~ ZHPDiag v2017.2.2.22 Par Nicolas Coolman (2017/02/02)
~ Démarré par User (Administrator)  (2017/02/04 14:11:12)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version:  Version OK
~ Mode: Scanner
~ Rapport: C:\Users\User\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\User\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Démarrage du système: Normal (Normal boot)
Windows Seven Black Edition, 32-bit Service Pack 1 (Build 7601)  =>.Microsoft Corporation

---\\ Navigateurs Internet (3) - 0s
~ GCIE: Google Chrome v55.0.2883.87
~ MFIE: Mozilla Firefox 49.0.1 (x86 fr)
~ MSIE: Internet Explorer v9.0.8112.16421

---\\ Informations sur les produits Windows (10) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7TP9F
Windows License : OK
~ Windows Remaining Initializations Number :  4
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection (1) - 0s
Kaspersky Internet Security v15.0.2.361 (Protection)

---\\ Surveillance de Logiciels (2) - 0s
~ Adobe Flash Player 24 PPAPI (Surveillance)
~ Adobe Acrobat Reader DC - Français (Surveillance)

---\\ Logiciels de partage P2P (1) - 0s
~ µTorrent v3.4.9.43295 (P2P)

---\\ Informations sur le système (6) - 0s
~ Operating System: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System:  32-bit 
~ Boot mode: Normal (Normal boot)
Total RAM: 2087.224 MB (60% free) : OK  =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 25 GB (%) free of 125 GB : OK  =>.Disk Space

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: USER-PC
~ User Name: User
~ Logged in as Administrator

---\\ Enumération des unités disques (2) - 6s
~ Drive C: has 25 GB free of 125 GB  (System)
~ Drive D: has 138 GB free of 179 GB

---\\ Etat du Centre de Sécurité Windows (10) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Recherche particulière de fichiers génériques (25) - 1s
[MD5.40D777B7A95E00593EB1568C68514493] - 03/06/2015 - (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\Explorer.exe [327296]  =>.Microsoft Corporation
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - 03/06/2015 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [327296]  =>.Microsoft Corporation
[MD5.B5C5DCAD3899512020D135600129D665] - 03/06/2015 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\System32\Wininit.exe [327296]  =>.Microsoft Corporation
[MD5.61D9AD9E55D7A1E10C0EF701ADE1C486] - 03/06/2015 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [327296]  =>.Microsoft Corporation
[MD5.6D13E1406F50C66E2A95D97F22C47560] - 03/06/2015 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\Windows\System32\Winlogon.exe [327296]  =>.Microsoft Corporation
[MD5.E3AE23569749DE12D45BA3B489A036AE] - 03/06/2015 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\Windows\System32\sppcomapi.dll [327296]  =>.Microsoft Corporation
[MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 03/06/2015 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\System32\dnsapi.dll [327296]  =>.Microsoft Corporation
[MD5.129F80D7868E30DF3E3DE33A1D3132B4] - 03/06/2015 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [327296]  =>.Microsoft Corporation
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - 03/06/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [327296]  =>.Microsoft Corporation
[MD5.338C86357871C167A96AB976519BF59E] - 03/06/2015 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [327296]  =>.Microsoft Windows®
[MD5.77EA11B065E0A8AB902D78145CA51E10] - 03/06/2015 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [327296]  =>.Microsoft Corporation
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - 03/06/2015 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [327296]  =>.Microsoft Corporation
[MD5.F024449C97EC1E464AAFFDA18593DB88] - 03/06/2015 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [327296]  =>.Microsoft Corporation
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - 03/06/2015 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [327296]  =>.Microsoft Corporation
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - 03/06/2015 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [327296]  =>.Microsoft Corporation
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - 03/06/2015 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [327296]  =>.Microsoft Corporation
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - 03/06/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [327296]  =>.Microsoft Corporation
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - 03/06/2015 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [327296]  =>.Microsoft Corporation
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - 03/06/2015 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [327296]  =>.Microsoft Windows®
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - 03/06/2015 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\Windows\System32\drivers\Parport.sys [327296]  =>.Microsoft Corporation
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - 03/06/2015 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [327296]  =>.Microsoft Corporation
[MD5.B973FCFC50DC1434E1970A146F7E3885] - 03/06/2015 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [327296]  =>.Microsoft Corporation
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - 03/06/2015 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [327296]  =>.Microsoft Corporation
[MD5.B459575348C20E8121D6039DA063C704] - 03/06/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [327296]  =>.Microsoft Corporation
[MD5.F497F67932C6FA693D7DE2780631CFE7] - 03/06/2015 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\drivers\volsnap.sys [327296]  =>.Microsoft Windows®

---\\ Liste des services NT non Microsoft et non désactivés (4) - 1s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe  =>.Adobe Systems, Incorporated®
O23 - Service: Kaspersky Anti-Virus Service 15.0.2 (AVP15.0.2) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe  =>.Kaspersky Lab®
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe  =>.Google Inc®
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe  =>.Skype Software Sarl®

---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (7) - 14s
SR - Auto   [03/06/2015] [  327296]  Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe  =>.Adobe Systems, Incorporated®
SS - Demand [03/06/2015] [  327296]  Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe  =>.Adobe Systems Incorporated®
SS - Auto   [03/06/2015] [  327296]  Kaspersky Anti-Virus Service 15.0.2 (AVP15.0.2) . (.Kaspersky Lab ZAO.) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe  =>.Kaspersky Lab®
SS - Auto   [03/06/2015] [  327296]  Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe  =>.Google Inc®
SS - Demand [03/06/2015] [  327296]  Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe  =>.Google Inc®
SS - Demand [03/06/2015] [  327296]  Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe  =>.Mozilla Corporation®
SS - Auto   [03/06/2015] [  327296]  Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe  =>.Skype Software Sarl®

---\\ Tâches planifiées en automatique (26) - 6s
[MD5.A0747D9A94EDFD251ED8E6556E70BA37] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe   [327296] (.Activate.)  =>.Adobe Systems, Incorporated®
[MD5.3EB66B37B5DB00216E9711F3C5881100] [APT] [Adobe Flash Player PPAPI Notifier] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe   [327296] (.Activate.)  =>.Adobe Systems Incorporated®
[MD5.1EEC35CD4B215AF8C217084EDC629532] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe   [327296] (.Activate.)  =>.Adobe Systems Incorporated®
[MD5.00000000000000000000000000000000] [APT] [avast! Emergency Update] (...) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe (.not file.)   [327296] (.Activate.)
[MD5.B952D16834D9E551D3733E05261F9773] [APT] [Berbkfuqight Log] (.Glarysoft Ltd.) -- C:\Program Files\Lcophtergo\ckeay.exe   [327296] (.Activate.)  =>.Glarysoft LTD®
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-1778553410-3485427285-3704934836-1000Core] (.Facebook Inc..) -- C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe   [327296] (.Activate.)  =>.Facebook, Inc.®
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-1778553410-3485427285-3704934836-1000UA] (.Facebook Inc..) -- C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe   [327296] (.Activate.)  =>.Facebook, Inc.®
[MD5.A8FD9222E4D72596BB37DA8BE95C0BA4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe   [327296] (.Activate.)  =>.Google Inc®
[MD5.A8FD9222E4D72596BB37DA8BE95C0BA4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe   [327296] (.Activate.)  =>.Google Inc®
[MD5.443E13846997C537E8F5ED61130AB705] [APT] [{6735975C-22D9-4951-90D8-0F159C47B12D}] (...) -- C:\Program Files\GameSpy Arcade\UNWISE.EXE   [327296] (.Activate.)
[MD5.00000000000000000000000000000000] [APT] [{F97ABAFA-3646-40AB-A358-60950C16E73B}] (...) -- C:\Program Files\YouTube Accelerator\YTAUninstall.exe (.not file.)   [327296] (.Activate.)  =>.Superfluous.Goobzo
O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job  [327296]   =>.Adobe Systems Incorporated®
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job  [327296]   =>.Adobe Systems Incorporated®
O39 - APT: FacebookUpdateTaskUserS-1-5-21-1778553410-3485427285-3704934836-1000Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1778553410-3485427285-3704934836-1000Core.job  [327296]   =>.Facebook, Inc.®
O39 - APT: FacebookUpdateTaskUserS-1-5-21-1778553410-3485427285-3704934836-1000UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1778553410-3485427285-3704934836-1000UA.job  [327296]   =>.Facebook, Inc.®
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task  [327296]   =>.Adobe Systems, Incorporated®
O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier  [327296]   =>.Adobe Systems Incorporated®
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater  [327296]   =>.Adobe Systems Incorporated®
O39 - APT: avast! Emergency Update - (...) -- C:\Windows\System32\Tasks\avast! Emergency Update  [327296]  (.Orphan.)  =>.Superfluous.Orphan
O39 - APT: Berbkfuqight Log - (.Glarysoft Ltd.) -- C:\Windows\System32\Tasks\Berbkfuqight Log  [327296]   =>.Glarysoft LTD®
O39 - APT: FacebookUpdateTaskUserS-1-5-21-1778553410-3485427285-3704934836-1000Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1778553410-3485427285-3704934836-1000Core  [327296]   =>.Facebook, Inc.®
O39 - APT: FacebookUpdateTaskUserS-1-5-21-1778553410-3485427285-3704934836-1000UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1778553410-3485427285-3704934836-1000UA  [327296]   =>.Facebook, Inc.®
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore  [327296]   =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA  [327296]   =>.Google Inc®
O39 - APT: {6735975C-22D9-4951-90D8-0F159C47B12D} - (...) -- C:\Windows\System32\Tasks\{6735975C-22D9-4951-90D8-0F159C47B12D}  [327296] 
O39 - APT: {F97ABAFA-3646-40AB-A358-60950C16E73B} - (...) -- C:\Windows\System32\Tasks\{F97ABAFA-3646-40AB-A358-60950C16E73B}  [327296]  (.Orphan.)  =>.Superfluous.Goobzo

---\\ Applications lancées au démarrage du système (16) - 0s
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe  =>.Intel Corporation®
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe  =>.Intel Corporation®
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe  =>.Intel Corporation®
O4 - HKLM\..\Run: [app] . (...) -- C:\Program Files\hhh\uc.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (.not file.)
O4 - HKCU\..\Run: [svchost0] . (...) -- C:\Program Files\hhh\uc.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe  =>.BitTorrent Inc®
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1778553410-3485427285-3704934836-1000\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (.not file.)
O4 - HKUS\S-1-5-21-1778553410-3485427285-3704934836-1000\..\Run: [svchost0] . (...) -- C:\Program Files\hhh\uc.exe
O4 - HKUS\S-1-5-21-1778553410-3485427285-3704934836-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe  =>.BitTorrent Inc®

---\\ Processus lancés (8) - 1s
[MD5.B932E0EE190778D840F1442DFC0F9612] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [82640] [PID.1608]  =>.Adobe Systems, Incorporated®
[MD5.FE40EC349D80C0ED24A5808DCFE9A0D2] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files\Google\Update\1.3.32.7\GoogleCrashHandler.exe [288920] [PID.1852]  =>.Google Inc®
[MD5.004763BDF8E48244DBB9FDFDE3065EBC] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.1884]  =>.Intel Corporation®
[MD5.CD1102E5D340216138C7F56FA8D26998] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.1972]  =>.Intel Corporation®
[MD5.24AB39903A9AC925C8BFD43548C491DA] - (...) -- C:\Program Files\hhh\uc.exe [163934] [PID.324]
[MD5.24AB39903A9AC925C8BFD43548C491DA] - (...) -- C:\Program Files\hhh\uc.exe [163934] [PID.2008]
[MD5.D9C51528488EA0D98D3C4D02ABD16759] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\System32\igfxsrvc.exe [252952] [PID.2400]  =>.Intel Corporation®
[MD5.20C09BC45ED975B7773E4E513FB4E448] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\User\AppData\Roaming\ZHP\ZHPDiag3.exe [2659840] [PID.2408]  =>.Nicolas Coolman

---\\ Google Chrome, Démarrage,Recherche,Extensions (5) - 0s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://typherosdpwl.ru
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.trotux.com/  =>.Superfluous.Trotux
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] 
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] 
G2 - GCE: Preference [User Data\Default] [nneajnkjbffgblleaoojgaacokifdkhm] __MSG_extname__

---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (18) - 1s
M0 - MFSP: prefs.js [User - avue6qjc.default] http://www.trotux.com/  =>.Superfluous.Trotux
P2 - EXT: (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL  =>.Microsoft Corporation®
P2 - EXT: (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll  =>.Adobe Systems, Incorporated®
P2 - EXT: (.Adobe Inc. - Acrobate Reader.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.FRA  =>.Adobe Inc.
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\avue6qjc.default\searchplugins\43v7mg5m.xml
P2 - EXT: (.Amazon Corporation.) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazon-france.xml  =>.Amazon Corporation
P2 - EXT: (.Bing.com.) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml  =>.Bing.com
P2 - EXT: (.TLFi.) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml  =>.TLFi
P2 - EXT: (.eBay.) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay-france.xml  =>.eBay
P2 - EXT: (.Google Inc..) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml  =>.Google Inc.
P2 - EXT: (.Wikipedia.) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml  =>.Wikipedia
P2 - EXT: (.Yahoo! Inc..) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo-france.xml  =>.Yahoo! Inc.
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}  =>.Mozilla
P2 - EXT: (.LC - Fast search.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\avue6qjc.default\extensions\amcontextmenu@loucypher
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_24_0_0_194.dll  =>.Adobe Systems Incorporated
P2 - FPN: [HKLM] [@kaspersky.com/content_blocker_663BE8] - (.kaspersky.com.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com  =>.kaspersky.com
P2 - FPN: [HKLM] [@kaspersky.com/online_banking_08806E] - (.kaspersky.com.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com  =>.kaspersky.com
P2 - FPN: [HKLM] [@kaspersky.com/virtual_keyboard_074028] - (.kaspersky.com.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com  =>.kaspersky.com

---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (11) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank  =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank  =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://startpage.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank  =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://startpage.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://startpage.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab  =>.Microsoft Corporation
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan  =>.Microsoft Internet Explorer

---\\ Internet Explorer,Proxy Management (5) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies []

---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.)  =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)  =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.)  =>.Microsoft Corporation

---\\ Etude du fichier hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (25)

---\\ Browser Helper Object de navigateur (BHO) (7) - 0s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (...) -- C:\Program Files\Internet Download Manager\IDMIECC.dll (.not file.)
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Plus Web Player HTML5 <video> version.) -- C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll  =>.DivX, LLC®
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} . (.Kaspersky Lab ZAO - Cumulative module contains VK, CB and OB pl.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll  =>.Kaspersky Lab®
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (...) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (.not file.)
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} . (.Kaspersky Lab ZAO - Cumulative module contains VK, CB and OB pl.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll  =>.Kaspersky Lab®
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} . (.Kaspersky Lab ZAO - Cumulative module contains VK, CB and OB pl.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll  =>.Kaspersky Lab®
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll  =>.Skype Software Sarl®

---\\ Raccourcis Global Startup (69) - 3s
O4 - GS\Desktop [Administrateur]: Protection bancaire.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe -safebanking   =>.Kaspersky Lab®
O4 - GS\Desktop [Administrateur]: Téléchargements.lnk . (...) C:\Users\User\Downloads  
O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\User\AppData\Roaming\ZHP\ZHPDiag3.exe    =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe    =>.Google Inc®
O4 - GS\Quicklaunch [Administrateur]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe http://9o0gle.com   =>Hijacker.Browser
O4 - GS\Quicklaunch [Administrateur]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe    =>.BitTorrent Inc®
O4 - GS\sendTo [Administrateur]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo   =>.Microsoft Corporation
O4 - GS\sendTo [Administrateur]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe    =>.Free Time
O4 - GS\sendTo [Administrateur]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files\Skype\Phone\Skype.exe /sendto:   =>.Skype Software Sarl®
O4 - GS\sendTo [Administrateur]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe    =>.Microsoft Corporation
O4 - GS\TaskBar [Administrateur]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe    =>.Free Time
O4 - GS\TaskBar [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe    =>.Google Inc®
O4 - GS\TaskBar [Administrateur]: On-Screen Keyboard.lnk . (.Microsoft Corporation - Accessibilité au Clavier visuel.) C:\Windows\system32\osk.exe    =>.Microsoft Corporation
O4 - GS\TaskBar [Administrateur]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) C:\Windows\explorer.exe    =>.Microsoft Corporation
O4 - GS\Desktop [User]: Protection bancaire.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe -safebanking   =>.Kaspersky Lab®
O4 - GS\Desktop [User]: Téléchargements.lnk . (...) C:\Users\User\Downloads  
O4 - GS\Desktop [User]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\User\AppData\Roaming\ZHP\ZHPDiag3.exe    =>.Nicolas Coolman
O4 - GS\Quicklaunch [User]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe    =>.Google Inc®
O4 - GS\Quicklaunch [User]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe http://9o0gle.com   =>Hijacker.Browser
O4 - GS\Quicklaunch [User]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe    =>.BitTorrent Inc®
O4 - GS\sendTo [User]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo   =>.Microsoft Corporation
O4 - GS\sendTo [User]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe    =>.Free Time
O4 - GS\sendTo [User]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files\Skype\Phone\Skype.exe /sendto:   =>.Skype Software Sarl®
O4 - GS\sendTo [User]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe    =>.Microsoft Corporation
O4 - GS\TaskBar [User]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe    =>.Free Time
O4 - GS\TaskBar [User]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe    =>.Google Inc®
O4 - GS\TaskBar [User]: On-Screen Keyboard.lnk . (.Microsoft Corporation - Accessibilité au Clavier visuel.) C:\Windows\system32\osk.exe    =>.Microsoft Corporation
O4 - GS\TaskBar [User]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) C:\Windows\explorer.exe    =>.Microsoft Corporation
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe    =>.Google Inc®
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files\VideoLAN\VLC\vlc.exe    =>.VideoLAN®
O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) C:\Windows\system32\cmd.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) C:\Windows\system32\notepad.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) C:\Windows\explorer.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk . (...) C:\Users\User\AppData\Roaming\HPWriter\WrStar.exe 3 0 
O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) C:\Windows\system32\eudcedit.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Bluetooth File Transfer Wizard.lnk . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) C:\Windows\system32\calc.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.) C:\Windows\system32\displayswitch.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.) C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) C:\Windows\system32\mblctr.exe /open   =>.Microsoft Corporation
O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.) C:\Windows\system32\NetProj.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) C:\Windows\system32\mstsc.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) C:\Windows\system32\SnippingTool.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) C:\Windows\system32\SoundRecorder.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) C:\Windows\system32\StikyNot.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\Windows\System32\mobsync.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) C:\Windows\system32\rundll32.exe %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut   =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) C:\Program Files\Windows NT\Accessories\wordpad.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) C:\Windows\system32\charmap.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) C:\Windows\system32\dfrgui.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) C:\Windows\system32\cleanmgr.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.) C:\Windows\system32\perfmon.exe /res   =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) C:\Windows\system32\msinfo32.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) C:\Windows\system32\rstrui.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc /s   =>..Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.) C:\Windows\system32\migwiz\postmig.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.) C:\Windows\system32\migwiz\migwiz.exe    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Acrobat Reader DC.lnk . (.Flexera Software LLC - InstallShield.) C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico    =>.Flexera Software LLC
O4 - GS\ProgramsCommon [Public]: Adobe Download Assistant.lnk . (...) D:\Program Files\Adobe Download Assistant\Adobe Download Assistant.exe  
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe    =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) C:\Windows\ehome\ehshell.exe    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Prezi Desktop.lnk . (...) C:\Program Files\Prezi\Prezi.exe  
O4 - GS\ProgramsCommon [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.) C:\Program Files\Windows Sidebar\sidebar.exe /showgadgets   =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise à niveau expr.) C:\Windows\system32\WindowsAnytimeUpgradeUI.exe    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - Création de DVD Windows.) C:\Program Files\DVD Maker\DVDMaker.exe    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1   =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) C:\Windows\system32\xpsrchvw.exe    =>.Microsoft Corporation

---\\ Modification Domaine/Adresses DNS (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\..\{1FD47D87-9576-4DAC-9839-701F4CA53C3B}: NameServer = 46.17.97.89,8.8.8.8  =>.Google Inc
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8E97FAC-1F9E-410E-847F-0E9A73877230}: DhcpNameServer = 192.168.1.1  =>.Local IP Adress

---\\ Protocole additionnel (23) - 0s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll  =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll  =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll  =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll  =>.Microsoft Corporation®
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll  =>.Microsoft Corporation
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll  =>.Skype Software Sarl®
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll  =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation®
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation®
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL  =>.Microsoft Corporation®

---\\ Logiciels installés (28) - 8s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent  =>.BitTorrent Inc®
O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {19687AD5-7E54-4C5E-A796-125C95079C1D}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR  =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM] -- {B8B7838E-449E-B187-57E1-1AA686F225DC}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.downloadassistant.AdobeDownloadAssistant  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Flash Player 24 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI  =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 24 PPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player PPAPI  =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824211354}  =>.Adobe Systems Incorporated
O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup  =>.DivX, LLC®
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}  =>.Skype Limited
O42 - Logiciel: FormatFactory 3.3.5.0 - (.Format Factory.) [HKLM] -- FormatFactory  =>.Format Factory
O42 - Logiciel: GameSpy Arcade - (..) [HKLM] -- GameSpy Arcade
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome  =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}  =>.Google Inc.
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI  =>.Intel Corporation®
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM] -- {02FECEE0-16B2-43DB-BC3B-C844477FC142}  =>.Kaspersky Lab
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM] -- InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}  =>.Kaspersky Lab
O42 - Logiciel: Mozilla Firefox 49.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 49.0.1 (x86 fr)  =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService  =>.Mozilla
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}  =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}  =>.Microsoft Corporation
O42 - Logiciel: MSXML4 Parser - (.Microsoft Game Studios.) [HKLM] -- {01501EBA-EC35-4F9F-8889-3BE346E5DA13}  =>.Microsoft Game Studios
O42 - Logiciel: Prezi - (..) [HKLM] -- {63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}  =>.Microsoft Corporation
O42 - Logiciel: Skype™ 7.6 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}  =>.Skype Technologies S.A.
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player  =>.VideoLAN
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver  =>.win.rar GmbH

---\\ HKCU & HKLM Software Keys (111) - 8s
HKLM\SOFTWARE\360Safe  =>.Qihu 360 Software Co., LTD
HKLM\SOFTWARE\Adobe  =>.Adobe
HKLM\SOFTWARE\AdwCleaner  =>.Malwarebytes
HKLM\SOFTWARE\App Lid-nv  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\AppDataLow  =>.Microsoft Corporation
HKLM\SOFTWARE\ATI Technologies  =>.ATI Technologies
HKLM\SOFTWARE\AVAST Software  =>.AVAST Software
HKLM\SOFTWARE\AviSynth  =>.Ben Rudiak-Gold
HKLM\SOFTWARE\C07ft5Y  =>.Total War Game
HKLM\SOFTWARE\Chromium  =>.Chromium
HKLM\SOFTWARE\COMODO  =>.COMODO
HKLM\SOFTWARE\ComodoGroup  =>.ComodoGroup
HKLM\SOFTWARE\Cygwin  =>.Cygwin
HKLM\SOFTWARE\Derjasy
HKLM\SOFTWARE\DivX  =>.DivX Inc.
HKLM\SOFTWARE\DivXNetworks  =>.DivXNetworks
HKLM\SOFTWARE\Electronic Arts  =>.Electronic Arts
HKLM\SOFTWARE\ESET  =>.ESET
HKLM\SOFTWARE\F4F63CF0ED3F1CCF9170B7299A2B1CBC  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\GNU  =>.GNU
HKLM\SOFTWARE\Google  =>.Google
HKLM\SOFTWARE\HaaliMkx  =>.Haali Media
HKLM\SOFTWARE\HPWriter
HKLM\SOFTWARE\IM Providers  =>.IM Providers
HKLM\SOFTWARE\Intel  =>.Intel
HKLM\SOFTWARE\Internet Download Manager  =>.Tonec Inc
HKLM\SOFTWARE\JavaSoft  =>.JavaSoft
HKLM\SOFTWARE\jhtrsq
HKLM\SOFTWARE\JreMetrics  =>.JreMetrics
HKLM\SOFTWARE\KasperskyLab  =>.Kaspersky Labs
HKLM\SOFTWARE\ldssrv
HKLM\SOFTWARE\Licenses  =>.Microsoft Corporation
HKLM\SOFTWARE\LiveUpdate360  =>.Qihu 360 Software Co., LTD
HKLM\SOFTWARE\Macromedia  =>.Macromedia
HKLM\SOFTWARE\McAfee.com  =>.McAfee Inc.
HKLM\SOFTWARE\mcafeeupdater  =>.McAfee Inc.
HKLM\SOFTWARE\Mozilla  =>.Mozilla
HKLM\SOFTWARE\mozilla.org  =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugin  =>.MozillaPlugin
HKLM\SOFTWARE\MozillaPlugins  =>.MozillaPlugins
HKLM\SOFTWARE\ODBC  =>.DB Connectivity Solutions
HKLM\SOFTWARE\Plabiytnugh
HKLM\SOFTWARE\QiLu Inc.  =>.QiLu Inc.
HKLM\SOFTWARE\RegisteredApplications  =>.Microsoft Corporation
HKLM\SOFTWARE\Riot Games  =>.Riot Games
HKLM\SOFTWARE\SAMSUNG  =>.Samsung Electronics
HKLM\SOFTWARE\Skype  =>.Skype
HKLM\SOFTWARE\Software  =>.Unknow
HKLM\SOFTWARE\Sonic  =>.Sonic
HKLM\SOFTWARE\SrpnFiles  =>.Superfluous.SpringFiles
HKLM\SOFTWARE\trotuxSoftware  =>.Superfluous.Trotux
HKLM\SOFTWARE\UCBrowser  =>.UCWeb Inc.
HKLM\SOFTWARE\UCBrowserPID  =>.UCWeb Inc.
HKLM\SOFTWARE\VideoLAN  =>.VideoLAN
HKLM\SOFTWARE\Windows  =>.Microsoft Corporation
HKLM\SOFTWARE\WinRAR  =>.WinRAR
HKLM\SOFTWARE\Wow6432Node  =>.Microsoft Corporation
HKCU\SOFTWARE\Adobe  =>.Adobe
HKCU\SOFTWARE\AI_RecycleBin  =>.Legitimate
HKCU\SOFTWARE\App Lid-nv  =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow  =>.Microsoft Corporation
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\BugSplat  =>.Bugsplat Game
HKCU\SOFTWARE\Chromium  =>.Chromium
HKCU\SOFTWARE\Cygwin  =>.Cygwin
HKCU\SOFTWARE\DivX  =>.DivX Inc.
HKCU\SOFTWARE\DivXNetworks  =>.DivXNetworks
HKCU\SOFTWARE\dlr
HKCU\SOFTWARE\DownloadManager  =>.DownloadManager
HKCU\SOFTWARE\EA Games  =>.EA Games
HKCU\SOFTWARE\ESET  =>.ESET
HKCU\SOFTWARE\F4F63CF0ED3F1CCF9170B7299A2B1CBC  =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Facebook  =>.Facebook
HKCU\SOFTWARE\FreeTime  =>.FreeTime Inc
HKCU\SOFTWARE\Gabest  =>.Gabest
HKCU\SOFTWARE\GameSpy  =>.GameSpy
HKCU\SOFTWARE\GNU  =>.GNU
HKCU\SOFTWARE\Google  =>.Google
HKCU\SOFTWARE\Haali  =>.Haali Media
HKCU\SOFTWARE\IM  =>Adware.InstallCore
HKCU\SOFTWARE\IM Providers  =>.IM Providers
HKCU\SOFTWARE\Installer
HKCU\SOFTWARE\Intel  =>.Intel
HKCU\SOFTWARE\KasperskyLab  =>.Kaspersky Labs
HKCU\SOFTWARE\KasperskyLabSetup  =>.Kaspersky Labs
HKCU\SOFTWARE\Logitech  =>.Logitech
HKCU\SOFTWARE\Ludashi  =>PUP.Optional.Ludashi
HKCU\SOFTWARE\Macromedia  =>.Macromedia
HKCU\SOFTWARE\Magicbit  =>.Superfluous.Magicbit
HKCU\SOFTWARE\MainConcept  =>.MainConcept AG
HKCU\SOFTWARE\MCAFEE  =>.McAfee Inc.
HKCU\SOFTWARE\Mozilla  =>.Mozilla
HKCU\SOFTWARE\MozillaPlugins  =>.MozillaPlugins
HKCU\SOFTWARE\Netscape  =>.Netscape
HKCU\SOFTWARE\ODBC  =>.DB Connectivity Solutions
HKCU\SOFTWARE\PopWnd  =>.Lenovo Group Limited
HKCU\SOFTWARE\PremierDownloadManager  =>.Superfluous.MindSpark
HKCU\SOFTWARE\QiLu Inc.  =>.QiLu Inc.
HKCU\SOFTWARE\Samsung  =>.Samsung Electronics
HKCU\SOFTWARE\skype  =>.Skype
HKCU\SOFTWARE\SkypeRS  =>.Skype Technologies
HKCU\SOFTWARE\SNDA  =>.SNDA Software
HKCU\SOFTWARE\SrpnFiles  =>.Superfluous.SpringFiles
HKCU\SOFTWARE\UCBrowserPID  =>.UCWeb Inc.
HKCU\SOFTWARE\UpgSvr
HKCU\SOFTWARE\VSRevoGroup  =>.VS Revo Group
HKCU\SOFTWARE\WebApp  =>.Superfluous.Downloader
HKCU\SOFTWARE\WinRAR  =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX  =>.RarLab
HKCU\SOFTWARE\ZHP  =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software  =>.Microsoft Corporation

---\\ Contenu des dossiers Programmes (179) - 10s
O43 - CFD: 21/10/2016 - [0] D -- C:\Program Files\360  =>.Qihu 360 Software
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Adobe  =>.Adobe Systems Incorporated®
O43 - CFD: 26/10/2016 - [] D -- C:\Program Files\Common Files  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\DivX  =>.DivX
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\DVD Maker  =>.Aone Software
O43 - CFD: 01/12/2013 - [0] SHD -- C:\Program Files\Fichiers communs  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\FreeTime  =>.FreeTime
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\GameSpy Arcade  =>.GameSpy Industries
O43 - CFD: 26/11/2016 - [] D -- C:\Program Files\Google  =>.Google Inc®
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Grretionanhiing  =>.Glarysoft LTD®
O43 - CFD: 21/10/2016 - [0] D -- C:\Program Files\GUMD975.tmp
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\hhh
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Internet Explorer  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Kaspersky Lab  =>.Kaspersky Lab
O43 - CFD: 25/10/2016 - [] D -- C:\Program Files\Lcophtergo  =>.Glarysoft LTD®
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Microsoft Office  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Microsoft Visual Studio  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Microsoft Visual Studio 8  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Microsoft Works  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Microsoft.NET  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Mozilla Firefox  =>.Mozilla
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Mozilla Maintenance Service  =>.Mozilla
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\MSBuild  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [0] D -- C:\Program Files\MSXML 4.0  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [0] D -- C:\Program Files\MyFree Codec  =>.ENJsoft Inc/Samsung
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Prezi
O43 - CFD: 04/02/2017 - [] D -- C:\Program Files\RAR Password Unlocker  =>.DNSoft
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Reference Assemblies  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Samsung  =>.Samsung Electronics
O43 - CFD: 21/10/2016 - [] RD -- C:\Program Files\Skype  =>.Skype
O43 - CFD: 21/10/2016 - [0] HD -- C:\Program Files\Uninstall Information  =>.Microsoft Corporation
O43 - CFD: 04/02/2017 - [] D -- C:\Program Files\USB Disk Security  =>.FlashPeak Inc
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\VideoLAN  =>.VideoLan Team
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Windows Defender  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Windows Journal  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Windows NT  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Windows Photo Viewer  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Windows Portable Devices  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Windows Sidebar  =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\WinRAR  =>.WinRAR
O43 - CFD: 22/04/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories  =>.Microsoft Corporation
O43 - CFD: 01/12/2013 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools  =>.Administrative Tools
O43 - CFD: 24/02/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo  =>.Comodo
O43 - CFD: 01/12/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus  =>.DivX Inc.
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games  =>.Microsoft Corporation
O43 - CFD: 03/07/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade  =>.GameSpy Industries
O43 - CFD: 18/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security  =>.Kaspersky Lab
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance  =>.Microsoft Corporation
O43 - CFD: 01/12/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office  =>.Microsoft Corporation
O43 - CFD: 30/09/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype  =>.Skype
O43 - CFD: 08/12/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC  =>.Wacom Technology
O43 - CFD: 11/09/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN  =>.VideoLan Team
O43 - CFD: 01/12/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR  =>.WinRAR
O43 - CFD: 20/10/2014 - [] SHD -- C:\ProgramData\360Quarant  =>.Qihu 360 Software Co., LTD
O43 - CFD: 21/03/2016 - [] D -- C:\ProgramData\Adobe  =>.Adobe
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data  =>.Microsoft Corporation
O43 - CFD: 15/03/2016 - [] D -- C:\ProgramData\AVAST Software  =>.AVAST Software
O43 - CFD: 21/10/2016 - [] D -- C:\ProgramData\Avg  =>.AVG Software
O43 - CFD: 21/10/2016 - [] D -- C:\ProgramData\Avira  =>.Avira Software
O43 - CFD: 01/12/2013 - [0] SHD -- C:\ProgramData\Bureau  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop  =>.Microsoft Corporation
O43 - CFD: 01/12/2013 - [] D -- C:\ProgramData\DivX  =>.DivX
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents  =>.Microsoft Corporation
O43 - CFD: 01/12/2013 - [0] SHD -- C:\ProgramData\Favoris  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites  =>.Microsoft Corporation
O43 - CFD: 02/09/2014 - [0] D -- C:\ProgramData\IDM  =>.IDM
O43 - CFD: 04/02/2017 - [] D -- C:\ProgramData\Kaspersky Lab  =>.Kaspersky Lab
O43 - CFD: 19/06/2016 - [] D -- C:\ProgramData\Kaspersky Lab Setup Files  =>.Kaspersky Lab
O43 - CFD: 03/07/2014 - [] D -- C:\ProgramData\McAfee  =>.McAfee
O43 - CFD: 01/12/2013 - [0] SHD -- C:\ProgramData\Menu Démarrer  =>.Microsoft Corporation
O43 - CFD: 24/02/2015 - [] SD -- C:\ProgramData\Microsoft  =>.Microsoft Corporation
O43 - CFD: 01/12/2013 - [] D -- C:\ProgramData\Microsoft Help  =>.Microsoft Corporation
O43 - CFD: 01/12/2013 - [0] SHD -- C:\ProgramData\Modèles  =>.Microsoft Corporation
O43 - CFD: 01/12/2013 - [] D -- C:\ProgramData\Mozilla  =>.Mozilla Corporation
O43 - CFD: 05/06/2016 - [] D -- C:\ProgramData\Riot Games  =>.Riot Games
O43 - CFD: 04/01/2015 - [] D -- C:\ProgramData\Samsung  =>.Samsung Electronics
O43 - CFD: 24/07/2015 - [] D -- C:\ProgramData\Skype  =>.Skype
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu  =>.Microsoft Corporation
O43 - CFD: 04/12/2014 - [0] AD -- C:\ProgramData\TEMP  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates  =>.Microsoft Corporation
O43 - CFD: 30/09/2016 - [] D -- C:\ProgramData\Thunder Network  =>.Thunder Network
O43 - CFD: 26/12/2015 - [] D -- C:\Program Files\Common Files\Adobe  =>.Adobe
O43 - CFD: 21/03/2016 - [] D -- C:\Program Files\Common Files\Adobe AIR  =>.Adobe Inc.
O43 - CFD: 27/10/2016 - [] D -- C:\Program Files\Common Files\AV  =>.Avast
O43 - CFD: 01/12/2013 - [] D -- C:\Program Files\Common Files\DESIGNER  =>.Designer
O43 - CFD: 01/12/2013 - [] D -- C:\Program Files\Common Files\DivX Shared  =>.DivX
O43 - CFD: 15/06/2015 - [] D -- C:\Program Files\Common Files\microsoft shared  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\Services  =>.Microsoft Corporation
O43 - CFD: 30/09/2014 - [] D -- C:\Program Files\Common Files\Skype  =>.Skype
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\SpeechEngines  =>.Microsoft Corporation
O43 - CFD: 20/07/2014 - [] D -- C:\Program Files\Common Files\System  =>.Microsoft Corporation
O43 - CFD: 21/03/2016 - [] D -- C:\Users\User\AppData\Roaming\Adobe  =>.Adobe
O43 - CFD: 25/03/2016 - [] D -- C:\Users\User\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant  =>.Adobe Inc.
O43 - CFD: 07/04/2016 - [] D -- C:\Users\User\AppData\Roaming\com.prezi.PreziDesktop
O43 - CFD: 06/07/2014 - [] D -- C:\Users\User\AppData\Roaming\DivX  =>.DivX
O43 - CFD: 15/03/2016 - [] D -- C:\Users\User\AppData\Roaming\DMCache  =>.DMCache
O43 - CFD: 29/12/2015 - [] D -- C:\Users\User\AppData\Roaming\dvdcss  =>.VideoLan Team
O43 - CFD: 24/02/2015 - [] D -- C:\Users\User\AppData\Roaming\ESET  =>.ESET
O43 - CFD: 30/09/2016 - [] D -- C:\Users\User\AppData\Roaming\Ghasetion
O43 - CFD: 27/10/2016 - [0] D -- C:\Users\User\AppData\Roaming\HPWriter
O43 - CFD: 01/12/2013 - [] D -- C:\Users\User\AppData\Roaming\Identities  =>.Microsoft Corporation
O43 - CFD: 05/01/2016 - [] D -- C:\Users\User\AppData\Roaming\IDM  =>.IDM
O43 - CFD: 21/10/2016 - [0] D -- C:\Users\User\AppData\Roaming\KuaiZip  =>.Superfluous.ShanghaiGuangle
O43 - CFD: 21/10/2016 - [] D -- C:\Users\User\AppData\Roaming\lockhomepage  =>PUP.Optional.LockHomepage
O43 - CFD: 16/06/2015 - [] D -- C:\Users\User\AppData\Roaming\LolClient  =>.LolClient
O43 - CFD: 21/10/2016 - [] D -- C:\Users\User\AppData\Roaming\Ludashi  =>PUP.Optional.Ludashi
O43 - CFD: 03/07/2014 - [] D -- C:\Users\User\AppData\Roaming\Macromedia  =>.Macromedia
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\User\AppData\Roaming\Media Center Programs  =>.Microsoft Corporation
O43 - CFD: 06/07/2015 - [] SD -- C:\Users\User\AppData\Roaming\Microsoft  =>.Microsoft Corporation
O43 - CFD: 03/07/2014 - [] D -- C:\Users\User\AppData\Roaming\Microsoft Games  =>.Microsoft Corporation
O43 - CFD: 01/12/2013 - [] D -- C:\Users\User\AppData\Roaming\Mozilla  =>.Mozilla Corporation
O43 - CFD: 09/12/2014 - [] D -- C:\Users\User\AppData\Roaming\PDManager  =>.Superfluous.MindSpark
O43 - CFD: 21/10/2016 - [] D -- C:\Users\User\AppData\Roaming\Profiles  =>.Microsoft Corporation
O43 - CFD: 05/06/2016 - [] D -- C:\Users\User\AppData\Roaming\Riot Games  =>.Riot Games
O43 - CFD: 04/01/2015 - [] D -- C:\Users\User\AppData\Roaming\Samsung  =>.Samsung Electronics
O43 - CFD: 24/07/2015 - [] D -- C:\Users\User\AppData\Roaming\Skype  =>.Skype
O43 - CFD: 21/10/2016 - [0] D -- C:\Users\User\AppData\Roaming\Softlink  =>.Softlink
O43 - CFD: 21/06/2016 - [0] D -- C:\Users\User\AppData\Roaming\SpringFiles  =>.Superfluous.SpringFiles
O43 - CFD: 25/10/2016 - [0] D -- C:\Users\User\AppData\Roaming\Sulutionatoicult
O43 - CFD: 04/02/2017 - [] D -- C:\Users\User\AppData\Roaming\uTorrent
O43 - CFD: 13/01/2017 - [] D -- C:\Users\User\AppData\Roaming\vlc  =>.VideoLan Team
O43 - CFD: 03/09/2014 - [] D -- C:\Users\User\AppData\Roaming\WinRAR  =>.WinRAR
O43 - CFD: 01/12/2013 - [] D -- C:\Users\User\AppData\Roaming\Zbshareware Lab  =>.Zbshareware Lab
O43 - CFD: 04/02/2017 - [] D -- C:\Users\User\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 20/12/2016 - [] D -- C:\Users\User\AppData\Local\Adobe  =>.Adobe
O43 - CFD: 01/12/2013 - [0] SHD -- C:\Users\User\AppData\Local\Application Data  =>.Microsoft Corporation
O43 - CFD: 26/11/2016 - [] D -- C:\Users\User\AppData\Local\Apps  =>.Microsoft Corporation
O43 - CFD: 26/12/2015 - [] D -- C:\Users\User\AppData\Local\CEF  =>.CEF
O43 - CFD: 30/09/2016 - [0] D -- C:\Users\User\AppData\Local\Cerzick
O43 - CFD: 03/12/2014 - [] D -- C:\Users\User\AppData\Local\CrashRpt  =>.Superfluous.CrashReports
O43 - CFD: 26/11/2016 - [0] D -- C:\Users\User\AppData\Local\Deployment  =>.Microsoft Corporation
O43 - CFD: 02/01/2015 - [] D -- C:\Users\User\AppData\Local\Downloaded Installations  =>.Microsoft Corporation
O43 - CFD: 03/09/2014 - [] D -- C:\Users\User\AppData\Local\Electronic Arts  =>.Electronic Arts
O43 - CFD: 27/06/2016 - [0] D -- C:\Users\User\AppData\Local\ElevatedDiagnostics  =>.Microsoft Corporation
O43 - CFD: 24/02/2015 - [] D -- C:\Users\User\AppData\Local\ESET  =>.ESET
O43 - CFD: 05/07/2014 - [] D -- C:\Users\User\AppData\Local\Facebook  =>.Facebook
O43 - CFD: 15/07/2015 - [] D -- C:\Users\User\AppData\Local\fontconfig  =>.Portable Apps
O43 - CFD: 15/07/2015 - [] D -- C:\Users\User\AppData\Local\gegl-0.2  =>.Portable Apps
O43 - CFD: 16/09/2015 - [] D -- C:\Users\User\AppData\Local\Google  =>.Google
O43 - CFD: 15/07/2015 - [] D -- C:\Users\User\AppData\Local\gtk-2.0  =>.GTK Project
O43 - CFD: 01/12/2013 - [0] SHD -- C:\Users\User\AppData\Local\Historique  =>.Microsoft Corporation
O43 - CFD: 02/01/2015 - [] D -- C:\Users\User\AppData\Local\Installer
O43 - CFD: 30/09/2016 - [] D -- C:\Users\User\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk  =>Hijacker.Browser
O43 - CFD: 04/07/2014 - [] D -- C:\Users\User\AppData\Local\Macromedia  =>.Macromedia
O43 - CFD: 21/10/2016 - [] D -- C:\Users\User\AppData\Local\Merhogh
O43 - CFD: 10/12/2014 - [] D -- C:\Users\User\AppData\Local\Microsoft  =>.Microsoft Corporation
O43 - CFD: 01/12/2013 - [0] D -- C:\Users\User\AppData\Local\Microsoft Help  =>.Microsoft Corporation
O43 - CFD: 04/07/2014 - [] D -- C:\Users\User\AppData\Local\Mozilla  =>.Mozilla Corporation
O43 - CFD: 01/12/2013 - [] D -- C:\Users\User\AppData\Local\Programs  =>.Microsoft Corporation
O43 - CFD: 02/01/2015 - [] D -- C:\Users\User\AppData\Local\Samsung  =>.Samsung Electronics
O43 - CFD: 11/07/2014 - [] D -- C:\Users\User\AppData\Local\Skype  =>.Skype
O43 - CFD: 04/02/2017 - [] D -- C:\Users\User\AppData\Local\Temp  =>.Microsoft Corporation
O43 - CFD: 01/12/2013 - [0] SHD -- C:\Users\User\AppData\Local\Temporary Internet Files  =>.Microsoft Corporation
O43 - CFD: 01/12/2013 - [0] D -- C:\Users\User\AppData\Local\VirtualStore  =>.Microsoft Corporation
O43 - CFD: 01/12/2013 - [0] D -- C:\Users\User\AppData\Local\Programs\Common  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories  =>.Microsoft Corporation
O43 - CFD: 20/07/2014 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools  =>.Administrative Tools
O43 - CFD: 02/09/2014 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory  =>.FormatFactory
O43 - CFD: 03/07/2014 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games  =>.Microsoft Corporation
O43 - CFD: 17/07/2014 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade  =>.GameSpy Industries
O43 - CFD: 18/07/2016 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome  =>.Google Inc.
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance  =>.Microsoft Corporation
O43 - CFD: 05/01/2016 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller  =>.VS Revo Group
O43 - CFD: 24/12/2016 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup  =>.Microsoft Corporation
O43 - CFD: 01/12/2013 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR  =>.WinRAR
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data  =>.Microsoft Corporation
O43 - CFD: 01/12/2013 - [0] SHD -- C:\Users\Default\AppData\Local\Historique  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\History  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Users\Default\AppData\Local\Microsoft  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Default\AppData\Local\Temp  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files  =>.Microsoft Corporation
O43 - CFD: 24/02/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\ESET  =>.ESET
O43 - CFD: 03/07/2014 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft  =>.Microsoft Corporation
O43 - CFD: 30/03/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\ESET  =>.ESET
O43 - CFD: 05/07/2014 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\McAfee  =>.McAfee
O43 - CFD: 05/03/2016 - [] SD -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Microsoft  =>.Microsoft Corporation

---\\ ShellIconOverlayIdentifiers (SIOI) (3) - 0s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll  =>.Microsoft Corporation
O106 - SIOI:  [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll  =>.Microsoft Corporation
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll  =>.Microsoft Corporation

---\\ Enumération des clés StartupReg (10) - 1s
O53 - SMSR:HKLM\...\startupreg\001d45c9  [Key] . (...) -- C:\Users\User\AppData\Local\Temp\world-super-ext.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\001dae8c  [Key] . (...) -- C:\Users\User\AppData\Local\Temp\world-super-ext.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\CCleaner Monitoring  [Key] . (...) -- C:\Program Files\CCleaner\CCleaner.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\DivXMediaServer  [Key] . (.DivX, LLC - DivX DLNA Media Server.) -- C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe  =>.DivX, LLC
O53 - SMSR:HKLM\...\startupreg\DivXUpdate  [Key] . (.© Copyright 2000 - 2011 DivX, LLC - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe  =>.© Copyright 2000 - 2011 DivX, LLC
O53 - SMSR:HKLM\...\startupreg\Facebook Update  [Key] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe  =>.Facebook Inc.
O53 - SMSR:HKLM\...\startupreg\HSPALauncher  [Key] . (...) -- C:\Program Files\HSPAUS~1\HSPALA~1.EXE (.not file.)
O53 - SMSR:HKLM\...\startupreg\msiql  [Key] . (...) -- C:\Users\User\AppData\Local\Temp\00011957\msiql.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SSMaker  [Key] . (...) -- C:\Users\User\AppData\Roaming\ScreenShot\SSMaker.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\USB Security  [Key] . (...) -- C:\Program Files\USB Disk Security\USBGuard.exe (.not file.)

---\\ Liste des pilotes du système (76) - 10s
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2011/03/11 06:38:37 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2011/03/11 06:38:37 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2014/12/02 20:27:02 A . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\drivers\aswNdisFlt.sys   [327296]  =>.AVAST Software a.s.®
O58 - SDL:2009/07/13 23:02:49 A . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gi.) -- C:\Windows\System32\drivers\b57nd60x.sys   [327296]  =>.Broadcom Corporation
O58 - SDL:2009/07/13 23:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys   [327296]  =>.Brother Industries, Ltd.
O58 - SDL:2009/07/13 23:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys   [327296]  =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 01:57:25 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys   [327296]  =>.Brother Industries Ltd.
O58 - SDL:2009/07/13 23:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys   [327296]  =>.Brother Industries Ltd.
O58 - SDL:2009/07/13 23:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys   [327296]  =>.Brother Industries Ltd.
O58 - SDL:2009/07/13 23:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys   [327296]  =>.Brother Industries Ltd.
O58 - SDL:2009/07/13 23:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys   [327296]  =>.Broadcom Corporation
O58 - SDL:2009/07/14 02:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2008/08/29 17:54:40 A . (.Mobile Connector - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\cmusbser.sys   [327296]  =>.Mobile Connector
O58 - SDL:2015/06/29 15:37:48 A . (.Kaspersky Lab UK Ltd - Cryptographic Module.) -- C:\Windows\System32\drivers\cm_km_w.sys   [327296]  =>.Kaspersky Lab UK Ltd®
O58 - SDL:2009/07/14 02:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2016/02/23 15:25:30 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\drivers\EpfwLWF.sys   [327296]  =>.ESET, spol. s r.o.®
O58 - SDL:2009/07/13 23:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys   [327296]  =>.Broadcom Corporation
O58 - SDL:2009/07/13 23:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys   [327296]  =>.Hauppauge Computer Works, Inc.
O58 - SDL:2009/07/14 02:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2011/03/11 06:38:51 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/09/23 19:18:14 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys   [327296]  =>.Intel Corporation
O58 - SDL:2009/07/14 02:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2016/06/18 20:29:25 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\drivers\kl1.sys   [327296]  =>.Kaspersky Lab®
O58 - SDL:2016/06/18 20:29:25 A . (.Kaspersky Lab ZAO - Virtual Disk fre_wnet_x86.) -- C:\Windows\System32\drivers\kldisk.sys   [327296]  =>.Kaspersky Lab®
O58 - SDL:2015/06/29 15:37:48 A . (.Kaspersky Lab ZAO - Filter Core [fre_wlh_x86].) -- C:\Windows\System32\drivers\klflt.sys   [327296]  =>.Kaspersky Lab®
O58 - SDL:2016/06/18 20:24:11 A . (.AO Kaspersky Lab - klhk [fre_wlh_x86].) -- C:\Windows\System32\drivers\klhk.sys   [327296]  =>.Kaspersky Lab®
O58 - SDL:2016/06/18 20:29:25 A . (.Kaspersky Lab ZAO - Klif Mini-Filter [fre_wlh_x86].) -- C:\Windows\System32\drivers\klif.sys   [327296]  =>.Kaspersky Lab®
O58 - SDL:2016/06/18 20:29:26 A . (.AO Kaspersky Lab - Kaspersky Lab Intermediate Network Driver [.) -- C:\Windows\System32\drivers\klim6.sys   [327296]  =>.Kaspersky Lab®
O58 - SDL:2016/06/18 20:28:40 A . (.Kaspersky Lab ZAO - KLKBDFLT Keyboard Device Filter [fre_wlh_x8.) -- C:\Windows\System32\drivers\klkbdflt.sys   [327296]  =>.Kaspersky Lab®
O58 - SDL:2016/06/18 20:28:41 A . (.Kaspersky Lab ZAO - KLMOUFLT Mouse Device Filter [fre_wlh_x86].) -- C:\Windows\System32\drivers\klmouflt.sys   [327296]  =>.Kaspersky Lab®
O58 - SDL:2015/06/29 15:37:50 A . (.Kaspersky Lab ZAO - KLPD [fre_wnet_x86].) -- C:\Windows\System32\drivers\klpd.sys   [327296]  =>.Kaspersky Lab®
O58 - SDL:2015/06/29 15:37:50 A . (.Kaspersky Lab ZAO - Network filtering component [fre_wxp_x86].) -- C:\Windows\System32\drivers\kltdi.sys   [327296]  =>.Kaspersky Lab®
O58 - SDL:2016/06/18 20:29:26 A . (.Kaspersky Lab ZAO - Network filtering component.) -- C:\Windows\System32\drivers\klwtp.sys   [327296]  =>.Kaspersky Lab®
O58 - SDL:2016/06/18 20:29:27 A . (.Kaspersky Lab ZAO - KNEPS Power [fre_wxp_x86].) -- C:\Windows\System32\drivers\kneps.sys   [327296]  =>.Kaspersky Lab®
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2011/03/11 06:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2011/03/11 06:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2011/06/10 07:34:52 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Dr.) -- C:\Windows\System32\drivers\Rt86win7.sys   [327296]  =>.Realtek Semiconductor Corp®
O58 - SDL:2009/07/13 21:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys   [327296]  =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2009/07/14 00:45:33 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\serial.sys   [327296]  =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 02:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys   [327296]  =>.Microsoft Windows®
O58 - SDL:2009/07/13 22:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS   [327296]  =>.Microsoft Corporation
O58 - SDL:2009/07/13 22:40:44 A . (...) -- C:\Windows\System32\country.sys   [327296]  =>.Microsoft Corporation
O58 - SDL:2009/07/13 22:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS   [327296]  =>.Microsoft Corporation
O58 - SDL:2009/07/13 22:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS   [327296]  =>.Microsoft Corporation
O58 - SDL:2009/07/13 22:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS   [327296]  =>.Microsoft Corporation
O58 - SDL:2009/07/13 22:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS   [327296]  =>.Microsoft Corporation
O58 - SDL:2009/07/13 22:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS   [327296]  =>.Microsoft Corporation
O58 - SDL:2009/07/13 22:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS   [327296]  =>.Microsoft Corporation
O58 - SDL:2009/07/13 22:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS   [327296]  =>.Microsoft Corporation
O58 - SDL:2009/07/13 22:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS   [327296]  =>.Microsoft Corporation
O58 - SDL:2009/07/13 22:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS   [327296]  =>.Microsoft Corporation
O58 - SDL:2009/07/13 22:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS   [327296]  =>.Microsoft Corporation
O58 - SDL:2009/07/13 22:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS   [327296]  =>.Microsoft Corporation
O58 - SDL:2009/07/13 22:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS   [327296]  =>.Microsoft Corporation
O58 - SDL:2009/07/13 22:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS   [327296]  =>.Microsoft Corporation

---\\ Associations Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe  =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Menu de démarrage Internet (16) - 0s
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   =>.Mozilla Corporation®
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe   =>.Google Inc®
O68 - StartMenuInternet: <Google Chrome.UP3NVAUT7K4SACXBEWDFWTZMMQ> <Google Chrome>[HKLM\..\Shell\open\Command] (...) -- C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe 
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe   =>.Microsoft Corporation®
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe  =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe  =>.Google Inc.
O68 - StartMenuInternet: <Google Chrome.UP3NVAUT7K4SACXBEWDFWTZMMQ> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe  =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe  =>.Google Inc.
O68 - StartMenuInternet: <Google Chrome.UP3NVAUT7K4SACXBEWDFWTZMMQ> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe  =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe  =>.Google Inc.
O68 - StartMenuInternet: <Google Chrome.UP3NVAUT7K4SACXBEWDFWTZMMQ> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation

---\\ Recherche d'infection sur les navigateurs (11) - 14s
O69 - SBI: prefs.js [User - avue6qjc.default] user_pref("browser.newtab.url", "http://www.trotux.com/?z=0f63f5474a092d9d772eb33g8z4m0mce2q2m8o6c5b&from=isr&uid=HitachiXHCS5C323[...]  =>.Superfluous.Trotux
O69 - SBI: prefs.js [User - avue6qjc.default] user_pref("browser.search.defaultenginename", "trotux");  =>.Superfluous.Trotux
O69 - SBI: prefs.js [User - avue6qjc.default] user_pref("browser.search.searchengine.hp", "http://www.trotux.com/?z=0f63f5474a092d9d772eb33g8z4m0mce2q2m8o6c5b&from=isr&uid=Hita[...]  =>.Superfluous.Trotux
O69 - SBI: prefs.js [User - avue6qjc.default] user_pref("browser.search.searchengine.sp", "http://www.trotux.com/search/?from=isr&q={searchTerms}&type=sp&uid=HitachiXHCS5C3232S[...]  =>.Superfluous.Trotux
O69 - SBI: prefs.js [User - avue6qjc.default] user_pref("browser.search.searchengine.url", "http://www.trotux.com/search/?from=isr&q={searchTerms}&type=sp&uid=HitachiXHCS5C3232[...]  =>.Superfluous.Trotux
O69 - SBI: prefs.js [User - avue6qjc.default] user_pref("browser.search.selectedEngine", "trotux");  =>.Superfluous.Trotux
O69 - SBI: prefs.js [User - avue6qjc.default] user_pref("browser.startup.homepage", "http://www.trotux.com/?z=0f63f5474a092d9d772eb33g8z4m0mce2q2m8o6c5b&from=isr&uid=HitachiXHC[...]  =>.Superfluous.Trotux
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/  =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {CF49125D-FBA8-47CD-B46F-628DEEE6C6B8} - (Startpage) - http://startpage.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/  =>.Bing.com
O69 - SBI: SearchScopes [HKLM] {CF49125D-FBA8-47CD-B46F-628DEEE6C6B8} - (Startpage) - http://startpage.com/

---\\ Enumère les services démarrés par Svchost (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\IKEEXT.DLL   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\audiosrv.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll   [327296]  =>.Microsoft Windows Component Publisher®
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\System32\seclogon.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\System32\mmcss.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\KMSVC.DLL   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [327296]  =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll   [327296]  =>.Microsoft Corporation

---\\ Liste des exceptions du parefeu Windows (23) - 1s
O87 - FAEL: "TCP Query User{9C116182-23CC-462E-83F9-A44236478571}D:\program files\microsoft games\rise of nations\nations.exe" [In-None-P6-TRUE] .(...) -- D:\program files\microsoft games\rise of nations\nations.exe (.not file.)
O87 - FAEL: "UDP Query User{4338409F-11FF-439F-8F52-4646355D8F83}D:\program files\microsoft games\rise of nations\nations.exe" [In-None-P17-TRUE] .(...) -- D:\program files\microsoft games\rise of nations\nations.exe (.not file.)
O87 - FAEL: "{817E9A60-5989-4A5E-BFA4-5E031C04D82F}" [In-None-P6-TRUE] .(...) -- D:\Program Files\Microsoft Games\Rise of Nations\rise.exe (.not file.)
O87 - FAEL: "{E8B18295-328E-47AF-85CA-9E2F6B839E8A}" [In-None-P17-TRUE] .(...) -- D:\Program Files\Microsoft Games\Rise of Nations\rise.exe (.not file.)
O87 - FAEL: "{1FEA17AD-2B77-40D6-82A6-0F8A25F358D3}" [In-None-P6-FALSE] .(...) -- D:\Program Files\Microsoft Games\Rise of Nations\rise.exe (.not file.)
O87 - FAEL: "{9C311E12-1201-488C-B280-060E54D557BC}" [In-None-P17-FALSE] .(...) -- D:\Program Files\Microsoft Games\Rise of Nations\rise.exe (.not file.)
O87 - FAEL: "TCP Query User{03C6188E-6C40-49F1-ABCD-40904860E76A}C:\program files\microsoft games\rise of nations\nations.exe" [In-None-P6-TRUE] .(...) -- C:\program files\microsoft games\rise of nations\nations.exe (.not file.)
O87 - FAEL: "UDP Query User{72D6DD91-6060-4F75-B3D1-AA4C93509BA2}C:\program files\microsoft games\rise of nations\nations.exe" [In-None-P17-TRUE] .(...) -- C:\program files\microsoft games\rise of nations\nations.exe (.not file.)
O87 - FAEL: "TCP Query User{36F3FCE8-6205-461E-959A-C79ECDC549A9}C:\program files\internet download manager\idman.exe" [In-None-P6-TRUE] .(...) -- C:\program files\internet download manager\idman.exe (.not file.)
O87 - FAEL: "UDP Query User{D9740403-67AB-4DA4-A1E5-1AA56A256A36}C:\program files\internet download manager\idman.exe" [In-None-P17-TRUE] .(...) -- C:\program files\internet download manager\idman.exe (.not file.)
O87 - FAEL: "{60233A7B-0DC5-4B73-8E11-68130824468A}" [In-None-P6-TRUE] .(...) -- C:\Program Files\360\Total Security\safemon\QHSafeTray.exe (.not file.)
O87 - FAEL: "{4ACDAB4F-FC54-45F3-81F7-6996A4DE1753}" [In-None-P17-TRUE] .(...) -- C:\Program Files\360\Total Security\safemon\QHSafeTray.exe (.not file.)
O87 - FAEL: "{09888861-E395-45B1-AA8D-EE23B8DADDB9}" [In-None-P6-TRUE] .(...) -- C:\Program Files\360\Total Security\LiveUpdate360.exe (.not file.)
O87 - FAEL: "{1AF23B0D-78C3-4C4C-AFF1-8279621E9127}" [In-None-P17-TRUE] .(...) -- C:\Program Files\360\Total Security\LiveUpdate360.exe (.not file.)
O87 - FAEL: "{66D12B90-D6EC-4328-8BF7-44818406F3C7}" [In-None-P6-TRUE] .(...) -- C:\Program Files\SrpnFiles\SrpnFiles.exe (.not file.)  =>.Superfluous.SpringFiles
O87 - FAEL: "{5B06A6EE-5B11-46A2-8D98-127EC26EEE9C}" [In-None-P17-TRUE] .(...) -- C:\Program Files\SrpnFiles\SrpnFiles.exe (.not file.)  =>.Superfluous.SpringFiles
O87 - FAEL: "{C16C812F-F2C9-4B44-8227-8627095A9A5B}" [In-None-P6-TRUE] .(...) -- C:\Program Files\SrpnFiles\downloader.exe (.not file.)  =>.Superfluous.SpringFiles
O87 - FAEL: "{0EDC73E0-86B2-4294-80CB-4A38550B7884}" [In-None-P17-TRUE] .(...) -- C:\Program Files\SrpnFiles\downloader.exe (.not file.)  =>.Superfluous.SpringFiles
O87 - FAEL: "{8C2B5408-F7EA-4DC3-9B08-50B223026940}" [In-None-P17-TRUE] .(...) -- C:\Users\User\AppData\Local\Temp\is-6SR8I.tmp\download\MiniThunderPlatform.exe (.not file.)  =>.Temporary file not necessary
O87 - FAEL: "{88221A39-66F8-4D7D-A87F-324D3F13E44B}" [In-None-P6-TRUE] .(...) -- C:\Program Files\LuDaShi\ComputerZTray.exe (.not file.)  =>PUP.Optional.Ludashi
O87 - FAEL: "{1CA9CACE-E978-49D9-B83C-3660C7CA89CF}" [In-None-P17-TRUE] .(...) -- C:\Program Files\LuDaShi\ComputerZTray.exe (.not file.)  =>PUP.Optional.Ludashi
O87 - FAEL: "{26EDBCA1-322F-48B9-A267-6A5FFE2E5FEB}" [In-None-P6-TRUE] .(...) -- C:\Program Files\LuDaShi\Utils\mininews.exe (.not file.)  =>PUP.Optional.Ludashi
O87 - FAEL: "{CE43A36B-0A92-4559-ACCA-3D876D42ABF0}" [In-None-P17-TRUE] .(...) -- C:\Program Files\LuDaShi\Utils\mininews.exe (.not file.)  =>PUP.Optional.Ludashi

---\\ Liste des émulateurs de CD/DVD (MBR Hook) (6) - 5s
HKLM\SOFTWARE\Microsoft\Tracing\ldsgamecenter_ludashi_RASAPI32  =>PUP.Optional.Ludashi
HKLM\SOFTWARE\Microsoft\Tracing\ldsgamecenter_ludashi_RASMANCS  =>PUP.Optional.Ludashi
HKLM\SOFTWARE\Microsoft\Tracing\ludashisetup_RASAPI32  =>PUP.Optional.Ludashi
HKLM\SOFTWARE\Microsoft\Tracing\ludashisetup_RASMANCS  =>PUP.Optional.Ludashi
HKLM\SOFTWARE\Microsoft\Tracing\srpnfiles_RASAPI32  =>.Superfluous.SpringFiles
HKLM\SOFTWARE\Microsoft\Tracing\srpnfiles_RASMANCS  =>.Superfluous.SpringFiles

---\\ Scan Additionnel (22) - 0s
C:\Windows\System32\Tasks\{F97ABAFA-3646-40AB-A358-60950C16E73B}  =>.Superfluous.Goobzo
C:\Users\User\AppData\Roaming\KuaiZip  =>.Superfluous.ShanghaiGuangle
C:\Users\User\AppData\Roaming\lockhomepage  =>PUP.Optional.LockHomepage
C:\Users\User\AppData\Roaming\Ludashi  =>PUP.Optional.Ludashi
C:\Users\User\AppData\Roaming\PDManager  =>.Superfluous.MindSpark
C:\Users\User\AppData\Roaming\SpringFiles  =>.Superfluous.SpringFiles
C:\Users\User\AppData\Local\CrashRpt  =>.Superfluous.CrashReports
C:\Users\User\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk  =>Hijacker.Browser
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{66D12B90-D6EC-4328-8BF7-44818406F3C7}  =>.Superfluous.SpringFiles
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{5B06A6EE-5B11-46A2-8D98-127EC26EEE9C}  =>.Superfluous.SpringFiles
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{C16C812F-F2C9-4B44-8227-8627095A9A5B}  =>.Superfluous.SpringFiles
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{0EDC73E0-86B2-4294-80CB-4A38550B7884}  =>.Superfluous.SpringFiles
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{88221A39-66F8-4D7D-A87F-324D3F13E44B}  =>PUP.Optional.Ludashi
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{1CA9CACE-E978-49D9-B83C-3660C7CA89CF}  =>PUP.Optional.Ludashi
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{26EDBCA1-322F-48B9-A267-6A5FFE2E5FEB}  =>PUP.Optional.Ludashi
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{CE43A36B-0A92-4559-ACCA-3D876D42ABF0}  =>PUP.Optional.Ludashi
HKLM\SOFTWARE\Microsoft\Tracing\ldsgamecenter_ludashi_RASAPI32  =>PUP.Optional.Ludashi
HKLM\SOFTWARE\Microsoft\Tracing\ldsgamecenter_ludashi_RASMANCS  =>PUP.Optional.Ludashi
HKLM\SOFTWARE\Microsoft\Tracing\ludashisetup_RASAPI32  =>PUP.Optional.Ludashi
HKLM\SOFTWARE\Microsoft\Tracing\ludashisetup_RASMANCS  =>PUP.Optional.Ludashi
HKLM\SOFTWARE\Microsoft\Tracing\srpnfiles_RASAPI32  =>.Superfluous.SpringFiles
HKLM\SOFTWARE\Microsoft\Tracing\srpnfiles_RASMANCS  =>.Superfluous.SpringFiles

---\\ Récapitulatif des éléments trouvés sur votre station (13) - 0s
https://www.anti-malware.top/2016/07/20/superfluous-goobzo/  =>.Superfluous.Goobzo
https://www.anti-malware.top/2016/07/03/superfluous-trotux/  =>.Superfluous.Trotux
https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/  =>Hijacker.Browser
https://www.anti-malware.top/2016/04/30/pup-optional-crossrider/  =>PUP.Optional.CrossRider
https://www.anti-malware.top/2016/04/26/superfluous-springfiles/  =>.Superfluous.SpringFiles
https://www.anti-malware.top/2016/04/22/adware-installcore/  =>Adware.InstallCore
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.Ludashi
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Magicbit
https://nicolascoolman.eu/2017/01/15/superfluous-mindspark/  =>.Superfluous.MindSpark
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Downloader
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.ShanghaiGuangle
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.LockHomepage
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.CrashReports

~ Unselected Options:  O82,
~ End of the scan, 12057 items in 03mn30s (902)(0)