# AdwCleaner v6.030 - Rapport créé le 20/11/2016 à 19:35:32
# Mis à jour le 19/10/2016 par Malwarebytes
# Base de données : 2016-11-20.1 [Serveur]
# Système d'exploitation : Windows 10 Home  (X64)
# Nom d'utilisateur : Morgane - LAPTOP-B6F5JDET
# Exécuté depuis : C:\Users\Morgane\Downloads\adwcleaner_6.030 (1).exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

Service trouvé:  63a824271f5fd44a3335e1e98740d43e
Service trouvé:  vToolbarUpdater40.3.6
Service trouvé:  SMUpd
Service trouvé:  SMUpdd
Service trouvé:  zdengine
Service trouvé:  UCBrowserSvc
Service trouvé:  WtuSystemSupport
Service trouvé:  ProntSpooler
Service trouvé:  zdwfp
Service trouvé:  GoogleChromeUpService
Service trouvé:  KuaiZipDrive
Service trouvé:  zigipyro
Service trouvé:  MaohaWifiNetPro
Service trouvé:  MaohaWifiSvr
Service trouvé:  NetUtils2016


***** [ Dossiers ] *****

Dossier trouvé:  C:\Program Files (x86)\7C640227-1479659556-11E6-B030-EC8EB5290000
Dossier trouvé:  C:\Users\Morgane\AppData\Local\7C640227-1479663192-11E6-B030-EC8EB5290000
Dossier trouvé:  C:\Users\Morgane\AppData\Local\avg web tuneup
Dossier trouvé:  C:\Users\Morgane\AppData\Roaming\Softlink
Dossier trouvé:  C:\Users\Morgane\AppData\Roaming\Microleaves
Dossier trouvé:  C:\Program Files\avg web tuneup
Dossier trouvé:  C:\Program Files\Common Files\AVG Secure Search
Dossier trouvé:  C:\Program Files\Common Files\Noobzo
Dossier trouvé:  C:\ProgramData\SearchModule
Dossier trouvé:  C:\ProgramData\WindowsMsg
Dossier trouvé:  C:\ProgramData\avg web tuneup
Dossier trouvé:  C:\ProgramData\Thunder Network
Dossier trouvé:  C:\ProgramData\Microleaves
Dossier trouvé:  C:\ProgramData\thunder network
Dossier trouvé:  C:\ProgramData\Application Data\SearchModule
Dossier trouvé:  C:\ProgramData\Application Data\WindowsMsg
Dossier trouvé:  C:\ProgramData\Application Data\avg web tuneup
Dossier trouvé:  C:\ProgramData\Application Data\Thunder Network
Dossier trouvé:  C:\ProgramData\Application Data\Microleaves
Dossier trouvé:  C:\ProgramData\Application Data\thunder network
Dossier trouvé:  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MaohaWiFi
Dossier trouvé:  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MaohaWifi
Dossier trouvé:  C:\Program Files (x86)\avg web tuneup
Dossier trouvé:  C:\Program Files (x86)\GreatMaker
Dossier trouvé:  C:\Program Files (x86)\mpck
Dossier trouvé:  C:\Program Files (x86)\Microleaves
Dossier trouvé:  C:\Program Files (x86)\Common Files\AVG Secure Search


***** [ Fichiers ] *****

Fichier trouvé:  C:\WINDOWS\SysNative\drivers\c69a3da9d3b26d8e357750bdfed5f673.sys
Fichier trouvé:  C:\Users\Morgane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MaohaWiFi.lnk
Fichier trouvé:  C:\Users\Morgane\AppData\Roaming\Microsoft\Windows\Start Menu\¿ìѹ.lnk
Fichier trouvé:  C:\WINDOWS\SysNative\zdengineOff.ini
Fichier trouvé:  C:\WINDOWS\SysNative\zdengine64.dll
Fichier trouvé:  C:\WINDOWS\SysNative\NetUtils2016.dll
Fichier trouvé:  C:\WINDOWS\SysNative\drivers\NetUtils2016.sys
Fichier trouvé:  C:\ProgramData\smp2.exe
Fichier trouvé:  C:\ProgramData\smp2.exe
Fichier trouvé:  C:\ProgramData\Application Data\smp2.exe
Fichier trouvé:  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com.lnk
Fichier trouvé:  C:\WINDOWS\SysWoW64\zdengineOff.ini
Fichier trouvé:  C:\WINDOWS\SysWoW64\zdengine.dll
Fichier trouvé:  C:\Users\Morgane\AppData\Local\Temp\ziengine.ini.log


***** [ DLL ] *****

Aucune DLL patchée trouvée.


***** [ WMI ] *****

Clé trouvée : \root\subscription\\ActiveScriptEventConsumer [ASEC]


***** [ Raccourcis ] *****

Raccourci infecté:  C:\Users\Public\Desktop\Google Chrome.lnk (  --load-extension="C:\Users\Morgane\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://9o0gle.com/ )
Raccourci infecté:  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk (  --load-extension="C:\Users\Morgane\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://9o0gle.com/ )
Raccourci infecté:  C:\Users\Morgane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk (  --load-extension="C:\Users\Morgane\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://9o0gle.com/ )
Raccourci infecté:  C:\Users\Morgane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk (  --load-extension="C:\Users\Morgane\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" ht


***** [ Tâches planifiées ] *****

Tâche trouvée:  updengine
Tâche trouvée:  SMW_P
Tâche trouvée:  PPI Update
Tâche trouvée:  updengine
Tâche trouvée:  Traffic Exchange Guardian
Tâche trouvée:  Traffic Exchange v2
Tâche trouvée:  Traffic Exchange Updater
Tâche trouvée:  Traffic Exchange v2 OnGuard
Tâche trouvée:  Traffic Exchange
Tâche trouvée:  Traffic Exchange v2 Guard
Tâche trouvée:  Traffic Exchange v2 OG
Tâche trouvée:  Traffic Exchange v2 Guardian
Tâche trouvée:  Traffic Exchange Guard
Tâche trouvée:  Traffic Exchange v2 On Guard
Tâche trouvée:  SecureUpdater


***** [ Registre ] *****

Clé trouvée:  HKLM\SOFTWARE\Classes\UCHTML
Clé trouvée:  HKLM\SOFTWARE\Classes\UCHTML.AssocFile.CRX
Clé trouvée:  HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTM
Clé trouvée:  HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTML
Clé trouvée:  HKLM\SOFTWARE\Classes\UCHTML.AssocFile.MHT
Clé trouvée:  HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTM
Clé trouvée:  HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTML
Clé trouvée:  HKLM\SOFTWARE\Classes\UCHTML.AssocFile.WEBP
Clé trouvée:  HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHT
Clé trouvée:  HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHTML
Clé trouvée:  HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ProntSpooler
Clé trouvée:  [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ProntSpooler
Clé trouvée:  HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\GoogleChromeUpService
Clé trouvée:  [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\GoogleChromeUpService
Clé trouvée:  HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt
Clé trouvée:  HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt.1
Clé trouvée:  HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu
Clé trouvée:  HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu.1
Clé trouvée:  HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler
Clé trouvée:  HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler.1
Clé trouvée:  HKLM\SOFTWARE\Classes\QZipShell.KzShlobj
Clé trouvée:  HKLM\SOFTWARE\Classes\QZipShell.KzShlobj.1
Clé trouvée:  HKLM\SOFTWARE\Classes\QZipShell.PropertyExt
Clé trouvée:  HKLM\SOFTWARE\Classes\QZipShell.PropertyExt.1
Clé trouvée:  HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Clé trouvée:  HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Clé trouvée:  HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Clé trouvée:  HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Clé trouvée:  HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
Clé trouvée:  HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
Clé trouvée:  [x64] HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt
Clé trouvée:  [x64] HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt.1
Clé trouvée:  [x64] HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu
Clé trouvée:  [x64] HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu.1
Clé trouvée:  [x64] HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler
Clé trouvée:  [x64] HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler.1
Clé trouvée:  [x64] HKLM\SOFTWARE\Classes\QZipShell.KzShlobj
Clé trouvée:  [x64] HKLM\SOFTWARE\Classes\QZipShell.KzShlobj.1
Clé trouvée:  [x64] HKLM\SOFTWARE\Classes\QZipShell.PropertyExt
Clé trouvée:  [x64] HKLM\SOFTWARE\Classes\QZipShell.PropertyExt.1
Clé trouvée:  [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Clé trouvée:  [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Clé trouvée:  [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Clé trouvée:  [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Clé trouvée:  [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
Clé trouvée:  [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
Clé trouvée:  HKLM\SOFTWARE\Classes\AppID\{25B1494D-230A-42CF-BBF6-EC73868D13DC}
Clé trouvée:  HKLM\SOFTWARE\Classes\AppID\{9CC34070-3A38-4C7A-89CB-EF8177EF07A1}
Clé trouvée:  HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Clé trouvée:  HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé trouvée:  HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Clé trouvée:  HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Clé trouvée:  HKLM\SOFTWARE\Classes\CLSID\{176F706B-5175-479C-A3DF-32420F6FB01A}
Clé trouvée:  HKLM\SOFTWARE\Classes\CLSID\{38BE2BE8-EB8E-41D1-9D94-3B1697094D47}
Clé trouvée:  HKLM\SOFTWARE\Classes\CLSID\{53C267B2-B01D-410F-A4DD-A32962EE55F4}
Clé trouvée:  HKLM\SOFTWARE\Classes\CLSID\{8804A543-42D3-4D71-9685-B0243D5526F3}
Clé trouvée:  HKLM\SOFTWARE\Classes\CLSID\{A0F322D5-6A13-4CAB-84CF-FABB5690618E}
Clé trouvée:  HKLM\SOFTWARE\Classes\CLSID\{AC3E336C-B524-47F0-9AA2-5F67AA056086}
Clé trouvée:  HKLM\SOFTWARE\Classes\CLSID\{C68E9BB6-3DBD-4C4B-910B-C5D84A7EBB03}
Clé trouvée:  HKLM\SOFTWARE\Classes\CLSID\{F577A1BA-D82D-4BB2-8430-B767285D081D}
Clé trouvée:  HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Clé trouvée:  HKLM\SOFTWARE\Classes\Interface\{0FF03983-EAA6-4628-8E7C-387B2D4F8EF2}
Clé trouvée:  HKLM\SOFTWARE\Classes\Interface\{3A71C84A-1CC4-4201-B037-C81CE118D66F}
Clé trouvée:  HKLM\SOFTWARE\Classes\Interface\{432599E9-40CF-41E3-951A-E1E81B7B1D29}
Clé trouvée:  HKLM\SOFTWARE\Classes\Interface\{7D215707-3E74-4E0E-A078-2C95E1CDE233}
Clé trouvée:  HKLM\SOFTWARE\Classes\Interface\{9295785F-8C01-4ED3-9322-8BE5C17CA141}
Clé trouvée:  HKLM\SOFTWARE\Classes\Interface\{B98E44C8-7BB7-4A4A-B8D2-60874CA109B2}
Clé trouvée:  HKLM\SOFTWARE\Classes\Interface\{C656BCEB-6B19-4992-9975-D53CEA283356}
Clé trouvée:  HKLM\SOFTWARE\Classes\Interface\{D5AC4B9C-8EE4-48AD-A77E-1560AD886A0B}
Clé trouvée:  HKLM\SOFTWARE\Classes\Interface\{D6914FD3-FD8E-45AD-8993-901E7B2759FD}
Clé trouvée:  HKLM\SOFTWARE\Classes\Interface\{E0106905-0EDD-4F56-BDB5-890A1F6E8F47}
Clé trouvée:  HKLM\SOFTWARE\Classes\Interface\{E26E880F-176C-4007-B2A7-B8F27621EC51}
Clé trouvée:  HKLM\SOFTWARE\Classes\Interface\{E776B534-9402-4049-87C3-089EC0F54BAF}
Clé trouvée:  HKLM\SOFTWARE\Classes\Interface\{FCFBBE24-2ADA-4D6E-A381-DEC6E3EAEE21}
Clé trouvée:  HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Clé trouvée:  HKLM\SOFTWARE\Classes\TypeLib\{63492C58-6CD7-4FF7-8495-06A6869643EE}
Clé trouvée:  HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Clé trouvée:  HKLM\SOFTWARE\Classes\TypeLib\{86C4C3BA-4EA4-4CF8-98B9-6B07B477B835}
Clé trouvée:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé trouvée:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé trouvée:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé trouvée:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Clé trouvée:  HKU\S-1-5-21-1366686288-1612349774-1125130407-1001\Software\Installer
Clé trouvée:  HKU\S-1-5-21-1366686288-1612349774-1125130407-1001\Software\MICROSOFT\OTUT
Clé trouvée:  HKU\S-1-5-21-1366686288-1612349774-1125130407-1001\Software\UCBrowser
Clé trouvée:  HKU\S-1-5-21-1366686288-1612349774-1125130407-1001\Software\UCBrowserPID
Clé trouvée:  HKU\S-1-5-21-1366686288-1612349774-1125130407-1001\Software\SNDA
Clé trouvée:  HKU\S-1-5-21-1366686288-1612349774-1125130407-1001\Software\Maoha
Clé trouvée:  HKCU\Software\Installer
Clé trouvée:  HKCU\Software\MICROSOFT\OTUT
Clé trouvée:  HKCU\Software\UCBrowser
Clé trouvée:  HKCU\Software\UCBrowserPID
Clé trouvée:  HKCU\Software\SNDA
Clé trouvée:  HKCU\Software\Maoha
Clé trouvée:  HKLM\SOFTWARE\AVG Tuneup
Clé trouvée:  HKLM\SOFTWARE\UCBrowser
Clé trouvée:  HKLM\SOFTWARE\UCBrowserPID
Clé trouvée:  HKLM\SOFTWARE\Maoha
Clé trouvée:  HKLM\SOFTWARE\Microleaves
Clé trouvée:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{438465C5-D78D-4958-B31D-60374B5042F4}
Clé trouvée:  [x64] HKCU\Software\Installer
Clé trouvée:  [x64] HKCU\Software\MICROSOFT\OTUT
Clé trouvée:  [x64] HKCU\Software\UCBrowser
Clé trouvée:  [x64] HKCU\Software\UCBrowserPID
Clé trouvée:  [x64] HKCU\Software\SNDA
Clé trouvée:  [x64] HKCU\Software\Maoha
Clé trouvée:  [x64] HKLM\SOFTWARE\HDWallpaper
Clé trouvée:  [x64] HKLM\SOFTWARE\Microleaves
Clé trouvée:  HKU\S-1-5-21-1366686288-1612349774-1125130407-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé trouvée:  HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé trouvée:  [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé trouvée:  HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
Clé trouvée:  HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com
Clé trouvée:  HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
Clé trouvée:  HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
Clé trouvée:  HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
Clé trouvée:  HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
Clé trouvée:  HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
Clé trouvée:  HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
Clé trouvée:  [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
Clé trouvée:  [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.c
Clé trouvée:  [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.c
Clé trouvée:  [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
Clé trouvée:  [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
Clé trouvée:  [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
Clé trouvée:  [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
Clé trouvée:  [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
Valeur trouvée:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Clé trouvée:  HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Clé trouvée:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\smu.exe
Clé trouvée:  HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Clé trouvée:  HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC}
Clé trouvée:  HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1}
Clé trouvée:  HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp
Clé trouvée:  HKLM\SOFTWARE\Clients\StartMenuInternet\UCBrowser
Clé trouvée:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\UCBrowser.exe
Valeur trouvée:  HKLM\SOFTWARE\RegisteredApplications [UCBrowser]
Clé trouvée:  HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe
Valeur trouvée:  HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [kuaizipupdatesvc]
Clé trouvée:  HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
Clé trouvée:  HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\


KuaiZipShlExt
Clé trouvée:  HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\


KuaiZipShlExt
Clé trouvée:  HKLM\SOFTWARE\Classes\AppID\QZipShell.DLL
Clé trouvée:  HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
Clé trouvée:  [x64] HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn


***** [ Navigateurs web ] *****

Aucune préférence Firefox malveillante trouvée.
Chromium préf trouvée:  [C:\Users\Morgane\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Secure Preferences] - hxxp://www.trotux.com/?z=4c22825eedf65ef1d62d5a4g7zfmdtfq3wdtcqdg5z&from=isr2&uid=TOSHIBAXMQ01ABD100_661O
Chromium préf trouvée:  [C:\Users\Morgane\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Secure Preferences ] - chfdnecihphmhljaaejmgoiahnihplgn
Chromium préf trouvée:  [C:\Users\Morgane\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Secure Preferences ] - jlcgehabolcakkjhgmgpkagpolbjlhfa
Chromium préf trouvée:  [C:\Users\Morgane\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Secure Preferences ] - hxxp://www.trotux.com/?z=4c22825eedf65ef1d62d5a4g7zfmdtfq3wdtcqdg5z&from=isr2&uid=TOSHIBAXMQ01ABD100_661

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [19179 octets] - [20/11/2016 19:35:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19254 octets] ##########