start:: CreateRestorePoint: CloseProcesses: Hosts: RemoveProxy: HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ShortcutTarget: BTTray.lnk -> C:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe (Pas de fichier) Task: {094AAA0A-28F9-430E-B540-3760E8F91D47} - \{89C35BD0-D62A-49F6-ACBA-654AB2158D51} -> Pas de fichier Task: {1D8D6312-ADFA-401A-AD1F-02161EA1C5CF} - \{BD89E198-5B2D-489E-9D43-09EBE486E74B} -> Pas de fichier Task: {25E74520-A8B3-4C0F-B11A-9264E0E8A049} - \{8615A2E0-FCD9-45CC-BB33-A5AED279D639} -> Pas de fichier Task: {3B8CE09E-3A1A-43AE-ACC3-A529D16FDD58} - \{053BF925-4D5D-4B50-9BDC-38E1703716FB} -> Pas de fichier Task: {7CCBFC80-1B81-4003-BE97-93B3764BAEDC} - \{1FB650E0-C671-4CA3-B4AE-956C808FA17D} -> Pas de fichier Task: {925453FD-F4EF-4675-B667-93C5A8323A1D} - \{6A7F942B-9304-4014-BF8E-DE0E7C6C4B19} -> Pas de fichier Task: {94880DDE-B05A-494C-86C2-E95AA02FFC39} - \{813D2441-3F88-4DBB-9D37-5D01DB8D1930} -> Pas de fichier Task: {950895CF-6506-42A1-B9C8-826A5C142426} - System32\Tasks\{301644F5-3C52-4C97-BF06-0BA2824C191F} => C:\Windows\system32\pcalua.exe Task: {959EC3EB-29D1-4635-835E-B2543FFB1229} - System32\Tasks\{43CCE509-00F9-4E5B-B0D7-F521A7A353BD} => C:\Windows\system32\pcalua.exe -a D:\ZHPDiag\ZHPFix\ZHPhep.exe -d D:\ZHPDiag\ZHPFix Task: {95DD6DFC-31A4-43EB-AAA4-0B73E533D479} - System32\Tasks\{66FDA38C-A0A9-4416-BB78-A68305E8C333} => C:\Windows\system32\pcalua.exe -a D:\ZHPDiag\ZHPhep.exe -d D:\ZHPDiag Task: {9AA1D877-B8D7-411A-90D6-CCF818ABB3A4} - \{03737078-34F6-44F2-9DAC-E4715E255A3F} -> Pas de fichier Task: {A4E5E8B2-9BBE-4393-B062-10873EAA6186} - System32\Tasks\{43380FF6-6487-4B7E-9272-C8C6A343F44C} => C:\Windows\system32\pcalua.exe -a C:\Users\jerôme\AppData\Local\Temp\Temp1_INAWID-00254281-0042.zip\INAWID-00254281-0042.EXE Task: {CACEDD71-CB1D-4620-A64F-08BFE0D023C2} - \{40659195-101A-4E20-935C-D4EABF56161B} -> Pas de fichier Task: {DE8699D2-8A05-42F7-8A85-5162AF47D26A} - \Microsoft\Windows\Windows Error Reporting\QueueReporting -> Pas de fichier HKU\S-1-5-21-2066270090-2916732561-56594420-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2066270090-2916732561-56594420-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Handler: WSISVCUchrome - Pas de valeur CLSID - CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] S2 HPSLPSVC; C:\Users\jerôme\AppData\Local\Temp\7zS1DB7\hpslpsvc32.dll [X] <==== ATTENTION S2 MBAMScheduler; "\mbamscheduler.exe" [X] S3 dcdbas; system32\DRIVERS\dcdbas32.sys [X] S3 nipalfwedl; System32\drivers\nipalfwedl.sys [X] CustomCLSID: HKU\S-1-5-21-2066270090-2916732561-56594420-1001_Classes\CLSID\{04FE3112-DB93-424D-B958-5E709395693F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-2066270090-2916732561-56594420-1001_Classes\CLSID\{3DCB8A71-1D64-46E3-9616-D91EE004E62F}\InprocServer32 -> C:\Users\JERME~1\AppData\Local\MICROS~1\INTERN~1\DOWNLO~1\HOOKWL~1.OCX => Pas de fichier CustomCLSID: HKU\S-1-5-21-2066270090-2916732561-56594420-1001_Classes\CLSID\{50DC58D0-C870-4BE6-BC41-971ED2D5F022}\InprocServer32 -> C:\Users\JERME~1\AppData\Local\MICROS~1\INTERN~1\DOWNLO~1\HOOKWL~1.OCX => Pas de fichier CustomCLSID: HKU\S-1-5-21-2066270090-2916732561-56594420-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-2066270090-2916732561-56594420-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe => Pas de fichier CustomCLSID: HKU\S-1-5-21-2066270090-2916732561-56594420-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Pas de fichier ShellIconOverlayIdentifiers: [00001YSISyncComplete] -> {89B5F9CC-C4A2-462C-BD27-29CEAC972135} => -> Pas de fichier ShellIconOverlayIdentifiers: [00002YSISyncActive] -> {84B7BDFB-C50A-4335-B7C2-8AEC454F9E25} => -> Pas de fichier ShellIconOverlayIdentifiers: [00003YSISyncError] -> {306A9CDE-AC70-453A-8008-B5F9962B8F88} => -> Pas de fichier ShellIconOverlayIdentifiers: [00004YSILocalOnly] -> {23A7D2DC-F395-4E33-876C-84A2DFAB0EBB} => -> Pas de fichier ContextMenuHandlers1: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> Pas de fichier ContextMenuHandlers6: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> Pas de fichier Shortcut: C:\Users\jerôme\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Mes sites Web sur MSN\target.lnk -> hxxp://www.msnusers.co 2017-04-05 23:36 - 2016-07-21 10:54 - 000137728 _____ () [Fichier non signé] C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll 2017-04-05 23:36 - 2016-10-08 16:59 - 001506304 _____ () [Fichier non signé] C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll 2017-04-05 23:36 - 2016-10-08 17:00 - 000708608 _____ (Wondershare) [Fichier non signé] C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\CBSProducstInfo.dll AlternateDataStreams: C:\ProgramData\TEMP:DBC416F8 [134] EmptyTemp: cmd: ipconfig /flushdns end::