2017-07-30 09:52 . 2017-07-30 09:52	--------	d-----w-	c:\program files\Smilegate
2017-07-30 09:16 . 2017-07-30 09:16	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.252.dll
2017-07-30 09:14 . 2017-07-31 11:09	--------	d-----w-	c:\programdata\PEZ
2017-07-30 09:12 . 2017-08-02 10:08	--------	d-sh--w-	c:\programdata\NIINBP
2017-07-30 06:10 . 2017-07-30 08:03	--------	d-----w-	c:\program files\LAPTOP_KURT
2017-07-30 05:59 . 2017-07-30 15:04	--------	d-----w-	c:\program files\O9J4S1YMCM
2017-07-30 05:59 . 2017-07-31 11:26	--------	d-----w-	c:\users\Diaby\AppData\Roaming\kdjxa1vc5x4
2017-07-29 17:54 . 2017-07-30 12:51	--------	d-----w-	C:\Fraps
2017-07-29 12:45 . 2017-07-31 11:26	--------	d-----w-	c:\users\Diaby\AppData\Roaming\ywstcje510l
2017-07-29 06:57 . 2017-07-29 06:57	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1884.dll
2017-07-28 16:27 . 2017-07-28 16:27	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.308.dll
2017-07-28 16:21 . 2017-07-28 16:25	--------	d-----w-	c:\program files\0FQY9S87QG
2017-07-28 16:03 . 2017-07-28 16:03	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1188.dll
2017-07-28 15:58 . 2017-07-28 16:23	--------	d-----w-	c:\program files\B3038TC274
2017-07-28 15:42 . 2017-07-28 15:42	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.352.dll
2017-07-28 15:31 . 2017-07-31 20:08	--------	d-----w-	c:\users\Administrateur.Diaby-PC.000\AppData\Roaming\rdqwiaalsm4
2017-07-28 15:23 . 2017-08-01 09:36	--------	d-----w-	c:\program files\cgmemeyesu2
2017-07-27 19:16 . 2017-07-27 19:16	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1856.dll
2017-07-26 16:56 . 2017-07-26 16:56	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1940.dll
2017-07-26 08:24 . 2017-07-26 08:24	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1888.dll
2017-07-26 06:46 . 2017-07-28 14:51	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1844.dll
2017-07-25 16:02 . 2017-07-26 19:23	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1840.dll
2017-07-24 20:53 . 2017-08-05 11:42	--------	d-----w-	C:\TEMP
2017-07-24 20:49 . 2017-07-24 20:49	--------	d-----w-	C:\App Chrome
2017-07-24 06:54 . 2017-07-24 06:54	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1868.dll
2017-07-23 18:58 . 2017-07-24 15:02	--------	d-----w-	c:\users\Diaby\AppData\Local\Genymobile
2017-07-23 18:57 . 2017-07-24 15:02	--------	d-----w-	c:\program files\Genymobile
2017-07-23 16:33 . 2017-07-27 16:06	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1820.dll
2017-07-23 08:53 . 2017-07-23 08:53	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1828.dll
2017-07-23 06:11 . 2017-07-25 11:49	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1836.dll
2017-07-22 15:39 . 2017-07-22 15:39	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1712.dll
2017-07-22 07:07 . 2017-07-22 07:07	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1404.dll
2017-07-21 14:52 . 2017-07-21 14:52	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1792.dll
2017-07-20 12:59 . 2017-07-20 12:59	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1960.dll
2017-07-20 06:43 . 2017-07-20 06:43	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1104.dll
2017-07-19 06:11 . 2017-07-19 06:11	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1012.dll
2017-07-18 09:46 . 2017-07-18 09:46	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1784.dll
2017-07-18 08:27 . 2017-07-18 08:27	--------	d-----w-	c:\users\Diaby\AppData\Local\Zaczero
2017-07-18 05:49 . 2017-07-18 05:49	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1944.dll
2017-07-17 19:18 . 2017-07-17 19:18	177880	----a-w-	c:\windows\system32\drivers\VBoxNetLwf.sys
2017-07-17 19:18 . 2017-07-17 19:18	113944	----a-w-	c:\windows\system32\drivers\VBoxNetAdp6.sys
2017-07-17 06:09 . 2017-07-17 06:09	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.348.dll
2017-07-15 19:11 . 2017-07-29 12:52	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1876.dll
2017-07-15 15:58 . 2017-07-15 15:58	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.324.dll
2017-07-15 13:32 . 2017-07-15 13:33	--------	d-----w-	c:\users\Diaby\AppData\Local\chromium
2017-07-15 07:09 . 2017-07-15 07:09	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1852.dll
2017-07-14 10:12 . 2017-07-14 10:12	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.228.dll
2017-07-14 09:29 . 2017-07-14 09:29	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.2044.dll
2017-07-14 06:52 . 2017-07-14 11:21	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.112.dll
2017-07-14 06:31 . 2017-07-14 06:31	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.328.dll
2017-07-13 19:05 . 2017-07-13 19:05	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.540.dll
2017-07-13 11:13 . 2017-07-13 11:13	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.360.dll
2017-07-12 18:06 . 2017-07-12 18:06	62576	------w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1812.dll
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-08-11 12:45 . 2017-06-29 06:18	181064	----a-w-	c:\windows\PSEXESVC.exe
2017-08-05 20:17 . 2016-07-04 18:43	803328	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2017-08-05 20:17 . 2016-07-04 18:43	144896	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2017-07-31 06:45 . 2017-07-03 06:39	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1824.dll
2017-07-30 05:57 . 2017-07-10 15:19	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1872.dll
2017-07-26 14:36 . 2017-07-07 10:28	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1948.dll
2017-07-21 06:15 . 2017-07-12 06:08	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1816.dll
2017-07-14 08:18 . 2017-07-07 17:33	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.2032.dll
2017-07-11 19:09 . 2017-07-11 19:09	62576	------w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1064.dll
2017-07-11 06:54 . 2017-07-11 06:54	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1848.dll
2017-07-10 14:48 . 2017-07-04 05:21	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.300.dll
2017-07-10 06:15 . 2017-07-10 06:15	62576	------w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.316.dll
2017-07-09 06:05 . 2017-07-09 06:05	62576	------w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.2020.dll
2017-07-08 09:38 . 2016-12-01 13:52	98152608	----a-w-	c:\windows\system32\lastpass_1337.exe
2017-07-08 09:37 . 2016-12-01 13:52	1072128	----a-w-	c:\windows\system32\lastpass_downloader.exe
2017-07-08 09:31 . 2017-07-08 09:31	62576	------w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.408.dll
2017-07-08 07:17 . 2017-07-08 07:17	62576	------w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1112.dll
2017-07-07 19:12 . 2017-07-07 19:12	62576	------w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1380.dll
2017-07-07 15:56 . 2017-07-07 15:56	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1628.dll
2017-07-07 10:44 . 2016-08-18 17:28	56680	----a-w-	c:\windows\system32\drivers\ksapi64.sys
2017-07-07 10:44 . 2016-08-18 17:28	81768	----a-w-	c:\windows\system32\drivers\ksapi.sys
2017-07-07 10:00 . 2017-07-07 10:00	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1048.dll
2017-07-07 06:42 . 2017-07-07 06:42	62576	------w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1936.dll
2017-07-07 05:32 . 2017-07-07 05:32	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.964.dll
2017-07-06 09:13 . 2017-07-04 14:41	164880	------w-	c:\users\Diaby\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
2017-07-05 14:37 . 2017-07-05 14:37	62576	------w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.384.dll
2017-07-05 05:21 . 2017-07-05 05:21	62576	------w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1292.dll
2017-07-04 16:52 . 2017-07-03 16:24	62576	------w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1864.dll
2017-07-02 05:59 . 2017-07-02 05:59	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.388.dll
2017-06-30 10:45 . 2017-06-30 10:45	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.192.dll
2017-06-30 05:46 . 2017-06-30 05:46	62576	------w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{12044267-13B2-472B-8CF6-5ED51DEDDF00}\offreg.1900.dll
2017-06-25 16:37 . 2016-06-08 18:14	168544	----a-w-	c:\windows\system32\S4EULogin.exe
2017-06-17 10:56 . 2017-06-17 10:57	236032	----a-w-	c:\windows\system32\devil.dll
2017-06-15 10:53 . 2017-06-15 10:53	36944	----a-w-	c:\windows\system32\drivers\taphss6.sys
2017-06-09 13:18 . 2017-06-15 13:51	383016	----a-w-	c:\windows\system32\EasyAntiCheat.exe
2017-06-02 08:09 . 2017-06-16 05:38	1549824	----a-w-	c:\windows\system32\tquery.dll
2017-06-02 08:09 . 2017-06-16 05:38	1400320	----a-w-	c:\windows\system32\mssrch.dll
2017-06-02 08:09 . 2017-06-16 05:38	337408	----a-w-	c:\windows\system32\mssph.dll
2017-06-02 08:09 . 2017-06-16 05:38	666624	----a-w-	c:\windows\system32\mssvp.dll
2017-06-02 08:09 . 2017-06-16 05:38	59392	----a-w-	c:\windows\system32\msscntrs.dll
2017-06-02 08:09 . 2017-06-16 05:38	197120	----a-w-	c:\windows\system32\mssphtb.dll
2017-06-02 08:09 . 2017-06-16 05:38	34816	----a-w-	c:\windows\system32\mssprxy.dll
2017-06-02 08:09 . 2017-06-16 05:38	104448	----a-w-	c:\windows\system32\mssitlb.dll
2017-06-02 07:58 . 2017-06-16 05:38	427520	----a-w-	c:\windows\system32\SearchIndexer.exe
2017-06-02 07:58 . 2017-06-16 05:38	164352	----a-w-	c:\windows\system32\SearchProtocolHost.exe
2017-06-02 07:57 . 2017-06-16 05:38	497152	----a-w-	c:\windows\HelpPane.exe
2017-06-02 07:57 . 2017-06-16 05:38	86528	----a-w-	c:\windows\system32\SearchFilterHost.exe
2017-06-02 07:57 . 2017-06-16 05:38	9728	----a-w-	c:\windows\system32\msshooks.dll
2017-05-22 14:21 . 2017-05-22 14:21	27968	---ha-w-	c:\windows\system32\drivers\hamachi.sys
2017-05-22 14:21 . 2017-03-06 11:39	27968	---ha-w-	c:\windows\system32\hamachi.sys
2017-05-22 05:59 . 2017-05-22 05:59	0	----a-w-	c:\users\Diaby\www.imperial-mt2.com
2017-05-21 04:10 . 2017-06-16 05:38	67304	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2017-05-21 04:10 . 2017-06-16 05:38	137960	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2017-05-21 04:06 . 2017-06-16 05:38	65536	----a-w-	c:\windows\system32\TSpkg.dll
2017-05-21 04:06 . 2017-06-16 05:38	172032	----a-w-	c:\windows\system32\wdigest.dll
2017-05-21 04:06 . 2017-06-16 05:38	99840	----a-w-	c:\windows\system32\sspicli.dll
2017-05-21 04:06 . 2017-06-16 05:38	655360	----a-w-	c:\windows\system32\rpcrt4.dll
2017-05-21 04:06 . 2017-06-16 05:38	254464	----a-w-	c:\windows\system32\schannel.dll
2017-05-21 04:06 . 2017-06-16 05:38	22016	----a-w-	c:\windows\system32\secur32.dll
2017-05-21 04:06 . 2017-06-16 05:38	141312	----a-w-	c:\windows\system32\rpchttp.dll
2017-05-21 04:06 . 2017-06-16 05:38	261120	----a-w-	c:\windows\system32\msv1_0.dll
2017-05-21 04:06 . 2017-06-16 05:38	223232	----a-w-	c:\windows\system32\ncrypt.dll
2017-05-21 04:06 . 2017-06-16 05:38	60416	----a-w-	c:\windows\system32\msobjs.dll
2017-05-21 04:06 . 2017-06-16 05:38	146432	----a-w-	c:\windows\system32\msaudite.dll
2017-05-21 04:06 . 2017-06-16 05:38	553472	----a-w-	c:\windows\system32\kerberos.dll
2017-05-21 04:06 . 2017-06-16 05:38	1062912	----a-w-	c:\windows\system32\lsasrv.dll
2017-05-21 04:06 . 2017-06-16 05:38	17408	----a-w-	c:\windows\system32\credssp.dll
2017-05-21 04:06 . 2017-06-16 05:38	82432	----a-w-	c:\windows\system32\bcrypt.dll
2017-05-21 04:06 . 2017-06-16 05:38	690688	----a-w-	c:\windows\system32\adtschema.dll
2017-05-21 03:46 . 2017-06-16 05:38	50176	----a-w-	c:\windows\system32\auditpol.exe
2017-05-21 03:43 . 2017-06-16 05:38	226304	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2017-05-21 03:42 . 2017-06-16 05:38	98304	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2017-05-21 03:42 . 2017-06-16 05:38	124416	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2017-05-21 03:42 . 2017-06-16 05:38	36352	----a-w-	c:\windows\system32\cryptbase.dll
2017-05-21 03:42 . 2017-06-16 05:38	22016	----a-w-	c:\windows\system32\lsass.exe
2017-05-21 03:42 . 2017-06-16 05:38	15872	----a-w-	c:\windows\system32\sspisrv.dll
2017-05-14 19:37 . 2017-06-16 05:38	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2017-05-14 19:37 . 2017-06-16 05:38	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2017-05-14 19:23 . 2017-06-16 05:38	62464	----a-w-	c:\windows\system32\iesetup.dll
2017-05-14 19:22 . 2017-06-16 05:38	499200	----a-w-	c:\windows\system32\vbscript.dll
2017-05-14 19:22 . 2017-06-16 05:38	47616	----a-w-	c:\windows\system32\ieetwproxystub.dll
2017-05-14 19:22 . 2017-06-16 05:38	341504	----a-w-	c:\windows\system32\html.iec
2017-05-14 19:21 . 2017-06-16 05:38	64000	----a-w-	c:\windows\system32\MshtmlDac.dll
2017-05-14 19:11 . 2017-06-16 05:38	104960	----a-w-	c:\windows\system32\ieetwcollector.exe
2017-05-14 19:11 . 2017-06-16 05:38	115712	----a-w-	c:\windows\system32\ieUnatt.exe
2017-05-14 19:10 . 2017-06-16 05:38	620032	----a-w-	c:\windows\system32\jscript9diag.dll
2017-05-14 19:05 . 2017-06-16 05:38	667648	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2017-05-14 18:57 . 2017-06-16 05:38	60416	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2017-05-14 18:57 . 2017-06-16 05:38	73216	----a-w-	c:\windows\system32\tdc.ocx
2017-05-14 18:44 . 2017-06-16 05:38	4549120	----a-w-	c:\windows\system32\jscript9.dll
2017-05-14 18:39 . 2017-06-16 05:38	2057216	----a-w-	c:\windows\system32\inetcpl.cpl
2017-05-14 18:38 . 2017-06-16 05:38	1155072	----a-w-	c:\windows\system32\mshtmlmedia.dll
2017-05-14 18:15 . 2017-06-16 05:38	2767872	----a-w-	c:\windows\system32\wininet.dll
2015-03-12 00:02 . 2015-02-14 23:58	379	----a-w-	c:\program files\UnpackSound.bat
2015-01-31 08:02 . 2015-02-14 23:58	31	----a-w-	c:\program files\Run_TE_Vanilla.bat
2014-06-04 02:36 . 2015-02-14 23:58	38	----a-w-	c:\program files\Run_ITST_Mod.bat
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-12-03 10:05	223432	------w-	c:\users\Diaby\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-12-03 10:05	223432	------w-	c:\users\Diaby\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-12-03 10:05	223432	------w-	c:\users\Diaby\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"="c:\users\Diaby\AppData\Local\Microsoft\BingSvc\BingSvc.exe" [2015-11-05 144008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2016-05-26 14696704]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"KeyScrambler"="c:\program files\KeyScrambler\keyscrambler.exe" [2017-04-23 515600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2017-06-30 12:23	7658200	----a-w-	c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISS Manager]
2010-11-20 21:29	53248	----a-w-	c:\program files\ISS Manager\issmgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes TrayApp]
2017-05-09 15:42	3146704	----a-w-	c:\nouveau dossier\DBZ SAGAS\Anti-Malware\mbamtray.exe
.
R1 VBoxNetAdp;VirtualBox NDIS 6.0 Miniport Service;c:\windows\system32\DRIVERS\VBoxNetAdp6.sys [2017-07-17 113944]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x]
R1 vgwluipk;vgwluipk;c:\windows\system32\drivers\vgwluipk.sys [x]
R2 Ntp2UpSvc;Ntp2UpSvc;c:\program files\Common Files\ntp2UpSvc\notepad2.exe run_up [x]
R3 aswHdsKe;aswHdsKe;c:\windows\system32\drivers\aswHdsKe.sys [x]
R3 BprotectEx;Baidu ProtectEx;c:\windows\System32\drivers\BprotectEx.sys [x]
R3 ClientAnalyticsService;ClientAnalyticsService;c:\program files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [x]
R3 cpuz138;cpuz138;c:\users\Diaby\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 dump_wmimmc;dump_wmimmc;c:\program files\GameforgeLive\Games\FRA_fra\Metin2\GameGuard\dump_wmimmc.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe [2017-06-09 383016]
R3 EasyAntiCheatSys;EasyAntiCheatSys;c:\windows\system32\drivers\EasyAntiCheat.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2017-05-14 104960]
R3 ksapi;ksapi;c:\windows\system32\drivers\ksapi.sys [2017-07-07 81768]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2016-05-18 5691912]
R3 PCFApiUtil;PCFApiUtil;c:\program files\Baidu Security\PC Faster\5.0.0.0\PCFApiUtil.sys [x]
R3 QFXUpdateService;QFX Software Update Service;c:\program files\KeyScrambler\QFXUpdateService.exe [2017-04-23 75792]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2017-04-04 1343400]
R3 XDva535;XDva535;c:\users\Diaby\AppData\Local\Temp\DinAC35.tmp [x]
R3 XDva536;XDva536;c:\windows\system32\XDva536.sys [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys [x]
S0 Bhbase;Baidu Hook Base;c:\windows\System32\drivers\Bhbase.sys [2014-03-11 47456]
S1 epp;epp;c:\program files\EMSISOFT ANTI-MALWARE\epp.sys [2016-11-23 105248]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2016-05-26 23840]
S2 a2AntiMalware;Emsisoft Protection Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [2017-07-31 5953080]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 Ntp2NetSvc;Ntp2NetSvc;c:\program files\notepad2\notepad2.exe run_net [x]
S3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [2017-02-19 220192]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2017-06-15 36944]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc	REG_MULTI_SZ   	DiagTrack
apple_config	REG_MULTI_SZ   	Apple_Cfg
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2017-08-05 11:46	1429848	----a-w-	c:\program files\Google\Chrome\Application\60.0.3112.90\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2017-08-05 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\system32\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe [2017-07-13 20:17]
.
2011-02-22 c:\windows\Tasks\Clean System Memory.job
- c:\windows\system32\CleanMem.exe [2017-07-07 21:48]
.
2016-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d1bffee1ac4c3e.job
- c:\program files\Google\Update\GoogleUpdate.exe [2017-08-05 11:51]
.
2016-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d1c000120ba96b.job
- c:\program files\Google\Update\GoogleUpdate.exe [2017-08-05 11:51]
.
2016-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d22066d30bdfad.job
- c:\program files\Google\Update\GoogleUpdate.exe [2017-08-05 11:51]
.
2016-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d2206738002651.job
- c:\program files\Google\Update\GoogleUpdate.exe [2017-08-05 11:51]
.
2017-04-05 c:\windows\Tasks\SidebarExecute.job
- c:\program files\Windows Sidebar\sidebar.exe [2010-11-20 21:29]
.
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
uDefault_Search_URL = 
mStart Page = about:blank
uInternet Settings,ProxyOverride = <local>
Trusted Zone: localhost
FF - ProfilePath - c:\users\Diaby\AppData\Roaming\Mozilla\Firefox\Profiles\zo5cs3w4.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Powered
FF - prefs.js: browser.startup.homepage - hxxps://www.google.fr/?gws_rd=ssl
FF - prefs.js: keyword.URL - true
FF - user.js: extensions.blocklist.detailsURL -  
FF - user.js: extensions.blocklist.enabled - false 
FF - user.js: extensions.blocklist.interval - 86400
FF - user.js: extensions.blocklist.itemURL -  
FF - user.js: extensions.blocklist.url - 
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - c:\program files\AVAST Software\Avast\ashShell.dll
HKCU-Run-4c121ab7 - c:\users\Diaby\AppData\Roaming\Microsoft\Crypto\wscript.exe
HKLM-Run-a689fa49fd42104e55e4ba78550f130f - c:\users\Administrateur.Diaby-PC.000\AppData\Roaming\Microsoft Windows Audio Device Graphic Card Isolation.exe
HKLM-Run-AvastUI.exe - c:\program files\AVAST Software\Avast\AvLaunch.exe
SafeBoot-MBAMService
MSConfigStartUp-Aeria Ignite - c:\program files\Aeria Games\Ignite\aeriaignite.exe
MSConfigStartUp-cmsc - c:\program files\cmcm\Clean Master\cmtray.exe
AddRemove-Avast Antivirus - c:\program files\AVAST Software\Avast\Setup\Instup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\XDva535]
"ImagePath"="\??\c:\users\Diaby\AppData\Local\Temp\DinAC35.tmp"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-377985148-792701347-3327087119-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-377985148-792701347-3327087119-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_26_0_0_137_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_26_0_0_137_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'Explorer.exe'(3304)
c:\users\Diaby\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\Telemetry.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\timedate.cpl
c:\windows\system32\actxprxy.dll
c:\windows\System32\shdocvw.dll
c:\windows\System32\shacct.dll
c:\windows\system32\MsftEdit.dll
c:\windows\System32\gameux.dll
c:\windows\system32\msls31.dll
c:\windows\system32\stobject.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\wlanutil.dll
c:\windows\System32\WSCAPI.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\taskhost.exe
c:\program files\notepad2\notepad2.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
.
**************************************************************************
.
Heure de fin: 2017-08-11  19:58:38 - La machine a redémarré
ComboFix-quarantined-files.txt  2017-08-11 17:58
.
Avant-CF: 17 820 602 368 octets libres
Après-CF: 17 608 015 872 octets libres
.
- - End Of File - - 33EE0B291C18F060A926EFE404C10927
A36C5E4F47E84449FF07ED3517B43A31