Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 23-12-2017 Exécuté par Jako (administrateur) sur DESKTOP-SV3NQC5 (23-12-2017 11:15:02) Exécuté depuis C:\Users\Jako\Desktop Profils chargés: Jako (Profils disponibles: Jako) Platform: Windows 10 Pro Version 1703 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_c06efa65923f756e\stacsv64.exe (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_c06efa65923f756e\AESTSr64.exe (LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\Windows\System32\runonce.exe (rKo) C:\Program Files\VS Revo Group\62FU4Q6TVQOX47D5H\B2UcFZx2EH.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Users\Jako\AppData\Roaming\ZHP\ZHPCleaner.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2727568 2016-10-18] () HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-10-18] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2009-11-18] (IDT, Inc.) HKLM\...\Run: [JeNv2EyoQr] => C:\Program Files\jhappltlpjhcCDdy\.5Uxappltlp5Ux.vbs HKLM\...\RunOnce: [Lahin_Raw_barra_al3eb_b3id_B2UcFZx2EH.exe] => C:\Program Files\VS Revo Group\62FU4Q6TVQOX47D5H\B2UcFZx2EH.exe [833024 2017-12-22] (rKo) Winlogon\Notify\ScCertProp: wlnotify.dll [X] HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== ATTENTION HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== ATTENTION HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== ATTENTION HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== ATTENTION HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATTENTION HKLM\ DisallowedCertificates: 249BDA38A611CD746A132FA2AF995A2D3C941264 (Malwarebytes Corporation) <==== ATTENTION HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATTENTION HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== ATTENTION HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== ATTENTION HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== ATTENTION HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== ATTENTION HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== ATTENTION HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== ATTENTION HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== ATTENTION HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== ATTENTION HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== ATTENTION HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== ATTENTION HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== ATTENTION HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== ATTENTION HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== ATTENTION HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATTENTION HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== ATTENTION HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATTENTION HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== ATTENTION HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== ATTENTION HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== ATTENTION HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== ATTENTION HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== ATTENTION HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== ATTENTION HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATTENTION HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== ATTENTION HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== ATTENTION HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== ATTENTION HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== ATTENTION HKLM\ DisallowedCertificates: B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (Malwarebytes Corporation) <==== ATTENTION HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== ATTENTION HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== ATTENTION HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== ATTENTION HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== ATTENTION HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== ATTENTION HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== ATTENTION HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== ATTENTION HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATTENTION HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== ATTENTION HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== ATTENTION HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [5753296 2017-08-29] (SecureMix LLC) HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4087864 2017-12-08] (Tonec Inc.) HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\Run: [1bR8e#BNm-.exe] => C:\Program Files\Internet Explorer\5F4EPXXVYPT4\1bR8e#BNm-.exe HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\Run: [AEGF2sBWq9koqW.exe] => C:\Users\Jako\AppData\Roaming\14aa7f43264b4a04ab1680e383e5add5\AEGF2sBWq9koqW.exe HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\Run: [0WWFGsfZzw.exe] => C:\ProgramData\d32f8d3036e74849b10139dac9b0e814\0WWFGsfZzw.exe HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\Run: [KFXMQLRTSM.exe] => C:\Users\Jako\AppData\Local\Temp\3dfa79d50cfc4cc0b3b83838c431cecf\KFXMQLRTSM.exe <==== ATTENTION HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\Run: [SRDDAZQPJV.exe] => C:\Users\Jako\AppData\Local\ddbd81867542464f9db7f48fd5171fce\SRDDAZQPJV.exe BootExecute: autocheck autochk /p \??\C:autocheck autochk * GroupPolicy: Restriction - Chrome <==== ATTENTION GroupPolicy\User: Restriction <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 10.176.85.20 Tcpip\..\Interfaces\{a2ff062c-0179-4056-8075-b994f3c6b999}: [DhcpNameServer] 10.176.85.20 Tcpip\..\Interfaces\{e90a1d73-c8cb-48bd-9ab9-17e4422785af}: [DhcpNameServer] 192.168.42.129 Internet Explorer: ================== HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\Software\Microsoft\Internet Explorer\Main,Start Page = SearchScopes: HKU\S-1-5-21-1013118444-3060868979-3133423822-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B14BD0DA9-01A3-47A6-B84C-575897B32431%7D&gp=811610 SearchScopes: HKU\S-1-5-21-1013118444-3060868979-3133423822-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B14BD0DA9-01A3-47A6-B84C-575897B32431%7D&gp=811610 BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2017-09-22] (Internet Download Manager, Tonec Inc.) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2017-09-22] (Internet Download Manager, Tonec Inc.) FireFox: ======== FF HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Jako\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\Jako\AppData\Roaming\IDM\idmmzcc5 [2017-12-22] [Legacy] [non signé] FF HKU\S-1-5-21-1013118444-3060868979-3133423822-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26] [Legacy] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-12-22] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-12-22] (Google Inc.) Chrome: ======= CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBKhl918K0qpwZ-tq0EXJxVDc5wm4QR7b3XYJh0nCgZNVnEADJrtMbbxLF69M0T9xjU4vFliNLWF_Bm5h99ayzwoQvwGQp2CpMpBf03Lv1cEaDMYYerAkuWSXqDd0hM-Qwtgmjz9oZwGO-SHEVchVz2ONeRNI9y7GJBP3lTwHJi5ul0L2qJ8PlYtzo, CHR Profile: C:\Users\Jako\AppData\Local\Google\Chrome\User Data\Default [2017-12-23] CHR Extension: (YouTube) - C:\Users\Jako\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-22] CHR Extension: (Tiempo en colombia en vivo) - C:\Users\Jako\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbhodkgjhojjjggokjjlbccecdhkjjgl [2017-12-22] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Jako\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-22] CHR Extension: (Chrome Media Router) - C:\Users\Jako\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-22] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-12-08] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AESTFilters; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_c06efa65923f756e\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-10-18] (NVIDIA Corporation) R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [4420048 2017-08-29] (SecureMix LLC) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes) [Fichier non signé] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-10-18] (NVIDIA Corporation) S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-10-18] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-10-18] (NVIDIA Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation) R2 STacSV; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_c06efa65923f756e\STacSV64.exe [244224 2009-11-18] (IDT, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation) S4 WinDefender; C:\WINDOWS\windefender.exe [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (SecureMix LLC) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-08-04] (NVIDIA Corporation) R3 RICOH SmartCard Reader; C:\Windows\system32\DRIVERS\rismcx64.sys [79488 2006-10-03] (RICOH Company, Ltd.) S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] () S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) S3 WinMon; C:\WINDOWS\System32\drivers\Winmon.sys [9352 2017-12-22] () [Fichier non signé] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-12-23 11:15 - 2017-12-23 11:16 - 000017484 _____ C:\Users\Jako\Desktop\FRST.txt 2017-12-23 11:14 - 2017-12-23 11:14 - 000000000 ____D C:\Users\Jako\Desktop\FRST-OlderVersion 2017-12-23 11:04 - 2017-12-23 11:08 - 000000000 ____D C:\Users\Jako\Desktop\fortran.f90 2017-12-23 08:29 - 2017-12-23 08:29 - 000001658 _____ C:\Users\Jako\Desktop\ZHPCleaner.txt 2017-12-22 21:58 - 2017-12-22 21:58 - 000007600 _____ C:\Users\Jako\AppData\Local\Resmon.ResmonCfg 2017-12-22 18:11 - 2017-12-22 18:11 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-12-22 18:11 - 2017-12-22 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-12-22 18:11 - 2017-12-22 18:11 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-12-22 18:11 - 2017-12-22 18:11 - 000000000 ____D C:\Program Files\Malwarebytes 2017-12-22 18:11 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys 2017-12-22 18:00 - 2017-12-22 18:00 - 000000000 ____D C:\Users\Jako\AppData\Roaming\Google 2017-12-22 17:58 - 2017-12-22 17:58 - 000002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-12-22 17:58 - 2017-12-22 17:58 - 000002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-12-22 17:57 - 2017-12-22 17:57 - 000003586 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-12-22 17:57 - 2017-12-22 17:57 - 000003462 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-12-22 17:27 - 2017-12-22 22:14 - 000000000 ____D C:\AdwCleaner 2017-12-22 17:11 - 2017-12-22 17:08 - 008344776 _____ (Piriform Ltd) C:\Users\Jako\Desktop\ccsetup538_slim.exe 2017-12-22 16:50 - 2017-12-23 11:15 - 000000000 ____D C:\FRST 2017-12-22 16:50 - 2017-12-23 11:14 - 002392064 _____ (Farbar) C:\Users\Jako\Desktop\FRST64.exe 2017-12-22 16:07 - 2017-12-22 16:09 - 008198432 _____ (Malwarebytes) C:\Users\Jako\Desktop\adwcleaner_7.0.6.0.exe 2017-12-22 15:14 - 2017-12-23 08:29 - 000000000 ____D C:\Users\Jako\AppData\Roaming\ZHP 2017-12-22 15:14 - 2017-12-23 08:24 - 000000874 _____ C:\Users\Jako\Desktop\ZHPCleaner.lnk 2017-12-22 15:14 - 2017-12-22 15:14 - 000000000 ____D C:\Users\Jako\AppData\Local\ZHP 2017-12-22 15:13 - 2017-12-22 15:14 - 002997120 _____ C:\Users\Jako\Downloads\ZHPCleaner.exe 2017-12-22 14:46 - 2017-12-22 14:46 - 000000000 ____D C:\Themes 2017-12-22 14:44 - 2017-12-22 14:45 - 000000000 ____D C:\Maps 2017-12-22 14:43 - 2017-12-22 14:43 - 000000000 ____D C:\Ease of Access Themes 2017-12-22 14:40 - 2017-12-22 14:40 - 000009352 _____ C:\Windows\system32\Drivers\Winmon.sys 2017-12-22 14:37 - 2017-12-22 14:40 - 008319904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe 2017-12-22 14:37 - 2017-12-22 14:40 - 001186464 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe 2017-12-22 14:35 - 2017-12-22 15:31 - 000016836 _____ C:\Windows\System32\Tasks\InnoLagMagicGrop 2017-12-22 14:35 - 2017-12-22 14:35 - 000004092 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_RK 2017-12-22 14:35 - 2017-12-22 14:35 - 000004092 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_IH 2017-12-22 14:35 - 2017-12-22 14:35 - 000004092 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_AL 2017-12-22 14:35 - 2017-12-22 14:35 - 000004080 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_OW 2017-12-22 14:35 - 2017-12-22 14:35 - 000004072 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_NA 2017-12-22 14:32 - 2017-05-04 16:28 - 002462185 _____ C:\Users\Jako\Downloads\UXThemePatcher 10.exe 2017-12-22 14:30 - 2017-12-22 14:30 - 000000000 ____D C:\Program Files\AVAST Software 2017-12-22 14:29 - 2017-12-22 15:31 - 000000000 ____D C:\ProgramData\AVAST Software 2017-12-22 14:29 - 2017-12-22 14:29 - 002695982 _____ C:\Users\Jako\Downloads\UXThemePatcher 10.sfx.exe 2017-12-22 14:15 - 2017-12-23 11:08 - 000000000 ____D C:\Users\Jako\AppData\Roaming\CodeBlocks 2017-12-22 10:09 - 2017-12-22 10:09 - 000001814 _____ C:\ProgramData\Microsoft\Windows\Start Menu\IDT Audio Control Panel.lnk 2017-12-22 10:09 - 2009-11-18 04:19 - 012532224 _____ (IDT, Inc.) C:\Windows\system32\idtcpl64.cpl 2017-12-22 10:09 - 2009-11-18 04:19 - 003309568 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll 2017-12-22 10:09 - 2009-11-18 04:19 - 000487424 _____ (IDT, Inc.) C:\Windows\sttray64.exe 2017-12-22 10:09 - 2009-06-26 02:59 - 000160768 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAC64.dll 2017-12-22 10:09 - 2009-05-22 02:57 - 000436224 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTEC64.dll 2017-12-22 10:09 - 2009-03-03 01:58 - 000068608 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAR64.dll 2017-12-22 10:09 - 2009-03-03 01:47 - 000090624 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCo64.dll 2017-12-22 10:08 - 2017-12-22 10:09 - 000000000 ____D C:\Program Files\IDT 2017-12-22 10:08 - 2017-12-22 10:08 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-12-22 10:08 - 2009-11-18 04:19 - 001435136 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll 2017-12-22 10:08 - 2009-11-18 04:19 - 000616448 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll 2017-12-22 10:08 - 2009-11-18 04:19 - 000503296 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys 2017-12-22 10:08 - 2009-11-18 04:19 - 000431616 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll 2017-12-22 10:08 - 2009-11-18 04:19 - 000209920 _____ (IDT, Inc.) C:\Windows\system32\staco64.dll 2017-12-22 10:04 - 2017-12-22 10:04 - 000000000 ____D C:\ProgramData\Uninstall 2017-12-22 10:03 - 2017-12-22 10:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2017-12-22 10:03 - 2017-12-22 10:03 - 000000000 ____D C:\Program Files\Hewlett-Packard 2017-12-22 10:02 - 2017-12-22 10:02 - 000000000 ____D C:\Users\Jako\AppData\Roaming\Roxio Log Files 2017-12-22 10:01 - 2017-12-22 10:01 - 000000000 ____D C:\Windows\LastGood.Tmp 2017-12-22 10:01 - 2017-12-22 10:01 - 000000000 ____D C:\Program Files\LSI SoftModem 2017-12-22 10:01 - 2009-06-09 13:28 - 000064000 ____N (LSI Corporation) C:\Windows\SysWOW64\agrsmdel.exe 2017-12-22 10:01 - 2009-03-27 18:12 - 000014848 ____N (LSI Corporation) C:\Windows\SysWOW64\agrsco64.dll 2017-12-22 10:01 - 2009-03-27 18:12 - 000013824 ____N (LSI Corporation) C:\Windows\SysWOW64\agrscoin.dll 2017-12-22 10:00 - 2017-12-22 10:00 - 000000000 ____D C:\Windows\Options 2017-12-22 09:39 - 2017-12-22 09:39 - 000000000 ____D C:\Users\Jako\AppData\Roaming\NVIDIA 2017-12-22 09:24 - 2017-12-22 09:24 - 000003376 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1013118444-3060868979-3133423822-1001 2017-12-22 09:14 - 2017-12-22 09:14 - 000000000 ____D C:\Users\Jako\AppData\Local\PeerDistRepub 2017-12-22 09:14 - 2017-12-22 09:14 - 000000000 ____D C:\Users\Jako\AppData\Local\NVIDIA Corporation 2017-12-22 09:13 - 2017-12-22 09:13 - 000000000 ____D C:\Users\Jako\AppData\Local\NVIDIA 2017-12-22 09:13 - 2017-12-22 09:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-12-22 09:13 - 2016-10-18 19:39 - 001767712 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2017-12-22 09:13 - 2016-10-18 19:39 - 001756560 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2017-12-22 09:13 - 2016-10-18 19:39 - 001377752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2017-12-22 09:13 - 2016-10-18 19:39 - 001316136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2017-12-22 09:13 - 2016-10-18 19:39 - 000112168 _____ C:\Windows\system32\NvRtmpStreamer64.dll 2017-12-22 09:13 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2017-12-22 09:13 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2017-12-22 09:13 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2017-12-22 09:13 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2017-12-22 09:13 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2017-12-22 09:13 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2017-12-22 09:12 - 2017-12-22 09:13 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-12-22 09:11 - 2017-12-22 09:11 - 000000000 ____D C:\ProgramData\NVIDIA 2017-12-22 09:11 - 2016-10-18 14:54 - 006790080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2017-12-22 09:11 - 2016-10-18 14:54 - 003529152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2017-12-22 09:11 - 2016-10-18 14:54 - 002558512 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2017-12-22 09:11 - 2016-10-18 14:54 - 000932728 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2017-12-22 09:11 - 2016-10-18 14:54 - 000385072 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2017-12-22 09:11 - 2016-10-18 14:54 - 000062512 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2017-12-22 09:11 - 2016-10-18 13:15 - 007471705 _____ C:\Windows\system32\nvcoproc.bin 2017-12-22 09:10 - 2017-12-22 09:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2017-12-22 09:08 - 2017-12-22 09:08 - 000000000 ____D C:\ProgramData\Package Cache 2017-12-22 09:08 - 2016-10-18 15:53 - 001515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2017-12-22 09:08 - 2016-10-18 15:53 - 000197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2017-12-22 09:08 - 2016-10-18 15:53 - 000031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2017-12-22 09:08 - 2016-08-04 05:20 - 000114744 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2017-12-22 09:08 - 2016-08-04 05:20 - 000104512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2017-12-22 09:08 - 2016-08-04 05:20 - 000056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2017-12-22 09:07 - 2016-10-18 15:53 - 031522240 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 024208952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 023000000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 018634216 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 017559200 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 016128720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 015302712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 014497712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 013916048 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 013827664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 012909624 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2017-12-22 09:07 - 2016-10-18 15:53 - 011272008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 011209336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 004252608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 003994560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 003212456 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 002826176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 001908088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434200.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 001557552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434200.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 000953912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 000915392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 000911928 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 000876992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2017-12-22 09:07 - 2016-10-18 15:53 - 000026157 _____ C:\Windows\system32\nvinfo.pb 2017-12-22 09:06 - 2017-12-22 09:13 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2017-12-22 09:04 - 2017-12-22 09:04 - 000000000 ____D C:\NVIDIA 2017-12-22 08:33 - 2017-12-22 08:38 - 000000000 ____D C:\Users\Jako\Downloads\idm rep 2017-12-22 08:12 - 2017-12-22 08:12 - 000000000 ____D C:\ProgramData\{0897014C-63E3-47DF-8A5F-4399CC5D61B9} 2017-12-22 08:11 - 2017-12-22 08:11 - 000000000 ____D C:\Users\Jako\AppData\Local\IIIQF 2017-12-22 08:05 - 2017-12-22 20:14 - 000000000 ____D C:\Users\Jako\AppData\Local\CrashDumps 2017-12-22 08:05 - 2017-12-22 08:05 - 000000000 ____D C:\Users\Jako\AppData\Local\DBG 2017-12-22 08:04 - 2017-12-22 08:04 - 000000000 _____ C:\ProgramData\1.txt 2017-12-22 07:59 - 2017-12-22 07:59 - 000000000 ____D C:\Users\Jako\AppData\Roaming\Mozilla 2017-12-22 07:58 - 2017-12-22 07:58 - 000000000 ____D C:\Users\Jako\AppData\Local\Geckofx 2017-12-21 16:26 - 2017-12-21 16:26 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2017-12-21 14:30 - 2017-12-21 14:30 - 000001140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Urban Rivals.lnk 2017-12-21 14:30 - 2017-12-21 14:30 - 000001128 _____ C:\Users\Public\Desktop\Urban Rivals.lnk 2017-12-21 14:30 - 2017-12-21 14:30 - 000000000 ____D C:\Users\Jako\AppData\LocalLow\Boostr 2017-12-21 14:30 - 2017-12-21 14:30 - 000000000 ____D C:\Program Files (x86)\Urban Rivals 2017-12-21 14:14 - 2017-12-22 22:28 - 000000000 ____D C:\Users\Jako\AppData\Roaming\DMCache 2017-12-21 14:14 - 2017-12-22 14:01 - 000000000 ____D C:\Users\Jako\Downloads\Compressed 2017-12-21 14:14 - 2017-12-22 13:40 - 000000000 ____D C:\Users\Jako\Downloads\Video 2017-12-21 14:14 - 2017-12-21 14:17 - 000000000 ____D C:\Users\Jako\AppData\Roaming\IDM 2017-12-21 14:14 - 2017-12-21 14:14 - 000001082 _____ C:\Users\Jako\Desktop\Internet Download Manager.lnk 2017-12-21 14:14 - 2017-12-21 14:14 - 000000000 ____D C:\Users\Jako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2017-12-21 14:14 - 2017-12-21 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2017-12-21 14:14 - 2017-12-21 14:14 - 000000000 ____D C:\ProgramData\IDM 2017-12-21 14:13 - 2017-12-21 14:14 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager 2017-12-21 14:12 - 2017-12-21 14:12 - 000000000 ____D C:\Users\Jako\AppData\Roaming\WinRAR 2017-12-21 13:34 - 2017-12-22 18:47 - 000002750 __RSH C:\ProgramData\ntuser.pol 2017-12-21 13:19 - 2017-12-21 13:19 - 000000000 __SHD C:\found.000 2017-12-21 12:11 - 2017-12-22 17:58 - 000000000 ____D C:\Users\Jako\AppData\Local\Google 2017-12-21 12:11 - 2017-12-22 17:57 - 000000000 ____D C:\Program Files (x86)\Google 2017-12-21 11:40 - 2017-12-21 11:40 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2017-12-21 06:48 - 2017-12-22 14:34 - 000000000 ____D C:\Program Files\VS Revo Group 2017-12-21 06:48 - 2017-12-21 06:48 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2017-12-21 06:48 - 2017-12-21 06:48 - 000000000 ____D C:\Users\Jako\AppData\Local\MicrosoftEdge 2017-12-21 06:48 - 2017-12-21 06:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2017-12-21 06:47 - 2017-12-21 06:47 - 000000895 _____ C:\Users\Jako\Desktop\µTorrent.lnk 2017-12-21 06:46 - 2017-12-21 07:02 - 000000000 ____D C:\Users\Jako\AppData\Roaming\uTorrent 2017-12-21 06:45 - 2017-12-21 06:45 - 000001148 _____ C:\Users\Public\Desktop\FastStone Capture.lnk 2017-12-21 06:45 - 2017-12-21 06:45 - 000001048 _____ C:\Users\Public\Desktop\WinRAR.lnk 2017-12-21 06:45 - 2017-12-21 06:45 - 000000000 ____D C:\Users\Jako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-12-21 06:45 - 2017-12-21 06:45 - 000000000 ____D C:\Users\Jako\AppData\Roaming\FastStone 2017-12-21 06:45 - 2017-12-21 06:45 - 000000000 ____D C:\Users\Jako\AppData\Local\FastStone 2017-12-21 06:45 - 2017-12-21 06:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-12-21 06:45 - 2017-12-21 06:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture 2017-12-21 06:45 - 2017-12-21 06:45 - 000000000 ____D C:\Program Files\WinRAR 2017-12-21 06:45 - 2017-12-21 06:45 - 000000000 ____D C:\Program Files (x86)\FastStone Capture 2017-12-21 06:43 - 2017-12-21 06:44 - 000000000 ____D C:\Users\Jako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks 2017-12-21 06:43 - 2017-12-21 06:44 - 000000000 ____D C:\Program Files (x86)\CodeBlocks 2017-12-21 06:43 - 2017-12-21 06:43 - 000001164 _____ C:\Users\Jako\Desktop\CodeBlocks.lnk 2017-12-21 06:43 - 2017-12-21 06:43 - 000000000 ____D C:\Users\Jako\AppData\Local\Comms 2017-12-21 06:43 - 2017-12-21 06:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks 2017-12-21 06:42 - 2017-12-21 06:42 - 000001087 _____ C:\Users\Public\Desktop\Adobe Photoshop CS6 x64.lnk 2017-12-21 06:42 - 2017-12-21 06:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe 2017-12-21 06:41 - 2017-12-21 06:41 - 000000000 ____D C:\Windows\System32\Tasks\S-1-5-21-1013118444-3060868979-3133423822-1001 2017-12-21 06:39 - 2017-12-21 16:26 - 000000000 ____D C:\Users\Jako\AppData\Local\Adobe 2017-12-21 06:39 - 2017-12-21 16:26 - 000000000 ____D C:\ProgramData\Adobe 2017-12-21 06:39 - 2017-12-21 06:40 - 000000000 ____D C:\Program Files\Common Files\Adobe 2017-12-21 06:39 - 2017-12-21 06:39 - 000000000 ____D C:\Users\Jako\AppData\Local\GlassWire 2017-12-21 06:39 - 2017-12-21 06:39 - 000000000 ____D C:\Program Files\Adobe 2017-12-21 06:39 - 2012-09-01 19:03 - 000000144 _____ C:\Users\Jako\AppData\Roaming\ACEConfigCache2.lst 2017-12-21 06:38 - 2017-12-21 06:38 - 000001974 _____ C:\Users\Public\Desktop\GlassWire.lnk 2017-12-21 06:38 - 2017-12-21 06:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlassWire 2017-12-21 06:38 - 2017-12-21 06:38 - 000000000 ____D C:\ProgramData\GlassWire 2017-12-21 06:38 - 2017-12-21 06:38 - 000000000 ____D C:\Program Files (x86)\GlassWire 2017-12-21 06:38 - 2015-05-29 05:30 - 000008392 _____ C:\Windows\system32\Drivers\gwdrv.cat 2017-12-21 06:38 - 2015-05-29 05:15 - 000033152 _____ (SecureMix LLC) C:\Windows\system32\Drivers\gwdrv.sys 2017-12-21 06:37 - 2017-12-23 08:22 - 000000000 ____D C:\Users\Jako\AppData\Roaming\vlc 2017-12-21 06:33 - 2017-12-21 06:33 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk 2017-12-21 06:33 - 2017-12-21 06:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2017-12-21 06:33 - 2017-12-21 06:33 - 000000000 ____D C:\Program Files\VideoLAN 2017-12-21 06:29 - 2017-12-22 09:24 - 000002408 _____ C:\Users\Jako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-12-21 06:29 - 2017-12-22 09:24 - 000000000 ___RD C:\Users\Jako\OneDrive 2017-12-21 06:28 - 2017-12-21 06:28 - 000000000 ____D C:\ProgramData\USOShared 2017-12-21 06:26 - 2017-12-21 06:26 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2017-12-21 06:25 - 2017-12-21 06:25 - 000000000 ____D C:\Users\Jako\AppData\Local\Publishers 2017-12-21 06:24 - 2017-12-23 06:39 - 000000000 ____D C:\Users\Jako 2017-12-21 06:24 - 2017-12-21 16:27 - 000000000 ____D C:\Users\Jako\AppData\Roaming\Adobe 2017-12-21 06:24 - 2017-12-21 15:33 - 000000000 ____D C:\Users\Jako\AppData\Local\Packages 2017-12-21 06:24 - 2017-12-21 06:24 - 000000020 ___SH C:\Users\Jako\ntuser.ini 2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\Voisinage réseau 2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\Voisinage d'impression 2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\Modèles 2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\Mes documents 2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\Menu Démarrer 2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\Documents\Mes vidéos 2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\Documents\Mes images 2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\Documents\Ma musique 2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 _SHDL C:\Users\Jako\AppData\Local\Historique 2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 ____D C:\Users\Jako\AppData\Local\VirtualStore 2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 ____D C:\Users\Jako\AppData\Local\TileDataLayer 2017-12-21 06:24 - 2017-12-21 06:24 - 000000000 ____D C:\Users\Jako\AppData\Local\ConnectedDevicesPlatform 2017-12-21 06:22 - 2017-12-23 06:42 - 002452250 _____ C:\Windows\system32\PerfStringBackup.INI 2017-12-21 06:20 - 2017-12-21 06:20 - 000000000 ____D C:\Windows\CSC 2017-12-21 06:20 - 2017-03-18 21:56 - 002233344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Public\Documents\Mes vidéos 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Public\Documents\Mes images 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Public\Documents\Ma musique 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\Voisinage réseau 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\Voisinage d'impression 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\Modèles 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\Mes documents 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\Menu Démarrer 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\Documents\Mes vidéos 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\Documents\Mes images 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\Documents\Ma musique 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historique 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default User\Documents\Mes vidéos 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default User\Documents\Mes images 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default User\Documents\Ma musique 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Historique 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\ProgramData\Modèles 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmes 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\ProgramData\Menu Démarrer 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\ProgramData\Bureau 2017-12-21 06:18 - 2017-12-21 06:18 - 000000000 _SHDL C:\Program Files\Fichiers communs 2017-12-21 06:11 - 2017-12-23 06:38 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-12-21 06:11 - 2017-12-21 06:11 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2017-12-21 06:10 - 2017-12-23 11:03 - 000000000 ____D C:\Windows\system32\SleepStudy 2017-12-21 06:10 - 2017-12-22 15:31 - 000226384 _____ C:\Windows\system32\FNTCACHE.DAT 2017-12-21 06:10 - 2017-12-21 06:10 - 000000000 ____D C:\Windows\ServiceProfiles 2017-12-21 06:02 - 2017-12-21 06:02 - 000008192 _____ C:\Windows\system32\config\userdiff 2017-12-21 05:34 - 2017-12-21 06:19 - 000000000 ___DC C:\Windows\Panther 2017-12-20 20:37 - 2017-12-21 06:08 - 000000000 ____D C:\Windows.old(1) 2017-12-11 14:52 - 2017-12-11 14:56 - 000000000 ____D C:\Users\Jako\Downloads\Internet Download Manager 6.30 Build 1 By GetPcSofts.NET 2017-12-08 23:00 - 2017-12-05 02:54 - 000226024 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-12-23 08:03 - 2016-05-02 12:47 - 000000000 ____D C:\Intel 2017-12-23 06:42 - 2017-03-20 06:10 - 001160504 _____ C:\Windows\system32\perfh00C.dat 2017-12-23 06:42 - 2017-03-20 06:10 - 000255382 _____ C:\Windows\system32\perfc00C.dat 2017-12-22 22:29 - 2017-03-18 12:40 - 000524288 _____ C:\Windows\system32\config\BBI 2017-12-22 10:09 - 2017-03-18 22:01 - 000000000 ____D C:\Windows\INF 2017-12-22 10:03 - 2016-04-23 17:32 - 000000000 ____D C:\SwSetup 2017-12-22 09:11 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\Help 2017-12-22 07:53 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy 2017-12-22 07:25 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\appcompat 2017-12-21 17:09 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-12-21 15:37 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\AppReadiness 2017-12-21 13:15 - 2017-03-18 22:03 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2017-12-21 06:28 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\USOPrivate 2017-12-21 06:21 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\system32\WinBioDatabase 2017-12-21 06:20 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\system32\spool 2017-12-21 06:20 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\system32\FxsTmp 2017-12-21 06:19 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-12-21 06:18 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows NT 2017-12-21 06:15 - 2017-03-18 12:40 - 000000000 ____D C:\Windows\system32\Sysprep 2017-12-21 06:13 - 2017-03-18 22:03 - 000000000 ___RD C:\Windows\PrintDialog 2017-12-21 06:13 - 2017-03-18 22:03 - 000000000 ___RD C:\Windows\MiracastView 2017-12-21 06:13 - 2017-03-18 22:03 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2017-12-21 06:12 - 2017-03-20 06:12 - 000000000 ____D C:\Windows\HoloShell 2017-12-21 06:11 - 2017-03-18 12:40 - 000032768 _____ C:\Windows\system32\config\ELAM 2017-12-21 06:09 - 2017-03-18 22:03 - 000028672 _____ C:\Windows\system32\config\BCD-Template 2017-12-21 06:08 - 2017-03-18 22:06 - 000000000 ____D C:\Windows\Setup ==================== Fichiers à la racine de certains dossiers ======= 2017-12-21 06:39 - 2012-09-01 19:03 - 000000144 _____ () C:\Users\Jako\AppData\Roaming\ACEConfigCache2.lst 2017-12-22 21:58 - 2017-12-22 21:58 - 000007600 _____ () C:\Users\Jako\AppData\Local\Resmon.ResmonCfg Certains fichiers dans TEMP: ==================== 2017-12-22 08:03 - 2017-12-22 08:03 - 000000000 _____ () C:\Users\Jako\AppData\Local\Temp\condefclean.exe 2017-12-22 14:37 - 2017-12-22 14:37 - 001527488 _____ (Microsoft Corporation) C:\Users\Jako\AppData\Local\Temp\dbghelp.dll 2017-12-22 14:37 - 2017-12-22 14:37 - 000167616 _____ (Microsoft Corporation) C:\Users\Jako\AppData\Local\Temp\symsrv.dll 2017-12-21 14:14 - 2017-12-21 14:14 - 000028160 _____ (Pasi Ruokola) C:\Users\Jako\AppData\Local\Temp\UnSigner.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement nointegritychecks: ==> "IntegrityChecks" is disabled. <==== ATTENTION LastRegBack: 2017-12-21 06:09 ==================== Fin de FRST.txt ============================