---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: ShellServiceObjectDelayLoad - C:\WINDOWS\system32\p48q0el5ehq.dll
O20 - Winlogon Notify: Extensions - C:\WINDOWS\system32\gp0ol3d31.dll
O20 - Winlogon Notify: RunOnce - C:\WINDOWS\system32\r06u0aj9edo.dll

O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

---\\ BootExecute (BEX) (O34) 
O34 - HKLM BootExecute: (autocheck autochk *) - File not found 
O34 - HKLM BootExecute: (PCloudBroom64.exe \systemroot\system32\BroomData.bit) - File not found 
~ BEX: 2 Scanned in 00mn AMs 

---\\ Session Manager Key (AppCertDlls,KnownDLLs) (O36) 
O36 - AppCertDlls: (x86) . (...) -- C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll (Not file) =>PUP.SystemK 
O36 - AppCertDlls: (x64) . (...) -- C:\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll (Not file) =>PUP.SystemK 

---\\ Tâches planifiées en automatique (112) - 3s 
[MD5.5BCE955CF12AF3417F055DADC0212920] [APT] [ChelfNotify Task] (.Tencent.) -- C:\ProgramData\ChelfNotify\BrowserUpdate.exe [690144] (.Activate.) =>.Superfluous.Tencent 
[MD5.00000000000000000000000000000000] [APT] [reve] (...) -- C:\Users\fujitsu\Videos\?é¬ï¦ïë «??§ ?é¬©ïê ??é«§ï«\001.mp3 (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.D348EC9B18A954E032648B55D88E0B7C] [APT] [ruyiUpdate] (.????(??)????.) -- C:\Program Files\ShoppingAssistant\ruyitao\3.6.0.14\ruyiUpdate.exe [317840] (.Activate.) 
[MD5.D348EC9B18A954E032648B55D88E0B7C] [APT] [ruyiUpdateBackup] (.????(??)????.) -- C:\Users\fujitsu\AppData\Local\ruyitao\ruyiUpdate.exe [317840] (.Activate.) 
[MD5.00000000000000000000000000000000] [APT] [ShanDian] (...) -- C:\Program Files\ShanDian\FinderPro.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty 
[MD5.00000000000000000000000000000000] [APT] [tuuxqxil] (...) -- C:\Users\fujitsu\Videos\?é¬ï¦ïë «??§ ?é¬©ïê ??é«§ï«\078.mp3 (.not file.) [0] (.Activate.) =>.Superfluous.Empty 
[MD5.C987037CDA5A49084D7C84E165169AA2] [APT] [{6B245D9A-4371-4B5A-8AB0-2FA024F46B8A}] (...) -- D:\DVB IT-220\tuner.exe [41025] (.Activate.) 
[MD5.C987037CDA5A49084D7C84E165169AA2] [APT] [{FC78BBE2-0201-430C-9474-614C0647B9A8}] (...) -- D:\DVB IT-220\tuner.exe [41025] (.Activate.) 
O39 - APT: ruyiUpdate - (.????(??)????.) -- C:\Windows\Tasks\ruyiUpdate.job [318] {476AB70C913F23091F0B21B7416C5242} 
O39 - APT: ruyiUpdateBackup - (.????(??)????.) -- C:\Windows\Tasks\ruyiUpdateBackup.job [292] {476AB70C913F23091F0B21B7416C5242}

---\\ Drivers launched at startup (O41) 
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\Bfilter.sys 
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\Windows\system32\drivers\Bfmon.sys 
O41 - Driver: (Bnbase) . (.Baidu, Inc. - Baidu Antivirus NetBase Driver.) - C:\Windows\System32\drivers\bnbasex64.sys 
O41 - Driver: (Bndef) . (.Baidu, Inc. - Baidu Antivirus NetDefense Driver.) - C:\Windows\system32\drivers\bndef64.sys

---\\ Contenu des dossiers Programmes (163) - 29s 
O43 - CFD: 26/07/2016 - [] D -- C:\Program Files\WinSaber =>.Superfluous.WinSaber 
O43 - CFD: 21/08/2016 - [] D -- C:\Program Files\WinZipper =>.Superfluous.WinZipper 
O43 - CFD: 24/04/2016 - [] D -- C:\ProgramData\desktopfind =>HackTool.WinActivator 
O43 - CFD: 26/03/2016 - [] D -- C:\ProgramData\Tencent =>.Superfluous.Tencent 
O43 - CFD: 26/03/2016 - [0] D -- C:\ProgramData\TXQMPC =>.Superfluous.TXQMPC 
O43 - CFD: 31/05/2016 - [0] D -- C:\ProgramData\Uncheckit =>.Superfluous.Elex 
O43 - CFD: 26/03/2016 - [] D -- C:\Program Files\Common Files\Tencent =>.Superfluous.Tencent 
O43 - CFD: 30/05/2016 - [] D -- C:\Users\pc\AppData\Roaming\eCyber =>.Superfluous.Elex 
O43 - CFD: 26/03/2016 - [] D -- C:\Users\pc\AppData\Roaming\Tencent =>.Superfluous.Tencent
O43 - CFD: 31/05/2016 - [] D -- C:\Users\pc\AppData\Roaming\Uncheckit =>.Superfluous.Elex 
O43 - CFD: 05/05/2016 - [] D -- C:\Users\pc\AppData\Roaming\WinZiper =>.Superfluous.WinZipper 

---\\ Latest files created in Windows Prefetcher (O45) 
O45 - LFCP:[MD5.45557CC311963889BCDB6FBF2FA1038D] - 09-Dec-14 - 1:51:03 AM ---A- - C:\Windows\Prefetch\SNIPSMART.BOAS.EXE-04FDE64B.pf =>PUP.SnipSmart 
O45 - LFCP:[MD5.5B108C3AF92D4A87B8AF7DB17F50B3BF] - 09-Dec-14 - 1:51:03 AM ---A- - C:\Windows\Prefetch\SNIPSMART.BOASPRT.EXE-8A675921.pf =>PUP.SnipSmart 
O45 - LFCP:[MD5.288D592584CC6B9A312F6F3725B4F72B] - 22-Jan-15 - 12:33:25 AM ---A- - C:\Windows\Prefetch\SNIPSMART.PURBROWSE64.EXE-FE40B4D1.pf =>PUP.SnipSmart 
O45 - LFCP:[MD5.A517B6156DC9D2848C544C56214B4AFD] - 05-Apr-15 - 2:10:24 AM ---A- - C:\Windows\Prefetch\WPC_MYSTARTSEARCH.EXE-43CE90A0.pf =>PUP.StartSearch 
O45 - LFCP:[MD5.E6319E2A8FCFB9754EE2DFB5548008E6] 27/08/2016 A -- C:\Windows\Prefetch\WINDOWS LOADER.EXE-6178FC09.pf =>HackTool.WinActivator

---\\ Safe Boot Control (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\hitmanpro37.sys . (.No owner - HitmanPro 3.7 Support Driver.) -- C:\Windows\System32\Drivers\hitmanpro37.sys 
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\hitmanpro37.sys . (.No owner - HitmanPro 3.7 Support Driver.) -- C:\Windows\System32\Drivers\hitmanpro37.sys 
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.) 

---\\ Image File Execution Options (IFEO) (O50)
O51 - MPSK:{88d1f17b-5c0e-11e4-8250-806e6f6e6963}\AutoRun\command. (...) -- F:\setup.exe (.not file.)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d