~ ZHPDiag v2016.11.6.209 Par Nicolas Coolman (2016/11/06)
~ Démarré par user (Administrator)  (2016/11/06 15:38:45)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version:  Version OK
~ Mode: Scanner
~ Rapport: C:\Users\user\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\user\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)  =>.Microsoft Corporation

---\\ Navigateurs Internet (3) - 0s
~ GCIE: Google Chrome v54.0.2840.71
~ MFIE: Mozilla Firefox 49.0.2 (x86 fr)
~ MSIE: Internet Explorer v8.0.7601.17514

---\\ Informations sur les produits Windows (4) - 4s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Automatic Updates : OK
Windows Activation Technologies : KO

---\\ Logiciels de protection (1) - 7s
AVG Protection v2016.121.7859  => Software.Protection

---\\ Surveillance de Logiciels (2) - 8s
Adobe Flash Player 23 NPAPI  =>.Software.Surveillance
Adobe Acrobat Reader DC - Français  =>.Software.Surveillance

---\\ Informations sur le système (6) - 0s
~ Operating System: x86 Family 15 Model 6 Stepping 5, GenuineIntel
~ Operating System:  32-bit 
~ Boot mode: Normal (Normal boot)
Total RAM: 2088.184 MB (20% free)
System Restore: Activé (Enable)
System drive C: has 17 GB () free of 49 GB  =>Alerte espace disque inférieur à 20 Go

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: PC
~ User Name: user
~ Logged in as Administrator

---\\ Enumération des unités disques (2) - 11s
~ Drive C: has 17 GB free of 49 GB  (System)
~ Drive D: has 95 GB free of 188 GB

---\\ Etat du Centre de Sécurité Windows (10) - 1s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [2]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Recherche particulière de fichiers génériques (25) - 11s
[MD5.40D777B7A95E00593EB1568C68514493] - 20/11/2010 - (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\Explorer.exe [2616320]  =>.Microsoft Corporation
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - 14/07/2009 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [44544]  =>.Microsoft Corporation
[MD5.B5C5DCAD3899512020D135600129D665] - 14/07/2009 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\System32\Wininit.exe [96256]  =>.Microsoft Corporation
[MD5.44214C94911C7CFB1D52CB64D5E8368D] - 20/11/2010 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [980992]  =>.Microsoft Corporation
[MD5.6D13E1406F50C66E2A95D97F22C47560] - 20/11/2010 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\Windows\System32\Winlogon.exe [286720]  =>.Microsoft Corporation
[MD5.E3AE23569749DE12D45BA3B489A036AE] - 20/11/2010 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\Windows\System32\sppcomapi.dll [193536]  =>.Microsoft Corporation
[MD5.59DF156711A76BCB993253EC6C9BBF41] - 20/11/2010 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\System32\dnsapi.dll [270336]  =>.Microsoft Corporation
[MD5.129F80D7868E30DF3E3DE33A1D3132B4] - 14/02/2011 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [20480]  =>.Microsoft Corporation
[MD5.1151FD4FB0216CFED887BFDE29EBD516] - 20/11/2010 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [338944]  =>.Microsoft Corporation
[MD5.338C86357871C167A96AB976519BF59E] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [21584]  =>.Microsoft Windows®
[MD5.77EA11B065E0A8AB902D78145CA51E10] - 13/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [70656]  =>.Microsoft Corporation
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - 20/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [108544]  =>.Microsoft Corporation
[MD5.F024449C97EC1E464AAFFDA18593DB88] - 20/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [78336]  =>.Microsoft Corporation
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - 20/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [108544]  =>.Microsoft Corporation
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - 13/07/2009 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [80896]  =>.Microsoft Corporation
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - 13/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [101888]  =>.Microsoft Corporation
[MD5.B272B4C3E085EA860C12F2E4FAF2FFA2] - 20/11/2010 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [123904]  =>.Microsoft Corporation
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - 20/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [187904]  =>.Microsoft Corporation
[MD5.33C3093D09017CFE2E219F2472BFF6EB] - 20/11/2010 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [1211264]  =>.Microsoft Windows®
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - 13/07/2009 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\Windows\System32\drivers\Parport.sys [79360]  =>.Microsoft Corporation
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - 13/07/2009 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [78848]  =>.Microsoft Corporation
[MD5.B973FCFC50DC1434E1970A146F7E3885] - 20/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [133632]  =>.Microsoft Corporation
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - 13/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [71168]  =>.Microsoft Corporation
[MD5.B459575348C20E8121D6039DA063C704] - 20/11/2010 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [74752]  =>.Microsoft Corporation
[MD5.F497F67932C6FA693D7DE2780631CFE7] - 20/11/2010 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\drivers\volsnap.sys [245632]  =>.Microsoft Windows®

---\\ Liste des services NT non Microsoft et non désactivés (19) - 19s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe  =>.Adobe Systems, Incorporated®
O23 - Service: AVG Firewall (avgfws) . (.AVG Technologies CZ, s.r.o. - AVG Firewall Service.) - C:\Program Files\AVG\Av\avgfws.exe  =>.AVG Technologies CZ, s.r.o.®
O23 - Service: AVGIDSAgent (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - C:\Program Files\AVG\Av\avgidsagent.exe  =>.AVG Technologies CZ, s.r.o.®
O23 - Service: AVG Service (avgsvc) . (.AVG Technologies CZ, s.r.o. - AVG Service Process.) - C:\Program Files\AVG\Framework\Common\avgsvcx.exe  =>.AVG Technologies CZ, s.r.o.®
O23 - Service: AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files\AVG\Av\avgwdsvcx.exe  =>.AVG Technologies CZ, s.r.o.®
O23 - Service: Foxit Reader Service (FoxitReaderService) . (.Foxit Software Inc. - Foxit Reader ConnectedPDF Windows Service..) - C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe  =>.Foxit Software Incorporated®
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe  =>.Google Inc®
O23 - Service: Hardware Protection Service (HpSvc) . (.Copyright (C) 2008-2016 www.ludashi.com - 硬件防护核心服务.) - C:\Program Files\LuDaShi\lpi\HpSvc.dll  =>.Qihoo 360 Software (Beijing) Company Limited®
O23 - Service: Kuaizip Update Checker (Kuaizip Update Checker) . (.Copyright (C) 2012 - kuaizip update checker.) - C:\Program Files\KuaiZip\X86\kuaizipUpdateChecker.dll  =>.Shanghai Guangle Network Technology Co., Ltd.®
O23 - Service: KuaizipUpdateChecker (KuaizipUpdateChecker) . (.Copyright (C) 2012 - kuaizip update checker.) - C:\Program Files\¿ìÑ¹\X86\kuaizipUpdateChecker.dll  =>.Superfluous.Tencent
O23 - Service: Kingsoft Core Service (kxescore) . (.Kingsoft Corporation - 金山毒霸系统防御模块.) - c:\program files\kingsoft\kingsoft antivirus\kxescore.exe  =>.Beijing Kingsoft Security software Co.,Ltd®
O23 - Service: Phicick (Phicick) . (...) - C:\Program Files\Anakury\saqagecoervurycache.dll
O23 - Service: QQPCMgr RTP Service (QQPCRTP) . (.Tencent - 电脑管家-实时防护服务.) - C:\Program Files\Tencent\QQPCMgr\12.0.18061.220\QQPCRTP.exe  =>.Superfluous.Tencent
O23 - Service:  (QQRepair1ff) . (...) - C:\Program Files\Tencent\QQPCMgr\QQRepair1ff  =>.Superfluous.Tencent
O23 - Service: QQRepairFixSVC (QQRepairFixSVC) . (...) - C:\Program Files\Tencent\QQPCMgr\QQRepairFixSVC  =>.Superfluous.Tencent
O23 - Service: SRepairDrv (SRepairDrv) . (.Tencent - Tencent SRepairDrv(电脑管家修复模块).) - C:\Program Files\Tencent\QQPCMgr\SRepairDrv  =>.Superfluous.Tencent
O23 - Service: The Screenshot Pro Service (TheScreenshotProService) . (.Copyright (C) 2015 - The Screenshot Pro Service.) - C:\Program Files\ScreenshotPro\1.0.0.6000056\ScreenshotProServ.exe {5F2264753CCEE683885F90A04EC91232}
O23 - Service: Print Quality Plug (tunyfufy) . (...) - C:\Program Files\9FEBFA5C-1478443121-11D5-A917-F2A2001C0A41\knsm25C7.tmpfs (.not file.)  =>PUP.Optional.CrossRider
O23 - Service: Double Spaced Firewall (zigipyro) . (...) - C:\Users\user\AppData\Local\9FEBFA5C-1478444960-11D5-A917-F2A2001C0A41\qnseE13A.tmp  =>PUP.Optional.CrossRider

---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (23) - 340s

SR - Auto   [16/09/2016] [   82128]  Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe  =>.Adobe Systems, Incorporated®
SS - Demand [26/10/2016] [  270016]  Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe  =>.Adobe Systems Incorporated®
SS - Demand [13/10/2016] [  647864]  AvgAMPS (AvgAMPS) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\Av\avgamps.exe  =>.AVG Technologies CZ, s.r.o.®
SR - Auto   [13/10/2016] [ 1639224]  AVG Firewall (avgfws) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\Av\avgfws.exe  =>.AVG Technologies CZ, s.r.o.®
SR - Auto   [13/10/2016] [ 4149312]  AVGIDSAgent (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\Av\avgidsagent.exe  =>.AVG Technologies CZ, s.r.o.®
SR - Auto   [13/09/2016] [  945936]  AVG Service (avgsvc) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\Framework\Common\avgsvcx.exe  =>.AVG Technologies CZ, s.r.o.®
SR - Auto   [13/10/2016] [  605336]  AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\Av\avgwdsvcx.exe  =>.AVG Technologies CZ, s.r.o.®
SR - Auto   [13/10/2016] [ 1659592]  Foxit Reader Service (FoxitReaderService) . (.Foxit Software Inc..) - C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe  =>.Foxit Software Incorporated®
SS - Auto   [04/02/2016] [  154440]  Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe  =>.Google Inc®
SS - Demand [04/02/2016] [  154440]  Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe  =>.Google Inc®
SR - Auto   [21/07/2016] [  239016]  Hardware Protection Service (HpSvc) . (.Copyright (C) 2008-2016 www.ludashi.com.) - C:\Program Files\LuDaShi\lpi\HpSvc.dll  =>.Qihoo 360 Software (Beijing) Company Limited®
SR - Auto   [06/11/2016] [  216704]  Kuaizip Update Checker (Kuaizip Update Checker) . (.Copyright (C) 2012.) - C:\Program Files\KuaiZip\X86\kuaizipUpdateChecker.dll  =>.Shanghai Guangle Network Technology Co., Ltd.®
SR - Auto   [06/11/2016] [  219072]  KuaizipUpdateChecker (KuaizipUpdateChecker) . (.Copyright (C) 2012.) - C:\Program Files\¿ìÑ¹\X86\kuaizipUpdateChecker.dll  =>.Superfluous.Tencent
SR - Auto   [06/11/2016] [  326376]  Kingsoft Core Service (kxescore) . (.Kingsoft Corporation.) - c:\program files\kingsoft\kingsoft antivirus\kxescore.exe  =>.Beijing Kingsoft Security software Co.,Ltd®
SS - Demand [03/05/2016] [  146888]  Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe  =>.Mozilla Corporation®
SR - Auto   [06/11/2016] [  274944]  Phicick (Phicick) . (...) - C:\Program Files\Anakury\saqagecoervurycache.dll
SR - Auto   [06/11/2016] [  315920]  QQPCMgr RTP Service (QQPCRTP) . (.Tencent.) - C:\Program Files\Tencent\QQPCMgr\12.0.18061.220\QQPCRTP.exe  =>.Superfluous.Tencent
SS - Auto   [06/11/2016] [  155368]   (QQRepair1ff) . (...) - C:\Program Files\Tencent\QQPCMgr\QQRepair1ff  =>.Superfluous.Tencent
SS - Auto   [06/11/2016] [  155368]  QQRepairFixSVC (QQRepairFixSVC) . (...) - C:\Program Files\Tencent\QQPCMgr\QQRepairFixSVC  =>.Superfluous.Tencent
SS - System [06/11/2016] [  182776]  SRepairDrv (SRepairDrv) . (.Tencent.) - C:\Program Files\Tencent\QQPCMgr\SRepairDrv  =>.Superfluous.Tencent
SR - Auto   [21/10/2016] [  147568]  The Screenshot Pro Service (TheScreenshotProService) . (.Copyright (C) 2015.) - C:\Program Files\ScreenshotPro\1.0.0.6000056\ScreenshotProServ.exe {5F2264753CCEE683885F90A04EC91232}
SR - Auto   [26/12/2015] [  158720]  Double Spaced Firewall (zigipyro) . (...) - C:\Users\user\AppData\Local\9FEBFA5C-1478444960-11D5-A917-F2A2001C0A41\qnseE13A.tmp  =>PUP.Optional.CrossRider

---\\ Tâches planifiées en automatique (23) - 7s
O39 - APT: Unknown - (...) -- C:\Windows\Tasks\Adobe Flash Player Updater.job  [1002] 
O39 - APT: Unknown - (...) -- C:\Windows\Tasks\AutoKMS.job  [198]   =>HackTool.AutoKMS
O39 - APT: Unknown - (...) -- C:\Windows\Tasks\AutoKMSDaily.job  [204]   =>HackTool.AutoKMS
O39 - APT: Unknown - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job  [1054] 
O39 - APT: Unknown - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job  [1058] 
O39 - APT: Unknown - (...) -- C:\Windows\Tasks\UCBrowserUpdater.job  [442]   =>PUP.Optional.CertifiedToolbar
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\70c12bea57e25c6cbfa622bf535ec411  [3514] 
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task  [4464] 
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater  [3940] 
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\AutoKMS  [2430]   =>HackTool.AutoKMS
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\AutoKMSDaily  [2742]   =>HackTool.AutoKMS
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\AVG EUpdate Task  [3578] 
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore  [3802] 
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA  [4054] 
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 1510 series  [3598] 
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\Hwiiedgorech Agent  [6038] 
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\KuaiZip_Update  [3322] 
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\osTip  [2902] 
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\UCBrowserUpdater  [3414]   =>PUP.Optional.CertifiedToolbar
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\{7209773B-808E-41B8-B03F-1B4808DFDB0B}  [3218] 
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\{8B0B27A3-FA7F-4A34-A605-7ED26280466A}  [3028] 
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\{8E24D452-4116-4744-A495-8DCBC1F5E7F5}  [3218] 
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\{E9D8F3A6-0F0B-41F1-8F07-04FFE4F86069}  [3076] 

---\\ Processus lancés (33) - 195s
[MD5.9755F2428EFB389B8AB814B9C776F190] - (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Service.) -- c:\Program Files\AVG\Av\avgrsx.exe [1029392] [PID.372]  =>.AVG Technologies CZ, s.r.o.®
[MD5.9B2AC97549D34FBCAA9F5350F371E94F] - (.AVG Technologies CZ, s.r.o. - AVG Scanning Core Module - Server Part.) -- C:\Program Files\AVG\Av\avgcsrvx.exe [973584] [PID.456]  =>.AVG Technologies CZ, s.r.o.®
[MD5.1C88F675CF1DDD8898EF01E36B9C3BC1] - (.Tencent - 电脑管家-实时防护服务.) -- C:\Program Files\Tencent\QQPCMgr\12.0.18061.220\QQPCRTP.exe [315920] [PID.1188]  =>.Superfluous.Tencent
[MD5.7DACF31D3906C42DE3529BBA7F4F43CB] - (.Kingsoft Corporation - 金山毒霸系统防御模块.) -- c:\program files\kingsoft\kingsoft antivirus\kxescore.exe [326376] [PID.1268]  =>.Beijing Kingsoft Security software Co.,Ltd®
[MD5.DC00FD73505DAEDD99CAF4533B0C05BD] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.2424]  =>.Adobe Systems, Incorporated®
[MD5.6017CC514F8385E62770EC8851F4E927] - (.AVG Technologies CZ, s.r.o. - AVG Firewall Service.) -- C:\Program Files\AVG\Av\avgfws.exe [1639224] [PID.2468]  =>.AVG Technologies CZ, s.r.o.®
[MD5.0C9925A7829A9028CBF5D2D907B6FAA6] - (.Tencent - 电脑管家.) -- C:\Program Files\Tencent\QQPCMgr\12.0.18061.220\QQPCTray.exe [362304] [PID.2500]  =>.Superfluous.Tencent
[MD5.55C41855685D15EDB93B43C59BB1B9E5] - (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) -- C:\Program Files\AVG\Av\avgidsagent.exe [4149312] [PID.2604]  =>.AVG Technologies CZ, s.r.o.®
[MD5.D285BAAC3E2DCCD3D87B49A5D97B46D8] - (.AVG Technologies CZ, s.r.o. - AVG Service Process.) -- C:\Program Files\AVG\Framework\Common\avgsvcx.exe [945936] [PID.2648]  =>.AVG Technologies CZ, s.r.o.®
[MD5.C20EA89B454D6E286EA647111F5C4F28] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files\AVG\Av\avgwdsvcx.exe [605336] [PID.2828]  =>.AVG Technologies CZ, s.r.o.®
[MD5.59F5C34DFBDB3DE37F321258FAD21BA2] - (.Foxit Software Inc. - Foxit Reader ConnectedPDF Windows Service..) -- C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592] [PID.2996]  =>.Foxit Software Incorporated®
[MD5.984D3D254A225FF44EEB1DC9B2FB00CD] - (.Copyright (C) 2015 - The Screenshot Pro Service.) -- C:\Program Files\ScreenshotPro\1.0.0.6000056\ScreenshotProServ.exe [147568] [PID.3252] {5F2264753CCEE683885F90A04EC91232}
[MD5.34B2C7330223936153E420910608CCBA] - (...) -- C:\Program Files\ContentPush\app\bin\nw.exe [46344704] [PID.3428]
[MD5.34D296AFC913E302953C70463EF09A48] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [96056] [PID.3472]  =>.Hewlett-Packard Company®
[MD5.AFD4AB5A8151143E0DFB784CF05C2452] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\Framework\Common\avguix.exe [1510160] [PID.3500]  =>.AVG Technologies CZ, s.r.o.®
[MD5.0E8F989AD63F4864D79BDF5EE65D1602] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\Av\avgui.exe [5321488] [PID.3596]  =>.AVG Technologies CZ, s.r.o.®
[MD5.CD4311E63B59E140006FED25D6A39571] - (.clean - clean.) -- C:\Users\user\AppData\Roaming\UPUpdata\cleaner.exe [1052672] [PID.3664]
[MD5.85660C2B92310049387D8800849D7A27] - (...) -- C:\Users\user\AppData\Local\Temp\servicesc.exe [225280] [PID.3760]
[MD5.A70E3324367DC42B036A5298BD61CBA1] - (.Copyright (C) 2016 The Chromium Embedded Framework Au - Chromium Embedded Framework (CEF) Client Ap.) -- C:\ProgramData\WindowsMsg\Chrome.exe [4215296] [PID.1544]
[MD5.0F073C2F759BA89FC0DFED3B4750B3A2] - (.Kingsoft Corporation - 金山毒霸.) -- c:\program files\kingsoft\kingsoft antivirus\kxetray.exe [1771296] [PID.2748]  =>.Beijing Kingsoft Security software Co.,Ltd®
[MD5.542199EC8FAA7CB170B8F663D62ADA99] - (...) -- C:\Users\user\AppData\Local\9FEBFA5C-1478444960-11D5-A917-F2A2001C0A41\qnseE13A.tmp [158720] [PID.2764]  =>PUP.Optional.CrossRider
[MD5.B44F94779A4BFFF1FF999FAAECBA9B52] - (.AVG Technologies CZ, s.r.o. - AVG Online Shield Service.) -- C:\Program Files\AVG\Av\avgnsx.exe [1536784] [PID.4592]  =>.AVG Technologies CZ, s.r.o.®
[MD5.74891B6AACD4CA859536F111A29E166E] - (.AVG Technologies CZ, s.r.o. - AVG E-mail Scanner.) -- C:\Program Files\AVG\Av\avgemcx.exe [812304] [PID.4944]  =>.AVG Technologies CZ, s.r.o.®
[MD5.34B2C7330223936153E420910608CCBA] - (...) -- C:\Program Files\ContentPush\app\bin\nw.exe [46344704] [PID.5492]
[MD5.34B2C7330223936153E420910608CCBA] - (...) -- C:\Program Files\ContentPush\app\bin\nw.exe [46344704] [PID.5516]
[MD5.503DC2780FF1FE9E68BEE0B403E4D777] - (.Tencent - 电脑管家-网络流量监控.) -- C:\Program Files\Tencent\QQPCMgr\12.0.18061.220\plugins\QMNetMon\QQPCNetFlow.exe [910528] [PID.6708]  =>.Superfluous.Tencent
[MD5.0E5F130D827947C5F897ADB555B55415] - (.Tencent - 电脑管家-小火箭.) -- C:\Program Files\Tencent\QQPCMgr\12.0.18061.220\QQPCRealTimeSpeedup.exe [673088] [PID.3112]  =>.Superfluous.Tencent
[MD5.BB0BCAD21AB18269AF22ECB573485FA3] - (.Kingsoft Corporation - 金山手机助手-基础模块.) -- C:\program files\kingsoft\kingsoft antivirus\kphonewiz.exe [1032344] [PID.8620]  =>.Kingsoft Security Co.,Ltd®
[MD5.9FE0D369457E598D468161A61C39CBEE] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\user\Downloads\ZHPDiag3.exe [2437120] [PID.9728]  =>.Nicolas Coolman
[MD5.A11EE2479CCA76D3B3F04DB03B175582] - (.Kingsoft Corporation - 金山毒霸在线升级程序.) -- c:\program files\kingsoft\kingsoft antivirus\kislive.exe [1262752] [PID.7280]  =>.Beijing Kingsoft Security software Co.,Ltd®
[MD5.5026DBC91AC6C3CF07E85CA9EAC946F9] - (.Kingsoft Corporation - Kingsoft cddltool.) -- c:\program files\kingsoft\kingsoft antivirus\kcddltool.exe [869536] [PID.8692]  =>.Beijing Kingsoft Security software Co.,Ltd®
[MD5.7101FF0673F62B340D6C082039CF4487] - (.ResetBrowser - Comment Supprimer ? - ResetBrowser.) -- C:\Users\user\Downloads\ResetBrowser.exe [1622528] [PID.1108]  =>.ResetBrowser - Comment Supprimer ?
[MD5.C573A6CB885554F9B162AC4709A78407] - (.Nicolas Coolman - ZHPFix.) -- C:\Program Files\ZHPFix\ZHPFix.exe [3061760] [PID.920]  =>.Nicolas Coolman

---\\ Google Chrome, Démarrage,Recherche,Extensions (20) - 4s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://screenshot.maxfile.me
G0 - GCSP: Preferences [User Data\Default][HomePage] http://assets.pinterest.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://log.pinterest.com
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.youndoo.com/  =>PUP.Optional.Youndoo
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [bkommgglgedojaffpdbadghkofkjfiej] Hola
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [damemajnpodbdjndboidpmfpjlabocje] RealPlayer Cloud
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [gkbhpmdajdojnnhkfgffkofkjifglkan] MusixHub Start  =>.Superfluous.MusixLib
G2 - GCE: Preference [User Data\Default] [gpdjojdkbbmdfjfahjcgigfpmkopogic] __MSG_menuAction__
G2 - GCE: Preference [User Data\Default] [mcbpblocgmgfnpjjppndjkmgjaogfceg] __MSG_application_title__
G2 - GCE: Preference [User Data\Default] [nlbejmccbhkncgokjcmghpfloaajcffj] __MSG_name__
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [opalpjjboefohnelaemnhdhlceibbcgl] Hola - Unlimited Proxy VPN
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router  =>.Google Inc.

---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (6) - 12s
M0 - MFSP: prefs.js [user - su1j13e9.default-1464644485823] http://www.trotux.com/?z=6f80390bbface6d6dcda537g2zfm9b2z5zcc4o9gbq&from=clc&uid=MAXTORXSTM3250820A_5QE1C12YXXXX5QE1C12Y&type=hp   =>.Superfluous.Trotux
P2 - EXT FILE: (...) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\su1j13e9.default-1464644485823\searchplugins\2xz3ns8k.xml
P2 - EXT FILE: (...) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\su1j13e9.default-1464644485823\searchplugins\px9n22cp.xml
P2 - EXT: (.FoxyProxy, Inc. - FoxyProxy Basic.) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\su1j13e9.default-1464644485823\extensions\foxyproxy@eric.h.jung  =>.FoxyProxy, Inc.
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_23_0_0_205.dll  =>.Adobe Systems Incorporated
P2 - FPN: [HKLM] [@qq.com/QQPCMgr] - (.Tencent Technology (Shenzhen) Company Limited.) -- C:\Program Files\Tencent\QQPCMgr\12.0.18061.220\npQMExtensionsMozilla.dll  =>.Superfluous.Tencent

---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (11) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.6789.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.6789.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} Orphan  =>.Superfluous.Orphan
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan  =>.Microsoft Internet Explorer

---\\ Internet Explorer,Proxy Management (6) - 1s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet SettingsProxyServer = 5.196.44.136:3128
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet SettingsProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet SettingsMigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet SettingsEnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet SettingsAutoConfigProxy = wininet.dll
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies = 

---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=wscript C:\Windows\run.vbs
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)  =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.)  =>.Microsoft Corporation

---\\ Etude du fichier hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (31)

---\\ Browser Helper Object de navigateur (BHO) (1) - 0s
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL  =>.Microsoft Corporation®

---\\ Applications lancées au démarrage du système (17) - 11s
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe  =>.Microsoft Corporation®
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe (.not file.)
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe  =>.Hewlett-Packard Company®
O4 - HKCU\..\Run: [SysinfY2X] C/c start wscript 
O4 - HKCU\..\Run: [svchost0] . (. - uc.) -- C:\Program Files\wanttoxiamen\uc.exe
O4 - HKCU\..\Run: [msiql] C:\Users\user\AppData\Local\Temp\00002668\msiql.exe (.not file.)
O4 - HKCU\..\Run: [osmsg] . (.Copyright (C) 2016 The Chromium Embedded Framework Au - Chromium Embedded Framework (CEF) Client Ap.) -- C:\ProgramData\WindowsMsg\Chrome.exe
O4 - HKCU\..\Run: [ComputerZ-Tray] . (.版权所有 (C) 2008-2016 www.ludashi.com - 鲁大师 硬件防护中心.) -- C:\Program Files\LuDaShi\ComputerZTray.exe  =>.Qihoo 360 Software (Beijing) Company Limited®
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3259676744-2076411591-3816668464-1000\..\Run: [SysinfY2X] C/c start wscript 
O4 - HKUS\S-1-5-21-3259676744-2076411591-3816668464-1000\..\Run: [svchost0] . (. - uc.) -- C:\Program Files\wanttoxiamen\uc.exe
O4 - HKUS\S-1-5-21-3259676744-2076411591-3816668464-1000\..\Run: [msiql] C:\Users\user\AppData\Local\Temp\00002668\msiql.exe (.not file.)
O4 - HKUS\S-1-5-21-3259676744-2076411591-3816668464-1000\..\Run: [osmsg] . (.Copyright (C) 2016 The Chromium Embedded Framework Au - Chromium Embedded Framework (CEF) Client Ap.) -- C:\ProgramData\WindowsMsg\Chrome.exe
O4 - HKUS\S-1-5-21-3259676744-2076411591-3816668464-1000\..\Run: [ComputerZ-Tray] . (.版权所有 (C) 2008-2016 www.ludashi.com - 鲁大师 硬件防护中心.) -- C:\Program Files\LuDaShi\ComputerZTray.exe  =>.Qihoo 360 Software (Beijing) Company Limited®

---\\ Raccourcis Global Startup (73) - 110s
O4 - GS\Desktop [Administrateur]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) C:\Windows\system32\calc.exe    =>.Microsoft Corporation
O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\user\AppData\Roaming\ZHP\ZHPDiag3.exe    =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrateur]: chrome.LNK . (...) C:\Program Files\Google\Chrome\Application\chrome.exe  --load-extension="C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" http://9o0gle.com 
O4 - GS\Quicklaunch [Administrateur]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 8.1.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReader.exe    =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Administrateur]: Google Chrome.lnk . (...) C:\Program Files\Google\Chrome\Application\chrome.exe  --load-extension="C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" http://9o0gle.com 
O4 - GS\Quicklaunch [Administrateur]: Internet Explorer.LNK . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe http://9o0gle.com   =>.Microsoft Corporation
O4 - GS\Quicklaunch [Administrateur]: Lanceur d'applications Google Chrome.lnk . (...) C:\Program Files\Google\Chrome\Application\chrome.exe  --load-extension="C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" http://9o0gle.com 
O4 - GS\Quicklaunch [Administrateur]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe http://9o0gle.com   =>.Microsoft Corporation
O4 - GS\Quicklaunch [Administrateur]: UC浏览器.lnk . (.UCWeb Inc. - UC浏览器.) C:\Program Files\UCBrowser\Application\UCBrowser.exe    =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.®
O4 - GS\sendTo [Administrateur]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo   =>.Microsoft Corporation
O4 - GS\TaskBar [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe http://9o0gle.com   =>.Microsoft Corporation
O4 - GS\TaskBar [Administrateur]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) C:\Windows\system32\SnippingTool.exe    =>.Microsoft Corporation
O4 - GS\TaskBar [Administrateur]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) C:\Windows\explorer.exe    =>.Microsoft Corporation
O4 - GS\TaskBar [Administrateur]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1   =>.Microsoft Corporation
O4 - GS\Programs [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe http://9o0gle.com   =>.Microsoft Corporation
O4 - GS\Programs [Administrateur]: UC浏览器.lnk . (.UCWeb Inc. - UC浏览器.) C:\Program Files\UCBrowser\Application\UCBrowser.exe    =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.®
O4 - GS\Desktop [user]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) C:\Windows\system32\calc.exe    =>.Microsoft Corporation
O4 - GS\Desktop [user]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\user\AppData\Roaming\ZHP\ZHPDiag3.exe    =>.Nicolas Coolman
O4 - GS\Quicklaunch [user]: chrome.LNK . (...) C:\Program Files\Google\Chrome\Application\chrome.exe  --load-extension="C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" http://9o0gle.com 
O4 - GS\Quicklaunch [user]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 8.1.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReader.exe    =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [user]: Google Chrome.lnk . (...) C:\Program Files\Google\Chrome\Application\chrome.exe  --load-extension="C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" http://9o0gle.com 
O4 - GS\Quicklaunch [user]: Internet Explorer.LNK . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe http://9o0gle.com   =>.Microsoft Corporation
O4 - GS\Quicklaunch [user]: Lanceur d'applications Google Chrome.lnk . (...) C:\Program Files\Google\Chrome\Application\chrome.exe  --load-extension="C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" http://9o0gle.com 
O4 - GS\Quicklaunch [user]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe http://9o0gle.com   =>.Microsoft Corporation
O4 - GS\Quicklaunch [user]: UC浏览器.lnk . (.UCWeb Inc. - UC浏览器.) C:\Program Files\UCBrowser\Application\UCBrowser.exe    =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.®
O4 - GS\sendTo [user]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo   =>.Microsoft Corporation
O4 - GS\TaskBar [user]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe http://9o0gle.com   =>.Microsoft Corporation
O4 - GS\TaskBar [user]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) C:\Windows\system32\SnippingTool.exe    =>.Microsoft Corporation
O4 - GS\TaskBar [user]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) C:\Windows\explorer.exe    =>.Microsoft Corporation
O4 - GS\TaskBar [user]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1   =>.Microsoft Corporation
O4 - GS\Programs [user]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe http://9o0gle.com   =>.Microsoft Corporation
O4 - GS\Programs [user]: UC浏览器.lnk . (.UCWeb Inc. - UC浏览器.) C:\Program Files\UCBrowser\Application\UCBrowser.exe    =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.®
O4 - GS\CommonDesktop [Public]: Acrobat Reader DC.lnk . (.Adobe Systems Incorporated - Adobe Acrobat Reader DC.) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe    =>.Adobe Systems, Incorporated®
O4 - GS\CommonDesktop [Public]: AVG Protection.lnk . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) C:\Program Files\AVG\Av\avgui.exe    =>.AVG Technologies CZ, s.r.o.®
O4 - GS\CommonDesktop [Public]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 8.1.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReader.exe    =>.Foxit Software Incorporated®
O4 - GS\CommonDesktop [Public]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) C:\Program Files\ZHPFix\ZHPhep.exe    =>.Nicolas Coolman
O4 - GS\Programs [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe http://9o0gle.com   =>.Microsoft Corporation
O4 - GS\Programs [Public]: UC浏览器.lnk . (.UCWeb Inc. - UC浏览器.) C:\Program Files\UCBrowser\Application\UCBrowser.exe    =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.®
O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) C:\Windows\system32\cmd.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) C:\Windows\system32\notepad.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) C:\Windows\explorer.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe  -extoff   =>.Microsoft Corporation®
O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) C:\Windows\system32\eudcedit.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.) C:\Windows\system32\displayswitch.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.) C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) C:\Windows\system32\mblctr.exe /open   =>.Microsoft Corporation
O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.) C:\Windows\system32\NetProj.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) C:\Windows\system32\mstsc.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) C:\Windows\system32\SnippingTool.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) C:\Windows\system32\SoundRecorder.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) C:\Windows\system32\StikyNot.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\Windows\System32\mobsync.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) C:\Windows\system32\rundll32.exe %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut   =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) C:\Program Files\Windows NT\Accessories\wordpad.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) C:\Windows\system32\charmap.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) C:\Windows\system32\dfrgui.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) C:\Windows\system32\cleanmgr.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.) C:\Windows\system32\perfmon.exe /res   =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) C:\Windows\system32\msinfo32.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) C:\Windows\system32\rstrui.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc /s 
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.) C:\Windows\system32\migwiz\postmig.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.) C:\Windows\system32\migwiz\migwiz.exe    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Acrobat Reader DC.lnk . (.Flexera Software LLC - InstallShield.) C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico    =>.Flexera Software LLC
O4 - GS\ProgramsCommon [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) C:\Windows\ehome\ehshell.exe    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe http://9o0gle.com   =>.Mozilla Corporation
O4 - GS\ProgramsCommon [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.) C:\Program Files\Windows Sidebar\sidebar.exe /showgadgets   =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise à niveau expr.) C:\Windows\system32\WindowsAnytimeUpgradeUI.exe    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - Création de DVD Windows.) C:\Program Files\DVD Maker\DVDMaker.exe    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1   =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) C:\Windows\system32\xpsrchvw.exe    =>.Microsoft Corporation

---\\ Modification Domaine/Adresses DNS (5) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1  =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{5CD3B4A8-5DC0-46EF-85D2-2F030DAE3CC0}: NameServer = 104.238.158.90,45.32.155.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE325BE2-7954-441E-AA90-7B630360E7E4}: NameServer = 104.238.158.90
O17 - HKLM\System\CCS\Services\Tcpip\..\{E3BD932F-EC35-4D2B-91ED-B30E5576EF83}: NameServer = 104.238.158.90,45.32.155.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{5CD3B4A8-5DC0-46EF-85D2-2F030DAE3CC0}: DhcpNameServer = 192.168.1.1  =>.Local IP Adress

---\\ Protocole additionnel (24) - 1s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll  =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll  =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll  =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll  =>.Microsoft Corporation®
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll  =>.Microsoft Corporation
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll  =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation®
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation®
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL  =>.Microsoft Corporation®

---\\ Logiciels installés (23) - 30s
O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Flash Player 23 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI  =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824202044}  =>.Adobe Systems Incorporated
O42 - Logiciel: AVG - (.AVG Technologies.) [HKLM] -- {45245351-2F21-4425-B1CA-F4674DC4052E}  =>.AVG Technologies
O42 - Logiciel: AVG 2016 - (.AVG Technologies.) [HKLM] -- {F2331EF8-07CA-42B2-8DED-A9DBF0E185DB}  =>.AVG Technologies
O42 - Logiciel: AVG Protection - (.AVG Technologies.) [HKLM] -- AVG  =>.AVG Technologies CZ, s.r.o.®
O42 - Logiciel: cleaner 1.0.1 - (.cleaner.) [HKLM] -- cleaner
O42 - Logiciel: Étude pour l'amélioration du produit HP Deskjet 1510 series - (.Hewlett-Packard Co..) [HKLM] -- {D41F4171-F38B-430C-A0A4-7D4344089C00}  =>.Hewlett-Packard Co.
O42 - Logiciel: FMW 1 - (.AVG Technologies.) [HKLM] -- {433A0418-4611-4BFA-9312-F70093C2BCED}  =>.AVG Technologies
O42 - Logiciel: Foxit Reader - (.Foxit Software Inc..) [HKLM] -- Foxit Reader_is1  =>.Foxit Software Incorporated®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}  =>Heuristic.Suspect
O42 - Logiciel: HP Deskjet 1510 series Aide - (.Hewlett Packard.) [HKLM] -- {00645C10-53C9-46DC-B7D0-6F7B006972E9}  =>.Hewlett Packard
O42 - Logiciel: HP Photo Creations - (.HP.) [HKLM] -- HP Photo Creations  =>.Visan Industries®
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {912D30CF-F39E-4B31-AD9A-123C6B794EE2}  =>.Hewlett-Packard
O42 - Logiciel: Logiciel de base du périphérique HP Deskjet 1510 series - (.Hewlett-Packard Co..) [HKLM] -- {1B04F160-866C-4EDF-A852-0F13F26B1D3D}  =>.Hewlett-Packard Co.
O42 - Logiciel: Mozilla Firefox 49.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 49.0.2 (x86 fr)  =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService  =>.Mozilla
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM] -- Notepad++  =>.Notepad++ Team
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}  =>.AVG Technologies CZ, s.r.o.
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player  =>.VideoLAN
O42 - Logiciel: WinRAR 5.40 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver  =>.win.rar GmbH®
O42 - Logiciel: youndoo - Uninstall - (...) [HKLM] -- {0B08F51F-2F04-40F3-8A59-85943EC33365}  =>PUP.Optional.Youndoo
O42 - Logiciel: ZHPFix 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1  =>.Nicolas Coolman

---\\ HKCU & HKLM Software Keys (110) - 30s
HKLM\SOFTWARE\360Safe
HKLM\SOFTWARE\Adobe  =>.Adobe
HKLM\SOFTWARE\AskPartnerNetwork  =>PUP.Optional.APNToolBar
HKLM\SOFTWARE\ATI Technologies  =>.ATI Technologies
HKLM\SOFTWARE\AVG
HKLM\SOFTWARE\B38CD3C5E8A7910B932420ADC8B3D59F  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Canneverbe Limited  =>.Canneverbe Limited
HKLM\SOFTWARE\CBSTEST
HKLM\SOFTWARE\ComputerZ
HKLM\SOFTWARE\dbmkdb
HKLM\SOFTWARE\Drojiseckeges
HKLM\SOFTWARE\Foxit Software  =>.Foxit Software
HKLM\SOFTWARE\Google  =>.Google
HKLM\SOFTWARE\Hewlett-Packard  =>.Hewlett-Packard
HKLM\SOFTWARE\HP  =>.HP
HKLM\SOFTWARE\Intel  =>.Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\kingsoft
HKLM\SOFTWARE\KuaiZip2
HKLM\SOFTWARE\LDSGameCenter
HKLM\SOFTWARE\LiveUpdate360
HKLM\SOFTWARE\LuDaShi
HKLM\SOFTWARE\Macromedia  =>.Macromedia
HKLM\SOFTWARE\Mozilla  =>.Mozilla
HKLM\SOFTWARE\mozilla.org  =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugin  =>.MozillaPlugin
HKLM\SOFTWARE\MozillaPlugins  =>.MozillaPlugins
HKLM\SOFTWARE\NCH Software  =>.NCH Software
HKLM\SOFTWARE\NCH Swift Sound  =>.NCH Swift Sound
HKLM\SOFTWARE\Nero
HKLM\SOFTWARE\Notepad++
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Prafosptloph
HKLM\SOFTWARE\Python
HKLM\SOFTWARE\QiLu Inc.  =>.QiLu Inc.
HKLM\SOFTWARE\RapidSolution  =>.RapidSolution
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Riot Games  =>.Riot Games
HKLM\SOFTWARE\RocketLife  =>.RocketLife
HKLM\SOFTWARE\Samsung  =>.Samsung
HKLM\SOFTWARE\Shizether
HKLM\SOFTWARE\simplitec
HKLM\SOFTWARE\Sonic  =>.Sonic
HKLM\SOFTWARE\SOSVirus  =>.SosVirus
HKLM\SOFTWARE\SSPrint
HKLM\SOFTWARE\Tencent  =>.Superfluous.Tencent
HKLM\SOFTWARE\trotuxSoftware  =>.Superfluous.Trotux
HKLM\SOFTWARE\UCBrowser
HKLM\SOFTWARE\UCBrowserPID
HKLM\SOFTWARE\VideoLAN  =>.VideoLAN
HKLM\SOFTWARE\Visan
HKLM\SOFTWARE\Volatile
HKLM\SOFTWARE\WinRAR  =>.WinRAR
HKLM\SOFTWARE\WOW6432Node
HKLM\SOFTWARE\xvb`lj
HKLM\SOFTWARE\youndooSoftware  =>PUP.Optional.Youndoo
HKCU\SOFTWARE\Adobe  =>.Adobe
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\AutoTime  =>Adware.TopTools
HKCU\SOFTWARE\AVAST Software  =>.AVAST Software
HKCU\SOFTWARE\Avg
HKCU\SOFTWARE\B38CD3C5E8A7910B932420ADC8B3D59F  =>PUP.Optional.CrossRider
HKCU\SOFTWARE\BugSplat
HKCU\SOFTWARE\Canneverbe Limited  =>.Canneverbe Limited
HKCU\SOFTWARE\Chromium  =>.Chromium
HKCU\SOFTWARE\dlr
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\ESRI  =>.ESRI
HKCU\SOFTWARE\Foxit Software  =>.Foxit Software
HKCU\SOFTWARE\Google  =>.Google
HKCU\SOFTWARE\Hewlett-Packard  =>.Hewlett-Packard
HKCU\SOFTWARE\HP  =>.HP
HKCU\SOFTWARE\IM
HKCU\SOFTWARE\Installer
HKCU\SOFTWARE\kdesk
HKCU\SOFTWARE\kingsoft
HKCU\SOFTWARE\KuaiZip
HKCU\SOFTWARE\KuaiZip2
HKCU\SOFTWARE\KuaiZipSFX
HKCU\SOFTWARE\KWallpaper
HKCU\SOFTWARE\Logitech  =>.Logitech
HKCU\SOFTWARE\Ludashi
HKCU\SOFTWARE\Macromedia  =>.Macromedia
HKCU\SOFTWARE\Mirage
HKCU\SOFTWARE\Mozilla  =>.Mozilla
HKCU\SOFTWARE\MozillaPlugins  =>.MozillaPlugins
HKCU\SOFTWARE\NCH Software  =>.NCH Software
HKCU\SOFTWARE\NCH Swift Sound  =>.NCH Swift Sound
HKCU\SOFTWARE\Nero
HKCU\SOFTWARE\Netscape  =>.Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\osTip
HKCU\SOFTWARE\P2PDownloader
HKCU\SOFTWARE\PopWnd
HKCU\SOFTWARE\QiLu Inc.  =>.QiLu Inc.
HKCU\SOFTWARE\RapidSolution  =>.RapidSolution
HKCU\SOFTWARE\Samsung  =>.Samsung
HKCU\SOFTWARE\SNDA
HKCU\SOFTWARE\SSPrint
HKCU\SOFTWARE\Tencent  =>.Superfluous.Tencent
HKCU\SOFTWARE\Trolltech  =>.Trolltech
HKCU\SOFTWARE\UCBrowser
HKCU\SOFTWARE\UCBrowserPID
HKCU\SOFTWARE\UsbFix
HKCU\SOFTWARE\Visan
HKCU\SOFTWARE\WinRAR  =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software

---\\ Contenu des dossiers Programmes (212) - 106s
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\9FEBFA5C-1478443121-11D5-A917-F2A2001C0A41  =>PUP.Optional.CrossRider
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Adobe  =>.Adobe Systems, Incorporated®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Anakury  =>.Glarysoft LTD®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\ArcGIS  =>.Environmental Systems Research
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\AVAST Software  =>.AVAST Software s.r.o.®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\AVG  =>.AVG Technologies CZ, s.r.o.®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Common Files  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\ContentPush
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\DVD Maker  =>.Aone Software
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\ESRI  =>.ESRI
O43 - CFD: 04/02/2016 - [0] SHD -- C:\Program Files\Fichiers communs  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Foxit Software  =>.Foxit Software Incorporated®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Google  =>.Google
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Hewlett-Packard  =>.Hewlett-Packard Company®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\HP  =>.Hewlett-Packard Company®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\HP Photo Creations  =>.Visan Industries®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Internet Download Manager  =>.Tonec Inc.®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Internet Explorer  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\kingsoft  =>.Beijing Kingsoft Security software Co.,Ltd®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\KuaiZip  =>.Shanghai Guangle Network Technology Co., Ltd.®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\LDSGameCenter  =>.Qihoo 360 Software (Beijing) Company Limited®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\LuDaShi
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Microsoft Analysis Services  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Microsoft Office  =>.Microsoft Corporation®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Microsoft Synchronization Services  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Microsoft.NET  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Mozilla Firefox  =>.Mozilla Corporation®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Mozilla Maintenance Service  =>.Mozilla Corporation®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\MSBuild  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\NCH Software  =>.NCH Software
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Notepad++  =>.Notepad++®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\RAR Password Unlocker
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Reference Assemblies  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\stashimi  =>.Stashimi
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Tencent  =>.Superfluous.Tencent
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\UCBrowser  =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.®
O43 - CFD: 06/11/2016 - [0] HD -- C:\Program Files\Uninstall Information  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\VideoLAN  =>.VideoLAN
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\wanttoxiamen
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Windows Defender  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Windows Journal  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Windows NT  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Windows Photo Viewer  =>.Microsoft Corporation®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Windows Portable Devices  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Windows Sidebar  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\WinRAR  =>.win.rar GmbH®
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\ZHPFix  =>.Nicolas Coolman
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\¿ìÑ¹  =>.Superfluous.Tencent
O43 - CFD: 23/06/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories  =>.Microsoft Corporation
O43 - CFD: 04/02/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools  =>.Administrative Tools
O43 - CFD: 09/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcGIS  =>.Environmental Systems Research
O43 - CFD: 31/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG  =>.AVG Software
O43 - CFD: 21/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
O43 - CFD: 21/11/2010 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games  =>.Microsoft Corporation
O43 - CFD: 11/08/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP  =>.Hewlett-Packard
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance  =>.Microsoft Corporation
O43 - CFD: 09/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office  =>.Microsoft Corporation
O43 - CFD: 06/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++  =>.Notepad++ Team
O43 - CFD: 04/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.5
O43 - CFD: 08/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers  =>.Samsung Electronics
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup  =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC  =>.Wacom Technology
O43 - CFD: 04/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN  =>.VideoLAN
O43 - CFD: 06/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wanttoxiamen
O43 - CFD: 03/09/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR  =>.WinRAR
O43 - CFD: 06/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP  =>.Nicolas Coolman
O43 - CFD: 06/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\金山毒霸
O43 - CFD: 06/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\鲁大师
O43 - CFD: 11/10/2016 - [] D -- C:\ProgramData\Adobe  =>.Adobe
O43 - CFD: 04/02/2016 - [] D -- C:\ProgramData\Alwil Software  =>.ALWIL Software
O43 - CFD: 01/03/2016 - [] D -- C:\ProgramData\APN  =>Toolbar.Ask
O43 - CFD: 14/07/2009 - [] SHD -- C:\ProgramData\Application Data  =>.Microsoft Corporation
O43 - CFD: 31/10/2016 - [] D -- C:\ProgramData\AVAST Software  =>.AVAST Software
O43 - CFD: 31/10/2016 - [] D -- C:\ProgramData\Avg  =>.AVG Software
O43 - CFD: 06/11/2016 - [] D -- C:\ProgramData\Avira  =>.Avira Software
O43 - CFD: 21/02/2016 - [] D -- C:\ProgramData\BlueStacksGameManager  =>.BlueStack Systems, Inc.
O43 - CFD: 21/02/2016 - [] D -- C:\ProgramData\BlueStacksSetup  =>.BlueStack Systems, Inc.
O43 - CFD: 04/02/2016 - [0] SHD -- C:\ProgramData\Bureau  =>.Microsoft Corporation
O43 - CFD: 19/02/2016 - [] D -- C:\ProgramData\Canneverbe Limited  =>.Canneverbe Limited
O43 - CFD: 31/10/2016 - [] HD -- C:\ProgramData\Common Files  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents  =>.Microsoft Corporation
O43 - CFD: 04/02/2016 - [0] SHD -- C:\ProgramData\Favoris  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites  =>.Microsoft Corporation
O43 - CFD: 21/03/2016 - [] D -- C:\ProgramData\Foxit ContentPlatform  =>.Foxit Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\ProgramData\Foxit Software  =>.Foxit Software
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\HP  =>.Hewlett-Packard
O43 - CFD: 11/08/2016 - [] D -- C:\ProgramData\HP Photo Creations  =>.HP Photo Creations
O43 - CFD: 06/02/2016 - [0] D -- C:\ProgramData\IDM  =>.IDM
O43 - CFD: 06/11/2016 - [] D -- C:\ProgramData\kdesk
O43 - CFD: 06/11/2016 - [] D -- C:\ProgramData\Kingsoft  =>.Kingsoft
O43 - CFD: 04/03/2016 - [] D -- C:\ProgramData\Macrovision  =>.Macrovision
O43 - CFD: 04/02/2016 - [0] SHD -- C:\ProgramData\Menu Démarrer  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\ProgramData\MFAData  =>.AVG
O43 - CFD: 06/04/2016 - [] SD -- C:\ProgramData\Microsoft  =>.Microsoft
O43 - CFD: 09/03/2016 - [] D -- C:\ProgramData\Microsoft Help  =>.Microsoft Corporation
O43 - CFD: 04/02/2016 - [0] SHD -- C:\ProgramData\Modèles  =>.Microsoft Corporation
O43 - CFD: 13/06/2016 - [] D -- C:\ProgramData\NCH Software  =>.NCH Software
O43 - CFD: 13/06/2016 - [] D -- C:\ProgramData\Nero  =>.Ahead Software
O43 - CFD: 12/06/2016 - [] D -- C:\ProgramData\Package Cache  =>.Microsoft Corporation
O43 - CFD: 20/02/2016 - [] D -- C:\ProgramData\RapidSolution  =>.RapidSolution
O43 - CFD: 24/05/2016 - [] D -- C:\ProgramData\Riot Games  =>.Riot Games
O43 - CFD: 08/03/2016 - [] D -- C:\ProgramData\Samsung  =>.Samsung
O43 - CFD: 12/06/2016 - [0] D -- C:\ProgramData\simplitec
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\ProgramData\Tencent  =>.Superfluous.Tencent
O43 - CFD: 06/11/2016 - [] D -- C:\ProgramData\Thunder Network  =>.Thunder Network
O43 - CFD: 06/11/2016 - [] D -- C:\ProgramData\TXQMPC  =>.Superfluous.TXQMPC
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Visan  =>.Visan Industries
O43 - CFD: 08/03/2016 - [] D -- C:\ProgramData\VS Revo Group  =>.VS Revo Group
O43 - CFD: 06/11/2016 - [] SHD -- C:\ProgramData\WindowsMsg
O43 - CFD: 11/10/2016 - [] D -- C:\Program Files\Common Files\Adobe  =>.Adobe
O43 - CFD: 31/10/2016 - [] D -- C:\Program Files\Common Files\AV  =>.Avast
O43 - CFD: 04/02/2016 - [] D -- C:\Program Files\Common Files\DESIGNER  =>.Designer
O43 - CFD: 09/03/2016 - [] D -- C:\Program Files\Common Files\ESRI  =>.ESRI
O43 - CFD: 09/03/2016 - [] D -- C:\Program Files\Common Files\microsoft shared  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\Services  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\SpeechEngines  =>.Microsoft Corporation
O43 - CFD: 10/02/2016 - [] D -- C:\Program Files\Common Files\System  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Program Files\Common Files\Tencent  =>.Superfluous.Tencent
O43 - CFD: 06/02/2016 - [] D -- C:\Users\user\AppData\Roaming\Adobe  =>.Adobe
O43 - CFD: 31/10/2016 - [] D -- C:\Users\user\AppData\Roaming\AVG  =>.AVG Software
O43 - CFD: 19/02/2016 - [] D -- C:\Users\user\AppData\Roaming\Canneverbe Limited  =>.Canneverbe Limited
O43 - CFD: 06/02/2016 - [] D -- C:\Users\user\AppData\Roaming\DMCache  =>.DMCache
O43 - CFD: 08/03/2016 - [] D -- C:\Users\user\AppData\Roaming\ESRI  =>.ESRI
O43 - CFD: 01/03/2016 - [] D -- C:\Users\user\AppData\Roaming\FileZilla  =>.FileZilla
O43 - CFD: 01/03/2016 - [] D -- C:\Users\user\AppData\Roaming\Foxit AgentInformation
O43 - CFD: 11/08/2016 - [] D -- C:\Users\user\AppData\Roaming\Foxit Software  =>.Foxit Software
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Roaming\Hakerck
O43 - CFD: 11/08/2016 - [] D -- C:\Users\user\AppData\Roaming\HpUpdate  =>.Hewlett-Packard
O43 - CFD: 04/02/2016 - [] D -- C:\Users\user\AppData\Roaming\Identities  =>.Microsoft Corporation
O43 - CFD: 06/02/2016 - [] D -- C:\Users\user\AppData\Roaming\IDM  =>.IDM
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Roaming\Kingsoft  =>.Kingsoft
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Roaming\Kuaizip
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Roaming\lockhomepage
O43 - CFD: 25/05/2016 - [] D -- C:\Users\user\AppData\Roaming\LolClient  =>.LolClient
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Roaming\Ludashi
O43 - CFD: 25/05/2016 - [] D -- C:\Users\user\AppData\Roaming\Macromedia  =>.Macromedia
O43 - CFD: 21/11/2010 - [0] D -- C:\Users\user\AppData\Roaming\Media Center Programs  =>.Microsoft Corporation
O43 - CFD: 12/08/2016 - [] SD -- C:\Users\user\AppData\Roaming\Microsoft  =>.Microsoft
O43 - CFD: 04/02/2016 - [] D -- C:\Users\user\AppData\Roaming\Mozilla  =>.Mozilla Corporation
O43 - CFD: 09/06/2016 - [] D -- C:\Users\user\AppData\Roaming\NCH Software  =>.NCH Software
O43 - CFD: 19/02/2016 - [] D -- C:\Users\user\AppData\Roaming\Nero  =>.Ahead Software
O43 - CFD: 06/07/2016 - [] D -- C:\Users\user\AppData\Roaming\Notepad++  =>.Notepad++ Team
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Roaming\Profiles  =>.Microsoft Corporation
O43 - CFD: 24/05/2016 - [] D -- C:\Users\user\AppData\Roaming\Riot Games  =>.Riot Games
O43 - CFD: 08/03/2016 - [0] D -- C:\Users\user\AppData\Roaming\Samsung  =>.Samsung
O43 - CFD: 06/11/2016 - [0] D -- C:\Users\user\AppData\Roaming\Softlink
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Roaming\Tencent  =>.Superfluous.Tencent
O43 - CFD: 31/10/2016 - [] D -- C:\Users\user\AppData\Roaming\TuneUp Software  =>.TuneUp Software
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Roaming\UPUpdata
O43 - CFD: 11/08/2016 - [] D -- C:\Users\user\AppData\Roaming\Visan  =>.Visan Industries
O43 - CFD: 05/10/2016 - [] D -- C:\Users\user\AppData\Roaming\vlc  =>.VideoLAN
O43 - CFD: 05/02/2016 - [] D -- C:\Users\user\AppData\Roaming\WinRAR  =>.WinRAR
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Local\9FEBFA5C-1478444960-11D5-A917-F2A2001C0A41
O43 - CFD: 13/10/2016 - [] D -- C:\Users\user\AppData\Local\Adobe  =>.Adobe
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Local\app  =>PUP.Optional.CrossRider
O43 - CFD: 04/02/2016 - [0] SHD -- C:\Users\user\AppData\Local\Application Data  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Local\Atahitaincoutain
O43 - CFD: 09/02/2016 - [] D -- C:\Users\user\AppData\Local\AVAST Software  =>.AVAST Software
O43 - CFD: 31/10/2016 - [] D -- C:\Users\user\AppData\Local\Avg  =>.AVG Software
O43 - CFD: 31/10/2016 - [] D -- C:\Users\user\AppData\Local\AvgSetupLog  =>.AVG
O43 - CFD: 21/02/2016 - [] D -- C:\Users\user\AppData\Local\Bluestacks  =>.BlueStack Systems, Inc.
O43 - CFD: 26/09/2016 - [] D -- C:\Users\user\AppData\Local\CEF  =>.CEF
O43 - CFD: 30/05/2016 - [] D -- C:\Users\user\AppData\Local\CrashRpt  =>.Superfluous.CrashReports
O43 - CFD: 06/09/2016 - [0] D -- C:\Users\user\AppData\Local\Diagnostics  =>.Microsoft Corporation
O43 - CFD: 21/05/2016 - [] D -- C:\Users\user\AppData\Local\Foxit Reader
O43 - CFD: 30/10/2016 - [] D -- C:\Users\user\AppData\Local\Google  =>.Google
O43 - CFD: 04/02/2016 - [0] SHD -- C:\Users\user\AppData\Local\Historique  =>.Microsoft Corporation
O43 - CFD: 02/03/2016 - [] D -- C:\Users\user\AppData\Local\HP  =>.Hewlett-Packard
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk  =>Hijacker.Browser
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Local\Kingsoft  =>.Kingsoft
O43 - CFD: 31/10/2016 - [] D -- C:\Users\user\AppData\Local\MFAData  =>.AVG
O43 - CFD: 18/06/2016 - [] D -- C:\Users\user\AppData\Local\Microsoft  =>.Microsoft
O43 - CFD: 18/03/2016 - [] D -- C:\Users\user\AppData\Local\Microsoft Help  =>.Microsoft Corporation
O43 - CFD: 04/02/2016 - [] D -- C:\Users\user\AppData\Local\Mozilla  =>.Mozilla Corporation
O43 - CFD: 21/02/2016 - [] D -- C:\Users\user\AppData\Local\Nero  =>.Ahead Software
O43 - CFD: 20/02/2016 - [] D -- C:\Users\user\AppData\Local\Nero_AG  =>.Ahead
O43 - CFD: 19/02/2016 - [] D -- C:\Users\user\AppData\Local\Programs  =>.Microsoft Corporation
O43 - CFD: 20/02/2016 - [] D -- C:\Users\user\AppData\Local\RapidSolution  =>.RapidSolution
O43 - CFD: 11/08/2016 - [] D -- C:\Users\user\AppData\Local\RLPlatform  =>.Djeman
O43 - CFD: 06/11/2016 - [] SHD -- C:\Users\user\AppData\Local\svchost
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Local\Temp  =>.Microsoft Corporation
O43 - CFD: 04/02/2016 - [0] SHD -- C:\Users\user\AppData\Local\Temporary Internet Files  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Local\UCBrowser  =>.UCWeb Inc
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Local\VirtualStore  =>.Microsoft Corporation
O43 - CFD: 08/03/2016 - [] D -- C:\Users\user\AppData\Local\VS Revo Group  =>.VS Revo Group
O43 - CFD: 19/02/2016 - [0] D -- C:\Users\user\AppData\Local\Programs\Common  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories  =>.Microsoft Corporation
O43 - CFD: 04/02/2016 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools  =>.Administrative Tools
O43 - CFD: 09/02/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome  =>.Google Inc.
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance  =>.Microsoft Corporation
O43 - CFD: 27/06/2016 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup  =>.Microsoft Corporation
O43 - CFD: 06/11/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
O43 - CFD: 03/09/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR  =>.WinRAR
O43 - CFD: 06/11/2016 - [0] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
O43 - CFD: 31/10/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Avg  =>.AVG Software
O43 - CFD: 05/11/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\AvgSetupLog  =>.AVG
O43 - CFD: 30/05/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\CrashRpt  =>.Superfluous.CrashReports
O43 - CFD: 04/02/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Google  =>.Google
O43 - CFD: 04/02/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft  =>.Microsoft
O43 - CFD: 31/10/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\AVG  =>.AVG Software
O43 - CFD: 10/08/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Foxit Software  =>.Foxit Software
O43 - CFD: 26/09/2016 - [] SD -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Microsoft  =>.Microsoft
O43 - CFD: 08/03/2016 - [0] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Samsung  =>.Samsung
O43 - CFD: 06/11/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Screenshot Pro
O43 - CFD: 06/11/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Tencent  =>.Superfluous.Tencent

---\\ Derniers fichiers créés dans Windows Prefetcher (4) - 13s
O45 - LFCP:[MD5.3D84123F3A2A2F343FF356FA64F9DC90] 06/11/2016 A -- C:\Windows\Prefetch\EZLIFE AUTOIN  X 3.3.EXE-263CA3FA.pf  =>Adware.AdRotator
O45 - LFCP:[MD5.5B5809F67BCD9EDE6C9D9E4AFDF606B8] 06/11/2016 A -- C:\Windows\Prefetch\EZLIFE AUTOIN  X 3.3.EXE-5F8BCAFF.pf  =>Adware.AdRotator
O45 - LFCP:[MD5.2F2947949D53A030017F182273770A94] 06/11/2016 A -- C:\Windows\Prefetch\EZLIFE AUTOIN  X 3.3.EXE-A5774DAE.pf  =>Adware.AdRotator
O45 - LFCP:[MD5.138BB6DA360F9CD386F6FA6D20200C09] 06/11/2016 A -- C:\Windows\Prefetch\EZLIFE AUTOIN  X 3.3.RAR.EXE-CACFD87C.pf  =>Adware.AdRotator

---\\ ShellExecuteHook  (1) - 0s
O46 - SEH:ShellExecuteHooks - (no name) - [HKLM] - {35FC7014-9EC3-11E6-A1D9-64006A5CFC23} . (...) -- C:\Users\user\AppData\Roaming\Hakerck\Chukoiedbovagh.dll (.not file.)

---\\ ShellIconOverlayIdentifiers (SIOI) (5) - 0s
O106 - SIOI: PCMgr Garbage Cleaner ShellExtension [.QMDeskTopGCIcon] - {B7667919-3765-4815-A66D-98A09BE662D6}. (.Tencent - 电脑管家-桌面快捷清理.) -- C:\Program Files\Tencent\QQPCMgr\12.0.18061.220\QMGCShellExt.dll  =>.Superfluous.Tencent
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll  =>.Microsoft Corporation
O106 - SIOI: KzShlobj Class [KzShlobj] - {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2}. (.Copyright (c) 上海广乐网络科技有限公司, All rights reserved - .) -- C:\Program Files\¿ìÑ¹\X86\KZipShell.dll  =>.Superfluous.Tencent
O106 - SIOI:  [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll  =>.Microsoft Corporation
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll  =>.Microsoft Corporation

---\\ Liste des pilotes du système (96) - 20s
O58 - SDL:2009/07/14 01:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys   [422976]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys   [297552]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys   [146512]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys   [14400]  =>.Microsoft Windows®
O58 - SDL:2010/11/20 21:29:03 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys   [80256]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys   [159312]  =>.Microsoft Windows®
O58 - SDL:2010/11/20 21:29:03 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys   [22400]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys   [76368]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys   [86608]  =>.Microsoft Windows®
O58 - SDL:2009/07/13 22:02:46 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\drivers\athr.sys   [1096704]  =>.Atheros Communications, Inc.
O58 - SDL:2016/05/13 07:43:30 A . (.AVG Technologies CZ, s.r.o. - AVG File Vault Driver.) -- C:\Windows\System32\drivers\avgdiskx.sys   [134912]  =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2016/06/06 08:24:46 A . (.AVG Technologies CZ, s.r.o. - AVG Filter Driver.) -- C:\Windows\System32\drivers\avgfwd6x.sys   [67336]  =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2016/09/22 14:44:06 A . (.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Driver.) -- C:\Windows\System32\drivers\avgidsdriverx.sys   [257792]  =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2016/07/27 15:28:44 A . (.AVG Technologies CZ, s.r.o. - AVG Application Activity Monitor Helper Dri.) -- C:\Windows\System32\drivers\avgidshx.sys   [210176]  =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2015/11/20 09:05:14 A . (.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Loader.) -- C:\Windows\System32\drivers\avgidsshimx.sys   [31664]  =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2016/09/20 16:53:22 A . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) -- C:\Windows\System32\drivers\avgldx86.sys   [218880]  =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2016/02/16 16:20:38 A . (.AVG Technologies CZ, s.r.o. - AVG Logging Driver.) -- C:\Windows\System32\drivers\avglogx.sys   [287008]  =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2016/09/26 18:19:18 A . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) -- C:\Windows\System32\drivers\avgmfx86.sys   [197376]  =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2016/06/01 13:16:40 A . (.AVG Technologies CZ, s.r.o. - AVG Anti-Rootkit Driver.) -- C:\Windows\System32\drivers\avgrkx86.sys   [47360]  =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2016/07/27 15:29:08 A . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) -- C:\Windows\System32\drivers\avgtdix.sys   [231680]  =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2016/06/20 15:17:38 A . (.AVG Technologies CZ, s.r.o. - AVG Universal Driver.) -- C:\Windows\System32\drivers\avgunivx.sys   [65280]  =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2009/07/13 22:02:49 A . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gi.) -- C:\Windows\System32\drivers\b57nd60x.sys   [229888]  =>.Broadcom Corporation
O58 - SDL:2009/07/13 22:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys   [13568]  =>.Brother Industries, Ltd.
O58 - SDL:2009/07/13 22:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys   [5248]  =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 00:57:25 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys   [272128]  =>.Brother Industries Ltd.
O58 - SDL:2009/07/13 22:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys   [62336]  =>.Brother Industries Ltd.
O58 - SDL:2009/07/13 22:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys   [12160]  =>.Brother Industries Ltd.
O58 - SDL:2009/07/13 22:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys   [11904]  =>.Brother Industries Ltd.
O58 - SDL:2009/07/13 22:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys   [430080]  =>.Broadcom Corporation
O58 - SDL:2009/07/14 01:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys   [15952]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys   [70720]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys   [453712]  =>.Microsoft Windows®
O58 - SDL:2009/07/13 22:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys   [3100160]  =>.Broadcom Corporation
O58 - SDL:2009/07/13 22:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys   [26624]  =>.Hauppauge Computer Works, Inc.
O58 - SDL:2009/07/14 01:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys   [67152]  =>.Microsoft Windows®
O58 - SDL:2010/11/20 21:29:03 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys   [332160]  =>.Microsoft Windows®
O58 - SDL:2009/06/10 21:19:30 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys   [4756480]  =>.Intel Corporation
O58 - SDL:2009/07/14 01:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys   [41040]  =>.Microsoft Windows®
O58 - SDL:2016/11/06 15:06:38 A . (.Kingsoft Corporation - Kingsoft Internet Security K Plus Driver.) -- C:\Windows\System32\drivers\kisknl.sys   [311384]  =>.Beijing Kingsoft Security software Co.,Ltd®
O58 - SDL:2016/11/06 15:06:38 A . (.Kingsoft Corporation - Kingsoft Internet Security K Plus Driver.) -- C:\Windows\System32\drivers\kisknl64.sys   [289408]  =>.Beijing Kingsoft Security software Co.,Ltd®
O58 - SDL:2016/11/06 15:06:38 A . (.Kingsoft Corporation - Kingsoft Internet Security K Plus Driver.) -- C:\Windows\System32\drivers\kisknl_del.sys   [311384]  =>.Beijing Kingsoft Security software Co.,Ltd®
O58 - SDL:2016/11/06 15:06:38 A . (.Kingsoft Corporation - Kingsoft Antivirus Defend.) -- C:\Windows\System32\drivers\kisnetm.sys   [113464]  =>.Beijing Kingsoft Security software Co.,Ltd®
O58 - SDL:2016/11/06 15:06:39 A . (.Kingsoft Corporation - Kingsoft Antivirus Defend.) -- C:\Windows\System32\drivers\kisnetm64.sys   [109880]  =>.Beijing Kingsoft Security software Co.,Ltd®
O58 - SDL:2016/11/06 15:06:39 A . (.Kingsoft Corporation - Kingsoft Antivirus Defend.) -- C:\Windows\System32\drivers\kisnetmxp.sys   [114488]  =>.Beijing Kingsoft Security software Co.,Ltd®
O58 - SDL:2016/11/06 15:06:40 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\Windows\System32\drivers\ksapi.sys   [114264]  =>.Beijing Kingsoft Security software Co.,Ltd®
O58 - SDL:2016/11/06 15:06:40 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\Windows\System32\drivers\ksapi64.sys   [70744]  =>.Beijing Kingsoft Security software Co.,Ltd®
O58 - SDL:2016/11/06 15:06:40 A . (.Kingsoft Corporation - Kingsoft skvKrpr Module.) -- C:\Windows\System32\drivers\ksskrpr.sys   [19352]  =>.Zhuhai  Kingsoft Software Co.,Ltd®
O58 - SDL:2016/11/06 14:45:04 A . (.WinMount International Inc - WinMount Driver for x86.) -- C:\Windows\System32\drivers\KuaiZipDrive.sys   [68168]  =>.Superfluous.Tencent
O58 - SDL:2016/11/06 14:52:14 A . (.WinMount International Inc - WinMount Driver for x86.) -- C:\Windows\System32\drivers\KuaiZipDrive2.sys   [68368]  =>.Shanghai Guangle Network Technology Co., Ltd.®
O58 - SDL:2009/07/13 22:02:46 A . (.Atheros Communications, Inc. - Atheros L1 Gigabit Ethernet 10/100/1000Base.) -- C:\Windows\System32\drivers\l160x86.sys   [47104]  =>.Atheros Communications, Inc.
O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys   [95824]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys   [89168]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys   [54864]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys   [96848]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys   [30800]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys   [235584]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys   [44624]  =>.Microsoft Windows®
O58 - SDL:2010/11/20 21:29:03 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys   [117120]  =>.Microsoft Windows®
O58 - SDL:2010/11/20 21:29:03 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys   [143744]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys   [1383488]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys   [106064]  =>.Microsoft Windows®
O58 - SDL:2009/07/13 20:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys   [20480]  =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2009/07/14 01:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys   [40016]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys   [77888]  =>.Microsoft Windows®
O58 - SDL:2011/05/13 03:21:04 A . (.Google Inc - ADB Interface.) -- C:\Windows\System32\drivers\ssadadb.sys   [30312]  =>.Google Inc
O58 - SDL:2011/05/13 03:21:06 A . (.MCCI Corporation - SAMSUNG Android USB Composite Device Driver.) -- C:\Windows\System32\drivers\ssadbus.sys   [121064]  =>.MCCI Corporation
O58 - SDL:2011/05/13 03:21:06 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssadcm.sys   [10472]  =>.MCCI Corporation
O58 - SDL:2011/05/13 03:21:06 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssadcmnt.sys   [10472]  =>.MCCI Corporation
O58 - SDL:2011/05/13 03:21:06 A . (.MCCI Corporation - SAMSUNG Android USB Diagnostic Serial Port.) -- C:\Windows\System32\drivers\ssadserd.sys   [114280]  =>.MCCI Corporation
O58 - SDL:2011/05/13 03:21:08 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssadwh.sys   [10344]  =>.MCCI Corporation
O58 - SDL:2011/05/13 03:21:08 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssadwhnt.sys   [10344]  =>.MCCI Corporation
O58 - SDL:2010/10/15 01:41:44 A . (.Samsung Electronics - 32bit Port Contention Driver.) -- C:\Windows\System32\drivers\SSPORT.sys   [5120]  =>.SAMSUNG Electronics
O58 - SDL:2009/07/14 01:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys   [21072]  =>.Microsoft Windows®
O58 - SDL:2016/11/06 15:00:19 A . (.Tencent - 电脑管家-TAO游戏启动加速驱动.) -- C:\Windows\System32\drivers\TAOAccelerator.sys   [124600]  =>.Superfluous.Tencent
O58 - SDL:2016/11/06 15:00:20 A . (.Tencent Technology(Shenzhen) Company Limited - TAOKernel.) -- C:\Windows\System32\drivers\TAOKernel.sys   [107512]  =>.Superfluous.Tencent
O58 - SDL:2016/11/06 15:00:20 A . (.电脑管家 - 电脑管家-驱动模块.) -- C:\Windows\System32\drivers\TFsFlt.sys   [157688]  =>.Superfluous.Tencent
O58 - SDL:2016/11/06 15:00:21 A . (.Tencent - Tencent TSDefense Boot (电脑管家主动防御模块).) -- C:\Windows\System32\drivers\TSDefenseBt.sys   [14008]  =>.Superfluous.Tencent
O58 - SDL:2016/11/06 15:00:21 A . (.电脑管家 - 电脑管家-驱动模块.) -- C:\Windows\System32\drivers\TsFltMgr.sys   [135640]  =>.Superfluous.Tencent
O58 - SDL:2016/08/02 06:55:09 A . (.Huorong Borui (Beijing) Technology Co., Ltd. - Huorong Network Security Core Kext.) -- C:\Windows\System32\drivers\ucguard.sys   [72064]  =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.®
O58 - SDL:2009/07/14 01:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys   [16976]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys   [141904]  =>.Microsoft Windows®
O58 - SDL:2009/07/13 21:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:2009/07/13 21:40:44 A . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:2009/07/13 21:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:2009/07/13 21:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:2009/07/13 21:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:2009/07/13 21:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:2009/07/13 21:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:2009/07/13 21:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:2009/07/13 21:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:2009/07/13 21:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:2009/07/13 21:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:2009/07/13 21:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:2009/07/13 21:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:2009/07/13 21:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:2009/07/13 21:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (49) - 32s
O61 - LFC: 2016/11/06 14:43:38 A . (..) -- C:\Users\user\AppData\Roaming\UPUpdata\1__3112222.exe   [137216]
O61 - LFC: 2016/11/06 14:44:04 A . (.clean.) -- C:\Users\user\AppData\Roaming\UPUpdata\cleaner.exe   [1052672]
O61 - LFC: 2016/11/06 14:45:38 A . (..) -- C:\Users\user\AppData\Roaming\UPUpdata\googlepop.exe   [512000]
O61 - LFC: 2016/11/06 15:28:30 A . (..) -- C:\Users\user\AppData\Roaming\Tencent\Security001\769-629796.exe   [103616]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:04:40 A . (.Tencent.) -- C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\qmdr\dr.dll   [76168]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 14:59:15 A . (.Tencent.) -- C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Download\QQPCMgr_Setup.exe   [53676240]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\AdbCmdServer.dll   [206440]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.Google, inc.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\AdbWinApi.dll   [51304]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.Google, inc.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\AdbWinUsbApi.dll   [32872]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\AndroidDaemon.exe   [37992]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\AndroidDevice.dll   [277608]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\AndroidServer.exe   [234600]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\AndroidServerUp.exe   [214632]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.Tencent.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\arkFS.dll   [84584]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.Tencent.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\arkGraphic.dll   [363624]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.Tencent.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\arkImage.dll   [65128]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.Tencent.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\arkIOStub.dll   [24680]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.Tencent.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\AsyncTask.dll   [94312]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\bugreport.exe   [279144]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.Tencent.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\Common.dll   [1956968]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\ConnectManager.dll   [439400]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\ConnectUI.dll   [376424]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\Daemon.dll   [98408]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:16 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\DaemonProxy.dll   [44648]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:17 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\DownloadMgr.dll   [182888]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:17 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\DriverTools.exe   [122984]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:17 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\DriverToolsX64.exe   [142440]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:17 A . (.Tencent.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\GF.dll   [2343016]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:17 A . (..) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\libexpatw.dll   [137832]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:17 A . (.Tencent.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\libimagequant.dll   [61032]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:17 A . (..) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\libjpegturbo.dll   [287848]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:17 A . (..) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\libpng.dll   [136808]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:17 A . (..) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\libtcmalloc.dll   [185960]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:17 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\Log4cplus.dll   [320616]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:17 A . (..) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\lua.dll   [165992]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:17 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\mdb.exe   [44648]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:18 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\NetHub.dll   [334440]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:18 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\NetworkMgr.dll   [238184]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:18 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\QQPMIpc.dll   [89704]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:18 A . (.TODO: <公司名>.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\RubikEngine.dll   [898152]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:18 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\SdkClient.dll   [691816]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:18 A . (..) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\sqlite.dll   [456808]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:18 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\tadb.exe   [629864]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:18 A . (.腾讯公司.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\TADInstaller.dll   [234088]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:18 A . (.Tencent.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\tinyxml.dll   [101992]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:18 A . (.Tencent.) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\xGraphic32.dll   [140392]  =>.Superfluous.Tencent
O61 - LFC: 2016/11/06 15:08:18 A . (..) -- C:\Users\user\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\zlib.dll   [83560]  =>.Superfluous.Tencent
O61 - LFC: 2016/10/21 23:18:50 A . (..) -- C:\Users\user\AppData\Roaming\Microsoft\UProof\CMAdj.12.bin   [56]
O61 - LFC: 2016/11/06 14:59:18 A . (..) -- C:\Users\user\AppData\Local\Temp\Tencent\QQPCMgr\~46141f\UpdateTrayIcon.exe   [218304]  =>.Superfluous.Tencent

---\\ Associations Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe  =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Menu de démarrage Internet (12) - 0s
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   =>.Mozilla Corporation®
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe   =>.Microsoft Corporation®
O68 - StartMenuInternet: <UCBrowser> <UC浏览器>[HKLM\..\Shell\open\Command] (.UCWeb Inc. - UC浏览器.) -- C:\Program Files\UCBrowser\Application\UCBrowser.exe   =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.®
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe  =>.Mozilla Corporation
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <UCBrowser> <UC浏览器>[HKLM\..\InstallInfo\ShowIconsCommand] (.UCWeb Inc. - UC浏览器.) -- C:\Program Files\UCBrowser\Application\UCBrowser.exe  =>.UCWeb Inc.
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe  =>.Mozilla Corporation
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <UCBrowser> <UC浏览器>[HKLM\..\InstallInfo\ReinstallCommand] (.UCWeb Inc. - UC浏览器.) -- C:\Program Files\UCBrowser\Application\UCBrowser.exe  =>.UCWeb Inc.
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe  =>.Mozilla Corporation
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <UCBrowser> <UC浏览器>[HKLM\..\InstallInfo\HideIconsCommand] (.UCWeb Inc. - UC浏览器.) -- C:\Program Files\UCBrowser\Application\UCBrowser.exe  =>.UCWeb Inc.

---\\ Recherche d'infection sur les navigateurs (10) - 10s
O69 - SBI: prefs.js [user - su1j13e9.default-1464644485823] user_pref("browser.newtab.url", "http://www.trotux.com/?z=6f80390bbface6d6dcda537g2zfm9b2z5zcc4o9gbq&from=clc&uid=MAXTORXSTM325082[...]  =>.Superfluous.Trotux
O69 - SBI: prefs.js [user - su1j13e9.default-1464644485823] user_pref("browser.search.defaultenginename", "trotux");  =>.Superfluous.Trotux
O69 - SBI: prefs.js [user - su1j13e9.default-1464644485823] user_pref("browser.search.searchengine.hp", "http://www.trotux.com/?z=6f80390bbface6d6dcda537g2zfm9b2z5zcc4o9gbq&from=clc&uid=MAXT[...]  =>.Superfluous.Trotux
O69 - SBI: prefs.js [user - su1j13e9.default-1464644485823] user_pref("browser.search.searchengine.sp", "http://www.trotux.com/search/?from=clc&q={searchTerms}&type=sp&uid=MAXTORXSTM3250820A[...]  =>.Superfluous.Trotux
O69 - SBI: prefs.js [user - su1j13e9.default-1464644485823] user_pref("browser.search.searchengine.url", "http://www.trotux.com/search/?from=clc&q={searchTerms}&type=sp&uid=MAXTORXSTM3250820[...]  =>.Superfluous.Trotux
O69 - SBI: prefs.js [user - su1j13e9.default-1464644485823] user_pref("browser.search.selectedEngine", "trotux");  =>.Superfluous.Trotux
O69 - SBI: prefs.js [user - su1j13e9.default-1464644485823] user_pref("browser.startup.homepage", "http://www.trotux.com/?z=6f80390bbface6d6dcda537g2zfm9b2z5zcc4o9gbq&from=clc&uid=MAXTORXSTM[...]  =>.Superfluous.Trotux
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {EF3F160E-B5DA-4D19-A652-A347B03A8FB4} - (Ask Search) - http://ask-tb.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/

---\\ Enumère les services démarrés par Svchost (34) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [62464]  =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll   [67584]  =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll   [67584]  =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [168960]  =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [593408]  =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\IKEEXT.DLL   [674304]  =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\audiosrv.dll   [473600]  =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll   [90624]  =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll   [286208]  =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [75264]  =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll   [49664]  =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll   [300544]  =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll   [242176]  =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll   [521216]  =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll   [1914368]  =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll   [585728]  =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [328192]  =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll   [499712]  =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\System32\seclogon.dll   [21504]  =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [47104]  =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [114688]  =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\System32\mmcss.dll   [49664]  =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [61440]  =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [98304]  =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [164352]  =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [750592]  =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\KMSVC.DLL   [71168]  =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll   [113664]  =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [168960]  =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [102400]  =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [37376]  =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [76800]  =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll   [149504]  =>.Microsoft Corporation
O83 - Search Svchost Services: HpSvc (HpSvc) . (.Copyright (C) 2008-2016 www.ludashi.com - 硬件防护核心服务.) -- C:\Program Files\LuDaShi\lpi\HpSvc.dll   [239016]  =>.Qihoo 360 Software (Beijing) Company Limited®

---\\ Liste des exceptions du parefeu Windows (5) - 6s
O87 - FAEL: "{05DFC02D-A233-4C28-84DF-5062AED33DBF}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Alwil Software\Avast5\ng\vbox\aswFe.exe (.not file.)
O87 - FAEL: "{7C326CB0-1E8F-4C6E-A3B8-9C5FC1F5AD38}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Alwil Software\Avast5\ng\vbox\aswFe.exe (.not file.)
O87 - FAEL: "{A2CDC1BB-361B-4F87-B9A8-32A1BFDD36D2}" [In-None-P17-TRUE] .(...) -- C:\Program Files\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe (.not file.)
O87 - FAEL: "{3EB56BD0-6101-43CC-8787-1AC62A14DC46}" [In-None-P6-TRUE] .(...) -- C:\Users\user\AppData\Local\Temp\QQPCDownload45944.exe (.not file.)
O87 - FAEL: "{51B74A99-ECE2-4E7E-B919-7BE25E904DFA}" [In-None-P17-TRUE] .(...) -- C:\Users\user\AppData\Local\Temp\QQPCDownload45944.exe (.not file.)

---\\ Liste des émulateurs de CD/DVD (MBR Hook) (6) - 7s
HKLM\SOFTWARE\Microsoft\Tracing\ApnStub_RASAPI32  =>Toolbar.Ask
HKLM\SOFTWARE\Microsoft\Tracing\ApnStub_RASMANCS  =>Toolbar.Ask
HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32  =>Toolbar.AskBar
HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS  =>Toolbar.AskBar
HKLM\SOFTWARE\Microsoft\Tracing\ezLife AutoIn  X 3_RASAPI32  =>Adware.AdRotator
HKLM\SOFTWARE\Microsoft\Tracing\ezLife AutoIn  X 3_RASMANCS  =>Adware.AdRotator

---\\ Scan Additionnel (44) - 0s
HKLM\SYSTEM\CurrentControlSet\Services\tunyfufy  =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\zigipyro  =>PUP.Optional.CrossRider
C:\Users\user\AppData\Local\9FEBFA5C-1478444960-11D5-A917-F2A2001C0A41\qnseE13A.tmp  =>PUP.Optional.CrossRider
C:\Windows\Tasks\AutoKMS.job  =>HackTool.AutoKMS
C:\Windows\Tasks\AutoKMSDaily.job  =>HackTool.AutoKMS
C:\Windows\Tasks\UCBrowserUpdater.job  =>PUP.Optional.CertifiedToolbar
C:\Windows\System32\Tasks\AutoKMS  =>HackTool.AutoKMS
C:\Windows\System32\Tasks\AutoKMSDaily  =>HackTool.AutoKMS
C:\Windows\System32\Tasks\UCBrowserUpdater  =>PUP.Optional.CertifiedToolbar
C:\Users\user\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gkbhpmdajdojnnhkfgffkofkjifglkan  =>.Superfluous.MusixLib
C:\Program Files\Tencent\QQPCMgr\12.0.18061.220\npQMExtensionsMozilla.dll  =>.Superfluous.Tencent
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0B08F51F-2F04-40F3-8A59-85943EC33365}  =>PUP.Optional.Youndoo
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}  =>Heuristic.Suspect
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0B08F51F-2F04-40F3-8A59-85943EC33365}  =>PUP.Optional.Youndoo
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}  =>Heuristic.Suspect
HKLM\SOFTWARE\AskPartnerNetwork  =>PUP.Optional.APNToolBar
HKLM\SOFTWARE\B38CD3C5E8A7910B932420ADC8B3D59F  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Tencent  =>.Superfluous.Tencent
HKLM\SOFTWARE\trotuxSoftware  =>.Superfluous.Trotux
HKLM\SOFTWARE\youndooSoftware  =>PUP.Optional.Youndoo
HKCU\SOFTWARE\AutoTime  =>Adware.TopTools
HKCU\SOFTWARE\B38CD3C5E8A7910B932420ADC8B3D59F  =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Tencent  =>.Superfluous.Tencent
C:\Program Files\9FEBFA5C-1478443121-11D5-A917-F2A2001C0A41  =>PUP.Optional.CrossRider
C:\ProgramData\APN  =>Toolbar.Ask
C:\ProgramData\Tencent  =>.Superfluous.Tencent
C:\ProgramData\TXQMPC  =>.Superfluous.TXQMPC
C:\Program Files\Common Files\Tencent  =>.Superfluous.Tencent
C:\Users\user\AppData\Roaming\Tencent  =>.Superfluous.Tencent
C:\Users\user\AppData\Local\app  =>PUP.Optional.CrossRider
C:\Users\user\AppData\Local\CrashRpt  =>.Superfluous.CrashReports
C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk  =>Hijacker.Browser
C:\Windows\System32\Config\systemprofile\AppData\Local\CrashRpt  =>.Superfluous.CrashReports
C:\Windows\System32\Config\systemprofile\AppData\Roaming\Tencent  =>.Superfluous.Tencent
C:\Windows\Prefetch\EZLIFE AUTOIN  X 3.3.EXE-263CA3FA.pf  =>Adware.AdRotator
C:\Windows\Prefetch\EZLIFE AUTOIN  X 3.3.EXE-5F8BCAFF.pf  =>Adware.AdRotator
C:\Windows\Prefetch\EZLIFE AUTOIN  X 3.3.EXE-A5774DAE.pf  =>Adware.AdRotator
C:\Windows\Prefetch\EZLIFE AUTOIN  X 3.3.RAR.EXE-CACFD87C.pf  =>Adware.AdRotator
HKLM\SOFTWARE\Microsoft\Tracing\ApnStub_RASAPI32  =>Toolbar.Ask
HKLM\SOFTWARE\Microsoft\Tracing\ApnStub_RASMANCS  =>Toolbar.Ask
HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32  =>Toolbar.AskBar
HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS  =>Toolbar.AskBar
HKLM\SOFTWARE\Microsoft\Tracing\ezLife AutoIn  X 3_RASAPI32  =>Adware.AdRotator
HKLM\SOFTWARE\Microsoft\Tracing\ezLife AutoIn  X 3_RASMANCS  =>Adware.AdRotator

---\\ Récapitulatif des éléments trouvés sur votre station (16) - 0s
https://www.nicolascoolman.com/fr/adware-tencentaddressbar/  =>.Superfluous.Tencent
https://www.anti-malware.top/2016/04/30/pup-optional-crossrider/  =>PUP.Optional.CrossRider
https://www.anti-malware.top/2016/05/04/hacktool-autokms/  =>HackTool.AutoKMS
https://www.nicolascoolman.com/fr/pup-certifiedtoolbar/  =>PUP.Optional.CertifiedToolbar
https://www.anti-malware.top/2016/06/18/superfluous-youndoo/  =>PUP.Optional.Youndoo
https://www.nicolascoolman.com/fr/logiciels-superflus  =>.Superfluous.MusixLib
https://www.anti-malware.top/2016/07/03/superfluous-trotux/  =>.Superfluous.Trotux
https://www.anti-malware.top/2016/04/22/heuristic-suspect/  =>Heuristic.Suspect
https://www.nicolascoolman.com/fr/repaquetage-et_infections/  =>PUP.Optional.APNToolBar
https://www.nicolascoolman.com/fr/repaquetage-et_infections/  =>Adware.TopTools
https://www.anti-malware.top/2016/09/22/toolbar-ask/  =>Toolbar.Ask
https://www.nicolascoolman.com/fr/logiciels-superflus  =>.Superfluous.TXQMPC
https://www.nicolascoolman.com/fr/logiciels-superflus  =>.Superfluous.CrashReports
https://www.nicolascoolman.com/fr/hijacker-browser/  =>Hijacker.Browser
https://www.nicolascoolman.com/fr/adware-adrotator/  =>Adware.AdRotator
https://www.nicolascoolman.com/fr/les-toolbars/  =>Toolbar.AskBar

~ End of the scan, 13797 items in 00h16mn44s (1052)