Résultats de correction de Farbar Recovery Scan Tool (x86) Version: 31-07-2017 Exécuté par Diaby (03-08-2017 10:09:04) Run:2 Exécuté depuis C:\Users\Diaby\Downloads Profils chargés: Diaby (Profils disponibles: Diaby & 123 & Administrateur) Mode d'amorçage: Normal ============================================== fixlist contenu: ***************** CreateRestorePoint: CloseProcesses: HKLM\...\Run: [tmp178E] => wscript.exe //B "C:\Users\Diaby\AppData\Local\Temp\tmp178E.tmp.vbs" HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\Winlogon: [Shell] %AppData%\Microsoft\jushed.exe,explorer.exe HKU\S-1-5-21-377985148-792701347-3327087119-1003\...\RunOnce: [svchost.exe] => "C:\Windows\System32\update.exe" -a /a AppInit_DLLs: __C:\PROGRA~1\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => Pas de fichier IFEO\AvastSvc.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\AvastUI.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avcenter.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avconfig.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avgcsrvx.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avgidsagent.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avgnt.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avgrsx.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avguard.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avgui.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avgwdsvc.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avp.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avscan.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\bdagent.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\blindman.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\ccuac.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\ComboFix.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\egui.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\hijackthis.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\instup.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\keyscrambler.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\mbam.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\mbamgui.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\mbampt.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\mbamscheduler.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\mbamservice.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\MpCmdRun.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\MSASCui.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\MsMpEng.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\msseces.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\rstrui.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\SDFiles.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\SDMain.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\SDWinSec.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\spybotsd.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\wireshark.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\zlclient.exe: [Debugger] C:\Windows\System32\svchost.exe ShellExecuteHooks: Pas de nom - {005E7630-F1AE-11E6-8235-64006A5CFC23} - -> Pas de fichier BootExecute: autocheck autochk * sdnclean.exe GroupPolicy: Restriction - Chrome GroupPolicy\User: Restriction ? GroupPolicyScripts\User: Restriction CHR HKLM\SOFTWARE\Policies\Google: Restriction SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_af93cfd99b5b3984eb¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vFRdJCoXvmo9J6k4wVRdJCIXwVM4ISIYwVNdJGYXvFQ9GqYVNUI3wGYGwVM3vCIVvFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IXNVU9J6k4NVA4ICoXNVI9I6IWNVM9JaYWwVxdICk3wVNdICISwVI4ICIVwVQ9I6k4NVM4IGYWwVU4JmIVNVNdJ6IWvmk9JaQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGvFRdISoWwVU4IGYUvFE4ICISNVJdJ6k3vFE9I6oUNVQ4ISIVwVxdJqYVNVQ9JCISNVM3vqYYvFQ4IGYYwVQ4JmoWwVJdJGYYNoU9GqYYNVc3wCoUQGR7B6RoN9J8MWJaMqpbMGRoNqAsQGMVvDIlC6MuNGwuNGUuyDorQGR7y6MuwnEbQGMVMr5cQGR7y6NoN9ICzD4py6waQGQXMbFbJoYby7Aox6Mky74syZ%3D%3D¶m2=NGp6NWpcMWB8NJ%3D%3D&p={searchTerms} SearchScopes: HKU\S-1-5-21-377985148-792701347-3327087119-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_af93cfd99b5b3984eb¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vFRdJCoXvmo9J6k4wVRdJCIXwVM4ISIYwVNdJGYXvFQ9GqYVNUI3wGYGwVM3vCIVvFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IXNVU9J6k4NVA4ICoXNVI9I6IWNVM9JaYWwVxdICk3wVNdICISwVI4ICIVwVQ9I6k4NVM4IGYWwVU4JmIVNVNdJ6IWvmk9JaQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGvFRdISoWwVU4IGYUvFE4ICISNVJdJ6k3vFE9I6oUNVQ4ISIVwVxdJqYVNVQ9JCISNVM3vqYYvFQ4IGYYwVQ4JmoWwVJdJGYYNoU9GqYYNVc3wCoUQGR7B6RoN9J8MWJaMqpbMGRoNqAsQGMVvDIlC6MuNGwuNGUuyDorQGR7y6MuwnEbQGMVMr5cQGR7y6NoN9ICzD4py6waQGQXMbFbJoYby7Aox6Mky74syZ%3D%3D¶m2=NGp6NWpcMWB8NJ%3D%3D&p={searchTerms} SearchScopes: HKU\S-1-5-21-377985148-792701347-3327087119-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_af93cfd99b5b3984eb¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vFRdJCoXvmo9J6k4wVRdJCIXwVM4ISIYwVNdJGYXvFQ9GqYVNUI3wGYGwVM3vCIVvFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IXNVU9J6k4NVA4ICoXNVI9I6IWNVM9JaYWwVxdICk3wVNdICISwVI4ICIVwVQ9I6k4NVM4IGYWwVU4JmIVNVNdJ6IWvmk9JaQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGvFRdISoWwVU4IGYUvFE4ICISNVJdJ6k3vFE9I6oUNVQ4ISIVwVxdJqYVNVQ9JCISNVM3vqYYvFQ4IGYYwVQ4JmoWwVJdJGYYNoU9GqYYNVc3wCoUQGR7B6RoN9J8MWJaMqpbMGRoNqAsQGMVvDIlC6MuNGwuNGUuyDorQGR7y6MuwnEbQGMVMr5cQGR7y6NoN9ICzD4py6waQGQXMbFbJoYby7Aox6Mky74syZ%3D%3D¶m2=NGp6NWpcMWB8NJ%3D%3D&p={searchTerms} SearchScopes: HKU\S-1-5-21-377985148-792701347-3327087119-1001 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_af93cfd99b5b3984eb¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vFRdJCoXvmo9J6k4wVRdJCIXwVM4ISIYwVNdJGYXvFQ9GqYVNUI3wGYGwVM3vCIVvFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IXNVU9J6k4NVA4ICoXNVI9I6IWNVM9JaYWwVxdICk3wVNdICISwVI4ICIVwVQ9I6k4NVM4IGYWwVU4JmIVNVNdJ6IWvmk9JaQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGvFRdISoWwVU4IGYUvFE4ICISNVJdJ6k3vFE9I6oUNVQ4ISIVwVxdJqYVNVQ9JCISNVM3vqYYvFQ4IGYYwVQ4JmoWwVJdJGYYNoU9GqYYNVc3wCoUQGR7B6RoN9J8MWJaMqpbMGRoNqAsQGMVvDIlC6MuNGwuNGUuyDorQGR7y6MuwnEbQGMVMr5cQGR7y6NoN9ICzD4py6waQGQXMbFbJoYby7Aox6Mky74syZ%3D%3D¶m2=NGp6NWpcMWB8NJ%3D%3D&p={searchTerms} Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Pas de fichier Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Pas de fichier C:\ProgramData\BavPro_Setup_Mini_GL1.exe C:\ProgramData\explorer.exe C:\ProgramData\Gworm.vbs C:\ProgramData\msvcp110d.dll C:\ProgramData\msvcr110d.dll C:\ProgramData\tmp98CA.tmp.vbs C:\ProgramData\tmpAAE0.tmp.vbs C:\ProgramData\windowsUpdate.dll C:\Users\Diaby\APPHELP.DLL C:\Users\Diaby\bdcam.dll C:\Users\Diaby\bdfilters.dll C:\Users\Diaby\chroome.exe C:\Users\Diaby\ZHPDiag3.exe C:\Windows\Tasks\{04080DB5-B3A3-BA1E-9ECF-2C2F482411E3}.job C:\Windows\Tasks\{09E7DB74-84BA-4925-B16A-BDD9903CBA36}.job C:\Windows\Tasks\{1AC348B7-AD68-FF1C-B28E-D7154A60845C}.job C:\Windows\Tasks\{1BD3C577-AC78-72DC-73FA-BFCFD1282F09}.job C:\Windows\Tasks\{313B6D77-91B7-4729-A8CE-71B472DEFDFD}.job C:\Windows\Tasks\{35256B5B-A4F7-1A6B-BAA8-B9AFFA9C2D07}.job C:\Windows\Tasks\{3672E31A-81D9-54B1-59B6-288993C49B47}.job C:\Windows\Tasks\{3700379E-80AB-8035-7D42-73018BA78685}.job C:\Windows\Tasks\{3F82500D-8829-E7A6-8EED-8BD7AAAE4D4F}.job C:\Windows\Tasks\{45485F2B-F2E3-E880-D53A-70275FF51A73}.job C:\Windows\Tasks\{6705E622-D0AE-5189-F8C7-23139FAAF4C5}.job C:\Windows\Tasks\{6AE6823C-DD4D-3597-24AA-41F7824849F9}.job C:\Windows\Tasks\{72A2A6F2-C509-1159-E877-5A279F6B89A6}.job C:\Windows\Tasks\{803DA72D-3796-1086-18D9-B4B5A388E4CA}.job C:\Windows\Tasks\{811BEB6F-36B0-5CC4-6E67-2B54C8A88248}.job C:\Windows\Tasks\{8CE64007-3B4D-F7AC-70D3-46226CC128C3}.job C:\Windows\Tasks\{8DDB2B4C-2A59-4BD4-86E2-E3C071F88604}.job C:\Windows\Tasks\{B6D26BEC-0179-DC47-976C-B9812509626B}.job C:\Windows\Tasks\{B9CC9342-A99F-494E-BDC8-B0144B2136BA}.job C:\Windows\Tasks\{BC335264-0B98-E5CF-1BCD-CDF3A77DB74F}.job C:\Windows\Tasks\{BC5A07C5-0BF1-B06E-75C8-F2A9D4292B36}.job C:\Windows\Tasks\{C00DA454-77A6-13FF-9770-3F58EDDC6571}.job C:\Windows\Tasks\{C105346C-316B-4307-97C6-16882327ADA8}.job C:\Windows\Tasks\{C38ABE1B-7421-09B0-8E43-F48334855F6F}.job C:\Windows\Tasks\{C72D3418-B588-43B7-A737-F7D20991DE46}.job C:\Windows\Tasks\{D0B53B8D-671E-8C26-13D2-039C28EE9AD7}.job C:\Windows\Tasks\{D1F95EA7-6652-E90C-6809-87E1AD9F0189}.job C:\Windows\Tasks\{D7471C96-60EC-AB3D-6467-90C2A1FFEC24}.job C:\Windows\Tasks\{DA2F7091-AA65-4DA2-A47C-02D8DE44B460}.job C:\Windows\Tasks\{DC736D9A-6BD8-DA31-C4D2-9966D4182587}.job C:\Windows\Tasks\{EA9ACF9D-5D31-7836-8488-FD37BF743D2F}.job C:\Windows\Tasks\{F6C32E6E-4168-99C5-BFFD-82F34EAF93DB}.job DragonBoost (HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\119) (Version: - ) CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-500_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Administrateur.Diaby-PC.000\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx => Pas de fichier CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-500_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Administrateur.Diaby-PC.000\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe => Pas de fichier CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-500_Classes\CLSID\{8932AEFE-9DB6-4f43-AFB2-5682F55E773A}\InprocServer32 -> C:\Program Files\Microsoft Virtual PC\VPCShExH.DLL => Pas de fichier CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-500_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Administrateur.Diaby-PC.000\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-500_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Administrateur.Diaby-PC.000\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe => Pas de fichier CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-500_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Administrateur.Diaby-PC.000\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-500_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Administrateur.Diaby-PC.000\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-500_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Administrateur.Diaby-PC.000\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-377985148-792701347-3327087119-500_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Administrateur.Diaby-PC.000\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\FileSyncApi.dll => Pas de fichier ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier Task: C:\Windows\Tasks\{04080DB5-B3A3-BA1E-9ECF-2C2F482411E3}.job => C:\ProgramData\{5D3FBC1B-EA94-0BB0-4697-C277095FC0B9}\BAAA0AD1-0D01-BD7A-E248-7C414E82C7A9.exe Task: C:\Windows\Tasks\{1AC348B7-AD68-FF1C-B28E-D7154A60845C}.job => C:\ProgramData\{2ADA52B2-9D71-E519-B68B-EFE74E52E84A}\EFB82B81-5813-9C2A-BF51-6206F3DEFB7C.exe Task: C:\Windows\Tasks\{1BD3C577-AC78-72DC-73FA-BFCFD1282F09}.job => C:\ProgramData\{0A964816-BD3D-FFBD-BDCA-6C8656F7CE43}\D4C33FDF-6368-8874-57D1-DBADB47B1F7C.exe Task: C:\Windows\Tasks\{35256B5B-A4F7-1A6B-BAA8-B9AFFA9C2D07}.job => C:\Windows\system32\regsvr32.exe2/s /n /i:/rt C:\PROGRA~2\24eb7141\8ef16ab.dll Task: C:\Windows\Tasks\{3672E31A-81D9-54B1-59B6-288993C49B47}.job => C:\ProgramData\{FEB2EEB1-4919-591A-050F-E1F613B5BBBA}\AAABC715-1D00-70BE-3D0D-A39CF865579B.exe Task: C:\Windows\Tasks\{3700379E-80AB-8035-7D42-73018BA78685}.job => C:\ProgramData\{C73B4B53-7090-FCF8-CE7A-92F193FBB1A6}\1C3DB022-AB96-0789-BA12-2FB945D9983A.exe Task: C:\Windows\Tasks\{3F82500D-8829-E7A6-8EED-8BD7AAAE4D4F}.job => C:\ProgramData\{3D643B4E-8ACF-8CE5-241F-49E64EEF689C}\F02F1B9B-4784-AC30-F39C-9E36064BA576.exe Task: C:\Windows\Tasks\{45485F2B-F2E3-E880-D53A-70275FF51A73}.job => C:\ProgramData\{38F2913E-8F59-2695-881F-B3DD7AF58906}\69941886-DE3F-AF2D-17D5-9FD11F3C79D8.exe Task: C:\Windows\Tasks\{6705E622-D0AE-5189-F8C7-23139FAAF4C5}.job => C:\ProgramData\{569560EE-E13E-D745-591F-72542F10399B}\58BAE327-EF11-548C-D0AE-074EDFA33E67.exe Task: C:\Windows\Tasks\{6AE6823C-DD4D-3597-24AA-41F7824849F9}.job => C:\ProgramData\{5489DA41-E322-6DEA-5282-E82ECC03789E}\1BA81A55-AC03-ADFE-89FB-35FEE2BFD88F.exe Task: C:\Windows\Tasks\{72A2A6F2-C509-1159-E877-5A279F6B89A6}.job => C:\ProgramData\{468CE655-F127-51FE-0A19-2AE671D4E195}\A52D55AE-1286-E205-080C-C068E5AFDEC9.exe Task: C:\Windows\Tasks\{803DA72D-3796-1086-18D9-B4B5A388E4CA}.job => C:\ProgramData\{E9C21179-5E69-A6D2-D749-CFDBBE1BDD20}\635CD343-D4F7-64E8-1A6E-BF8DD38E85A8.exe Task: C:\Windows\Tasks\{811BEB6F-36B0-5CC4-6E67-2B54C8A88248}.job => C:\ProgramData\{628A9872-D521-2FD9-353E-AF963088CA20}\D2C5448C-656E-F327-DDC2-A054A5D12A47.exe Task: C:\Windows\Tasks\{8CE64007-3B4D-F7AC-70D3-46226CC128C3}.job => C:\ProgramData\{B30F16F6-04A4-A15D-95BE-C6BDD0100C69}\1496588C-A33D-EF27-3B4A-C241CAD9A7CB.exe Task: C:\Windows\Tasks\{B6D26BEC-0179-DC47-976C-B9812509626B}.job => C:\ProgramData\{9184BAC3-262F-0D68-46BE-627B3F7A829B}\AEF659C6-195D-EE6D-67FA-84071644728C.exe Task: C:\Windows\Tasks\{BC335264-0B98-E5CF-1BCD-CDF3A77DB74F}.job => C:\ProgramData\{B9A92DBE-0E02-9A15-BFA7-6AE572100A97}\ED051D5F-5AAE-AAF4-904E-E9F75A6CB9E7.exe Task: C:\Windows\Tasks\{BC5A07C5-0BF1-B06E-75C8-F2A9D4292B36}.job => C:\ProgramData\{31AB411D-8600-F6B6-64FB-F7FC0B322FD5}\DDFC3FBF-6A57-8814-502A-B010479A09F4.exe Task: C:\Windows\Tasks\{C00DA454-77A6-13FF-9770-3F58EDDC6571}.job => C:\ProgramData\{497C8777-FED7-30DC-D3F1-8E44E4C657ED}\145BF631-A3F0-419A-6D12-0B5318A793BC.exe Task: C:\Windows\Tasks\{C38ABE1B-7421-09B0-8E43-F48334855F6F}.job => C:\ProgramData\{79102ABB-CEBB-9D10-6AEC-55BDC884F946}\7B174E98-CCBC-F933-5465-0CD7663A3494.exe Task: C:\Windows\Tasks\{D0B53B8D-671E-8C26-13D2-039C28EE9AD7}.job => C:\ProgramData\{FFF45F86-485F-E82D-8C41-8779A1BD2E0A}\45CA3D03-F261-8AA8-11D6-CD6247A66E73.exe Task: C:\Windows\Tasks\{D1F95EA7-6652-E90C-6809-87E1AD9F0189}.job => C:\ProgramData\{2C572639-9BFC-9192-B446-5F136B69EC58}\9C2974EA-2B82-C341-7748-620E472CF6A4.exe Task: C:\Windows\Tasks\{D7471C96-60EC-AB3D-6467-90C2A1FFEC24}.job => C:\ProgramData\{8CB97737-3B12-C09C-5E2D-BF6C9EC40C1A}\1B614C5F-ACCA-FBF4-330F-E58BEC505FAC.exe Task: C:\Windows\Tasks\{DC736D9A-6BD8-DA31-C4D2-9966D4182587}.job => C:\ProgramData\{4B11775E-FCBA-C0F5-C26F-8A2BEF93D7E1}\3FCD172C-8866-A087-F779-CF33A408E177.exe Task: C:\Windows\Tasks\{EA9ACF9D-5D31-7836-8488-FD37BF743D2F}.job => C:\ProgramData\{386F9E0C-8FC4-29A7-6F6E-4EB2066B904E}\CC5AD77B-7BF1-60D0-7162-198937D7110E.exe Task: C:\Windows\Tasks\{F6C32E6E-4168-99C5-BFFD-82F34EAF93DB}.job => C:\ProgramData\{7FC06DF5-C86B-DA5E-7D26-088EB8EB7485}\EB18B799-5CB3-0032-095D-6BA79023F5EE.exe Hosts: EmptyTemp: ***************** Le Point de restauration a été créé avec succès. Processus fermé avec succès. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\tmp178E => valeur non trouvé(e). HKU\S-1-5-21-377985148-792701347-3327087119-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => valeur non trouvé(e).