start:: CreateRestorePoint: CloseProcesses: Task: {01C9E0E6-A6C5-4EDE-9706-71ADB478EC56} - System32\Tasks\{270FD3BE-B730-4B1D-9353-5999F0B6960B} => C:\Program Files (x86)\Steam\steamapps\common\Deus Ex\System\HDTP.exe [0 2015-09-27] () <==== ATTENTION [zéro octet Fichier/Dossier] Task: {3E895FF0-F9BE-48F3-A552-8AB5A12DAEC4} - System32\Tasks\{37FBA1BD-B2B4-4A60-9605-3126DBC6F807} => C:\Program Files (x86)\Steam\steamapps\common\Deus Ex\System\HDTP.exe [0 2015-09-27] () <==== ATTENTION [zéro octet Fichier/Dossier] Task: {58895992-C7AD-4C91-BBA9-5316DA782177} - System32\Tasks\{BD4F87A5-EBA3-4BEE-9109-ACDFDC193509} => C:\Program Files (x86)\Steam\steamapps\common\Deus Ex\System\HDTP.exe [0 2015-09-27] () <==== ATTENTION [zéro octet Fichier/Dossier] Task: {A50B5D5D-34E8-4687-8F11-2591C96EB021} - System32\Tasks\{7CEA5288-D58B-4505-A2E8-592D1736BA36} => C:\Program Files (x86)\Steam\steamapps\common\Deus Ex\System\HDTP.exe [0 2015-09-27] () <==== ATTENTION [zéro octet Fichier/Dossier] Task: {D64B3EAE-5CB0-4425-B036-B2B935102529} - System32\Tasks\{A56E0B95-F3AA-4BC0-8B25-F3297A558C02} => C:\Program Files (x86)\Steam\steamapps\common\Deus Ex\System\HDTP.exe [0 2015-09-27] () <==== ATTENTION [zéro octet Fichier/Dossier] Task: {E8446C7E-CA90-4E84-B9D9-EE1F9C615702} - System32\Tasks\{972F316F-8B4F-46E5-A956-9991ECE2C598} => C:\Program Files (x86)\Steam\steamapps\common\Deus Ex\System\HDTP.exe [0 2015-09-27] () <==== ATTENTION [zéro octet Fichier/Dossier] Task: {1FEBA1DC-D08D-4061-9385-DDFB73149EB1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd) Task: {0172E992-E646-49FF-8B3A-469A29270AA3} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Pas de fichier) AV: Avira Antivirus (Disabled - Up to date) {8A154ED8-4428-DB2D-0E3F-BD82C448FD94} HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKU\S-1-5-21-1588995219-2367049014-1334204774-501\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp StartRegEdit: Windows Registry Editor Version 5.00 [HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{CFE28A1A-7A3B-4F2E-A126-30E22FCA2ACF}:] "DhcpNameServer"="" EndRegEdit: DeleteValue: HKU\S-1-5-21-1588995219-2367049014-1334204774-1000\\Software\Microsoft\Windows\CurrentVersion\Run|Sidebar] C:\Users\Basile\AppData\Local\Google\Chrome\User Data\Default\File System\000 DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D3E5A972-9A15-427D-AE78-8181A5FD943C} DeleteKey: HKLM\Software\Classes\Installer\Products\279A5E3D51A9D724EA8718185ADF49C3 DeleteKey: HKLM\Software\Classes\Installer\Features\279A5E3D51A9D724EA8718185ADF49C3 DeleteKey: HKCU\Software\Microsoft\Installer\Products\279A5E3D51A9D724EA8718185ADF49C3 DeleteKey: HKCU\Software\Microsoft\Installer\Features\279A5E3D51A9D724EA8718185ADF49C3 c:\Windows\Installer\{D3E5A972-9A15-427D-AE78-8181A5FD943C}\_6FEFF9B68218417F98F549.exe DeleteKey: HKCU\SOFTWARE\Chromium C:\Users\Basile\AppData\Local\Chromium unlock: C:\WINDOWS\System32\Drivers\MbamChameleon.sys DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon) C:\WINDOWS\System32\Drivers\MbamChameleon.sys unlock: C:\WINDOWS\System32\DRIVERS\MbamElam.sys DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\MbamElam) C:\WINDOWS\System32\DRIVERS\MbamElam.sys unlock: C:\WINDOWS\system32\DRIVERS\mbam.sys DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection) C:\WINDOWS\system32\DRIVERS\mbam.sys unlock: C:\WINDOWS\System32\Drivers\mbamswissarmy.sys DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy) C:\WINDOWS\System32\Drivers\mbamswissarmy.sys DeleteKey: HKU\.DEFAULT\SOFTWARE\Malwarebytes DeleteKey: HKU\S-1-5-21-1588995219-2367049014-1334204774-1000\SOFTWARE\Malwarebytes C:\Program Files\Malwarebytes C:\ProgramData\Malwarebytes unlock: C:\WINDOWS\System32\drivers\mbae64.sys C:\WINDOWS\System32\drivers\mbae64.sys unlock: C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\AntivirProtectedService) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe unlock: C:\WINDOWS\System32\DRIVERS\avdevprot.sys DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\avdevprot) C:\WINDOWS\System32\DRIVERS\avdevprot.sys unlock: C:\WINDOWS\System32\drivers\avelam.sys DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\avelam) C:\WINDOWS\System32\drivers\avelam.sys DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|Avira SystrayStartTrigger DeleteKey: HKLM\SOFTWARE\WOW6432Node\X-AVCSD C:\Program Files (x86)\Avira C:\ProgramData\Avira C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Avira unlock: C:\WINDOWS\System32\drivers\avgntflt.sys C:\WINDOWS\System32\drivers\avgntflt.sys unlock: C:\WINDOWS\System32\drivers\avipbb.sys C:\WINDOWS\System32\drivers\avipbb.sys unlock: C:\WINDOWS\System32\drivers\avkmgr.sys C:\WINDOWS\System32\drivers\avkmgr.sys unlock: C:\WINDOWS\System32\drivers\avnetflt.sys C:\WINDOWS\System32\drivers\avnetflt.sys unlock: C:\WINDOWS\System32\drivers\avusbflt.sys C:\WINDOWS\System32\drivers\avusbflt.sys C:\Program Files (x86)\Mozilla Maintenance Service C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\WildTangent Reboot: C:\Windows\Temp\ *.* C:\Users\CurrentUserName\Appdata\Local\Temp\ *.* cmd: sfc /scannow end::