Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 02-10-2017 01
Exécuté par Dey (03-10-2017 16:21:20) Run:2
Exécuté depuis C:\Users\Dey\Desktop
Profils chargés: Dey (Profils disponibles: Dey)
Mode d'amorçage: Normal
==============================================
fixlist contenu:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction
HKU\S-1-5-21-801001018-2284383549-3194342212-1002\...\Run: [ycAutoLaunch_9DE7D2D9C02B2905FE216E3D877ACA49] => "C:\Users\Dey\AppData\Local\yc\Application\yc.exe" /prefetch:5
BootExecute: autocheck autochk * bootdelete
GroupPolicy: Restriction - Chrome
GroupPolicy\User: Restriction
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
2017-10-03 08:47 - 2017-10-03 09:01 - 000000000 ____D C:\Users\Dey\AppData\Roaming\61266e7bc0f446c8ab5529800e370dbc
2017-10-03 08:47 - 2017-10-03 09:01 - 000000000 ____D C:\Users\Dey\AppData\Roaming\049f2a0ee4844caca0899f6e33bcb41b
2017-10-03 08:38 - 2017-10-03 08:38 - 000001758 _____ C:\Users\Dey\Downloads\[APP] Malwarebytes Premium v3.1.2.1733.torrent
2017-10-03 08:34 - 2017-10-03 09:04 - 000000000 ____D C:\Users\Dey\AppData\Local\72233ec182e047809c58eeb3db02cdf6
2017-10-03 08:34 - 2017-10-03 09:01 - 000000000 ____D C:\Users\Dey\AppData\Local\5a60419f1a40485abefc4f962582aefe
2017-10-03 08:34 - 2017-10-03 08:34 - 000016876 _____ C:\Windows\System32\Tasks\Complete Pazeral Version
2017-10-03 08:33 - 2017-10-03 09:01 - 000000000 ____D C:\Users\Dey\AppData\Roaming\b9d73c9921ce4aebbc9b2c98ea10c200
2017-10-03 08:17 - 2017-10-03 08:17 - 000000000 ____D C:\Users\Dey\AppData\LocalLow\zwMRXEuCYLuhR
2017-10-03 08:13 - 2017-10-03 08:13 - 005189808 _____ (Enigma Software Group USA, LLC.) C:\Users\Dey\Downloads\SpyHunter-Installer.exe
2017-10-03 08:06 - 2017-10-03 08:06 - 000012049 _____ C:\Users\Dey\Downloads\Avast! 2017 Premier 17.1.3394.0 + Keys.torrent
2017-10-03 08:00 - 2017-10-03 08:00 - 000021574 _____ C:\Windows\System32\Tasks\xJPvtawF7eEW
2017-10-03 07:50 - 2017-10-03 07:50 - 000019075 _____ C:\Users\Dey\Downloads\Eset Nod32 Antivirus 2017 v10.1.219.1 + License Finder.torrent
2017-10-03 06:59 - 2017-10-03 06:59 - 000003578 _____ C:\Users\Dey\Downloads\CCleaner Professional 5.32 Build 6129 + Keygen (1).torrent
2017-10-03 06:55 - 2017-10-03 06:55 - 000002236 _____ C:\Users\Dey\Downloads\CCleaner 5.33.6162 Pro+Business+Technician + Keygen.torrent
2017-10-03 06:49 - 2017-10-03 06:49 - 000000000 ____H C:\Windows\system32\BIT35CF.tmp
2017-10-03 06:44 - 2017-10-03 06:44 - 000000000 ____D C:\Users\Dey\AppData\Local\Chromium
2017-10-03 06:24 - 2017-10-03 06:26 - 000000000 ____D C:\Users\Dey\AppData\Roaming\curl
2017-10-03 06:17 - 2017-10-03 10:45 - 000000000 ____D C:\Program Files\Common Files\DBUXYQWDQG
2017-10-03 06:16 - 2017-10-03 10:46 - 000000000 ____D C:\Users\Dey\AppData\Roaming\6975a36227ea484dab155098ca7676ea
2017-10-03 06:16 - 2017-10-03 10:46 - 000000000 ____D C:\Users\Dey\AppData\Local\cb3900deb96a43ff8278c2d71b5d74fd
2017-10-03 06:16 - 2017-10-03 10:46 - 000000000 ____D C:\Users\Dey\AppData\Local\bde1feab4ddf4f848b805d6759c79a63
2017-10-03 06:16 - 2017-10-03 10:46 - 000000000 ____D C:\Users\Dey\AppData\Local\71d2aec67da84d3aad10a82c58022c5a
2017-10-03 06:22 - 2017-10-03 06:22 - 064938720 _____ (Kometa LCC) C:\Users\Dey\AppData\Local\Temp\517xewJ7Kfpb.exe
2017-10-03 06:27 - 2017-10-03 06:27 - 001668072 ____N () C:\Users\Dey\AppData\Local\Temp\cCrElKcAib5S.exe
2017-10-03 06:23 - 2017-10-03 06:23 - 004568485 ____N () C:\Users\Dey\AppData\Local\Temp\dJZUbmeSnTeJ.exe
2017-10-03 06:20 - 2017-10-03 06:20 - 001668072 _____ () C:\Users\Dey\AppData\Local\Temp\GLzjkFRaYjak.exe
2017-10-03 06:28 - 2017-10-03 06:28 - 001668072 ____N () C:\Users\Dey\AppData\Local\Temp\I1QImxuT9By2.exe
2017-10-03 09:49 - 2017-10-03 09:49 - 071089112 _____ (Malwarebytes ) C:\Users\Dey\AppData\Local\Temp\mb3-setup-35891.35891-3.2.2.2029-1.0.207-1.0.2899.exe
2017-10-03 06:17 - 2017-10-03 06:17 - 001746722 _____ () C:\Users\Dey\AppData\Local\Temp\mdEeGf3NG73d.exe
2017-10-03 06:24 - 2017-10-03 06:24 - 038316032 ____N (The Chromium Authors) C:\Users\Dey\AppData\Local\Temp\O9bTg8Tp5FTi.exe
2017-10-03 06:18 - 2017-10-03 06:18 - 001668072 _____ () C:\Users\Dey\AppData\Local\Temp\Q9QVjJym8g4B.exe
2017-10-03 06:18 - 2017-10-03 06:18 - 001746722 _____ () C:\Users\Dey\AppData\Local\Temp\t2BS0C3B5onN.exe
2017-10-03 06:20 - 2017-10-03 06:20 - 064938720 _____ (Kometa LCC) C:\Users\Dey\AppData\Local\Temp\vDt9tYCxpmUZ.exe
2017-10-03 06:24 - 2017-10-03 06:24 - 004568485 ____N () C:\Users\Dey\AppData\Local\Temp\WJBgFu9yY8s7.exe
2017-10-03 06:22 - 2017-10-03 06:22 - 038316032 _____ (The Chromium Authors) C:\Users\Dey\AppData\Local\Temp\WsqT0zLQeSLE.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
Task: {07E94DF5-EEC0-4856-B568-4B15208F80B0} - \My94 Chronicles Software -> Pas de fichier
Task: {3050CC84-B221-4785-8F21-D1BE87432C4E} - System32\Tasks\xJPvtawF7eEW => xjpvtawf7eew.exe
Task: {4C90CFFB-2F17-4407-8233-E43727098C05} - \Intel(R) Management Management -> Pas de fichier
Task: {5C3B3CEC-9B04-4FD7-AE99-6993616BACB2} - \GoogleUpdateSecurityTaskMachine_MS -> Pas de fichier
Task: {7A063860-D77B-4A97-9453-F4DA963E7241} - \GoogleUpdateSecurityTaskMachine_EW -> Pas de fichier
Task: {853F9A6B-1F07-46DD-995F-20ACE9751896} - \GoogleUpdateSecurityTaskMachine_AA -> Pas de fichier
Task: {90B4CA58-4261-4DDA-B634-7FCE6AFFF115} - \GoogleUpdateSecurityTaskMachine_YX -> Pas de fichier
Task: {A0D9F4C7-D29E-4534-B006-EAE8F52A6F2D} - System32\Tasks\setupsk_upd => C:\Users\Dey\AppData\Roaming\SETUPS~1\python\pythonw.exe
Task: {AFDA6D44-1DBC-43D4-9DAD-A14685BA9E5F} - \GoogleUpdateSecurityTaskMachine_HD -> Pas de fichier
Task: {B8E44DE9-BE06-4396-BF47-21FD8A87C368} - System32\Tasks\setupsk => C:\Users\Dey\AppData\Roaming\setupsk\python\pythonw.exe
Task: {CC091DDA-0DE0-4F62-AD9F-93B785AA863B} - System32\Tasks\GoogleUpdateSecurityTaskMachine_VE => C:\ProgramData\0c38375e945c4698a944ed5f06b0ce8c\chipset.exe exec hide MKKPPGCUHS.cmd
Task: {DD9AD7A2-158B-4D8A-A60C-68F482375DED} - System32\Tasks\SHAlph => C:\Windows\system32\rundll32.exe "C:\Program Files\SHAlph\SHAlph.dll",DGCDvRfgO
Task: {E00CDEC8-9B49-4A79-A344-FDAB4118415C} - System32\Tasks\Complete Pazeral Version => C:\Windows\system32\rundll32.exe "C:\Program Files\Complete Pazeral Version\Complete Pazeral Version.dll",weScwGd
Task: C:\Windows\Tasks\wupdate.job => C:\Users\Dey\AppData\Local\wupdate\wupdate.exe
EmptyTemp:
*****************
Le Point de restauration a été créé avec succès.
Processus fermé avec succès.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe => restauré(es) avec succès
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => clé impossible à supprimer, clé était peut-être protégé(e)
HKU\S-1-5-21-801001018-2284383549-3194342212-1002\Software\Microsoft\Windows\CurrentVersion\Run\\ycAutoLaunch_9DE7D2D9C02B2905FE216E3D877ACA49 => valeur non trouvé(e).
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => valeur restauré(es) avec succès
"C:\Windows\system32\GroupPolicy\Machine" => non trouvé(e).
"C:\Windows\system32\GroupPolicy\User" => non trouvé(e).
ZAM => service non trouvé(e).
"C:\Users\Dey\AppData\Roaming\61266e7bc0f446c8ab5529800e370dbc" => non trouvé(e).
"C:\Users\Dey\AppData\Roaming\049f2a0ee4844caca0899f6e33bcb41b" => non trouvé(e).
"C:\Users\Dey\Downloads\[APP] Malwarebytes Premium v3.1.2.1733.torrent" => non trouvé(e).
"C:\Users\Dey\AppData\Local\72233ec182e047809c58eeb3db02cdf6" => non trouvé(e).
"C:\Users\Dey\AppData\Local\5a60419f1a40485abefc4f962582aefe" => non trouvé(e).
"C:\Windows\System32\Tasks\Complete Pazeral Version" => non trouvé(e).
"C:\Users\Dey\AppData\Roaming\b9d73c9921ce4aebbc9b2c98ea10c200" => non trouvé(e).
"C:\Users\Dey\AppData\LocalLow\zwMRXEuCYLuhR" => non trouvé(e).
"C:\Users\Dey\Downloads\SpyHunter-Installer.exe" => non trouvé(e).
"C:\Users\Dey\Downloads\Avast! 2017 Premier 17.1.3394.0 + Keys.torrent" => non trouvé(e).
"C:\Windows\System32\Tasks\xJPvtawF7eEW" => non trouvé(e).
"C:\Users\Dey\Downloads\Eset Nod32 Antivirus 2017 v10.1.219.1 + License Finder.torrent" => non trouvé(e).
"C:\Users\Dey\Downloads\CCleaner Professional 5.32 Build 6129 + Keygen (1).torrent" => non trouvé(e).
"C:\Users\Dey\Downloads\CCleaner 5.33.6162 Pro+Business+Technician + Keygen.torrent" => non trouvé(e).
"C:\Windows\system32\BIT35CF.tmp" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Chromium" => non trouvé(e).
"C:\Users\Dey\AppData\Roaming\curl" => non trouvé(e).
"C:\Program Files\Common Files\DBUXYQWDQG" => non trouvé(e).
"C:\Users\Dey\AppData\Roaming\6975a36227ea484dab155098ca7676ea" => non trouvé(e).
"C:\Users\Dey\AppData\Local\cb3900deb96a43ff8278c2d71b5d74fd" => non trouvé(e).
"C:\Users\Dey\AppData\Local\bde1feab4ddf4f848b805d6759c79a63" => non trouvé(e).
"C:\Users\Dey\AppData\Local\71d2aec67da84d3aad10a82c58022c5a" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\517xewJ7Kfpb.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\cCrElKcAib5S.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\dJZUbmeSnTeJ.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\GLzjkFRaYjak.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\I1QImxuT9By2.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\mb3-setup-35891.35891-3.2.2.2029-1.0.207-1.0.2899.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\mdEeGf3NG73d.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\O9bTg8Tp5FTi.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\Q9QVjJym8g4B.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\t2BS0C3B5onN.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\vDt9tYCxpmUZ.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\WJBgFu9yY8s7.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\WsqT0zLQeSLE.exe" => non trouvé(e).
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => clé non trouvé(e).
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07E94DF5-EEC0-4856-B568-4B15208F80B0} => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\My94 Chronicles Software => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3050CC84-B221-4785-8F21-D1BE87432C4E} => clé non trouvé(e).
C:\Windows\System32\Tasks\xJPvtawF7eEW => non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\xJPvtawF7eEW => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C90CFFB-2F17-4407-8233-E43727098C05} => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel(R) Management Management => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C3B3CEC-9B04-4FD7-AE99-6993616BACB2} => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateSecurityTaskMachine_MS => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A063860-D77B-4A97-9453-F4DA963E7241} => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateSecurityTaskMachine_EW => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{853F9A6B-1F07-46DD-995F-20ACE9751896} => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateSecurityTaskMachine_AA => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90B4CA58-4261-4DDA-B634-7FCE6AFFF115} => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateSecurityTaskMachine_YX => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0D9F4C7-D29E-4534-B006-EAE8F52A6F2D} => clé non trouvé(e).
C:\Windows\System32\Tasks\setupsk_upd => non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\setupsk_upd => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFDA6D44-1DBC-43D4-9DAD-A14685BA9E5F} => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateSecurityTaskMachine_HD => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8E44DE9-BE06-4396-BF47-21FD8A87C368} => clé non trouvé(e).
C:\Windows\System32\Tasks\setupsk => non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\setupsk => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC091DDA-0DE0-4F62-AD9F-93B785AA863B} => clé non trouvé(e).
C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_VE => non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateSecurityTaskMachine_VE => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD9AD7A2-158B-4D8A-A60C-68F482375DED} => clé non trouvé(e).
C:\Windows\System32\Tasks\SHAlph => non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SHAlph => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E00CDEC8-9B49-4A79-A344-FDAB4118415C} => clé non trouvé(e).
C:\Windows\System32\Tasks\Complete Pazeral Version => non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Complete Pazeral Version => clé non trouvé(e).
C:\Windows\Tasks\wupdate.job => non trouvé(e).
=========== EmptyTemp: ==========
BITS transfer queue => 8413184 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7384456 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 11214 B
Edge => 0 B
Chrome => 12578602 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 886 B
NetworkService => 2846 B
defaultuser0 => 0 B
Dey => 2054335 B
RecycleBin => 0 B
EmptyTemp: => 29 MB données temporaires supprimées.
================================
Résultats du déplacement planifié des fichiers (Mode d'amorçage: Normal) (Date&Heure: 03-10-2017 16:28:46)
Résultats de la suppression planifiée des clés après redémarrage:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => clé supprimé(es) avec succès
==== Fin de Fixlog 16:28:46 ====
Exécuté par Dey (03-10-2017 16:21:20) Run:2
Exécuté depuis C:\Users\Dey\Desktop
Profils chargés: Dey (Profils disponibles: Dey)
Mode d'amorçage: Normal
==============================================
fixlist contenu:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction
HKU\S-1-5-21-801001018-2284383549-3194342212-1002\...\Run: [ycAutoLaunch_9DE7D2D9C02B2905FE216E3D877ACA49] => "C:\Users\Dey\AppData\Local\yc\Application\yc.exe" /prefetch:5
BootExecute: autocheck autochk * bootdelete
GroupPolicy: Restriction - Chrome
GroupPolicy\User: Restriction
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
2017-10-03 08:47 - 2017-10-03 09:01 - 000000000 ____D C:\Users\Dey\AppData\Roaming\61266e7bc0f446c8ab5529800e370dbc
2017-10-03 08:47 - 2017-10-03 09:01 - 000000000 ____D C:\Users\Dey\AppData\Roaming\049f2a0ee4844caca0899f6e33bcb41b
2017-10-03 08:38 - 2017-10-03 08:38 - 000001758 _____ C:\Users\Dey\Downloads\[APP] Malwarebytes Premium v3.1.2.1733.torrent
2017-10-03 08:34 - 2017-10-03 09:04 - 000000000 ____D C:\Users\Dey\AppData\Local\72233ec182e047809c58eeb3db02cdf6
2017-10-03 08:34 - 2017-10-03 09:01 - 000000000 ____D C:\Users\Dey\AppData\Local\5a60419f1a40485abefc4f962582aefe
2017-10-03 08:34 - 2017-10-03 08:34 - 000016876 _____ C:\Windows\System32\Tasks\Complete Pazeral Version
2017-10-03 08:33 - 2017-10-03 09:01 - 000000000 ____D C:\Users\Dey\AppData\Roaming\b9d73c9921ce4aebbc9b2c98ea10c200
2017-10-03 08:17 - 2017-10-03 08:17 - 000000000 ____D C:\Users\Dey\AppData\LocalLow\zwMRXEuCYLuhR
2017-10-03 08:13 - 2017-10-03 08:13 - 005189808 _____ (Enigma Software Group USA, LLC.) C:\Users\Dey\Downloads\SpyHunter-Installer.exe
2017-10-03 08:06 - 2017-10-03 08:06 - 000012049 _____ C:\Users\Dey\Downloads\Avast! 2017 Premier 17.1.3394.0 + Keys.torrent
2017-10-03 08:00 - 2017-10-03 08:00 - 000021574 _____ C:\Windows\System32\Tasks\xJPvtawF7eEW
2017-10-03 07:50 - 2017-10-03 07:50 - 000019075 _____ C:\Users\Dey\Downloads\Eset Nod32 Antivirus 2017 v10.1.219.1 + License Finder.torrent
2017-10-03 06:59 - 2017-10-03 06:59 - 000003578 _____ C:\Users\Dey\Downloads\CCleaner Professional 5.32 Build 6129 + Keygen (1).torrent
2017-10-03 06:55 - 2017-10-03 06:55 - 000002236 _____ C:\Users\Dey\Downloads\CCleaner 5.33.6162 Pro+Business+Technician + Keygen.torrent
2017-10-03 06:49 - 2017-10-03 06:49 - 000000000 ____H C:\Windows\system32\BIT35CF.tmp
2017-10-03 06:44 - 2017-10-03 06:44 - 000000000 ____D C:\Users\Dey\AppData\Local\Chromium
2017-10-03 06:24 - 2017-10-03 06:26 - 000000000 ____D C:\Users\Dey\AppData\Roaming\curl
2017-10-03 06:17 - 2017-10-03 10:45 - 000000000 ____D C:\Program Files\Common Files\DBUXYQWDQG
2017-10-03 06:16 - 2017-10-03 10:46 - 000000000 ____D C:\Users\Dey\AppData\Roaming\6975a36227ea484dab155098ca7676ea
2017-10-03 06:16 - 2017-10-03 10:46 - 000000000 ____D C:\Users\Dey\AppData\Local\cb3900deb96a43ff8278c2d71b5d74fd
2017-10-03 06:16 - 2017-10-03 10:46 - 000000000 ____D C:\Users\Dey\AppData\Local\bde1feab4ddf4f848b805d6759c79a63
2017-10-03 06:16 - 2017-10-03 10:46 - 000000000 ____D C:\Users\Dey\AppData\Local\71d2aec67da84d3aad10a82c58022c5a
2017-10-03 06:22 - 2017-10-03 06:22 - 064938720 _____ (Kometa LCC) C:\Users\Dey\AppData\Local\Temp\517xewJ7Kfpb.exe
2017-10-03 06:27 - 2017-10-03 06:27 - 001668072 ____N () C:\Users\Dey\AppData\Local\Temp\cCrElKcAib5S.exe
2017-10-03 06:23 - 2017-10-03 06:23 - 004568485 ____N () C:\Users\Dey\AppData\Local\Temp\dJZUbmeSnTeJ.exe
2017-10-03 06:20 - 2017-10-03 06:20 - 001668072 _____ () C:\Users\Dey\AppData\Local\Temp\GLzjkFRaYjak.exe
2017-10-03 06:28 - 2017-10-03 06:28 - 001668072 ____N () C:\Users\Dey\AppData\Local\Temp\I1QImxuT9By2.exe
2017-10-03 09:49 - 2017-10-03 09:49 - 071089112 _____ (Malwarebytes ) C:\Users\Dey\AppData\Local\Temp\mb3-setup-35891.35891-3.2.2.2029-1.0.207-1.0.2899.exe
2017-10-03 06:17 - 2017-10-03 06:17 - 001746722 _____ () C:\Users\Dey\AppData\Local\Temp\mdEeGf3NG73d.exe
2017-10-03 06:24 - 2017-10-03 06:24 - 038316032 ____N (The Chromium Authors) C:\Users\Dey\AppData\Local\Temp\O9bTg8Tp5FTi.exe
2017-10-03 06:18 - 2017-10-03 06:18 - 001668072 _____ () C:\Users\Dey\AppData\Local\Temp\Q9QVjJym8g4B.exe
2017-10-03 06:18 - 2017-10-03 06:18 - 001746722 _____ () C:\Users\Dey\AppData\Local\Temp\t2BS0C3B5onN.exe
2017-10-03 06:20 - 2017-10-03 06:20 - 064938720 _____ (Kometa LCC) C:\Users\Dey\AppData\Local\Temp\vDt9tYCxpmUZ.exe
2017-10-03 06:24 - 2017-10-03 06:24 - 004568485 ____N () C:\Users\Dey\AppData\Local\Temp\WJBgFu9yY8s7.exe
2017-10-03 06:22 - 2017-10-03 06:22 - 038316032 _____ (The Chromium Authors) C:\Users\Dey\AppData\Local\Temp\WsqT0zLQeSLE.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
Task: {07E94DF5-EEC0-4856-B568-4B15208F80B0} - \My94 Chronicles Software -> Pas de fichier
Task: {3050CC84-B221-4785-8F21-D1BE87432C4E} - System32\Tasks\xJPvtawF7eEW => xjpvtawf7eew.exe
Task: {4C90CFFB-2F17-4407-8233-E43727098C05} - \Intel(R) Management Management -> Pas de fichier
Task: {5C3B3CEC-9B04-4FD7-AE99-6993616BACB2} - \GoogleUpdateSecurityTaskMachine_MS -> Pas de fichier
Task: {7A063860-D77B-4A97-9453-F4DA963E7241} - \GoogleUpdateSecurityTaskMachine_EW -> Pas de fichier
Task: {853F9A6B-1F07-46DD-995F-20ACE9751896} - \GoogleUpdateSecurityTaskMachine_AA -> Pas de fichier
Task: {90B4CA58-4261-4DDA-B634-7FCE6AFFF115} - \GoogleUpdateSecurityTaskMachine_YX -> Pas de fichier
Task: {A0D9F4C7-D29E-4534-B006-EAE8F52A6F2D} - System32\Tasks\setupsk_upd => C:\Users\Dey\AppData\Roaming\SETUPS~1\python\pythonw.exe
Task: {AFDA6D44-1DBC-43D4-9DAD-A14685BA9E5F} - \GoogleUpdateSecurityTaskMachine_HD -> Pas de fichier
Task: {B8E44DE9-BE06-4396-BF47-21FD8A87C368} - System32\Tasks\setupsk => C:\Users\Dey\AppData\Roaming\setupsk\python\pythonw.exe
Task: {CC091DDA-0DE0-4F62-AD9F-93B785AA863B} - System32\Tasks\GoogleUpdateSecurityTaskMachine_VE => C:\ProgramData\0c38375e945c4698a944ed5f06b0ce8c\chipset.exe exec hide MKKPPGCUHS.cmd
Task: {DD9AD7A2-158B-4D8A-A60C-68F482375DED} - System32\Tasks\SHAlph => C:\Windows\system32\rundll32.exe "C:\Program Files\SHAlph\SHAlph.dll",DGCDvRfgO
Task: {E00CDEC8-9B49-4A79-A344-FDAB4118415C} - System32\Tasks\Complete Pazeral Version => C:\Windows\system32\rundll32.exe "C:\Program Files\Complete Pazeral Version\Complete Pazeral Version.dll",weScwGd
Task: C:\Windows\Tasks\wupdate.job => C:\Users\Dey\AppData\Local\wupdate\wupdate.exe
EmptyTemp:
*****************
Le Point de restauration a été créé avec succès.
Processus fermé avec succès.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe => restauré(es) avec succès
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => clé impossible à supprimer, clé était peut-être protégé(e)
HKU\S-1-5-21-801001018-2284383549-3194342212-1002\Software\Microsoft\Windows\CurrentVersion\Run\\ycAutoLaunch_9DE7D2D9C02B2905FE216E3D877ACA49 => valeur non trouvé(e).
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => valeur restauré(es) avec succès
"C:\Windows\system32\GroupPolicy\Machine" => non trouvé(e).
"C:\Windows\system32\GroupPolicy\User" => non trouvé(e).
ZAM => service non trouvé(e).
"C:\Users\Dey\AppData\Roaming\61266e7bc0f446c8ab5529800e370dbc" => non trouvé(e).
"C:\Users\Dey\AppData\Roaming\049f2a0ee4844caca0899f6e33bcb41b" => non trouvé(e).
"C:\Users\Dey\Downloads\[APP] Malwarebytes Premium v3.1.2.1733.torrent" => non trouvé(e).
"C:\Users\Dey\AppData\Local\72233ec182e047809c58eeb3db02cdf6" => non trouvé(e).
"C:\Users\Dey\AppData\Local\5a60419f1a40485abefc4f962582aefe" => non trouvé(e).
"C:\Windows\System32\Tasks\Complete Pazeral Version" => non trouvé(e).
"C:\Users\Dey\AppData\Roaming\b9d73c9921ce4aebbc9b2c98ea10c200" => non trouvé(e).
"C:\Users\Dey\AppData\LocalLow\zwMRXEuCYLuhR" => non trouvé(e).
"C:\Users\Dey\Downloads\SpyHunter-Installer.exe" => non trouvé(e).
"C:\Users\Dey\Downloads\Avast! 2017 Premier 17.1.3394.0 + Keys.torrent" => non trouvé(e).
"C:\Windows\System32\Tasks\xJPvtawF7eEW" => non trouvé(e).
"C:\Users\Dey\Downloads\Eset Nod32 Antivirus 2017 v10.1.219.1 + License Finder.torrent" => non trouvé(e).
"C:\Users\Dey\Downloads\CCleaner Professional 5.32 Build 6129 + Keygen (1).torrent" => non trouvé(e).
"C:\Users\Dey\Downloads\CCleaner 5.33.6162 Pro+Business+Technician + Keygen.torrent" => non trouvé(e).
"C:\Windows\system32\BIT35CF.tmp" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Chromium" => non trouvé(e).
"C:\Users\Dey\AppData\Roaming\curl" => non trouvé(e).
"C:\Program Files\Common Files\DBUXYQWDQG" => non trouvé(e).
"C:\Users\Dey\AppData\Roaming\6975a36227ea484dab155098ca7676ea" => non trouvé(e).
"C:\Users\Dey\AppData\Local\cb3900deb96a43ff8278c2d71b5d74fd" => non trouvé(e).
"C:\Users\Dey\AppData\Local\bde1feab4ddf4f848b805d6759c79a63" => non trouvé(e).
"C:\Users\Dey\AppData\Local\71d2aec67da84d3aad10a82c58022c5a" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\517xewJ7Kfpb.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\cCrElKcAib5S.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\dJZUbmeSnTeJ.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\GLzjkFRaYjak.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\I1QImxuT9By2.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\mb3-setup-35891.35891-3.2.2.2029-1.0.207-1.0.2899.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\mdEeGf3NG73d.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\O9bTg8Tp5FTi.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\Q9QVjJym8g4B.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\t2BS0C3B5onN.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\vDt9tYCxpmUZ.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\WJBgFu9yY8s7.exe" => non trouvé(e).
"C:\Users\Dey\AppData\Local\Temp\WsqT0zLQeSLE.exe" => non trouvé(e).
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => clé non trouvé(e).
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07E94DF5-EEC0-4856-B568-4B15208F80B0} => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\My94 Chronicles Software => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3050CC84-B221-4785-8F21-D1BE87432C4E} => clé non trouvé(e).
C:\Windows\System32\Tasks\xJPvtawF7eEW => non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\xJPvtawF7eEW => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C90CFFB-2F17-4407-8233-E43727098C05} => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel(R) Management Management => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C3B3CEC-9B04-4FD7-AE99-6993616BACB2} => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateSecurityTaskMachine_MS => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A063860-D77B-4A97-9453-F4DA963E7241} => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateSecurityTaskMachine_EW => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{853F9A6B-1F07-46DD-995F-20ACE9751896} => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateSecurityTaskMachine_AA => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90B4CA58-4261-4DDA-B634-7FCE6AFFF115} => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateSecurityTaskMachine_YX => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0D9F4C7-D29E-4534-B006-EAE8F52A6F2D} => clé non trouvé(e).
C:\Windows\System32\Tasks\setupsk_upd => non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\setupsk_upd => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFDA6D44-1DBC-43D4-9DAD-A14685BA9E5F} => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateSecurityTaskMachine_HD => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8E44DE9-BE06-4396-BF47-21FD8A87C368} => clé non trouvé(e).
C:\Windows\System32\Tasks\setupsk => non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\setupsk => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC091DDA-0DE0-4F62-AD9F-93B785AA863B} => clé non trouvé(e).
C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_VE => non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateSecurityTaskMachine_VE => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD9AD7A2-158B-4D8A-A60C-68F482375DED} => clé non trouvé(e).
C:\Windows\System32\Tasks\SHAlph => non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SHAlph => clé non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E00CDEC8-9B49-4A79-A344-FDAB4118415C} => clé non trouvé(e).
C:\Windows\System32\Tasks\Complete Pazeral Version => non trouvé(e).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Complete Pazeral Version => clé non trouvé(e).
C:\Windows\Tasks\wupdate.job => non trouvé(e).
=========== EmptyTemp: ==========
BITS transfer queue => 8413184 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7384456 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 11214 B
Edge => 0 B
Chrome => 12578602 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 886 B
NetworkService => 2846 B
defaultuser0 => 0 B
Dey => 2054335 B
RecycleBin => 0 B
EmptyTemp: => 29 MB données temporaires supprimées.
================================
Résultats du déplacement planifié des fichiers (Mode d'amorçage: Normal) (Date&Heure: 03-10-2017 16:28:46)
Résultats de la suppression planifiée des clés après redémarrage:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => clé supprimé(es) avec succès
==== Fin de Fixlog 16:28:46 ====