ZHPDiag.txt

Document joint : HBxjnN0RhTu_ZHPDiag.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2018.2.22.37 Par Nicolas Coolman (2018/02/22)
~ Démarré par eric (Administrator) (2018/02/23 08:33:02)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Certificate ZHPDiag: Illegal
~ Etat de la version: Version KO
~ Mode: Scanner
~ Rapport: C:\Users\eric\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\eric\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Démarrage du système: Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 15063) =>.Microsoft Corporation

---\\ NAVIGATEURS INTERNET (3) - 0s
~ GCIE: Google Chrome v63.0.3239.132
~ MSIE: Microsoft Edge v40
~ MSIE: Internet Explorer v11.608.15063.0

---\\ INFORMATIONS SUR LES PRODUITS WINDOWS (9) - 1s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows(R) Operating System, VOLUME_KMSCLIENT channel
Windows ID Activation : OK
~ Windows Partial Key : T83GX
Windows License : OK
Expiration Licence Windows : 258758 minute(s) (180 jour(s))
~ Windows Remaining Initializations Number : 1001
Windows Automatic Updates : OK

---\\ LOGICIELS DE PROTECTION (2) - 18s
Malwarebytes version 3.2.2.2029 v3.2.2.2029 (Protection)
Windows Defender (Activate) (Protection)

---\\ SURVEILLANCE LOGICIEL (1) - 18s
~ Adobe Flash Player 28 NPAPI (Surveillance)

---\\ INFORMATIONS SUR LE SYSTÈME (6) - 0s
~ Operating System: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 8153.24 MB (53% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 71 GB (26%) free of 264 GB : OK =>.Disk Space

---\\ MODE DE CONNEXION AU SYSTÈME (3) - 0s
~ Computer Name: ERIC
~ User Name: eric
~ Logged in as Administrator

---\\ ÉNUMÉRATION DES UNITÉS DE STOCKAGE (2) - 0s
~ Drive C: has 71 GB free of 264 GB (System)
~ Drive F: has 34 GB free of 187 GB

---\\ ÉTAT DU CENTRE DE SÉCURITÉ WINDOWS (7) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ RECHERCHE PARTICULIÈRE DE FICHIERS GÉNÉRIQUES (25) - 3s
[MD5.3AF6D6F752EDE013ED15DFD2D44F8EF9] - 05/09/2017 - (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\Explorer.exe [4848960] =>.Microsoft Windows®
[MD5.ECB702B8C5650381C0784F1EEABB97BC] - 18/03/2017 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [68608] =>.Microsoft Corporation
[MD5.0242626678C83AE788C655C1990A3CC3] - 28/07/2017 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\System32\Wininit.exe [318232] =>.Microsoft Windows Publisher®
[MD5.9AA7516745C98B81FC10227FF2652391] - 05/09/2017 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [3307008] =>.Microsoft Corporation
[MD5.9CDA170849A4F66F4D68B3DBB3AC8394] - 05/09/2017 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\Windows\System32\Winlogon.exe [706560] =>.Microsoft Corporation
[MD5.50CDF68A8EA8A2A9165CD573FA6C42D8] - 18/03/2017 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\Windows\System32\sppcomapi.dll [414208] =>.Microsoft Corporation
[MD5.0F9FA6A2D4EAE50393DCE473759A9845] - 18/03/2017 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\System32\dnsapi.dll [661224] =>.Microsoft Windows®
[MD5.3F969D5ADEAB3284ABD500B37D74A8F8] - 18/03/2017 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\Syswow64\dnsapi.dll [508344] =>.Microsoft Windows®
[MD5.70E14A01193D817004C0F88E767BC59B] - 19/03/2017 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [19968] =>.Microsoft Corporation
[MD5.5A6D591D56791BA63CE73FCAD60D89A1] - 05/09/2017 - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\Windows\System32\drivers\AFD.sys [610720] =>.Microsoft Windows®
[MD5.01733BEEE02E51F712330D5909BD701C] - 18/03/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [29088] =>.Microsoft Windows®
[MD5.B6E5AD7C83A5254DEE9D86023C0E5A81] - 18/03/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [93184] =>.Microsoft Corporation
[MD5.ABE77AD954BC3D72F559CF0C381E50BC] - 18/03/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [160256] =>.Microsoft Corporation
[MD5.185A4519B7764F4DEF714D890A7A9FD2] - 18/03/2017 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [150528] =>.Microsoft Corporation
[MD5.02B9639D9997E95CDF2F4C4F3BDCC73D] - 20/06/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [86528] =>.Microsoft Corporation
[MD5.C6C8315E3262FAE460529C6DA2951682] - 18/03/2017 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [115200] =>.Microsoft Corporation
[MD5.DCC05E5EAA580C97F13B434FAFACED85] - 18/03/2017 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [214528] =>.Microsoft Corporation
[MD5.F2AD1B72C5A6475FB5FF332E1980DF88] - 18/03/2017 - (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\Windows\System32\drivers\MRxSmb.sys [467352] =>.Microsoft Windows®
[MD5.BAD3C424788BC071C3EC82CFCDA954D2] - 05/09/2017 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [305152] =>.Microsoft Corporation
[MD5.075F8C81457804BB79DD33FE69A96C57] - 28/07/2017 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [2327456] =>.Microsoft Windows®
[MD5.2CC6C325B271C7CA60F374F8F868CB45] - 18/03/2017 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\Windows\System32\drivers\Parport.sys [97792] =>.Microsoft Corporation
[MD5.5279EC98F6218D29EADDFECCC0D80E9A] - 18/03/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [107008] =>.Microsoft Corporation
[MD5.53A01D3FDB701AC5D9DDE4140227E3D9] - 20/03/2017 - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) -- C:\Windows\System32\drivers\rdpdr.sys [183296] =>.Microsoft Corporation
[MD5.D74756DD1518D28A09CDA99696273FA4] - 01/08/2017 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [119712] =>.Microsoft Windows®
[MD5.E3429DBBEA3965BB96E24B16EF4A2551] - 18/03/2017 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\Windows\System32\drivers\volsnap.sys [397216] =>.Microsoft Windows®

---\\ LISTE DES SERVICES (Non Microsoft et non désactivés) (19) - 2s
O23 - Service: BaisvikSoftware Suite Service (BaisvikSoftware Suite Service) . (.Baisvik - BaisvikSoftware Suite Service.) - C:\Program Files (x86)\BaisvikSoftware\SuiteService.exe {7F8276BC4AA97E8E49FBED6A595376F0}
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe =>.Apple Inc.®
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: @oem45.inf,%hpservice_desc%;HP Service (hpsrv) . (.HP - HP Service.) - C:\Windows\System32\Hpservice.exe =>.HP
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.HP Inc. - HP Support Solutions Framework Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe =>.HP Inc.®
O23 - Service: HPWMISVC (HPWMISVC) . (.HP Inc. - HP WMI Service.) - C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe =>.Hewlett-Packard Company®
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation
O23 - Service: Malwarebytes Service (MBAMService) . (.Malwarebytes - Malwarebytes Service.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe =>.Malwarebytes
O23 - Service: medERP (medERP) . (.Apache Software Foundation - Commons Daemon Service Runner.) - c:\mederp_server\bin\tomcat7.exe =>.Apache Software Foundation
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe =>.Nero AG®
O23 - Service: (Net Driver HPZ12) . (.Hewlett-Packard - Dot4Net Module.) - C:\Windows\System32\HPZinw12.dll =>.Hewlett-Packard
O23 - Service: NitroPDFDriverCreatorReadSpool10 (NitroDriverReadSpool10) . (.Nitro PDF Software - Nitro PDF Spool Service.) - C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe =>.Nitro Software, Inc.®
O23 - Service: NitroUpdateService (NitroUpdateService) . (...) - C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe =>.Nitro Software, Inc.®
O23 - Service: (Pml Driver HPZ12) . (.Hewlett-Packard - PmlDrv Module.) - C:\Windows\System32\HPZipm12.dll =>.Hewlett-Packard
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp.®
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe =>.Samsung Electronics CO., LTD.®
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
O23 - Service: TCPSvc (TCPSvc) . (...) - C:\Users\eric\AppData\Local\Temp\csrss\proxy\Tor\tor.exe =>Trojan.ProxyAgent
O23 - Service: Unsigned Themes (UnsignedThemes) . (.The Within Network, LLC - Unsigned Themes service executable.) - C:\Windows\unsignedthemes.exe =>.The Within Network, LLC®

---\\ SERVICES NON MICROSOFT (SR=Démarré,SS=Stoppé) (28) - 10s
SS - Demand [20/01/2018] [ 272384] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SS - Demand [01/05/2016] [ 875616] BaiduPinyin Updater (BaiduPinyinUpdater) . (.Baidu, Inc..) - C:\Program Files (x86)\Baidu\BaiduPinyinUpdate\bdupdate.exe =>.Baidu (China) Co., Ltd.®
SR - Auto [22/01/2015] [ 1283128] BaisvikSoftware Suite Service (BaisvikSoftware Suite Service) . (.Baisvik.) - C:\Program Files (x86)\BaisvikSoftware\SuiteService.exe {7F8276BC4AA97E8E49FBED6A595376F0}
SR - Auto [12/12/2008] [ 238888] Service Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe =>.Apple Inc.®
SS - Demand [03/09/2015] [ 293272] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation - pGFX®
SS - Auto [27/08/2016] [ 153752] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [27/08/2016] [ 153752] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [28/04/2015] [ 1102472] HP Software Framework Service (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe =>.Hewlett-Packard Company®
SR - Auto [12/10/2016] [ 38728] @oem45.inf,%hpservice_desc%;HP Service (hpsrv) . (.HP.) - C:\Windows\System32\Hpservice.exe =>.HP Inc.®
SR - Auto [21/11/2017] [ 332144] HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.HP Inc..) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe =>.HP Inc.®
SR - Auto [18/04/2016] [ 606224] HPWMISVC (HPWMISVC) . (.HP Inc..) - C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe =>.Hewlett-Packard Company®
SS - Demand [22/10/2004] [ 73728] InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe =>.Macrovision Corporation
SR - Auto [03/09/2015] [ 359848] Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation - pGFX®
SS - Demand [25/11/2015] [ 3020440] Intel(R) Biometric and Context Agent Service (IntelBCAsvc) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BCA\pabeSvc64.exe =>.Intel(R) Biometric and Context Agent®
SR - Auto [07/08/2017] [ 6058960] Malwarebytes Service (MBAMService) . (.Malwarebytes.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe =>.Malwarebytes
SR - Auto [04/12/2012] [ 77312] medERP (medERP) . (.Apache Software Foundation.) - c:\mederp_server\bin\tomcat7.exe =>.Apache Software Foundation
SR - Auto [14/09/2016] [ 805752] @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe =>.Nero AG®
SR - Auto [31/07/2012] [ 50688] (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\HPZinw12.dll =>.Hewlett-Packard
SR - Auto [06/05/2015] [ 324760] NitroPDFDriverCreatorReadSpool10 (NitroDriverReadSpool10) . (.Nitro PDF Software.) - C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe =>.Nitro Software, Inc.®
SR - Auto [06/05/2015] [ 418968] NitroUpdateService (NitroUpdateService) . (...) - C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe =>.Nitro Software, Inc.®
SR - Auto [31/07/2012] [ 66048] (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\HPZipm12.dll =>.Hewlett-Packard
SR - Auto [23/03/2017] [ 324608] Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp.®
SR - Auto [08/01/2016] [ 754784] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe =>.Samsung Electronics CO., LTD.®
SR - Auto [17/02/2017] [ 278624] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
SS - Auto [18/09/2017] [ 3282432] TCPSvc (TCPSvc) . (...) - C:\Users\eric\AppData\Local\Temp\csrss\proxy\Tor\tor.exe =>Trojan.ProxyAgent
SS - Demand [21/04/2016] [ 874784] Intel Security True Key (TrueKey) . (.McAfee, Inc..) - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe =>.McAfee, Inc.®
SS - Demand [21/04/2016] [ 15736] Intel Security True Key Scheduler (TrueKeyScheduler) . (.McAfee, Inc..) - C:\Program Files\TrueKey\McTkSchedulerService.exe =>.McAfee, Inc.®
SR - Auto [28/02/2015] [ 22184] Unsigned Themes (UnsignedThemes) . (.The Within Network, LLC.) - C:\Windows\unsignedthemes.exe =>.The Within Network, LLC®

---\\ APPLICATIONS LANCÉES AU DÉMARRAGE DU SYSTÈME (19) - 3s
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp.®
O4 - HKCU\..\Run: [Free Download Manager] . (.FreeDownloadManager.org - Free Download Manager.) -- C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe =>.Softdeluxe Ltd.®
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - HKCU\..\Run: [LCYVPKKQRM.exe] . (...) -- C:\Users\eric\AppData\Local\Temp\KNWJUOJDUG\LCYVPKKQRM.exe
O4 - HKCU\..\Run: [8TWeFR2T.exe] . (...) -- C:\Users\eric\AppData\Roaming\af688c2fb64e4f05a7eadcc4857dc524\8TWeFR2T.exe
O4 - HKCU\..\Run: [jGjlY92aj2JZ.exe] . (...) -- C:\ProgramData\b945d8214d7047bd89ea300fbaf0006d\jGjlY92aj2JZ.exe
O4 - HKLM\..\Wow6432Node\Run: [HPMessageService] . (.HP Inc. - HP Message Service.) -- C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe =>.Hewlett-Packard Company®
O4 - HKLM\..\Wow6432Node\Run: [PWRISOVM.EXE] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE =>.Power Software Limited®
O4 - HKLM\..\Wow6432Node\Run: [AccelerometerSysTrayApplet] . (.Hewlett-Packard Company - Hp Accelerometer System Tray.) -- C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe =>.Hewlett-Packard®
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.®
O4 - HKUS\.DEFAULT\..\Run: [Free Download Manager] . (.FreeDownloadManager.org - Free Download Manager.) -- C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe =>.Softdeluxe Ltd.®
O4 - HKUS\S-1-5-18\..\Run: [Free Download Manager] . (.FreeDownloadManager.org - Free Download Manager.) -- C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe =>.Softdeluxe Ltd.®
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-21-4040018575-2137455487-4043523077-1001\..\Run: [Free Download Manager] . (.FreeDownloadManager.org - Free Download Manager.) -- C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe =>.Softdeluxe Ltd.®
O4 - HKUS\S-1-5-21-4040018575-2137455487-4043523077-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - HKUS\S-1-5-21-4040018575-2137455487-4043523077-1001\..\Run: [LCYVPKKQRM.exe] . (...) -- C:\Users\eric\AppData\Local\Temp\KNWJUOJDUG\LCYVPKKQRM.exe
O4 - HKUS\S-1-5-21-4040018575-2137455487-4043523077-1001\..\Run: [8TWeFR2T.exe] . (...) -- C:\Users\eric\AppData\Roaming\af688c2fb64e4f05a7eadcc4857dc524\8TWeFR2T.exe
O4 - HKUS\S-1-5-21-4040018575-2137455487-4043523077-1001\..\Run: [jGjlY92aj2JZ.exe] . (...) -- C:\ProgramData\b945d8214d7047bd89ea300fbaf0006d\jGjlY92aj2JZ.exe

---\\ PROCESSUS LANCÉS (52) - 5s
[MD5.00000000000000000000000000000000] - (.Intel Corporation - igfxCUIService Module.) -- C:\Windows\system32\igfxCUIService.exe [0] [PID.1824] =>.Intel Corporation
[MD5.F36DD115FE04B19F00CD9F50F16C34A3] - (.FreeDownloadManager.org - Free Download Manager Edge Integration Modu.) -- C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [895688] [PID.2024] =>.Softdeluxe Ltd.®
[MD5.5D5FC880C46C1F08D72464250C8B0D70] - (.The Within Network, LLC - Unsigned Themes service executable.) -- C:\Windows\unsignedthemes.exe [22184] [PID.1208] =>.The Within Network, LLC®
[MD5.00000000000000000000000000000000] - (.HP - HP Service.) -- C:\Windows\system32\Hpservice.exe [0] [PID.2316] =>.HP
[MD5.418FD5B763CDDE28317354F2E69B4AEA] - (.Realtek Semiconductor - Realtek Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608] [PID.2384] =>.Realtek Semiconductor Corp.®
[MD5.CD316DA7C3203FE967CCF2D4AEF5E2BD] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1484288] [PID.3136] =>.Realtek Semiconductor Corp.®
[MD5.CD316DA7C3203FE967CCF2D4AEF5E2BD] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1484288] [PID.3152] =>.Realtek Semiconductor Corp.®
[MD5.3F56903E124E820AEECE6D471583C6C1] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe [238888] [PID.3864] =>.Apple Inc.®
[MD5.BEDB1D0D52D3DE3ECC57DC23FD642812] - (.Baisvik - BaisvikSoftware Suite Service.) -- C:\Program Files (x86)\BaisvikSoftware\SuiteService.exe [1283128] [PID.3872] {7F8276BC4AA97E8E49FBED6A595376F0}
[MD5.7109608928D8AB470D60F47BAD5D153A] - (.HP Inc. - HP WMI Service.) -- C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224] [PID.3888] =>.Hewlett-Packard Company®
[MD5.49E537FF704C813D5223127E7BCBAE73] - (.Apache Software Foundation - Commons Daemon Service Runner.) -- c:\mederp_server\bin\tomcat7.exe [77312] [PID.3976] =>.Apache Software Foundation
[MD5.91D3BCA53A7E6CC61AE81F8EB556D885] - (.Nitro PDF Software - Nitro PDF Spool Service.) -- c:\program files\Nitro\Pro 10\nitropdfdriverservice10x64.exe [324760] [PID.4012] =>.Nitro Software, Inc.®
[MD5.A6DF138E66DA14BBDFDB60C81E687A4E] - (...) -- c:\program files\Nitro\Pro 10\nitro_updateservice.exe [418968] [PID.4020] =>.Nitro Software, Inc.®
[MD5.7DB9E612A2742ACEAB080B882E83141C] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) -- C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784] [PID.3364] =>.Samsung Electronics CO., LTD.®
[MD5.B3EC5C1D780CF7AE812D0A17FABC8977] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278624] [PID.3348] =>.Synaptics Incorporated®
[MD5.2B1BFDDF72F85CDA229D5BB9B0C8A6FD] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4395616] [PID.6876] =>.Synaptics Incorporated®
[MD5.A4900738714F1ADADFC8D53B45D815E5] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [228960] [PID.3004] =>.Synaptics Incorporated®
[MD5.00000000000000000000000000000000] - (.Intel Corporation - igfxEM Module.) -- C:\Windows\system32\igfxEM.exe [0] [PID.5796] =>.Intel Corporation
[MD5.00000000000000000000000000000000] - (.Intel Corporation - igfxHK Module.) -- C:\Windows\system32\igfxHK.exe [0] [PID.6464] =>.Intel Corporation
[MD5.00000000000000000000000000000000] - (...) -- C:\Windows\system32\igfxTray.exe [0] [PID.2968] =>.Intel Corporation
[MD5.FAA63CB8CF83CA54E81C91CAF695CC42] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9209856] [PID.6460] =>.Realtek Semiconductor Corp.®
[MD5.394FEE16DBC87F0CE4388EB9260EF60B] - (...) -- C:\Users\eric\AppData\Local\Temp\KNWJUOJDUG\LCYVPKKQRM.exe [527872] [PID.1852]
[MD5.CE900E596D3C28A35B0F724F40730D3B] - (...) -- C:\Users\eric\AppData\Roaming\af688c2fb64e4f05a7eadcc4857dc524\8TWeFR2T.exe [110080] [PID.8036]
[MD5.394FEE16DBC87F0CE4388EB9260EF60B] - (...) -- C:\ProgramData\b945d8214d7047bd89ea300fbaf0006d\jGjlY92aj2JZ.exe [527872] [PID.8052]
[MD5.2C8D607BF6C02FA761EEF97D5F321D70] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288] [PID.2536] =>.Oracle America, Inc.®
[MD5.BB15D361B629F50680894BFE78047D59] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664] [PID.8100] =>.Google Inc®
[MD5.517DF0B5228DBA34D8A81DE3B14F5EBA] - (.HP Inc. - HP Support Solutions Framework Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144] [PID.9308] =>.HP Inc.®
[MD5.BB15D361B629F50680894BFE78047D59] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664] [PID.9392] =>.Google Inc®
[MD5.BB15D361B629F50680894BFE78047D59] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664] [PID.9468] =>.Google Inc®
[MD5.BB15D361B629F50680894BFE78047D59] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664] [PID.9596] =>.Google Inc®
[MD5.BB15D361B629F50680894BFE78047D59] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664] [PID.9688] =>.Google Inc®
[MD5.BB15D361B629F50680894BFE78047D59] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664] [PID.9724] =>.Google Inc®
[MD5.BB15D361B629F50680894BFE78047D59] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664] [PID.9748] =>.Google Inc®
[MD5.BB15D361B629F50680894BFE78047D59] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664] [PID.9768] =>.Google Inc®
[MD5.BB15D361B629F50680894BFE78047D59] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664] [PID.9844] =>.Google Inc®
[MD5.BB15D361B629F50680894BFE78047D59] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664] [PID.9852] =>.Google Inc®
[MD5.BB15D361B629F50680894BFE78047D59] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664] [PID.10236] =>.Google Inc®
[MD5.5A472609EB207FE80F6A4F159BB5215C] - (...) -- C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\browsernativehost.exe [996552] [PID.9484] =>.Softdeluxe Ltd.®
[MD5.BB15D361B629F50680894BFE78047D59] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664] [PID.10256] =>.Google Inc®
[MD5.900236357482B00944826354EEC6B93F] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe [288848] [PID.10364] =>.Google Inc®
[MD5.F107219B133E7E574DA052C5C88FFBF3] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe [366672] [PID.10404] =>.Google Inc®
[MD5.91E9CC8C6EB89F9DFDBD03B9F631AB97] - (...) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe [86528] [PID.11092] =>.Skype Technologies
[MD5.003DDE9E91D324DDD86F11BF580FD627] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [805752] [PID.11992] =>.Nero AG®
[MD5.BB15D361B629F50680894BFE78047D59] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664] [PID.12860] =>.Google Inc®
[MD5.4495477630B896675F49B7AA4EAA3F2D] - (.Apowersoft - Apowersoft Online Launcher.) -- C:\Users\eric\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe [584344] [PID.4356] =>.Apowersoft Ltd®
[MD5.FEAF4E98C93BC3512B8108D2F534A3BA] - (.Malwarebytes - Malwarebytes Service.) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960] [PID.10796] =>.Malwarebytes
[MD5.B0AE8028D14B5179B9FE4F167F64ED4E] - (.FreeDownloadManager.org - Free Download Manager.) -- C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10182344] [PID.7072] =>.Softdeluxe Ltd.®
[MD5.BB15D361B629F50680894BFE78047D59] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664] [PID.4816] =>.Google Inc®
[MD5.BB15D361B629F50680894BFE78047D59] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664] [PID.9332] =>.Google Inc®
[MD5.BB15D361B629F50680894BFE78047D59] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664] [PID.9720] =>.Google Inc®
[MD5.DB52BE842130E07CD6F167108C510981] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\eric\Downloads\ZHPDiag3 (1).exe [3016064] [PID.7036] =>.Nicolas Coolman
[MD5.BB15D361B629F50680894BFE78047D59] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664] [PID.12164] =>.Google Inc®

---\\ CHROME, Démarrage, Recherche, Extensions (32) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://tpc.googlesyndication.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google-analytics.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ythdqualities.oneted.de
G0 - GCSP: Preferences [User Data\Default][HomePage] http://adservice.google.cm =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://adservice.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://s2.googleusercontent.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://securepubads.g.doubleclick.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.google-analytics.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.cm =>.Google Inc.
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://searchinterneat-a.akamaihd.net/ =>.SUP.AkamaiHD
G2 - GCE: Preference [eric][User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] =>.Google Inc. {Slides}
G2 - GCE: Preference [eric][User Data\Default] [ahmpjcflkgiildlgicmcieglgoilbfdp] =>.Free Download Manager
G2 - GCE: Preference [eric][User Data\Default] [akjbfncbadcmnkopckegnmjgihagponf] HD for YouTube™ =>.DingoSolutions
G2 - GCE: Preference [eric][User Data\Default] [aohghmighlieiainnegkcijnfilokake] =>.Google Inc. {Docs}
G2 - GCE: Preference [eric][User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] http://drive.google.com/ =>.Google Inc. {Drive}
G2 - GCE: Preference [eric][User Data\Default] [bgnkhhnnamicmpeenaelnjfhikgbkllg] Performix LLC =>.adguard.com {AdBlocker}
G2 - GCE: Preference [eric][User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] http://www.youtube.com =>.Youtube {Youtube}
G2 - GCE: Preference [eric][User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb] eyeo GmbH =>.eyeo GmbH {AdBlock Plus}
G2 - GCE: Preference [eric][User Data\Default] [fdjamakpfbbddfjaooikfcpapjohcfmg] Dashlane =>.Dashlane, Inc
G2 - GCE: Preference [eric][User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] =>.Google Inc. {Sheets}
G2 - GCE: Preference [eric][User Data\Default] [fmfiejlelblhoaflnjajjjjkkgbeifpn] uTorrent easy client
G2 - GCE: Preference [eric][User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [eric][User Data\Default] [hgocelbnbdmphccojflbhmfoiejfjjlk] http://atavi.com/
G2 - GCE: Preference [eric][User Data\Default] [jpchabeoojaflbaajmjhfcfiknckabpo] =>.Cifonomag {Atavi}
G2 - GCE: Preference [eric][User Data\Default] [libedajeiljdoodmokbppgapcfbignci] SoundCloud Downloader
G2 - GCE: Preference [eric][User Data\Default] [lmjnegcaeklhafolokijcfjliaokphfk] Video DownloadHelper =>.Downloadhelper.net
G2 - GCE: Preference [eric][User Data\Default] [mciiogijehkdemklbdcbfkefimifhecn]
G2 - GCE: Preference [eric][User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module =>.IDM Computer Solutions, Inc.
G2 - GCE: Preference [eric][User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}
G2 - GCE: Preference [eric][User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] http://mail.google.com/ =>.Google Inc. {Gmail}
G2 - GCE: Preference [eric][User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.

---\\ FIREFOX, Plugins,Démarrage,Recherche,Extensions (4) - 1s
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll =>.Adobe Systems Incorporated
P2 - FPN: [HKLM] [@baidu.com/BaiduExpert-npplugin] - (.百度在线网络技术（北京）有限公司.) -- C:\Users\eric\AppData\Roaming\Baidu\BDWebAdapter\3.0.359.0\npBDExNP.dll
P2 - FPN: [HKLM] [@microsoft.com/Lync,version=15.0] - (.Microsoft.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll =>.Microsoft
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect] - (...) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

---\\ INTERNET EXPLORER,Démarrage,Recherche,URLSearchHook (19) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyryeqqao2txtgptboxpbnaukw3gsz7dumyk6gyfg3omad4l-xhtqnsvm29zjl8stvufnikjjrjfk6zrjujrbpgorg2by-usevtyrtky9cq_i-9-1jmmnhdjhb5elprtgtg7yeycgmkpargrpcf2qsvmlxhgpgys24f2rrgsnjyprveipedixziw8e0klmdq8,&q={searchterms} =>.SUP.Linkury
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyryeqqao2txtgptboxpbnaukw3gsz7dumyk6gyfg3omad4l-xhtqnsvm29zjl8stvufnikjjrjfk6zrjujrbpgorg2by-usevtyrtky9cq_i-9-1jmmnhdjhb5elprtgtg7yeycgmkpargrpcf2qsvmlxhgpgys24f2rrgsnjyprveipedixziw8e0klmdq8,&q={searchterms} =>.SUP.Linkury
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://%66%65%65%64.%68%65%6c%70%65%72%62%61%72.%63%6f%6d/?p=mko_awfzxipyryeqqao2txtgptboxpbnaukw3gsz7dumyk6gyfg3omad4l-xhtqnsvm29zjl8stvufnikjjrjfk6zrjujrbpgorg2by-usevtyrtky9cq_i-9-1jmmnhdjhb5elprtgtg7yeycgmkpargrpcf2qsvmlxhgpgys24f2rrgsnjyprveipedixziw8e0klmdq8,&q={searchterms} =>.SUP.Linkury
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKEY_USERS\S-1-5-21-4040018575-2137455487-4043523077-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve =>.Microsoft Corporation
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.15063.608 (WinBuild.160101.0800)) -- C:\Windows\System32\ieframe.dll =>.Microsoft Corporation

---\\ MICROSOFT EDGE, Plugin,Favoris,Démarrage,Recherche,Extension (1) - 0s
E0 - Microsoft Edge: HKU\S-1-5-21-4040018575-2137455487-4043523077-1001\HomeButtonPage = http://www.yandex.ru/

---\\ INTERNET EXPLORER,Proxy Management (8) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.7.1:8080
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [1192.168.7.1:8080]

---\\ INTERNET EXPLORER,IniFiles, Autoloading Programs (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=

---\\ ÉTUDE DU FICHIER HOSTS (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (33)

---\\ BROWSER HELPER OBJECT DE NAVIGATEUR (BHO) (9) - 0s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll =>.Tonec Inc.®
O2 - BHO: (no name) [64Bits] - {13D67BB7-DB5F-48AA-884D-7A5D94168509} (.Orphan.)
O2 - BHO: (no name) [64Bits] - {3049C3E9-B461-4BC5-8870-4C09146192CA} (.Orphan.)
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\OCHelper.dll =>.Microsoft Corporation®
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll =>.Oracle America, Inc.®
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL =>.Microsoft Corporation®
O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft SkyDrive Pro Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll =>.Oracle America, Inc.®
O2 - BHO: HP Network Check Helper [64Bits] - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.HP Inc. - HP Network Check IE Plug-in.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll =>.Hewlett-Packard Company®

---\\ RACCOURCIS GLOBAL STARTUP (120) - 16s
O4 - GS\Desktop [Administrateur]: AAA Logo.lnk . (.Copyright (C) 2013 SWGSoft - jeta-aaalogo.) C:\Program Files (x86)\AAALOGO\alogo.exe
O4 - GS\Desktop [Administrateur]: CVitae 5.lnk . (...) C:\Users\eric\AppData\Roaming\Microsoft\Installer\{5988C473-7D71-4B59-857B-8DA5C701FBFF}\_0844F546BD9789DAA2ED62.exe
O4 - GS\Desktop [Administrateur]: FlashBoot.lnk . (.Copyright (C) 2005-2013 Mikhail Kupchik - FlashBoot GUI Application.) C:\Program Files\FlashBoot\fb-gui.exe
O4 - GS\Desktop [Administrateur]: Format Factory.lnk . (.Free Time Co., Ltd. - FormatFactory.) C:\Program Files (x86)\FormatFactory\FormatFactory.exe =>.Free Time Co., Ltd.®
O4 - GS\Desktop [Administrateur]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [Administrateur]: Jargon Informatique.lnk . (...) C:\Program Files (x86)\Jargon Informatique\jargoninformatique.exe
O4 - GS\Desktop [Administrateur]: Messenger.lnk . (...) C:\Program Files (x86)\Messenger for Desktop\Messenger.exe
O4 - GS\Desktop [Administrateur]: Sparkle.lnk . (...) C:\Program Files (x86)\Sparkle\sparkle.exe
O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\eric\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrateur]: AAA Logo.lnk . (.Copyright (C) 2013 SWGSoft - jeta-aaalogo.) C:\Program Files (x86)\AAALOGO\alogo.exe
O4 - GS\Quicklaunch [Administrateur]: Free Download Manager 5.lnk . (.FreeDownloadManager.org - Free Download Manager.) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe =>.Softdeluxe Ltd.®
O4 - GS\Quicklaunch [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [Administrateur]: Destinataire de télécopie.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrateur]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrateur]: Format Factory.lnk . (.Free Time Co., Ltd. - FormatFactory.) C:\Program Files (x86)\FormatFactory\FormatFactory.exe =>.Free Time Co., Ltd.®
O4 - GS\sendTo [Administrateur]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Administrateur]: Adobe Dreamweaver CC.lnk . (.Adobe Systems, Inc. - Adobe Dreamweaver CC.) C:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Dreamweaver.exe =>.Adobe Systems Incorporated®
O4 - GS\TaskBar [Administrateur]: Adobe Photoshop CS6 Portable.lnk . (.PortableAppZ.blogspot.com - Adobe Photoshop CS6 Portable.) F:\PhotoshopPortable\PhotoshopCS6Portable.exe =>.PortableAppZ.blogspot.com
O4 - GS\TaskBar [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [Administrateur]: PowerAMC.lnk . (...) C:\Program Files (x86)\Sybase\PowerAMC 15\amcshll15.exe
O4 - GS\TaskBar [Administrateur]: RevoUPort (2).lnk . (.VS Revo Group - .) C:\Users\eric\Downloads\RevoUninstaller_Portable\RevoUninstaller_Portable\RevoUPort.exe =>.VS Revo Group®
O4 - GS\TaskBar [Administrateur]: Sublime Text 3.lnk . (.Copyright (C) 2006 - 2016 Sublime HQ Pty Ltd - Sublime Text.) C:\Program Files\Sublime Text 3\sublime_text.exe =>.Sublime HQ Pty Ltd®
O4 - GS\TaskBar [Administrateur]: Word 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrateur]: Fonctionnalités optionnelles.lnk . (.Microsoft Corporation - Assistance des fonctionnalités à la demande.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [Administrateur]: Messenger.lnk . (...) C:\Program Files (x86)\Messenger for Desktop\Messenger.exe
O4 - GS\Programs [Administrateur]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\eric\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrateur]: Uninstall Messenger for Desktop.lnk . (...) C:\Program Files (x86)\Messenger for Desktop\Uninstall Messenger for Desktop.exe
O4 - GS\Desktop [eric]: AAA Logo.lnk . (.Copyright (C) 2013 SWGSoft - jeta-aaalogo.) C:\Program Files (x86)\AAALOGO\alogo.exe
O4 - GS\Desktop [eric]: CVitae 5.lnk . (...) C:\Users\eric\AppData\Roaming\Microsoft\Installer\{5988C473-7D71-4B59-857B-8DA5C701FBFF}\_0844F546BD9789DAA2ED62.exe
O4 - GS\Desktop [eric]: FlashBoot.lnk . (.Copyright (C) 2005-2013 Mikhail Kupchik - FlashBoot GUI Application.) C:\Program Files\FlashBoot\fb-gui.exe
O4 - GS\Desktop [eric]: Format Factory.lnk . (.Free Time Co., Ltd. - FormatFactory.) C:\Program Files (x86)\FormatFactory\FormatFactory.exe =>.Free Time Co., Ltd.®
O4 - GS\Desktop [eric]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [eric]: Jargon Informatique.lnk . (...) C:\Program Files (x86)\Jargon Informatique\jargoninformatique.exe
O4 - GS\Desktop [eric]: Messenger.lnk . (...) C:\Program Files (x86)\Messenger for Desktop\Messenger.exe
O4 - GS\Desktop [eric]: Sparkle.lnk . (...) C:\Program Files (x86)\Sparkle\sparkle.exe
O4 - GS\Desktop [eric]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\eric\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [eric]: AAA Logo.lnk . (.Copyright (C) 2013 SWGSoft - jeta-aaalogo.) C:\Program Files (x86)\AAALOGO\alogo.exe
O4 - GS\Quicklaunch [eric]: Free Download Manager 5.lnk . (.FreeDownloadManager.org - Free Download Manager.) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe =>.Softdeluxe Ltd.®
O4 - GS\Quicklaunch [eric]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [eric]: Destinataire de télécopie.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [eric]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [eric]: Format Factory.lnk . (.Free Time Co., Ltd. - FormatFactory.) C:\Program Files (x86)\FormatFactory\FormatFactory.exe =>.Free Time Co., Ltd.®
O4 - GS\sendTo [eric]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [eric]: Adobe Dreamweaver CC.lnk . (.Adobe Systems, Inc. - Adobe Dreamweaver CC.) C:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Dreamweaver.exe =>.Adobe Systems Incorporated®
O4 - GS\TaskBar [eric]: Adobe Photoshop CS6 Portable.lnk . (.PortableAppZ.blogspot.com - Adobe Photoshop CS6 Portable.) F:\PhotoshopPortable\PhotoshopCS6Portable.exe =>.PortableAppZ.blogspot.com
O4 - GS\TaskBar [eric]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [eric]: PowerAMC.lnk . (...) C:\Program Files (x86)\Sybase\PowerAMC 15\amcshll15.exe
O4 - GS\TaskBar [eric]: RevoUPort (2).lnk . (.VS Revo Group - .) C:\Users\eric\Downloads\RevoUninstaller_Portable\RevoUninstaller_Portable\RevoUPort.exe =>.VS Revo Group®
O4 - GS\TaskBar [eric]: Sublime Text 3.lnk . (.Copyright (C) 2006 - 2016 Sublime HQ Pty Ltd - Sublime Text.) C:\Program Files\Sublime Text 3\sublime_text.exe =>.Sublime HQ Pty Ltd®
O4 - GS\TaskBar [eric]: Word 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation®
O4 - GS\Programs [eric]: Fonctionnalités optionnelles.lnk . (.Microsoft Corporation - Assistance des fonctionnalités à la demande.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [eric]: Messenger.lnk . (...) C:\Program Files (x86)\Messenger for Desktop\Messenger.exe
O4 - GS\Programs [eric]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\eric\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [eric]: Uninstall Messenger for Desktop.lnk . (...) C:\Program Files (x86)\Messenger for Desktop\Uninstall Messenger for Desktop.exe
O4 - GS\Desktop [openpgsvc]: AAA Logo.lnk . (.Copyright (C) 2013 SWGSoft - jeta-aaalogo.) C:\Program Files (x86)\AAALOGO\alogo.exe
O4 - GS\Desktop [openpgsvc]: CVitae 5.lnk . (...) C:\Users\eric\AppData\Roaming\Microsoft\Installer\{5988C473-7D71-4B59-857B-8DA5C701FBFF}\_0844F546BD9789DAA2ED62.exe
O4 - GS\Desktop [openpgsvc]: FlashBoot.lnk . (.Copyright (C) 2005-2013 Mikhail Kupchik - FlashBoot GUI Application.) C:\Program Files\FlashBoot\fb-gui.exe
O4 - GS\Desktop [openpgsvc]: Format Factory.lnk . (.Free Time Co., Ltd. - FormatFactory.) C:\Program Files (x86)\FormatFactory\FormatFactory.exe =>.Free Time Co., Ltd.®
O4 - GS\Desktop [openpgsvc]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [openpgsvc]: Jargon Informatique.lnk . (...) C:\Program Files (x86)\Jargon Informatique\jargoninformatique.exe
O4 - GS\Desktop [openpgsvc]: Messenger.lnk . (...) C:\Program Files (x86)\Messenger for Desktop\Messenger.exe
O4 - GS\Desktop [openpgsvc]: Sparkle.lnk . (...) C:\Program Files (x86)\Sparkle\sparkle.exe
O4 - GS\Desktop [openpgsvc]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\eric\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [openpgsvc]: AAA Logo.lnk . (.Copyright (C) 2013 SWGSoft - jeta-aaalogo.) C:\Program Files (x86)\AAALOGO\alogo.exe
O4 - GS\Quicklaunch [openpgsvc]: Free Download Manager 5.lnk . (.FreeDownloadManager.org - Free Download Manager.) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe =>.Softdeluxe Ltd.®
O4 - GS\Quicklaunch [openpgsvc]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [openpgsvc]: Destinataire de télécopie.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [openpgsvc]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [openpgsvc]: Format Factory.lnk . (.Free Time Co., Ltd. - FormatFactory.) C:\Program Files (x86)\FormatFactory\FormatFactory.exe =>.Free Time Co., Ltd.®
O4 - GS\sendTo [openpgsvc]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [openpgsvc]: Adobe Dreamweaver CC.lnk . (.Adobe Systems, Inc. - Adobe Dreamweaver CC.) C:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Dreamweaver.exe =>.Adobe Systems Incorporated®
O4 - GS\TaskBar [openpgsvc]: Adobe Photoshop CS6 Portable.lnk . (.PortableAppZ.blogspot.com - Adobe Photoshop CS6 Portable.) F:\PhotoshopPortable\PhotoshopCS6Portable.exe =>.PortableAppZ.blogspot.com
O4 - GS\TaskBar [openpgsvc]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [openpgsvc]: PowerAMC.lnk . (...) C:\Program Files (x86)\Sybase\PowerAMC 15\amcshll15.exe
O4 - GS\TaskBar [openpgsvc]: RevoUPort (2).lnk . (.VS Revo Group - .) C:\Users\eric\Downloads\RevoUninstaller_Portable\RevoUninstaller_Portable\RevoUPort.exe =>.VS Revo Group®
O4 - GS\TaskBar [openpgsvc]: Sublime Text 3.lnk . (.Copyright (C) 2006 - 2016 Sublime HQ Pty Ltd - Sublime Text.) C:\Program Files\Sublime Text 3\sublime_text.exe =>.Sublime HQ Pty Ltd®
O4 - GS\TaskBar [openpgsvc]: Word 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation®
O4 - GS\Programs [openpgsvc]: Fonctionnalités optionnelles.lnk . (.Microsoft Corporation - Assistance des fonctionnalités à la demande.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [openpgsvc]: Messenger.lnk . (...) C:\Program Files (x86)\Messenger for Desktop\Messenger.exe
O4 - GS\Programs [openpgsvc]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\eric\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [openpgsvc]: Uninstall Messenger for Desktop.lnk . (...) C:\Program Files (x86)\Messenger for Desktop\Uninstall Messenger for Desktop.exe
O4 - GS\CommonDesktop [Public]: 38 Dictionnaires et Recueils de Correspondance.lnk . (.L'Aventure Multimedia - .) C:\Program Files (x86)\Micro Application\38 Dictionnaires et Recueils de Correspondance\LanceMediaDICO38.exe =>.L'Aventure Multimedia
O4 - GS\CommonDesktop [Public]: Free Download Manager 5.lnk . (.FreeDownloadManager.org - Free Download Manager.) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe =>.Softdeluxe Ltd.®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: HP Support Assistant.lnk . (.HP Inc. - HP Support Assistant.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /p 2 =>.HP Inc.®
O4 - GS\CommonDesktop [Public]: Intel(R) HD Graphics Control Panel.lnk . (.Intel Corporation - GFXUIEX Module.) C:\WINDOWS\system32\GfxUIEx.exe =>.Intel Corporation
O4 - GS\CommonDesktop [Public]: Malwarebytes.lnk . (.Malwarebytes - .) C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbam.exe =>.Malwarebytes
O4 - GS\CommonDesktop [Public]: Nitro Pro 10.lnk . (.Nitro PDF - .) C:\Program Files (x86)\Nitro\Pro 10\NitroPDF.exe =>.Nitro PDF
O4 - GS\CommonDesktop [Public]: PowerISO.lnk . (.Power Software Ltd - PowerISO.) C:\Program Files\PowerISO\PowerISO.exe =>.Power Software Ltd
O4 - GS\Programs [Public]: Fonctionnalités optionnelles.lnk . (.Microsoft Corporation - Assistance des fonctionnalités à la demande.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [Public]: Messenger.lnk . (...) C:\Program Files (x86)\Messenger for Desktop\Messenger.exe
O4 - GS\Programs [Public]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\eric\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: Uninstall Messenger for Desktop.lnk . (...) C:\Program Files (x86)\Messenger for Desktop\Uninstall Messenger for Desktop.exe
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\Windows\system32\quickassist.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Enregistreur d’actions.) C:\Windows\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Adobe Application Manager.lnk . (.Adobe Systems Incorporated - Adobe Application Manager.) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe --appletID=CCM_UI --appletVersion=1.0 --workflow=CCM_workflow_launch =>.Adobe Systems Incorporated®
O4 - GS\ProgramsCommon [Public]: Adobe Dreamweaver CC.lnk . (.Adobe Systems, Inc. - Adobe Dreamweaver CC.) C:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Dreamweaver.exe =>.Adobe Systems Incorporated®
O4 - GS\ProgramsCommon [Public]: Assistant Mise à niveau de Windows 10.lnk . (...) C:\Windows10Upgrade\Windows10UpgraderApp.exe
O4 - GS\ProgramsCommon [Public]: DTS Audio Control.lnk . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) C:\Windows\System32\rundll32.exe shell32.dll,Control_RunDLL RTSnMg64.cpl,, =>..Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Enregistrement OCR I.R.I.S..lnk . (...) C:\Program Files (x86)\HP\IrisOCR_12.3.4.0\regipe.exe
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\Windows\System32\Control.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Intel(R) HD Graphics Control Panel.lnk . (.Intel Corporation - GFXUIEX Module.) C:\WINDOWS\system32\GfxUIEx.exe =>.Intel Corporation
O4 - GS\ProgramsCommon [Public]: MiracastView.lnk . (.Microsoft Corporation - MiracastView.) C:\Windows\MiracastView\MiracastView.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: Nitro Pro 10.lnk . (.Nitro PDF - .) C:\Program Files (x86)\Nitro\Pro 10\NitroPDF.exe =>.Nitro PDF
O4 - GS\ProgramsCommon [Public]: PrintDialog.lnk . (.Microsoft Corporation - Print Dialog.) C:\Windows\PrintDialog\PrintDialog.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: Sublime Text 3.lnk . (.Copyright (C) 2006 - 2016 Sublime HQ Pty Ltd - Sublime Text.) C:\Program Files\Sublime Text 3\sublime_text.exe =>.Sublime HQ Pty Ltd®
O4 - GS\ProgramsCommon [Public]: True Key.lnk . (...) C:\Program Files\Intel Security\True Key\Application\truekey.exe --open-source=startmenu =>.McAfee, Inc.®
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation

---\\ MODIFICATION DOMAINE/ADRESSES (DNS) (8) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = eric
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = portdedouala.lan =>.Local Domain
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.194.1.2 192.168.20.150 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{6fa96e37-86a5-4d12-92ea-34505b7285a0}: DhcpNameServer = 192.168.42.129 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{942905e8-b196-46fd-8774-2f72973ad90e}: DhcpNameServer = 194.194.1.2 192.168.20.150 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{dce7f7f0-d520-4177-bdd6-2dccc73654c7}: DhcpNameServer = 194.194.1.2 192.168.20.150 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{942905e8-b196-46fd-8774-2f72973ad90e}: DhcpDomain = portdedouala.lan =>.Local Domain
O17 - HKLM\System\CCS\Services\Tcpip\..\{dce7f7f0-d520-4177-bdd6-2dccc73654c7}: DhcpDomain = portdedouala.lan =>.Local Domain

---\\ PROTOCOLE ADDITIONNEL (25) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: osf [64Bits] - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files\Microsoft Office\Office15\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL =>.Microsoft Corporation®

---\\ REGISTRE AppInit_DLLs et Winlogon Notify (1) - 0s
O20 - AppInit_DLLs: . (...) - C:\ProgramData\xifs\Dingjob.dll (.not file.)

---\\ LOGICIELS INSTALLÉS (120) - 27s
O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM][64Bits] -- {3138F992-045B-4F55-825C-53B231E647CA} =>.Hewlett-Packard
O42 - Logiciel: AAA Logo 2014 v4.11 FULL - (.SWGSoft.) [HKLM][64Bits] -- AAA Logo 2014_is1 =>.SWGSoft
O42 - Logiciel: Adobe Dreamweaver CC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {00E094E1-A852-11E2-803D-ACEA632352B4} =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 28 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Apowersoft Online Launcher version 1.7.0 - (.APOWERSOFT LIMITED.) [HKCU][64Bits] -- {20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1 =>.APOWERSOFT LIMITED
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {07287123-B8AC-41CE-8346-3D777245C35B} =>.Apple Inc.
O42 - Logiciel: CVitae 5 - (.Semantis.) [HKLM][64Bits] -- {5988C473-7D71-4B59-857B-8DA5C701FBFF} =>.Semantis
O42 - Logiciel: Driver Fixer - (.Baisvik.) [HKLM][64Bits] -- {4F679D8F-2F0A-46EE-BB8C-903E217CEC9E}
O42 - Logiciel: FlashBoot 2.2e - (.Mikhail Kupchik.) [HKLM][64Bits] -- FlashBoot_is1 =>.Mikhail Kupchik
O42 - Logiciel: FormatFactory 4.1.0.0 - (.Free Time.) [HKLM][64Bits] -- FormatFactory =>.Free Time
O42 - Logiciel: Free Download Manager - (.FreeDownloadManager.ORG.) [HKLM][64Bits] -- {43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1 =>.FreeDownloadManager.org
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: HP 3D DriveGuard - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A} =>.Hewlett-Packard Company
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {0CC8AE1D-F5AA-4143-8FAD-E017E0E9EE70} =>.Hewlett-Packard
O42 - Logiciel: HP PC Hardware Diagnostics UEFI - (.Hewlett-Packard.) [HKLM][64Bits] -- {924D3ABC-FC75-4042-9DDB-FB846A45848D} =>.Hewlett-Packard
O42 - Logiciel: HP Support Assistant - (.HP.) [HKLM][64Bits] -- {78E2C850-ADA6-420D-BA35-2F4A9BE733CC} =>.HP
O42 - Logiciel: HP Support Solutions Framework - (.HP.) [HKLM][64Bits] -- {EB72DB50-C935-4C26-8349-69828F198902} =>.HP
O42 - Logiciel: HP System Event Utility - (.HP Inc..) [HKLM][64Bits] -- {29E20347-C62F-4657-938E-876A182B67F1} =>.HP Inc.
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {912D30CF-F39E-4B31-AD9A-123C6B794EE2} =>.Hewlett-Packard
O42 - Logiciel: Intel Security True Key - (.Intel Security.) [HKLM][64Bits] -- TrueKey =>.McAfee, Inc.®
O42 - Logiciel: Intel(R) Biometric and Context Agent - (.Intel Corporation.) [HKLM][64Bits] -- {526002E5-7D5B-4703-A4E3-BA566AED5D8A} =>.Intel Corporation
O42 - Logiciel: Intel(R) Biometric and Context Agent Redistributables - (.Intel Corporation.) [HKLM][64Bits] -- {E6D505B9-1A18-4F67-9BE0-D37B5164D581} =>.Intel Corporation
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - pGFX®
O42 - Logiciel: Intel® RealSense™ SDK 2014 Runtime (x64): Core - (.Intel Corporation.) [HKLM][64Bits] -- {37D41A97-6B02-4C30-8753-85107BE1D674} =>.Intel Corporation
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager =>.Tonec Inc.®
O42 - Logiciel: Jargon Informatique - (.tuxfamily.org.) [HKLM][64Bits] -- Jargon Informatique =>.tuxfamily.org
O42 - Logiciel: Java 8 Update 161 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F32180161F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 161 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F64180161F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: Java SE Development Kit 7 Update 45 - (.Oracle.) [HKLM][64Bits] -- {32A3A4F4-B792-11D6-A78A-00B0D0170450} =>.Oracle
O42 - Logiciel: Java SE Development Kit 8 Update 141 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180141} =>.Oracle Corporation
O42 - Logiciel: Java SE Development Kit 8 Update 144 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180144} =>.Oracle Corporation
O42 - Logiciel: Java SE Development Kit 8 Update 45 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180450} =>.Oracle Corporation
O42 - Logiciel: Java SE Development Kit 8 Update 73 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180730} =>.Oracle Corporation
O42 - Logiciel: K-Lite Codec Pack 14.0.0 Full - (.KLCP.) [HKLM][64Bits] -- KLiteCodecPack_is1 =>.KLCP
O42 - Logiciel: KMSpico - (..) [HKLM][64Bits] -- {8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 =>HackTool.KMSpico
O42 - Logiciel: KMSpico v9.1.3 - (..) [HKLM][64Bits] -- KMSpico_is1 =>HackTool.KMSpico
O42 - Logiciel: Macromedia Extension Manager - (.Macromedia.) [HKLM][64Bits] -- {3C8C9FB3-5FDF-40B4-B314-EAD722728C76} =>.Macromedia
O42 - Logiciel: Malwarebytes version 3.2.2.2029 - (.Malwarebytes.) [HKLM][64Bits] -- {35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1 =>.Malwarebytes
O42 - Logiciel: Micro Application - 38 Dictionnaires et Recueils de Correspondance - (.Micro Application.) [HKLM][64Bits] -- {B410328C-0E8C-4DD2-9DB4-DE7766D0DFE0} =>.InstallShield Software Corporation®
O42 - Logiciel: Microsoft Access MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft DCF MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Excel MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {F2508213-9989-4E85-A078-72BE483917EF} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Games for Windows Marketplace - (.Microsoft Corporation.) [HKLM][64Bits] -- {4CB0307C-565E-4441-86BE-0DF2E4FB828C} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Groove MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft InfoPath MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Lync MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe =>.Microsoft Corporation®
O42 - Logiciel: Microsoft OneNote MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft PowerPoint MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Project MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00B4-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Project Professional 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-003B-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Project Professionnel 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- Office15.PRJPRO =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Publisher MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visio MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0054-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visio Professional 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0051-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visio Professionnel 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- Office15.VISPRO =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Word MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {D4BD27CF-BFBC-11E3-9B8F-F04DA23A5C58} =>.Sony Creative Software Inc.
O42 - Logiciel: Music Recorder - (.Nero AG.) [HKLM][64Bits] -- {94A4AE85-9F1D-4687-953F-38371C9D1A4F} =>.Nero AG
O42 - Logiciel: Nero 2017 - (.Nero AG.) [HKLM][64Bits] -- {6B81BDC4-3368-4898-8F16-48962F789221} =>.Nero AG
O42 - Logiciel: Nero 2017 Content Pack - (.Nero AG.) [HKLM][64Bits] -- {4E6D3A36-4558-466D-83CC-AE2DCAC06C53} =>.Nero AG
O42 - Logiciel: Nero Abstract Themes - (.Nero AG.) [HKLM][64Bits] -- {150D88F1-40AF-4678-A39D-BCE2332F34E5} =>.Nero AG
O42 - Logiciel: Nero Burning Core - (.Nero AG.) [HKLM][64Bits] -- {6DAEECA5-8208-47DA-82AA-6B653EC31B97} =>.Nero AG
O42 - Logiciel: Nero Burning ROM - (.Nero AG.) [HKLM][64Bits] -- {A4BF6CA6-18AB-4C1A-8E2E-FB9485149DC9} =>.Nero AG
O42 - Logiciel: Nero Cliparts - (.Nero AG.) [HKLM][64Bits] -- {29E2C1C6-D76A-41D3-980F-6E346AA9A6A8} =>.Nero AG
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63} =>.Nero AG
O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263} =>.Nero AG
O42 - Logiciel: Nero CoverDesigner - (.Nero AG.) [HKLM][64Bits] -- {D8CCA6A9-E0CA-4589-BA17-54C909B1C8B5} =>.Nero AG
O42 - Logiciel: Nero Device Updates - (.Nero AG.) [HKLM][64Bits] -- {521087D5-A9CC-4434-9206-FA011ABBDCF3} =>.Nero AG
O42 - Logiciel: Nero Disc Menus 1 - (.Nero AG.) [HKLM][64Bits] -- {EEBF1676-AF87-4266-93D8-0C14A34C4217} =>.Nero AG
O42 - Logiciel: Nero Disc Menus 2 - (.Nero AG.) [HKLM][64Bits] -- {FE81E6B5-652B-40E7-B3B2-7171C6F297DA} =>.Nero AG
O42 - Logiciel: Nero Disc Menus 3 - (.Nero AG.) [HKLM][64Bits] -- {CE675FBD-75C3-45F1-B6AF-8D250861D536} =>.Nero AG
O42 - Logiciel: Nero Disc Menus Basic - (.Nero AG.) [HKLM][64Bits] -- {E17BCB76-9924-4BD5-B6D6-50D3407B4E74} =>.Nero AG
O42 - Logiciel: Nero Disc to Device - (.Nero AG.) [HKLM][64Bits] -- {6E6D453B-AADE-4F14-97F6-9B464488BC53} =>.Nero AG
O42 - Logiciel: Nero Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {29F67D84-3A70-456E-806A-52301B02070B} =>.Nero AG
O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM][64Bits] -- {991572A1-F8B9-42E5-B485-A79724558A84} =>.Nero AG
O42 - Logiciel: Nero Family and Events Themes - (.Nero AG.) [HKLM][64Bits] -- {955BF340-C379-4375-AA2F-F3BCB2A498AB} =>.Nero AG
O42 - Logiciel: Nero Football (Soccer) Themes - (.Nero AG.) [HKLM][64Bits] -- {7BD7A4BF-EA64-4BFE-A9D3-3FDC9B6EFC23} =>.Nero AG
O42 - Logiciel: Nero Holiday and Sports Themes - (.Nero AG.) [HKLM][64Bits] -- {504D84ED-AE75-4F85-A68B-BB3D4CB3E169} =>.Nero AG
O42 - Logiciel: Nero Image Samples - (.Nero AG.) [HKLM][64Bits] -- {C4C6DF25-0E59-46EE-B24B-DF8749D8FF3A} =>.Nero AG
O42 - Logiciel: Nero Info - (.Nero AG.) [HKLM][64Bits] -- {F030BFE8-8476-4C08-A553-233DE80A2BE1} =>.Nero AG
O42 - Logiciel: Nero Kwik Themes Basic - (.Nero AG.) [HKLM][64Bits] -- {1B6F5E51-575E-4693-BCA2-7543570D076D} =>.Nero AG
O42 - Logiciel: Nero Launcher - (.Nero AG.) [HKLM][64Bits] -- {21916D21-F3DD-44F9-952B-FD122CBD1526} =>.Nero AG
O42 - Logiciel: Nero MediaHome - (.Nero AG.) [HKLM][64Bits] -- {DF4748D8-2FC2-4D51-87D0-95A81CCA962B} =>.Nero AG
O42 - Logiciel: Nero PiP Effects 1 - (.Nero AG.) [HKLM][64Bits] -- {4D25D881-7183-462F-95C8-990CA1944E0B} =>.Nero AG
O42 - Logiciel: Nero PiP Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {ACE49D50-19CD-44A6-B192-46F985283B26} =>.Nero AG
O42 - Logiciel: Nero Platinum Effects 12 - (.Nero AG.) [HKLM][64Bits] -- {8B5AD338-7ABC-4ECB-9C2C-687F84AEDDB1} =>.Nero AG
O42 - Logiciel: Nero Recode - (.Nero AG.) [HKLM][64Bits] -- {47C00502-CFAC-42D3-8019-D9C557AD49AD} =>.Nero AG
O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {D740FC18-FAB2-4DE1-A9F5-E7B81A578CCF} =>.Nero AG
O42 - Logiciel: Nero Retro Film Themes - (.Nero AG.) [HKLM][64Bits] -- {83A4E573-E2C2-46FB-9DA6-6A2BBBF5A588} =>.Nero AG
O42 - Logiciel: Nero SharedVideoCodecs - (.Nero AG.) [HKLM][64Bits] -- {2432E589-6256-4513-B0BF-EFA8E325D5F0} =>.Nero AG
O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A} =>.Nero AG
O42 - Logiciel: Nero Video - (.Nero AG.) [HKLM][64Bits] -- {EBFB4FEE-C2EB-4EE3-A832-DB850DE54F78} =>.Nero AG
O42 - Logiciel: Nero Video Samples - (.Nero AG.) [HKLM][64Bits] -- {05C6B128-1B40-4495-9CB9-090B368BFA0A} =>.Nero AG
O42 - Logiciel: Nero Video Transitions 1 - (.Nero AG.) [HKLM][64Bits] -- {22856BC3-F893-4CBF-95F2-E1F63CD2B1AB} =>.Nero AG
O42 - Logiciel: Nitro Pro 10 - (.Nitro.) [HKLM][64Bits] -- {C78478E6-8206-470E-B843-0204995371C6} =>.Nitro
O42 - Logiciel: Package de pilotes Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass ( - (.Google, Inc..) [HKLM][64Bits] -- 092555911492C6959D2596D612F52DCA71881CA2 =>.Google, Inc.
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM][64Bits] -- PowerISO =>.Power Software Ltd
O42 - Logiciel: Prerequisite installer - (.Nero AG.) [HKLM][64Bits] -- {EB511CD1-C87C-490D-A7B1-D6C47F57820F} =>.Nero AG
O42 - Logiciel: Progr. désin. pilote d'impr. UFR II - (.Canon Inc..) [HKLM][64Bits] -- Canon UFR II Printer Driver =>.CANON INC.®
O42 - Logiciel: RealDownloader - (.RealNetworks, Inc..) [HKLM][64Bits] -- {410F406E-7AFC-4E9F-BF7E-0CB3C72BDAB9} =>.RealNetworks, Inc.
O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A} =>.Realtek Semiconductor Corp.®
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp.®
O42 - Logiciel: Reload Icons Cache 1.00 - (.Mr Blade Design's.) [HKLM][64Bits] -- Reload Icons Cache 1.00 =>.Mr Blade Design's
O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} =>.Samsung Electronics CO., LTD.®
O42 - Logiciel: Sublime Text Build 3065 - (.Sublime HQ Pty Ltd.) [HKLM][64Bits] -- Sublime Text 3_is1 =>.Sublime HQ Pty Ltd®
O42 - Logiciel: SWI-Prolog (remove only) - (..) [HKLM][64Bits] -- SWI-Prolog
O42 - Logiciel: Sybase PowerAMC 15.1 - (.Sybase Inc..) [HKLM][64Bits] -- {48B0BE4A-EDC9-44C4-A3DB-67D62D75961F} =>.Macrovision Corporation®
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated®
O42 - Logiciel: USB Disk Security - (.Zbshareware Lab.) [HKLM][64Bits] -- USB Disk Security_is1 =>.Zbshareware Lab
O42 - Logiciel: UxStyle - (.The Within Network, LLC.) [HKLM][64Bits] -- {28A17CCB-77BB-49C9-847B-60E076DC43D1} =>.The Within Network, LLC
O42 - Logiciel: vs2015_redist x64 - (.Realnetworks.) [HKLM][64Bits] -- {EAED8692-5B63-4665-B857-D626633691DA} =>.RealNetworks
O42 - Logiciel: vs2015_redist x86 - (.Realnetworks.) [HKLM][64Bits] -- {BD46163A-0331-4A61-B65A-7B66D7C93F8E} =>.RealNetworks
O42 - Logiciel: WinRAR 5.20 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: ZTE Mobile Broadband Device Drivers 1.0.0.17 - (.ZTE.) [HKLM][64Bits] -- {9194B665-5134-4B6B-AD73-A5292CB072D3}_is1 =>.ZTE

---\\ CLÉ DE REGISTRE SOFTWARE HKCU & HKLM (263) - 27s
HKLM\SOFTWARE\89078A9FA5262B8AF87E572E4F3BA9D1 =>Adware.CrossRider
HKLM\SOFTWARE\Adobe =>.Adobe
HKLM\SOFTWARE\Apache Software Foundation =>.Apache Inc.
HKLM\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\Baidu =>.Baidu
HKLM\SOFTWARE\BaisvikSoftware
HKLM\SOFTWARE\C+W_Mini
HKLM\SOFTWARE\CDDB =>.Cddb Software
HKLM\SOFTWARE\Connectify =>.Connectify
HKLM\SOFTWARE\Cygnus Solutions =>.Cygnus Solutions
HKLM\SOFTWARE\Disk Doctor Labs Inc.
HKLM\SOFTWARE\DT Soft =>.DT Soft Ltd
HKLM\SOFTWARE\EA Games =>.EA Games
HKLM\SOFTWARE\EASEUS =>.EaseUS Software
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\Hewlett-Packard =>.Hewlett-Packard
HKLM\SOFTWARE\Icaros =>.Icaros
HKLM\SOFTWARE\InstallShield =>.InstallShield
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\Intel Security =>.Intel Security
HKLM\SOFTWARE\Internet Download Manager =>.Tonec Inc
HKLM\SOFTWARE\IObit =>.IObit
HKLM\SOFTWARE\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\JetBrains =>.JetBrains
HKLM\SOFTWARE\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\Khronos =>.Khronos
HKLM\SOFTWARE\KLCodecPack =>.KLite Inc
HKLM\SOFTWARE\LAV =>.LAV Inc
HKLM\SOFTWARE\Lavasoft =>.Lavasoft
HKLM\SOFTWARE\LAventure =>.L'Aventure
HKLM\SOFTWARE\Licenses =>.Microsoft Corporation
HKLM\SOFTWARE\LogMeInRescueCallingCard =>.LogMeIn Entreprise
HKLM\SOFTWARE\Macromedia =>.Macromedia
HKLM\SOFTWARE\McAfee =>.McAfee Inc.
HKLM\SOFTWARE\McAfee.com =>.McAfee Inc.
HKLM\SOFTWARE\Micro Application =>.Micro Application
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\MySQL AB =>.MySQL AB
HKLM\SOFTWARE\Nero =>.Ahead Corporation
HKLM\SOFTWARE\NewBlue =>.NewBlue
HKLM\SOFTWARE\Nuance =>.Nuance
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\OpenVPN-GUI =>.OpenVPN Technologie
HKLM\SOFTWARE\ORACLE =>.Oracle
HKLM\SOFTWARE\PostgreSQL =>.PostgreSQL
HKLM\SOFTWARE\PowerISO =>.PowerISO Computing
HKLM\SOFTWARE\PowerPivot =>.PowerPivot
HKLM\SOFTWARE\PowerTechnology =>.PowerTechnology
HKLM\SOFTWARE\Razer =>.Razer
HKLM\SOFTWARE\RealNetworks =>.RealNetworks
HKLM\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Rtp =>.RTP Software
HKLM\SOFTWARE\Samsung =>.Samsung Electronics
HKLM\SOFTWARE\Skype =>.Skype
HKLM\SOFTWARE\Sony Creative Software =>.Sony Creative Software
HKLM\SOFTWARE\SOSVirus =>.SosVirus
HKLM\SOFTWARE\SuperBoost =>.QiWang
HKLM\SOFTWARE\SWI
HKLM\SOFTWARE\Sybase
HKLM\SOFTWARE\Symantec =>.Symantec
HKLM\SOFTWARE\Tencent =>.SUP.Tencent
HKLM\SOFTWARE\ThinPrint =>.ThinPrint
HKLM\SOFTWARE\TrueKey =>.Intel Corporation
HKLM\SOFTWARE\VMware, Inc. =>.VMware, Inc.
HKLM\SOFTWARE\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\WafCX =>.WafCX
HKLM\SOFTWARE\Wondershare =>.Wondershare
HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\Xing Technology Corp. =>.Xing Technology Corp.
HKLM\SOFTWARE\XinYi Network =>.XinYi Network
HKLM\SOFTWARE\ZTE Mobile Broadband Device Drivers
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\89078A9FA5262B8AF87E572E4F3BA9D1 =>Adware.CrossRider
HKLM\SOFTWARE\WOW6432Node\Adobe =>.Adobe
HKLM\SOFTWARE\WOW6432Node\Apache Software Foundation =>.Apache Inc.
HKLM\SOFTWARE\WOW6432Node\Apple Computer, Inc. =>.Apple Computer, Inc.
HKLM\SOFTWARE\WOW6432Node\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\WOW6432Node\Baidu =>.Baidu
HKLM\SOFTWARE\WOW6432Node\BaisvikSoftware
HKLM\SOFTWARE\WOW6432Node\C+W_Mini
HKLM\SOFTWARE\WOW6432Node\CDDB =>.Cddb Software
HKLM\SOFTWARE\WOW6432Node\Connectify =>.Connectify
HKLM\SOFTWARE\WOW6432Node\Cygnus Solutions =>.Cygnus Solutions
HKLM\SOFTWARE\WOW6432Node\Disk Doctor Labs Inc.
HKLM\SOFTWARE\WOW6432Node\DT Soft =>.DT Soft Ltd
HKLM\SOFTWARE\WOW6432Node\EA Games =>.EA Games
HKLM\SOFTWARE\WOW6432Node\EASEUS =>.EaseUS Software
HKLM\SOFTWARE\WOW6432Node\Google =>.Google
HKLM\SOFTWARE\WOW6432Node\Hewlett-Packard =>.Hewlett-Packard
HKLM\SOFTWARE\WOW6432Node\Icaros =>.Icaros
HKLM\SOFTWARE\WOW6432Node\InstallShield =>.InstallShield
HKLM\SOFTWARE\WOW6432Node\Intel =>.Intel
HKLM\SOFTWARE\WOW6432Node\Intel Security =>.Intel Security
HKLM\SOFTWARE\WOW6432Node\Internet Download Manager =>.Tonec Inc
HKLM\SOFTWARE\WOW6432Node\IObit =>.IObit
HKLM\SOFTWARE\WOW6432Node\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\WOW6432Node\JetBrains =>.JetBrains
HKLM\SOFTWARE\WOW6432Node\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\WOW6432Node\Khronos =>.Khronos
HKLM\SOFTWARE\WOW6432Node\KLCodecPack =>.KLite Inc
HKLM\SOFTWARE\WOW6432Node\LAV =>.LAV Inc
HKLM\SOFTWARE\WOW6432Node\Lavasoft =>.Lavasoft
HKLM\SOFTWARE\WOW6432Node\LAventure =>.L'Aventure
HKLM\SOFTWARE\WOW6432Node\Licenses =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\LogMeInRescueCallingCard =>.LogMeIn Entreprise
HKLM\SOFTWARE\WOW6432Node\Macromedia =>.Macromedia
HKLM\SOFTWARE\WOW6432Node\McAfee =>.McAfee Inc.
HKLM\SOFTWARE\WOW6432Node\McAfee.com =>.McAfee Inc.
HKLM\SOFTWARE\WOW6432Node\Micro Application =>.Micro Application
HKLM\SOFTWARE\WOW6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\WOW6432Node\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\WOW6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\WOW6432Node\MySQL AB =>.MySQL AB
HKLM\SOFTWARE\WOW6432Node\Nero =>.Ahead Corporation
HKLM\SOFTWARE\WOW6432Node\NewBlue =>.NewBlue
HKLM\SOFTWARE\WOW6432Node\Nuance =>.Nuance
HKLM\SOFTWARE\WOW6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\WOW6432Node\OpenVPN-GUI =>.OpenVPN Technologie
HKLM\SOFTWARE\WOW6432Node\ORACLE =>.Oracle
HKLM\SOFTWARE\WOW6432Node\PostgreSQL =>.PostgreSQL
HKLM\SOFTWARE\WOW6432Node\PowerISO =>.PowerISO Computing
HKLM\SOFTWARE\WOW6432Node\PowerPivot =>.PowerPivot
HKLM\SOFTWARE\WOW6432Node\PowerTechnology =>.PowerTechnology
HKLM\SOFTWARE\WOW6432Node\Razer =>.Razer
HKLM\SOFTWARE\WOW6432Node\RealNetworks =>.RealNetworks
HKLM\SOFTWARE\WOW6432Node\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\WOW6432Node\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\WOW6432Node\Rtp =>.RTP Software
HKLM\SOFTWARE\WOW6432Node\Samsung =>.Samsung Electronics
HKLM\SOFTWARE\WOW6432Node\Skype =>.Skype
HKLM\SOFTWARE\WOW6432Node\Sony Creative Software =>.Sony Creative Software
HKLM\SOFTWARE\WOW6432Node\SOSVirus =>.SosVirus
HKLM\SOFTWARE\WOW6432Node\SuperBoost =>.QiWang
HKLM\SOFTWARE\WOW6432Node\SWI
HKLM\SOFTWARE\WOW6432Node\Sybase
HKLM\SOFTWARE\WOW6432Node\Symantec =>.Symantec
HKLM\SOFTWARE\WOW6432Node\Tencent =>.SUP.Tencent
HKLM\SOFTWARE\WOW6432Node\ThinPrint =>.ThinPrint
HKLM\SOFTWARE\WOW6432Node\TrueKey =>.Intel Corporation
HKLM\SOFTWARE\WOW6432Node\VMware, Inc. =>.VMware, Inc.
HKLM\SOFTWARE\WOW6432Node\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\WafCX =>.WafCX
HKLM\SOFTWARE\WOW6432Node\Wondershare =>.Wondershare
HKLM\SOFTWARE\WOW6432Node\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\Xing Technology Corp. =>.Xing Technology Corp.
HKLM\SOFTWARE\WOW6432Node\XinYi Network =>.XinYi Network
HKLM\SOFTWARE\WOW6432Node\ZTE Mobile Broadband Device Drivers
HKLM\SOFTWARE\WOW6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\2VG
HKCU\SOFTWARE\89078A9FA5262B8AF87E572E4F3BA9D1 =>Adware.CrossRider
HKCU\SOFTWARE\AAA Logo 2014
HKCU\SOFTWARE\AAA_LOGO =>.SWGSoft
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\Adobe-BackupByPhotoshopCS6Portable
HKCU\SOFTWARE\Apowersoft =>.Apowersoft
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\Baidu =>.Baidu
HKCU\SOFTWARE\BaisvikSoftware
HKCU\SOFTWARE\BugSplat =>.Bugsplat Game
HKCU\SOFTWARE\Canon =>.Canon
HKCU\SOFTWARE\CDDB =>.Cddb Software
HKCU\SOFTWARE\Chromium =>.Chromium
HKCU\SOFTWARE\Convar =>.Legitimate
HKCU\SOFTWARE\Cygnus Solutions =>.Cygnus Solutions
HKCU\SOFTWARE\Dashlane_profiles =>.Dashlane, Inc
HKCU\SOFTWARE\DirectShow =>.Microsoft Corporation
HKCU\SOFTWARE\Disc Soft =>.Disc Soft
HKCU\SOFTWARE\Disk Doctor Labs Inc.
HKCU\SOFTWARE\Disk Doctors Labs
HKCU\SOFTWARE\DownloadAstro =>.Download Astro
HKCU\SOFTWARE\DownloadManager =>.DownloadManager
HKCU\SOFTWARE\DRP
HKCU\SOFTWARE\DT Soft =>.DT Soft Ltd
HKCU\SOFTWARE\EaseUS =>.EaseUS Software
HKCU\SOFTWARE\ej-technologies =>.ej-technologies
HKCU\SOFTWARE\EMU =>.Games Software
HKCU\SOFTWARE\Facebook =>.Facebook
HKCU\SOFTWARE\FlashBoot =>.PrimeExpert Software
HKCU\SOFTWARE\FLT =>.FLT Software
HKCU\SOFTWARE\FreeDownloadManager.ORG =>.FreeDownloadManager.org
HKCU\SOFTWARE\FreeTime =>.FreeTime Inc
HKCU\SOFTWARE\Freeware =>.VirtualDub.org
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\GRETECH =>.Gretech
HKCU\SOFTWARE\Haali =>.Haali Media
HKCU\SOFTWARE\Hewlett-Packard =>.Hewlett-Packard
HKCU\SOFTWARE\HP =>.HP
HKCU\SOFTWARE\I.R.I.S. =>.I.R.I.S.
HKCU\SOFTWARE\Icaros =>.Icaros
HKCU\SOFTWARE\IM =>.Legitimate
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\Intel Security =>.Intel Security
HKCU\SOFTWARE\IObit =>.IObit
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\JetBrains =>.JetBrains
HKCU\SOFTWARE\KasperskyLabSetup =>.Kaspersky Labs
HKCU\SOFTWARE\LAventure =>.L'Aventure
HKCU\SOFTWARE\Licenses =>.Microsoft Corporation
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\madshi =>.madshi.net
HKCU\SOFTWARE\Magicbit =>.SUP.Magicbit
HKCU\SOFTWARE\MainConcept =>.MainConcept AG
HKCU\SOFTWARE\MainConcept (Consumer) =>.MainConcept AG
HKCU\SOFTWARE\MediaInfo =>.Jérôme Martinez
HKCU\SOFTWARE\Mirage =>.Mirage Game
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKCU\SOFTWARE\MPC-HC =>.MPC-HC Team
HKCU\SOFTWARE\Nero =>.Ahead Corporation
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\NewBlue =>.NewBlue
HKCU\SOFTWARE\Nitro =>.Nitro
HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\PC SOFT =>.PC SOFT
HKCU\SOFTWARE\pgAdmin III
HKCU\SOFTWARE\PluginAddon =>PUP.Optional.Vonteera
HKCU\SOFTWARE\PopCap =>.Popcap Games
HKCU\SOFTWARE\PowerISO =>.PowerISO Computing
HKCU\SOFTWARE\PowerTechnology =>.PowerTechnology
HKCU\SOFTWARE\Psiphon3
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\Real
HKCU\SOFTWARE\RealNetworks =>.RealNetworks
HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\Rtp =>.RTP Software
HKCU\SOFTWARE\Samsung =>.Samsung Electronics
HKCU\SOFTWARE\SAP =>.SAP
HKCU\SOFTWARE\Semantis =>.Semantis
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\Sony Creative Software =>.Sony Creative Software
HKCU\SOFTWARE\SpinTop
HKCU\SOFTWARE\SWI
HKCU\SOFTWARE\Sybase
HKCU\SOFTWARE\Synaptics =>.Synaptics
HKCU\SOFTWARE\SyncEngines =>.Microsoft Corporation
HKCU\SOFTWARE\Sysinternals =>.Sysinternals
HKCU\SOFTWARE\TechSmith =>.TechSmith
HKCU\SOFTWARE\Tencent =>.SUP.Tencent
HKCU\SOFTWARE\Tihiy
HKCU\SOFTWARE\Trolltech =>.Trolltech
HKCU\SOFTWARE\undefined =>.SUP.Downloader
HKCU\SOFTWARE\Valve =>.Valve
HKCU\SOFTWARE\Visan =>.Visan Software
HKCU\SOFTWARE\VMware, Inc. =>.VMware, Inc.
HKCU\SOFTWARE\WindowsUpdater
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wondershare =>.Wondershare
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\XinYi Network =>.XinYi Network
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Yandex =>.Yandex
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\ThinPrint =>.ThinPrint
HKCU\SOFTWARE\AppDataLow\Software\Yahoo =>.Yahoo! Inc.

---\\ CONTENU DES DOSSIERS PROGRAMMES (457) - 40s
O43 - CFD: 01/08/2017 - [] D -- C:\Program Files\5FGQEJF8EM
O43 - CFD: 19/05/2016 - [] D -- C:\Program Files\Add-ins
O43 - CFD: 24/05/2016 - [0] D -- C:\Program Files\Apache Software Foundation =>.Apache Inc.
O43 - CFD: 18/09/2017 - [] D -- C:\Program Files\BDSCJGDHLE =>Adware.Wizzcaster
O43 - CFD: 25/06/2016 - [] D -- C:\Program Files\BitTorrent
O43 - CFD: 30/12/2016 - [] D -- C:\Program Files\Canon =>.CANON INC.®
O43 - CFD: 28/01/2018 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 15/08/2017 - [] D -- C:\Program Files\Communications RND Reflector
O43 - CFD: 16/12/2016 - [] D -- C:\Program Files\DIFX =>.Microsoft Corporation
O43 - CFD: 19/05/2016 - [] D -- C:\Program Files\Documentation
O43 - CFD: 19/05/2016 - [0] D -- C:\Program Files\Données de test
O43 - CFD: 29/03/2016 - [] D -- C:\Program Files\EaseUS =>.EaseUS Software
O43 - CFD: 19/05/2016 - [] D -- C:\Program Files\Exemples
O43 - CFD: 29/03/2016 - [0] SHD -- C:\Program Files\Fichiers communs =>.Microsoft Corporation
O43 - CFD: 17/05/2016 - [] D -- C:\Program Files\Fichiers de ressources
O43 - CFD: 10/04/2017 - [] AD -- C:\Program Files\FlashBoot =>.PrimeExpert Software
O43 - CFD: 19/05/2016 - [0] D -- C:\Program Files\fr =>.Corel Corporation
O43 - CFD: 03/09/2017 - [] D -- C:\Program Files\FreeDownloadManager.ORG =>.FreeDownloadManager.org
O43 - CFD: 19/07/2016 - [] D -- C:\Program Files\HP =>.Hewlett-Packard
O43 - CFD: 14/08/2017 - [] D -- C:\Program Files\Hyper-V =>.Microsoft Corporation
O43 - CFD: 19/05/2016 - [0] D -- C:\Program Files\Icônes
O43 - CFD: 16/04/2017 - [] D -- C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 23/04/2016 - [] D -- C:\Program Files\Intel Security =>.Intel Corporation
O43 - CFD: 19/09/2017 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 20/01/2018 - [] D -- C:\Program Files\Java =>.Oracle
O43 - CFD: 27/09/2017 - [] AD -- C:\Program Files\KMSpico =>HackTool.KMSpico
O43 - CFD: 18/09/2017 - [] D -- C:\Program Files\L76ZO09L6P =>Adware.Wizzcaster
O43 - CFD: 22/12/2017 - [] D -- C:\Program Files\M2TS Fish Video Survey
O43 - CFD: 23/02/2018 - [] D -- C:\Program Files\Malwarebytes =>.Malwarebytes
O43 - CFD: 26/09/2017 - [] D -- C:\Program Files\Microsoft Analysis Services =>.Microsoft Corporation
O43 - CFD: 26/09/2017 - [] AD -- C:\Program Files\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 26/09/2017 - [] D -- C:\Program Files\Microsoft SQL Server =>.Microsoft Corporation
O43 - CFD: 26/09/2017 - [] D -- C:\Program Files\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 16/04/2017 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 21/09/2017 - [0] D -- C:\Program Files\NewBlue =>.NewBlue
O43 - CFD: 03/07/2017 - [] D -- C:\Program Files\Nitro =>.Nitro
O43 - CFD: 19/05/2016 - [0] D -- C:\Program Files\Nmap Files
O43 - CFD: 19/05/2016 - [] D -- C:\Program Files\Ole Automation
O43 - CFD: 19/05/2016 - [0] D -- C:\Program Files\Outils
O43 - CFD: 13/04/2016 - [] D -- C:\Program Files\pl
O43 - CFD: 24/05/2016 - [0] D -- C:\Program Files\PostgreSQL =>.PostgreSQL
O43 - CFD: 26/06/2017 - [] AD -- C:\Program Files\PowerISO =>.PowerISO Computing
O43 - CFD: 16/04/2017 - [] D -- C:\Program Files\Realtek =>.Realtek
O43 - CFD: 14/04/2016 - [0] D -- C:\Program Files\Reason
O43 - CFD: 16/04/2017 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 13/10/2016 - [] D -- C:\Program Files\Samsung =>.Samsung Electronics
O43 - CFD: 23/05/2016 - [0] D -- C:\Program Files\SAP =>.SAP
O43 - CFD: 19/05/2016 - [] D -- C:\Program Files\ShellNew
O43 - CFD: 28/03/2017 - [] AD -- C:\Program Files\Sublime Text 3 =>.Sublime HQ Pty Ltd®
O43 - CFD: 16/04/2017 - [] D -- C:\Program Files\Synaptics =>.Synaptics Incorporated®
O43 - CFD: 19/05/2016 - [0] D -- C:\Program Files\ThirdPartyLegal
O43 - CFD: 18/05/2016 - [] D -- C:\Program Files\TrueKey =>.Intel Corporation
O43 - CFD: 16/04/2017 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 19/05/2016 - [0] D -- C:\Program Files\VB Scripts
O43 - CFD: 19/09/2017 - [] D -- C:\Program Files\W9387PVVFO
O43 - CFD: 20/09/2017 - [] RD -- C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 20/03/2017 - [] D -- C:\Program Files\Windows Defender Advanced Threat Protection =>.Microsoft Corporation
O43 - CFD: 19/09/2017 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 20/03/2017 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 16/04/2017 - [] D -- C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 19/09/2017 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files\Windows Security =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] SHD -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 23/02/2018 - [] HD -- C:\Program Files\WindowsApps =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 03/07/2017 - [] AD -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 19/09/2017 - [] D -- C:\Program Files\XSBDBY8FNB =>Adware.Wizzcaster
O43 - CFD: 24/03/2017 - [] D -- C:\Program Files (x86)\1a641ce1-bb17-40f5-a1fc-3ea2f4cf1fdb1490347953 =>Adware.CrossRider
O43 - CFD: 11/04/2017 - [] AD -- C:\Program Files (x86)\AAALOGO =>.SWGSoft
O43 - CFD: 17/03/2017 - [] AD -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 30/11/2016 - [] D -- C:\Program Files (x86)\Baidu =>.Baidu (China) Co., Ltd.®
O43 - CFD: 18/12/2016 - [] AD -- C:\Program Files (x86)\BaisvikSoftware {7F8276BC4AA97E8E49FBED6A595376F0}
O43 - CFD: 30/11/2016 - [] AD -- C:\Program Files (x86)\Bonjour =>.Apple Inc.
O43 - CFD: 20/01/2018 - [] D -- C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 30/11/2016 - [0] D -- C:\Program Files (x86)\Convar =>.Convar Deutschland GmbH
O43 - CFD: 30/11/2016 - [] D -- C:\Program Files (x86)\CVitae 5
O43 - CFD: 06/12/2016 - [] D -- C:\Program Files (x86)\EASEUS =>.EaseUS Software
O43 - CFD: 01/08/2017 - [] D -- C:\Program Files (x86)\eb3umnclhpo
O43 - CFD: 16/04/2017 - [] D -- C:\Program Files (x86)\FormatFactory =>.Free Time Co., Ltd.®
O43 - CFD: 13/12/2016 - [0] D -- C:\Program Files (x86)\Foxy Games =>.Foxy Games
O43 - CFD: 30/11/2016 - [0] D -- C:\Program Files (x86)\FreeTime =>.FreeTime
O43 - CFD: 10/01/2018 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 25/07/2017 - [] AD -- C:\Program Files (x86)\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 21/09/2017 - [] AD -- C:\Program Files (x86)\HP =>.Hewlett-Packard
O43 - CFD: 28/01/2018 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield
O43 - CFD: 30/11/2016 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation
O43 - CFD: 23/02/2018 - [] D -- C:\Program Files (x86)\Internet Download Manager =>.Tonec Inc
O43 - CFD: 20/09/2017 - [] D -- C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 20/07/2017 - [] D -- C:\Program Files (x86)\IObit =>.IObit
O43 - CFD: 26/03/2017 - [] D -- C:\Program Files (x86)\Jargon Informatique =>.tuxfamily.org
O43 - CFD: 30/11/2016 - [0] D -- C:\Program Files (x86)\Jaspersoft
O43 - CFD: 20/01/2018 - [] D -- C:\Program Files (x86)\Java =>.Oracle
O43 - CFD: 15/06/2017 - [0] D -- C:\Program Files (x86)\JetBrains =>.JetBrains Inc
O43 - CFD: 23/02/2018 - [] AD -- C:\Program Files (x86)\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 12/12/2016 - [] D -- C:\Program Files (x86)\Macromedia =>.Macromedia
O43 - CFD: 31/07/2017 - [] D -- C:\Program Files (x86)\Messenger for Desktop =>.Alexandru Rosianu
O43 - CFD: 21/01/2017 - [] D -- C:\Program Files (x86)\Micro Application =>.Micro Application
O43 - CFD: 26/09/2017 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services =>.Microsoft Corporation
O43 - CFD: 30/11/2016 - [] D -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE =>.Microsoft Corporation
O43 - CFD: 26/09/2017 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 26/09/2017 - [] D -- C:\Program Files (x86)\Microsoft SQL Server =>.Microsoft Corporation
O43 - CFD: 26/09/2017 - [] AD -- C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 16/04/2017 - [] D -- C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
O43 - CFD: 30/11/2016 - [] D -- C:\Program Files (x86)\Mykronoz =>.Mykronoz
O43 - CFD: 23/02/2018 - [] D -- C:\Program Files (x86)\Navilog1
O43 - CFD: 23/09/2017 - [] AD -- C:\Program Files (x86)\Nero =>.Ahead Corporation
O43 - CFD: 21/09/2017 - [0] D -- C:\Program Files (x86)\NewBlue =>.NewBlue
O43 - CFD: 03/07/2017 - [] D -- C:\Program Files (x86)\Nitro =>.Nitro
O43 - CFD: 01/08/2017 - [] D -- C:\Program Files (x86)\Oracle =>.Oracle
O43 - CFD: 31/03/2017 - [] AD -- C:\Program Files (x86)\PowerISO =>.PowerISO Computing
O43 - CFD: 02/02/2017 - [0] D -- C:\Program Files (x86)\R.G. Mechanics =>.R.G. Mechanics
O43 - CFD: 21/07/2017 - [] D -- C:\Program Files (x86)\Real =>.RealNetworks Inc.
O43 - CFD: 30/11/2016 - [] D -- C:\Program Files (x86)\Realtek =>.Realtek
O43 - CFD: 16/04/2017 - [] D -- C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 30/11/2016 - [0] D -- C:\Program Files (x86)\Rene.E Laboratory =>.Rene.E Laboratory
O43 - CFD: 30/11/2016 - [] D -- C:\Program Files (x86)\Samsung =>.Samsung Electronics
O43 - CFD: 17/09/2017 - [] D -- C:\Program Files (x86)\Sparkle =>.Ignite Realtime
O43 - CFD: 10/07/2017 - [] D -- C:\Program Files (x86)\SuperBoost =>.QiWang
O43 - CFD: 19/09/2017 - [] D -- C:\Program Files (x86)\Sybase
O43 - CFD: 30/11/2016 - [0] HD -- C:\Program Files (x86)\Temp =>.Microsoft Corporation
O43 - CFD: 30/11/2016 - [] AD -- C:\Program Files (x86)\USB Disk Security =>.FlashPeak Inc
O43 - CFD: 05/11/2017 - [0] D -- C:\Program Files (x86)\VideoLAN =>.VideoLan Team
O43 - CFD: 25/07/2017 - [] D -- C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 20/09/2017 - [] D -- C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 20/03/2017 - [] D -- C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
O43 - CFD: 19/09/2017 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] SHD -- C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 30/11/2016 - [] D -- C:\Program Files (x86)\Yahoo! =>.Yahoo!
O43 - CFD: 30/11/2016 - [] AD -- C:\Program Files (x86)\ZTEMobileBroadbandDeviceDrivers
O43 - CFD: 16/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AAA Logo
O43 - CFD: 18/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 25/07/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 19/09/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 12/12/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CC 2015
O43 - CFD: 16/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bacula
O43 - CFD: 16/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BaisvikSoftware
O43 - CFD: 16/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour =>.Apple Inc.
O43 - CFD: 22/12/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro =>.The DAEMON Team
O43 - CFD: 16/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.5 =>.EaseUS Software
O43 - CFD: 16/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashBoot =>.PrimeExpert Software
O43 - CFD: 11/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager =>.FreeDownloadManager.com
O43 - CFD: 23/08/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 03/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 20/01/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
O43 - CFD: 20/01/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit =>.Oracle
O43 - CFD: 23/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 27/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
O43 - CFD: 16/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia =>.Macromedia
O43 - CFD: 18/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 23/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes =>.Malwarebytes
O43 - CFD: 16/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Micro Application =>.Micro Application
O43 - CFD: 16/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace =>.Microsoft Corporation
O43 - CFD: 26/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 =>.Microsoft Corporation
O43 - CFD: 03/05/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero =>.Ahead Corporation
O43 - CFD: 16/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016 =>.Ahead Corporation
O43 - CFD: 03/05/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2017 =>.Ahead Corporation
O43 - CFD: 04/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils PC SOFT
O43 - CFD: 26/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO =>.PowerISO Computing
O43 - CFD: 21/07/2017 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks =>.RealNetworks
O43 - CFD: 02/11/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung =>.Samsung Electronics
O43 - CFD: 21/08/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 16/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SWI-Prolog
O43 - CFD: 19/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sybase
O43 - CFD: 18/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 16/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security =>.FlashPeak Inc
O43 - CFD: 03/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 20/05/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip =>.WinZip
O43 - CFD: 18/09/2017 - [] D -- C:\ProgramData\159d8e6ff42042bbae0f0def4445b047 =>Adware.Suspect
O43 - CFD: 18/09/2017 - [] D -- C:\ProgramData\1faff803c0964a86b82fdd284408c283 =>Adware.Suspect
O43 - CFD: 23/09/2017 - [] D -- C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 27/10/2016 - [] D -- C:\ProgramData\Apple =>.Apple Inc.
O43 - CFD: 16/04/2017 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 30/11/2016 - [] D -- C:\ProgramData\AVAST Software =>.AVAST Software
O43 - CFD: 30/11/2016 - [] D -- C:\ProgramData\Avg =>.AVG Software
O43 - CFD: 30/11/2016 - [] D -- C:\ProgramData\Avira =>.Avira Software
O43 - CFD: 18/09/2017 - [] D -- C:\ProgramData\b945d8214d7047bd89ea300fbaf0006d =>Adware.Suspect
O43 - CFD: 19/05/2016 - [] D -- C:\ProgramData\Baidu =>.Baidu
O43 - CFD: 18/12/2016 - [] D -- C:\ProgramData\BaisvikSoftware
O43 - CFD: 24/04/2016 - [] D -- C:\ProgramData\BDLogging =>.Bitdefender
O43 - CFD: 19/06/2016 - [] D -- C:\ProgramData\BiniSoft.org =>.BiniSoft.org
O43 - CFD: 21/09/2017 - [0] D -- C:\ProgramData\BSD =>.Berkeley
O43 - CFD: 29/03/2016 - [0] SHD -- C:\ProgramData\Bureau =>.Microsoft Corporation
O43 - CFD: 26/06/2017 - [0] D -- C:\ProgramData\Camtel EVDO-Huawei
O43 - CFD: 19/07/2016 - [] D -- C:\ProgramData\Canon =>.Canon
O43 - CFD: 16/07/2016 - [0] D -- C:\ProgramData\Comms =>.Microsoft Corporation
O43 - CFD: 26/06/2017 - [] D -- C:\ProgramData\DatacardService =>.Entriq, Inc.
O43 - CFD: 16/04/2017 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 15/06/2016 - [] D -- C:\ProgramData\eSellerate =>.eSellerate
O43 - CFD: 06/05/2016 - [] D -- C:\ProgramData\Ford Motor Company
O43 - CFD: 04/05/2017 - [] D -- C:\ProgramData\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 05/08/2017 - [] AD -- C:\ProgramData\HP =>.Hewlett-Packard
O43 - CFD: 11/10/2016 - [0] D -- C:\ProgramData\IDM =>.IDM
O43 - CFD: 26/05/2016 - [] D -- C:\ProgramData\install_clap =>.Microsoft Corporation
O43 - CFD: 23/02/2018 - [] D -- C:\ProgramData\IObit =>.IObit
O43 - CFD: 29/05/2017 - [] D -- C:\ProgramData\Kaspersky Lab Setup Files =>.Kaspersky Lab
O43 - CFD: 26/06/2017 - [] D -- C:\ProgramData\KONAMI =>.Konami
O43 - CFD: 28/01/2018 - [] D -- C:\ProgramData\Lavasoft =>.Lavasoft
O43 - CFD: 07/12/2016 - [] D -- C:\ProgramData\Macromedia =>.Macromedia
O43 - CFD: 23/02/2018 - [] D -- C:\ProgramData\Malwarebytes =>.Malwarebytes
O43 - CFD: 17/05/2016 - [] D -- C:\ProgramData\McAfee =>.McAfee
O43 - CFD: 29/03/2016 - [0] SHD -- C:\ProgramData\Menu Démarrer =>.Microsoft Corporation
O43 - CFD: 26/09/2017 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 26/09/2017 - [] D -- C:\ProgramData\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 16/04/2017 - [] D -- C:\ProgramData\Microsoft OneDrive =>.Microsoft Corporation
O43 - CFD: 29/03/2016 - [0] SHD -- C:\ProgramData\Modèles =>.Microsoft Corporation
O43 - CFD: 05/04/2016 - [] D -- C:\ProgramData\MTN Xtra Surf =>.Huawei Technologies Co.,Ltd
O43 - CFD: 28/04/2017 - [] AD -- C:\ProgramData\Nero =>.Ahead Corporation
O43 - CFD: 29/03/2016 - [] D -- C:\ProgramData\Nitro =>.Nitro
O43 - CFD: 20/01/2018 - [] D -- C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 03/10/2016 - [] D -- C:\ProgramData\Origin =>.Electronic Arts, Inc.
O43 - CFD: 21/09/2017 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 20/09/2017 - [] D -- C:\ProgramData\PowerAMC 15
O43 - CFD: 20/07/2017 - [] D -- C:\ProgramData\ProductData =>.Microsoft Corporation
O43 - CFD: 21/07/2017 - [] D -- C:\ProgramData\Real =>.RealNetworks Inc.
O43 - CFD: 21/07/2017 - [0] D -- C:\ProgramData\RealNetworks =>.RealNetworks
O43 - CFD: 26/09/2017 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\ProgramData\RzSurroundVAD_1.1.62.0 =>.Razer Inc
O43 - CFD: 13/10/2016 - [] D -- C:\ProgramData\Samsung =>.Samsung Electronics
O43 - CFD: 18/03/2017 - [0] D -- C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation
O43 - CFD: 17/09/2017 - [] D -- C:\ProgramData\SpinTop Games =>.SpinTop Games
O43 - CFD: 16/12/2016 - [] D -- C:\ProgramData\SP_FT_Logs
O43 - CFD: 05/04/2016 - [] D -- C:\ProgramData\Steam =>.Steam Games
O43 - CFD: 24/05/2016 - [] D -- C:\ProgramData\Sun =>.Oracle
O43 - CFD: 23/04/2016 - [] D -- C:\ProgramData\SuperBoost =>.QiWang
O43 - CFD: 29/03/2016 - [] D -- C:\ProgramData\Synaptics =>.Synaptics
O43 - CFD: 17/09/2017 - [] AD -- C:\ProgramData\Temp =>.Microsoft Corporation
O43 - CFD: 23/04/2016 - [] D -- C:\ProgramData\TrueKey =>.Intel Corporation
O43 - CFD: 17/03/2017 - [] D -- C:\ProgramData\Ubisoft =>.Ubisoft
O43 - CFD: 16/04/2017 - [] D -- C:\ProgramData\USOPrivate =>.Microsoft Corporation
O43 - CFD: 16/04/2017 - [] D -- C:\ProgramData\USOShared =>.Microsoft Corporation
O43 - CFD: 19/07/2016 - [] D -- C:\ProgramData\Visan =>.Visan Industries
O43 - CFD: 19/07/2016 - [] D -- C:\ProgramData\VMware =>.VMware
O43 - CFD: 21/07/2017 - [] D -- C:\ProgramData\VS Revo Group =>.VS Revo Group
O43 - CFD: 20/03/2017 - [] D -- C:\ProgramData\WindowsHolographicDevices =>.Microsoft Corporation
O43 - CFD: 21/01/2017 - [0] D -- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
O43 - CFD: 06/06/2016 - [] D -- C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
O43 - CFD: 21/04/2016 - [0] D -- C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
O43 - CFD: 06/06/2016 - [] D -- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
O43 - CFD: 21/04/2016 - [] D -- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
O43 - CFD: 23/09/2017 - [] D -- C:\Program Files (x86)\Common Files\Adobe =>.Adobe
O43 - CFD: 01/08/2017 - [] D -- C:\Program Files (x86)\Common Files\Adobe-BackupByPhotoshopCS6Portable
O43 - CFD: 30/07/2016 - [] D -- C:\Program Files (x86)\Common Files\Doublelatbam
O43 - CFD: 03/10/2016 - [] HD -- C:\Program Files (x86)\Common Files\EAInstaller =>.Electronic Arts, Inc.
O43 - CFD: 15/06/2016 - [] D -- C:\Program Files (x86)\Common Files\eSellerate =>.eSellerate
O43 - CFD: 22/04/2016 - [] D -- C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield
O43 - CFD: 16/04/2017 - [] D -- C:\Program Files (x86)\Common Files\Intel =>.Intel Corporation
O43 - CFD: 21/09/2017 - [] D -- C:\Program Files (x86)\Common Files\IObit =>.IObit
O43 - CFD: 20/01/2018 - [] D -- C:\Program Files (x86)\Common Files\Java =>.Oracle
O43 - CFD: 12/12/2016 - [] AD -- C:\Program Files (x86)\Common Files\Macromedia =>.Macromedia
O43 - CFD: 23/04/2016 - [] D -- C:\Program Files (x86)\Common Files\McAfee =>.McAfee
O43 - CFD: 26/09/2017 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared =>.Microsoft Corporation
O43 - CFD: 28/04/2017 - [] D -- C:\Program Files (x86)\Common Files\Nero =>.Ahead Corporation
O43 - CFD: 04/09/2017 - [] D -- C:\Program Files (x86)\Common Files\PC SOFT =>.PC Soft
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 20/03/2017 - [] D -- C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
O43 - CFD: 01/08/2017 - [0] D -- C:\Users\eric\AppData\Roaming\3p1driaqk4s
O43 - CFD: 18/09/2017 - [] D -- C:\Users\eric\AppData\Roaming\879c261566424c7fba51384d066e660e
O43 - CFD: 26/03/2017 - [] D -- C:\Users\eric\AppData\Roaming\AchrafCherti
O43 - CFD: 23/09/2017 - [] D -- C:\Users\eric\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 22/09/2017 - [] D -- C:\Users\eric\AppData\Roaming\Adobe-BackupByPhotoshopCS6Portable
O43 - CFD: 18/09/2017 - [] D -- C:\Users\eric\AppData\Roaming\af688c2fb64e4f05a7eadcc4857dc524
O43 - CFD: 23/02/2018 - [] D -- C:\Users\eric\AppData\Roaming\Apowersoft =>.Apowersoft
O43 - CFD: 21/04/2016 - [] D -- C:\Users\eric\AppData\Roaming\Apple Computer =>.Apple Inc.
O43 - CFD: 19/05/2016 - [] D -- C:\Users\eric\AppData\Roaming\Baidu =>.Baidu
O43 - CFD: 16/12/2016 - [] D -- C:\Users\eric\AppData\Roaming\BaisvikSoftware
O43 - CFD: 04/12/2016 - [] D -- C:\Users\eric\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O43 - CFD: 25/03/2017 - [0] D -- C:\Users\eric\AppData\Roaming\Clovot
O43 - CFD: 22/04/2016 - [] D -- C:\Users\eric\AppData\Roaming\CVitae 5
O43 - CFD: 22/12/2016 - [0] D -- C:\Users\eric\AppData\Roaming\DAEMON Tools Pro =>.The DAEMON Team
O43 - CFD: 18/09/2017 - [] D -- C:\Users\eric\AppData\Roaming\dll4c4dqy3m =>Heuristic.Wizzcaster
O43 - CFD: 23/02/2018 - [] D -- C:\Users\eric\AppData\Roaming\DMCache =>.DMCache
O43 - CFD: 26/05/2016 - [] D -- C:\Users\eric\AppData\Roaming\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 23/12/2016 - [] D -- C:\Users\eric\AppData\Roaming\DRPNPS
O43 - CFD: 10/01/2018 - [] D -- C:\Users\eric\AppData\Roaming\Google =>.Google
O43 - CFD: 03/04/2016 - [] D -- C:\Users\eric\AppData\Roaming\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 25/07/2017 - [] D -- C:\Users\eric\AppData\Roaming\hpqLog =>.Hewlett-Packard
O43 - CFD: 19/07/2017 - [] D -- C:\Users\eric\AppData\Roaming\HpUpdate =>.Hewlett-Packard
O43 - CFD: 23/02/2018 - [] D -- C:\Users\eric\AppData\Roaming\IDM =>.IDM
O43 - CFD: 17/05/2016 - [] D -- C:\Users\eric\AppData\Roaming\InstallShield =>.InstallShield
O43 - CFD: 06/10/2016 - [] D -- C:\Users\eric\AppData\Roaming\Internet Download Accelerator
O43 - CFD: 23/02/2018 - [] D -- C:\Users\eric\AppData\Roaming\IObit =>.IObit
O43 - CFD: 17/03/2017 - [] D -- C:\Users\eric\AppData\Roaming\JetBrains =>.JetBrains Inc
O43 - CFD: 18/09/2017 - [] D -- C:\Users\eric\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 06/06/2016 - [] D -- C:\Users\eric\AppData\Roaming\MetroSidebar =>.MetroSidebar
O43 - CFD: 16/12/2016 - [] D -- C:\Users\eric\AppData\Roaming\mgyun =>.mgyun.com
O43 - CFD: 13/09/2017 - [] SD -- C:\Users\eric\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 23/03/2017 - [] D -- C:\Users\eric\AppData\Roaming\Mikrotik
O43 - CFD: 16/10/2017 - [] D -- C:\Users\eric\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 07/01/2018 - [] D -- C:\Users\eric\AppData\Roaming\MPC-HC =>.MPC-HC Team
O43 - CFD: 19/09/2017 - [] D -- C:\Users\eric\AppData\Roaming\n2dddu3iwrk =>Heuristic.Wizzcaster
O43 - CFD: 04/05/2017 - [] D -- C:\Users\eric\AppData\Roaming\Nero =>.Ahead Corporation
O43 - CFD: 03/07/2017 - [] D -- C:\Users\eric\AppData\Roaming\Nitro =>.Nitro
O43 - CFD: 03/06/2016 - [] D -- C:\Users\eric\AppData\Roaming\Opera Software =>.Opera Software
O43 - CFD: 28/07/2016 - [] D -- C:\Users\eric\AppData\Roaming\Oracle =>.Oracle
O43 - CFD: 24/07/2017 - [] D -- C:\Users\eric\AppData\Roaming\OWB
O43 - CFD: 22/04/2016 - [] D -- C:\Users\eric\AppData\Roaming\postgresql =>.PostgreSQL
O43 - CFD: 17/05/2016 - [] D -- C:\Users\eric\AppData\Roaming\PowerDesigner
O43 - CFD: 26/06/2017 - [] D -- C:\Users\eric\AppData\Roaming\PowerISO =>.PowerISO Computing
O43 - CFD: 21/04/2016 - [] D -- C:\Users\eric\AppData\Roaming\ProductData =>.Microsoft Corporation
O43 - CFD: 30/11/2016 - [] D -- C:\Users\eric\AppData\Roaming\Profiles =>.Microsoft Corporation
O43 - CFD: 06/03/2017 - [] D -- C:\Users\eric\AppData\Roaming\Psiphon3
O43 - CFD: 12/06/2016 - [0] D -- C:\Users\eric\AppData\Roaming\Publish Providers =>.Legitimate
O43 - CFD: 19/09/2017 - [] D -- C:\Users\eric\AppData\Roaming\py4fb2s5qpf =>Heuristic.Wizzcaster
O43 - CFD: 21/07/2017 - [] D -- C:\Users\eric\AppData\Roaming\Real =>.RealNetworks Inc.
O43 - CFD: 21/07/2017 - [0] D -- C:\Users\eric\AppData\Roaming\RealNetworks =>.RealNetworks
O43 - CFD: 02/11/2016 - [] D -- C:\Users\eric\AppData\Roaming\Samsung =>.Samsung Electronics
O43 - CFD: 24/07/2017 - [] D -- C:\Users\eric\AppData\Roaming\Skype =>.Skype
O43 - CFD: 12/06/2016 - [] D -- C:\Users\eric\AppData\Roaming\Sony =>.Sony
O43 - CFD: 02/08/2017 - [] D -- C:\Users\eric\AppData\Roaming\SQL Developer
O43 - CFD: 02/08/2017 - [] D -- C:\Users\eric\AppData\Roaming\sqldeveloper
O43 - CFD: 07/04/2016 - [] D -- C:\Users\eric\AppData\Roaming\Sublime Text 3
O43 - CFD: 26/04/2016 - [] D -- C:\Users\eric\AppData\Roaming\Subversion =>.Games Software
O43 - CFD: 22/04/2016 - [] D -- C:\Users\eric\AppData\Roaming\Sun =>.Oracle
O43 - CFD: 23/04/2016 - [] D -- C:\Users\eric\AppData\Roaming\SuperBoost =>.QiWang
O43 - CFD: 13/04/2016 - [0] D -- C:\Users\eric\AppData\Roaming\SWI-Prolog
O43 - CFD: 29/03/2016 - [] D -- C:\Users\eric\AppData\Roaming\Synaptics =>.Synaptics
O43 - CFD: 07/04/2017 - [] HD -- C:\Users\eric\AppData\Roaming\system =>.Microsoft Corporation
O43 - CFD: 03/07/2017 - [] D -- C:\Users\eric\AppData\Roaming\Thinstall =>.VMare
O43 - CFD: 24/07/2017 - [] D -- C:\Users\eric\AppData\Roaming\updatetool
O43 - CFD: 19/07/2016 - [] D -- C:\Users\eric\AppData\Roaming\VMware =>.VMware
O43 - CFD: 03/07/2017 - [] D -- C:\Users\eric\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 29/03/2016 - [] D -- C:\Users\eric\AppData\Roaming\www.kiwix.org
O43 - CFD: 12/05/2016 - [] D -- C:\Users\eric\AppData\Roaming\xpce
O43 - CFD: 06/06/2016 - [0] D -- C:\Users\eric\AppData\Roaming\Yahoo! =>.Yahoo!
O43 - CFD: 06/06/2016 - [] D -- C:\Users\eric\AppData\Roaming\Yandex =>.Yandex
O43 - CFD: 01/08/2017 - [] D -- C:\Users\eric\AppData\Roaming\YCanPDF =>.YCanPDF
O43 - CFD: 03/04/2016 - [] D -- C:\Users\eric\AppData\Roaming\Zbshareware Lab =>.Zbshareware Lab
O43 - CFD: 23/02/2018 - [] D -- C:\Users\eric\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 18/09/2017 - [] D -- C:\Users\eric\AppData\Local\2a4969b64a414f6f870b4f560ce8fe62
O43 - CFD: 18/09/2017 - [] D -- C:\Users\eric\AppData\Local\322fbda0a4bf4aaba4279b215d233142
O43 - CFD: 01/08/2016 - [0] D -- C:\Users\eric\AppData\Local\ActiveSync =>.Microsoft Corporation
O43 - CFD: 23/09/2017 - [] D -- C:\Users\eric\AppData\Local\Adobe =>.Adobe
O43 - CFD: 23/02/2018 - [] D -- C:\Users\eric\AppData\Local\Apowersoft =>.Apowersoft
O43 - CFD: 16/04/2017 - [0] SHD -- C:\Users\eric\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 20/05/2016 - [] D -- C:\Users\eric\AppData\Local\Apps =>.Microsoft Corporation
O43 - CFD: 23/04/2016 - [] D -- C:\Users\eric\AppData\Local\CEF =>.CEF
O43 - CFD: 03/06/2016 - [] D -- C:\Users\eric\AppData\Local\Chromium =>.Chromium
O43 - CFD: 08/05/2017 - [] D -- C:\Users\eric\AppData\Local\Comms =>.Microsoft Corporation
O43 - CFD: 16/04/2017 - [] D -- C:\Users\eric\AppData\Local\ConnectedDevicesPlatform =>.Microsoft Corporation
O43 - CFD: 14/05/2017 - [0] D -- C:\Users\eric\AppData\Local\CrashDumps =>.Microsoft Corporation
O43 - CFD: 10/07/2016 - [] D -- C:\Users\eric\AppData\Local\CrashRpt
O43 - CFD: 16/04/2017 - [0] D -- C:\Users\eric\AppData\Local\DBG =>.DBG
O43 - CFD: 11/01/2018 - [] D -- C:\Users\eric\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 28/11/2016 - [] D -- C:\Users\eric\AppData\Local\Disc_Soft_Ltd =>.Disc Soft Ltd
O43 - CFD: 25/08/2017 - [] D -- C:\Users\eric\AppData\Local\Eclipse =>.Eclipse
O43 - CFD: 03/11/2017 - [0] D -- C:\Users\eric\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 23/05/2016 - [] D -- C:\Users\eric\AppData\Local\Facebook =>.Facebook
O43 - CFD: 23/02/2018 - [] D -- C:\Users\eric\AppData\Local\Free Download Manager =>.FreeDownloadManager.com
O43 - CFD: 17/05/2016 - [] D -- C:\Users\eric\AppData\Local\Geckofx =>.Geckofx
O43 - CFD: 10/01/2018 - [] D -- C:\Users\eric\AppData\Local\Google =>.Google
O43 - CFD: 03/04/2016 - [] D -- C:\Users\eric\AppData\Local\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 16/04/2017 - [0] SHD -- C:\Users\eric\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 19/07/2016 - [] D -- C:\Users\eric\AppData\Local\HP =>.Hewlett-Packard
O43 - CFD: 18/09/2017 - [] D -- C:\Users\eric\AppData\Local\Macromedia =>.Macromedia
O43 - CFD: 04/09/2017 - [] D -- C:\Users\eric\AppData\Local\Messenger =>.Microsoft Corporation
O43 - CFD: 27/09/2017 - [] D -- C:\Users\eric\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 19/09/2017 - [] D -- C:\Users\eric\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 26/09/2017 - [] D -- C:\Users\eric\AppData\Local\Microsoft Toolkit =>.Microsoft Corporation
O43 - CFD: 03/04/2016 - [] D -- C:\Users\eric\AppData\Local\MicrosoftEdge =>.Microsoft Corporation
O43 - CFD: 31/07/2016 - [] D -- C:\Users\eric\AppData\Local\Microsoft_Corporation =>.Microsoft Corporation
O43 - CFD: 31/03/2017 - [0] D -- C:\Users\eric\AppData\Local\Mobirise.com =>.Mobirise.com
O43 - CFD: 16/10/2017 - [] D -- C:\Users\eric\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 26/06/2017 - [] D -- C:\Users\eric\AppData\Local\Nero =>.Ahead Corporation
O43 - CFD: 03/05/2017 - [] D -- C:\Users\eric\AppData\Local\Nero_AG =>.Ahead
O43 - CFD: 02/04/2016 - [0] D -- C:\Users\eric\AppData\Local\NetworkTiles =>.NetworkTiles
O43 - CFD: 27/03/2017 - [] D -- C:\Users\eric\AppData\Local\OpenERP S.A
O43 - CFD: 11/01/2018 - [] D -- C:\Users\eric\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 22/12/2016 - [0] D -- C:\Users\eric\AppData\Local\PackageStaging =>.Apcera
O43 - CFD: 30/03/2016 - [0] D -- C:\Users\eric\AppData\Local\PeerDistRepub =>.Microsoft Corporation
O43 - CFD: 29/03/2016 - [] D -- C:\Users\eric\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 30/03/2016 - [] D -- C:\Users\eric\AppData\Local\Publishers =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - [] D -- C:\Users\eric\AppData\Local\Razer =>.Razer
O43 - CFD: 18/07/2017 - [] D -- C:\Users\eric\AppData\Local\Recovery =>.Recovery Labs
O43 - CFD: 23/04/2016 - [] D -- C:\Users\eric\AppData\Local\Semantis =>.Semantis
O43 - CFD: 13/12/2016 - [] D -- C:\Users\eric\AppData\Local\SKIDROW =>.SKIDROW
O43 - CFD: 12/06/2016 - [] D -- C:\Users\eric\AppData\Local\Sony =>.Sony
O43 - CFD: 02/08/2017 - [] D -- C:\Users\eric\AppData\Local\speech =>.Microsoft Corporation
O43 - CFD: 29/08/2017 - [] D -- C:\Users\eric\AppData\Local\SquirrelTemp =>.Squirrels
O43 - CFD: 13/12/2016 - [] D -- C:\Users\eric\AppData\Local\storage
O43 - CFD: 30/03/2017 - [] D -- C:\Users\eric\AppData\Local\Sublime Text 3
O43 - CFD: 10/06/2016 - [] D -- C:\Users\eric\AppData\Local\TechSmith =>.TechSmith
O43 - CFD: 23/02/2018 - [] D -- C:\Users\eric\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 16/04/2017 - [0] SHD -- C:\Users\eric\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 03/07/2017 - [] D -- C:\Users\eric\AppData\Local\Thinstall =>.VMare
O43 - CFD: 30/03/2016 - [] D -- C:\Users\eric\AppData\Local\TileDataLayer =>.Microsoft Corporation
O43 - CFD: 23/04/2016 - [] D -- C:\Users\eric\AppData\Local\tkdata =>.TK-Data
O43 - CFD: 30/11/2016 - [] D -- C:\Users\eric\AppData\Local\Tlition
O43 - CFD: 16/12/2016 - [] D -- C:\Users\eric\AppData\Local\Trolltech =>.Trolltech
O43 - CFD: 29/03/2017 - [] D -- C:\Users\eric\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 28/03/2017 - [] D -- C:\Users\eric\AppData\Local\Visokio
O43 - CFD: 29/03/2017 - [] D -- C:\Users\eric\AppData\Local\Visokio Omniscope app
O43 - CFD: 16/06/2016 - [] D -- C:\Users\eric\AppData\Local\VMware =>.VMware
O43 - CFD: 29/03/2016 - [] D -- C:\Users\eric\AppData\Local\www.kiwix.org
O43 - CFD: 23/02/2018 - [] D -- C:\Users\eric\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 29/03/2016 - [0] D -- C:\Users\eric\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 07/04/2016 - [] D -- C:\Users\eric\AppData\LocalLow\Adobe =>.Adobe
O43 - CFD: 19/05/2016 - [] D -- C:\Users\eric\AppData\LocalLow\Baidu =>.Baidu
O43 - CFD: 21/09/2017 - [] D -- C:\Users\eric\AppData\LocalLow\IObit =>.IObit
O43 - CFD: 23/04/2016 - [] D -- C:\Users\eric\AppData\LocalLow\Microsoft =>.Microsoft Corporation
O43 - CFD: 16/10/2017 - [0] D -- C:\Users\eric\AppData\LocalLow\Mozilla =>.Mozilla Corporation
O43 - CFD: 27/08/2016 - [] D -- C:\Users\eric\AppData\LocalLow\Oracle =>.Oracle
O43 - CFD: 31/03/2016 - [] D -- C:\Users\eric\AppData\LocalLow\Sun =>.Oracle
O43 - CFD: 29/07/2016 - [] D -- C:\Users\eric\AppData\LocalLow\Temp =>.Microsoft Corporation
O43 - CFD: 06/06/2016 - [] D -- C:\Users\eric\AppData\LocalLow\Yandex =>.Yandex
O43 - CFD: 23/07/2017 - [] D -- C:\Users\eric\Desktop\COURS
O43 - CFD: 09/07/2017 - [] D -- C:\Users\eric\Desktop\dossier caché
O43 - CFD: 15/05/2017 - [] D -- C:\Users\eric\Desktop\eric
O43 - CFD: 15/12/2017 - [] AD -- C:\Users\eric\Desktop\EVS
O43 - CFD: 04/09/2016 - [] D -- C:\Users\eric\Desktop\Gesbiblio
O43 - CFD: 09/12/2016 - [] D -- C:\Users\eric\Desktop\gestionbibliotheque
O43 - CFD: 07/07/2016 - [] AD -- C:\Users\eric\Desktop\organisation du championnat
O43 - CFD: 17/09/2016 - [] D -- C:\Users\eric\Desktop\photo carine ( mariage)
O43 - CFD: 08/01/2018 - [] D -- C:\Users\eric\Desktop\seminaire pad
O43 - CFD: 04/02/2018 - [] D -- C:\Users\eric\Desktop\usb eric
O43 - CFD: 18/03/2017 - [] RD -- C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 16/04/2017 - [] RD -- C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 19/09/2017 - [] RD -- C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 16/04/2017 - [] D -- C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar =>.Convar Deutschland GmbH
O43 - CFD: 16/04/2017 - [] D -- C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory =>.FormatFactory
O43 - CFD: 03/09/2017 - [] D -- C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 16/04/2017 - [] D -- C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jargon Informatique =>.tuxfamily.org
O43 - CFD: 18/03/2017 - [] D -- C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 13/12/2016 - [0] D -- C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\New Super Mario Forever 2012 - FULL PC Version - Foxy Games
O43 - CFD: 17/09/2017 - [] D -- C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sparkle =>.Ignite Realtime
O43 - CFD: 26/09/2017 - [] RD -- C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] RD -- C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] RD -- C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 03/07/2017 - [] D -- C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 16/04/2017 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 22/12/2016 - [0] SHD -- C:\Users\Default\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 20/03/2017 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 22/12/2016 - [0] D -- C:\Users\Default\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 16/04/2017 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 16/04/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 22/12/2016 - [0] SHD -- C:\Users\Default User\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 20/03/2017 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 22/12/2016 - [0] D -- C:\Users\Default User\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 16/04/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 23/04/2017 - [0] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\DBG =>.DBG
O43 - CFD: 17/04/2017 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 26/09/2017 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft Toolkit =>.Microsoft Corporation
O43 - CFD: 19/07/2017 - [0] -- C:\Windows\System32\Config\systemprofile\AppData\Local\PeerDistRepub =>.Microsoft Corporation
O43 - CFD: 11/09/2017 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 16/04/2017 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\BaisvikSoftware
O43 - CFD: 23/09/2017 - [0] -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\IObit =>.IObit
O43 - CFD: 21/12/2017 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 11/09/2017 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 23/02/2018 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\tor =>.Tor
User empty folders CLSID founds (1). Clean with ZHPFix 'EmptyCLSID' command =>.SUP.Empty.CLSID

---\\ ShellExecuteHook (1) - 0s
O46 - SEH:ShellExecuteHooks - (no name) - [HKLM] [64Bits] - {AFC5519E-A73B-11E6-9931-64006A5CFC23} . (...) -- (.not file.)

---\\ ShellIconOverlayIdentifiers (SIOI) (6) - 0s
O106 - SIOI: [ IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll =>.Tonec Inc.®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft SkyDrive Pro Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft SkyDrive Pro Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft SkyDrive Pro Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation

---\\ IMAGE FILE EXECUTION OPTIONS (IFEO) (18) - 1s
O50 - IFEO:C:\Windows\System32\cscript.exe - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\dllhost.exe - (.Microsoft Corporation - COM Surrogate.) [DisableExceptionChainValidation\\3] =>.Microsoft Windows®
O50 - IFEO:C:\Windows\System32\drvinst.exe - (.Microsoft Corporation - Module d’installation de pilotes.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ie4uinit.exe - (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mmc.exe - (.Microsoft Corporation - Microsoft Management Console.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\MRT.exe - (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) [CFGOptions\\1] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Hôte des applications HTML de Microsoft(R).) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\\1118481] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\rundll32.exe - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\\4294967296] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\searchprotocolhost.exe - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\spoolsv.exe - (.Microsoft Corporation - Application sous-système spouleur.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\spoolsv.exe - (.Microsoft Corporation - Application sous-système spouleur.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Processus hôte pour les services Windows.) [MinimumStackCommitInBytes\\32768] =>.Microsoft Windows Publisher®
O50 - IFEO:C:\Windows\System32\wscript.exe - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation

---\\ LISTE DES PILOTES DU SYSTÈME (93) - 27s
O58 - SDL:2017/03/18 21:56:25 N . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [107424] =>.Microsoft Windows®
O58 - SDL:2016/10/12 06:37:52 N . (.HP - HP Accelerometer.) -- C:\Windows\System32\drivers\Accelerometer.sys [56128] =>.HP Inc.®
O58 - SDL:2017/03/18 21:56:25 N . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [1135512] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [83352] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [259488] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27040] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [132000] =>.Microsoft Windows®
O58 - SDL:2012/06/14 17:39:44 N . (.Beceem communications pvt ltd. - Beceem Communications Inc. WiMAX driver.) -- C:\Windows\System32\drivers\BcmBusCtr_64.sys [62976] =>.Beceem communications pvt ltd.
O58 - SDL:2017/03/18 21:56:25 N . (. - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [9728] =>.Broadcom Corporation
O58 - SDL:2017/03/18 21:56:23 N . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [533920] =>.Microsoft Windows®
O58 - SDL:2017/07/19 09:11:32 N . (.Connectify - Connectify NDISRD helper driver.) -- C:\Windows\System32\drivers\cfywlan2.sys [46088] =>.Connectify (Connectify, Inc.)®
O58 - SDL:2017/03/18 21:56:25 N . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) -- C:\Windows\System32\drivers\cht4dx64.sys [102816] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) -- C:\Windows\System32\drivers\cht4sx64.sys [347032] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T4 Chipset.) -- C:\Windows\System32\drivers\cht4vx64.sys [2104224] =>.Microsoft Windows®
O58 - SDL:2017/07/19 08:54:13 N . (.Connectify - NDISRD helper driver.) -- C:\Windows\System32\drivers\cnnctfy3.sys [42152] =>.Connectify®
O58 - SDL:2017/07/19 09:11:32 N . (.Connectify - CNNCTFY helper driver.) -- C:\Windows\System32\drivers\cnnctfy4.sys [53216] =>.Connectify (Connectify, Inc.)®
O58 - SDL:2015/08/31 19:25:56 N . (. - Explore Systems Virtual Audio Device.) -- C:\Windows\System32\drivers\dfx11_1x64.sys [28008] =>.Power Technology®
O58 - SDL:2015/11/15 00:07:54 N . (. - Explore Systems Virtual Audio Device.) -- C:\Windows\System32\drivers\dfx12x64.sys [39048] =>.Power Technology®
O58 - SDL:2012/06/14 17:39:44 N . (.Beceem communications pvt ltd. - Beceem Communications Inc. WiMAX driver.) -- C:\Windows\System32\drivers\drxvi314_64lh.sys [363136] =>.Beceem communications pvt ltd.
O58 - SDL:2016/10/09 00:48:25 N . (.Disc Soft Ltd - DAEMON Tools Pro Virtual SCSI Bus Driver.) -- C:\Windows\System32\drivers\dtproscsibus.sys [30264] =>.Disc Soft Ltd®
O58 - SDL:2016/11/05 08:23:18 N . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\drivers\dtsoftbus01.sys [283200] =>.DT Soft Ltd®
O58 - SDL:2016/11/28 12:11:12 N . (.Disc Soft Ltd - DAEMON Tools Ultra Virtual SCSI Bus Driver.) -- C:\Windows\System32\drivers\dtultrascsibus.sys [30264] =>.Disc Soft Ltd®
O58 - SDL:2016/11/28 12:11:16 N . (.Disc Soft Ltd - DAEMON Tools Ultra Virtual USB Bus Driver.) -- C:\Windows\System32\drivers\dtultrausbbus.sys [47672] =>.Disc Soft Ltd®
O58 - SDL:2015/02/28 23:22:52 N . (.The Within Network, LLC - UxStyle Community Edition Kernel Driver.) -- C:\Windows\System32\drivers\elytsxu.sys [32424] =>.The Within Network, LLC®
O58 - SDL:2016/08/01 23:15:38 N . (.ELAN Microelectronic Corp. - ELAN SMBus Driver.) -- C:\Windows\System32\drivers\ETDSMBus.sys [31832] =>.ELAN MICROELECTRONICS CORPORATION®
O58 - SDL:2017/03/18 21:56:23 N . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3419040] =>.Microsoft Windows®
O58 - SDL:2017/06/26 16:07:57 N . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\Windows\System32\drivers\ew_jubusenum.sys [86016] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2009/09/09 10:23:46 N . (.Intel Corporation - BIOS Update Driver.) -- C:\Windows\System32\drivers\flashud.sys [51712] =>.Intel Corporation
O58 - SDL:2014/10/22 14:29:00 N . (.BitDefender LLC - BitDefender Gonzales FileSystem Driver.) -- C:\Windows\System32\drivers\gzflt.sys [155912] =>.Bitdefender SRL®
O58 - SDL:2016/10/12 06:37:56 N . (.HP - HP Disk Filter - SATA/RAID.) -- C:\Windows\System32\drivers\hpdskflt.sys [42312] =>.HP Inc.®
O58 - SDL:2014/05/15 14:18:36 N . (.Hewlett-Packard Company - Keyboard Filter Driver.) -- C:\Windows\System32\drivers\HpqKbFiltr64.sys [28376] =>.Hewlett-Packard Company®
O58 - SDL:2017/03/18 21:56:25 N . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64416] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:28 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iagpio.sys [33280] =>.Intel(R) Corporation
O58 - SDL:2017/03/18 21:56:28 N . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\Windows\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation
O58 - SDL:2017/03/18 21:56:28 N . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [70656] =>.Intel Corporation
O58 - SDL:2017/03/18 21:56:28 N . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [85504] =>.Intel Corporation
O58 - SDL:2017/03/18 21:56:28 N . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [165376] =>.Intel Corporation
O58 - SDL:2017/03/18 21:56:28 N . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [168448] =>.Intel Corporation
O58 - SDL:2017/03/18 21:56:23 N . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2017/03/18 21:56:19 N . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
O58 - SDL:2016/08/29 21:15:48 N . (.Intel Corporation - Intel(R) Rapid Storage Technology driver -.) -- C:\Windows\System32\drivers\iaStorA.sys [1469944] =>.Intel(R) Rapid Storage Technology®
O58 - SDL:2017/03/18 21:56:26 N . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\Windows\System32\drivers\iaStorAV.sys [673184] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:26 N . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [412064] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\Windows\System32\drivers\ibbus.sys [526240] =>.Microsoft Windows®
O58 - SDL:2017/12/29 02:47:16 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [226024] =>.Tonec Inc.®
O58 - SDL:2015/09/03 12:36:28 N . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [6415256] =>.Intel Corporation - pGFX®
O58 - SDL:2016/05/12 05:32:26 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [481768] =>.Intel(R) OWR®
O58 - SDL:2014/01/20 08:19:28 N . (.Ralink Corporation - Bluetooth Filter Driver.) -- C:\Windows\System32\drivers\IvtUrbBtFlt.sys [51936] =>.IVT CORPORATION®
O58 - SDL:2017/03/18 21:56:25 N . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [108960] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2i.sys [123808] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3i.sys [103328] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [82848] =>.Microsoft Windows®
O58 - SDL:2017/08/24 11:27:36 A . (...) -- C:\Windows\System32\drivers\mbae64.sys [77440] =>.Malwarebytes Corporation®
O58 - SDL:2017/03/18 21:56:25 N . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [59808] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\MegaSas2i.sys [64416] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [575904] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.Mellanox - MLX4 Bus Driver.) -- C:\Windows\System32\drivers\mlx4_bus.sys [842656] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [63904] =>.Microsoft Windows®
O58 - SDL:2016/08/31 16:00:32 N . (...) -- C:\Windows\System32\drivers\mwescontroller.sys [57680] =>Adware.MyWebShield
O58 - SDL:2017/03/18 21:56:25 N . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\Windows\System32\drivers\ndfltr.sys [108960] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:23 N . (.MediaTek Inc. - MediaTek 802.11 Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28x.sys [2537984] =>.MediaTek Inc.
O58 - SDL:2017/03/18 21:56:25 N . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150432] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166304] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\percsas2i.sys [58784] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\percsas3i.sys [61848] =>.Microsoft Windows®
O58 - SDL:2017/04/23 08:35:25 N . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Dr.) -- C:\Windows\System32\drivers\rt640x64.sys [950784] =>.Realtek Semiconductor Corp.®
O58 - SDL:2016/04/21 06:44:27 N . (.Ralink Technology, Corp. - Ralink Bluetooth Adapter.) -- C:\Windows\System32\drivers\rtbth.sys [1219200] =>.MEDIATEK INC.®
O58 - SDL:2017/03/23 06:06:54 N . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [5702144] =>.Realtek Semiconductor Corp.®
O58 - SDL:2017/03/26 19:40:06 N . (.Realsil Semiconductor Corporation - RTS PCIE READER Driver.) -- C:\Windows\System32\drivers\RtsPer.sys [791040] =>.Realtek Semiconductor Corp.®
O58 - SDL:2016/09/17 01:12:20 N . (.Razer, Inc. - Razer Overlay Support.) -- C:\Windows\System32\drivers\rzpmgrk.sys [44144] =>.Razer Inc.®
O58 - SDL:2016/10/16 12:04:08 N . (. - RazerSurround VAD Audio driver.) -- C:\Windows\System32\drivers\RzSurroundVAD.sys [49176] =>.Razer USA Ltd.®
O58 - SDL:2015/10/08 08:00:24 N . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [127760] =>.Power Software Limited®
O58 - SDL:2017/03/18 21:56:26 A . (...) -- C:\Windows\System32\drivers\SDFRd.sys [31128] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44960] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81824] =>.Microsoft Windows®
O58 - SDL:2017/02/17 03:14:54 N . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\drivers\Smb_driver_AMDASF_Aux.sys [69216] =>.Synaptics Incorporated®
O58 - SDL:2016/04/21 07:04:46 N . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960] =>.Synaptics Incorporated®
O58 - SDL:2017/02/17 03:15:00 N . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\drivers\Smb_driver_Intel_Aux.sys [72800] =>.Synaptics Incorporated®
O58 - SDL:2016/09/05 05:47:06 N . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver.) -- C:\Windows\System32\drivers\ssudbus.sys [131712] =>.Samsung Electronics CO., LTD.®
O58 - SDL:2017/05/18 22:17:30 N . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver.) -- C:\Windows\System32\drivers\ssudmdm.sys [166288] =>.Samsung Electronics Co., Ltd.®
O58 - SDL:2017/03/18 21:56:25 N . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [31136] =>.Microsoft Windows®
O58 - SDL:2017/02/17 03:15:18 N . (.Synaptics Incorporated - Synaptics I2C Driver.) -- C:\Windows\System32\drivers\SynRMIHID_Aux.sys [66144] =>.Synaptics Incorporated®
O58 - SDL:2017/02/17 03:15:20 N . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\Windows\System32\drivers\SynTP.sys [936544] =>.Synaptics Incorporated®
O58 - SDL:2013/08/22 13:40:24 N . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys [40664] =>.OpenVPN Technologies, Inc.®
O58 - SDL:2017/02/15 06:54:08 N . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverW8x64.sys [204920] =>.Intel(R) Embedded Subsystems and IP Blocks Group®
O58 - SDL:2017/03/18 21:56:25 N . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [166816] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [305568] =>.Microsoft Windows®
O58 - SDL:2016/07/18 12:15:39 N . (.Western Digital Technologies, Inc. - Western Digital SCSI Architecture Model (SA.) -- C:\Windows\System32\drivers\wdcsam64.sys [26880] =>.WDKTestCert wdclab,130885612892544312®
O58 - SDL:2017/03/18 21:56:25 N . (.Mellanox - Kernel WinMad.) -- C:\Windows\System32\drivers\winmad.sys [32160] =>.Microsoft Windows®
O58 - SDL:2017/03/18 21:56:25 N . (.Mellanox - Kernel WinVerbs.) -- C:\Windows\System32\drivers\winverbs.sys [64920] =>.Microsoft Windows®
O58 - SDL:2016/08/01 11:32:10 N . (.HP - HP Wireless Button Driver.) -- C:\Windows\System32\drivers\WirelessButtonDriver64.sys [32832] =>.HP Inc.®
O58 - SDL:2014/11/18 14:39:06 N . (...) -- C:\Windows\System32\epmntdrv.sys [18528] =>.Microsoft Corporation
O58 - SDL:2014/11/18 14:39:06 N . (...) -- C:\Windows\System32\EuGdiDrv.sys [10848] =>.Intel Corporation

---\\ DERNIERS FICHIERS MODIFIÉS OU CRÉÉS (Utilisateur) (1) - 130s
O61 - LFC: 2018/02/23 08:21:25 A . (..) -- C:\Users\eric\AppData\Local\Apowersoft\Apowersoft Online Launcher\unins000.exe [1637425]

---\\ ASSOCIATION Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (...) -- C:\Windows\System32\WScript.exe "%1" %* =>.Default.Value
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S =>.Default.Value

---\\ MENU DE DÉMARRAGE INTERNET (8) - 0s
O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

---\\ RECHERCHE D'INFECTION SUR LES NAVIGATEURS (5) - 0s
O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] [64Bits]{85A60A59-D3D8-468F-B598-FB4393789EF4} - (Google) - http://www.google.com/ =>.Google Inc.
O69 - SBI: SearchScopes [HKCU] [64Bits]{AECF2199-92B4-489A-6E9F-05BB7C51B337} - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] [64Bits]{C0C3A6C6-03BC-4195-8FCB-AEA091301353} - (Yahoo!) - http://search.yahoo.com/ =>.Yahoo! Inc.
O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com

---\\ ÉNUMÈRE LES SERVICES DÉMARRÉS PAR Svchost (48) - 1s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [189952] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [189952] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [303104] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1269248] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\IKEEXT.DLL [934912] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [996864] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\System32\seclogon.dll [31232] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [138752] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [150016] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [108032] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [877568] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [221696] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [133120] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [413184] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [385536] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [93184] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\Windows\System32\Windows.SharedPC.AccountManager.dll [192512] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\Windows\System32\XblGameSave.dll [1135104] =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Service d’authentification naturelle.) -- C:\Windows\System32\NaturalAuth.dll [723968] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [2153984] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\Windows\System32\usermgr.dll [877568] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\Windows\System32\XblAuthManager.dll [1015296] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - DLL Windows Management Service.) -- C:\Windows\System32\Windows.Internal.Management.dll [536064] =>.Microsoft Corporation
O83 - Search Svchost Services: xbgm (xbgm) . (.Microsoft Corporation - Xbox Game Monitoring Service.) -- C:\Windows\System32\xbgmsvc.dll [301216] =>.Microsoft Windows Publisher®
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [69632] =>.Microsoft Corporation
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) -- C:\Windows\System32\TokenBroker.dll [1052160] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service de géolocalisation.) -- C:\Windows\System32\lfsvc.dll [43520] =>.Microsoft Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Moniteur infrarouge.) -- C:\Windows\System32\irmon.dll [24576] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [104448] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à dista.) -- C:\Windows\System32\rasmans.dll [874496] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [490496] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [69632] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [537600] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [306688] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [2445824] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [1159680] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [612864] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\Windows\System32\dmwappushsvc.dll [55296] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Paramètres de vol.) -- C:\Windows\System32\flightsettings.dll [699904] =>.Microsoft Corporation
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Service du système de notifications Push Wi.) -- C:\Windows\System32\WpnService.dll [276480] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [385536] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\Windows\System32\XboxNetApiSvc.dll [1067008] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Mettre à jour la session Orchestrator Core.) -- C:\Windows\System32\usocore.dll [681984] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Service Configuration du réseau.) -- C:\Windows\System32\NetSetupSvc.dll [261632] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [233984] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Micro.) -- C:\Windows\System32\NcaSvc.dll [167424] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) -- C:\Windows\System32\XboxGipSvc.dll [18944] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [196096] =>.Microsoft Corporation

---\\ LISTE DES EXCEPTIONS DU PAREFEU WINDOWS (4) - 4s
O87 - FAEL: "UDP Query User{062018FD-1341-4514-9F9C-51183C5EF470}C:\users\eric\desktop\winbox_4.exe" [In-None-P17-TRUE] .(...) -- C:\users\eric\desktop\winbox_4.exe
O87 - FAEL: "TCP Query User{2B47B8DE-CE28-4EB6-B6BA-91A57B277D8C}C:\users\eric\desktop\winbox_4.exe" [In-None-P6-TRUE] .(...) -- C:\users\eric\desktop\winbox_4.exe
O87 - FAEL: "UDP Query User{98F7EB9F-5CF3-4AA4-BAC0-87F565548911}C:\users\eric\downloads\programs\winbox.exe" [In-None-P17-TRUE] .(...) -- C:\users\eric\downloads\programs\winbox.exe
O87 - FAEL: "TCP Query User{D9755CD0-A6F1-4B0A-A14E-F3357C100506}C:\users\eric\downloads\programs\winbox.exe" [In-None-P6-TRUE] .(...) -- C:\users\eric\downloads\programs\winbox.exe

---\\ PACKAGES WINDOWS INSTALLER (79) - 28s
[MD5.4BEBC23DBB318165630D6201943192BD] [WIS][2014/04/10 16:27:19] (.Sony Creative Software Inc. - MSVCRT Redists.) -- C:\Windows\Installer\1081f172.msi [5423104] =>.Sony Creative Software Inc.
[MD5.78B41A323699DAF1C25265890733BE26] [WIS][2012/04/15 05:48:02] (.Adobe.) -- C:\Windows\Installer\11b9d04.msi [1997312] =>.Adobe
[MD5.E4AF16B0574B2598AADD353A35A3722B] [WIS][2012/04/15 05:48:02] (.Adobe.) -- C:\Windows\Installer\11b9d09.msi [2211328] =>.Adobe
[MD5.087083B0F3A553F5A54342A190F26012] [WIS][2017/08/25 14:55:16] (.Oracle Corporation - Java SE Development Kit 8 Update 141 (64-bi.) -- C:\Windows\Installer\1878e9.msi [1212416] =>.Oracle Corporation
[MD5.25491D0C1AD3F9356CEE1026A420D6E0] [WIS][2015/02/28 23:23:12] (.The Within Network, LLC - UxStyle.) -- C:\Windows\Installer\18969a3.msi [237568] =>.The Within Network, LLC
[MD5.21AD31ABCF8BEBD064F5051EEF73958E] [WIS][2016/09/28 12:47:51] (.Realnetworks - vs2015_redist x64.) -- C:\Windows\Installer\192613f6.msi [1191936] =>.Realnetworks
[MD5.501361CEEE74B45C30F28B4370366239] [WIS][2016/09/28 12:47:52] (.RealNetworks, Inc. - RealNetworks $(var.MA_PRODUCTNAME) Installe.) -- C:\Windows\Installer\1926148b.msi [7434240] =>.RealNetworks, Inc.
[MD5.B47D0FFA8F6823AA4DB719ED00D2E09E] [WIS][2017/07/25 16:25:48] (.Hewlett-Packard Company - HP 3D DriveGuard.) -- C:\Windows\Installer\1aa267a.msi [6570496] =>.Hewlett-Packard Company
[MD5.F3A22A8FC0B3A8D847DC2927FBB93701] [WIS][2012/10/22 15:27:12] (.Hewlett-Packard Co. - HP Officejet 7610 series Basic Device Softw.) -- C:\Windows\Installer\1b0a8a3.msi [4775936] =>.Hewlett-Packard Co.
[MD5.BDE0D76EF26B78395DB2A35F77A98995] [WIS][2014/08/05 11:52:24] (.Hewlett-Packard - HP Update.) -- C:\Windows\Installer\1b0a8a9.msi [966656] =>.Hewlett-Packard
[MD5.0B2D83A9FA515791F722686B1061B2C5] [WIS][2012/10/22 15:27:16] (.HP - I.R.I.S. OCR.) -- C:\Windows\Installer\1b0a8af.msi [159744] =>.HP
[MD5.D7DD94125A0870ED4761DB2241475BA2] [WIS][2012/10/22 15:27:17] (.Hewlett Packard - HP Officejet 7610 series Get product specif.) -- C:\Windows\Installer\1b0a8b5.msi [172032] =>.Hewlett Packard
[MD5.0C68530F038E6BABA8BE4B1B7ED44FE9] [WIS][2012/10/22 15:27:18] (.Hewlett-Packard Co. - Product Improvement Study for HP Officejet .) -- C:\Windows\Installer\1b0a8bb.msi [245760] =>.Hewlett-Packard Co.
[MD5.3F58A93E965F6051B0D82D5B61850C82] [WIS][2016/12/07 12:08:25] (.Nom de votre société - ExtensionManagerWrapper.) -- C:\Windows\Installer\2936030.msi [6181888]
[MD5.B71EB7EE7271022D376D090C374BCEBB] [WIS][2017/07/24 23:35:58] (.Oracle Corporation - Java SE Development Kit 8.0.) -- C:\Windows\Installer\2b2e7d9.msi [974848] =>.Oracle Corporation
[MD5.72E5E4289C4B56F71B1D08CC7618DF3B] [WIS][2014/10/23 15:44:58] (.Semantis.) -- C:\Windows\Installer\2dafbcd.msi [7027712] =>.Semantis
[MD5.871A18E7BA6F3B862DCC5B1103AFDF47] [WIS][2016/04/03 02:50:56] (.HP - HP Support Solutions Framework.) -- C:\Windows\Installer\3932a2.msi [9306112] =>.HP
[MD5.F00A601DD30144A1571AB492866F1832] [WIS][2008/12/12 11:20:38] (.Apple Inc. - Bonjour Installer.) -- C:\Windows\Installer\3e477e8.msi [2357760] =>.Apple Inc.
[MD5.F4DF57C2D723538EC4EF895B876BDC72] [WIS][2013/04/26 09:58:52] (.Hewlett-Packard - 64 Bit HP CIO Components Installer Package.) -- C:\Windows\Installer\41d2f7e.msi [510976] =>.Hewlett-Packard
[MD5.3BCBB95AF9A51D793D8B20C324027BE8] [WIS][2016/08/27 13:20:24] (.Oracle Corporation - Java SE Development Kit 8 Update 73 (64-bit.) -- C:\Windows\Installer\42f2fc.msi [1216512] =>.Oracle Corporation
[MD5.7D8C95C6AFD8C52938037FA5F88BD5AB] [WIS][2016/04/03 03:10:57] (.HP - HP Support Assistant.) -- C:\Windows\Installer\4f4b43.msi [14425088] =>.HP
[MD5.8D9378D81025784C60CD3DDF061309F5] [WIS][2016/04/03 03:12:29] (.Hewlett-Packard.) -- C:\Windows\Installer\4f4b49.msi [635392] =>.Hewlett-Packard
[MD5.4C21EDCC2B6BFE8C3F6B2143EA84B2D8] [WIS][2016/07/10 18:52:25] (.Nero AG - Nero BurningROM 2016.) -- C:\Windows\Installer\5a7ec2.msi [35334656] =>.Nero AG
[MD5.1D34F7836842D7176D5D5E754E17B3C0] [WIS][2016/07/10 18:52:49] (.Nero AG - Nero Burning ROM 15.) -- C:\Windows\Installer\5a7ed9.msi [4174848] =>.Nero AG
[MD5.0CE3DB6358B90E9CC1A53D59A13E5E32] [WIS][2016/07/10 18:52:39] (.Nero AG - Nero Prerequisites.) -- C:\Windows\Installer\5a7ee1.msi [3817472] =>.Nero AG
[MD5.2009856C5DCB9999E726D9238FE3EDAB] [WIS][2016/07/10 18:52:41] (.Nero AG - Nero Launcher.) -- C:\Windows\Installer\5a7eff.msi [4322304] =>.Nero AG
[MD5.86EC6CB2B0AD0EBDCABBE122C8F30D79] [WIS][2016/07/10 18:52:50] (.Nero AG - Nero BurningCore 15.) -- C:\Windows\Installer\5a7f07.msi [3848192] =>.Nero AG
[MD5.12AC6EF54D6D65FABF4D6D475A246F02] [WIS][2017/04/28 16:05:38] (.Nero AG - Nero 2017.) -- C:\Windows\Installer\5baa461.msi [27992576] =>.Nero AG
[MD5.E09006C85525E718EA03594C5EA172BA] [WIS][2017/04/28 16:07:15] (.Nero AG - NeroControlCenter.) -- C:\Windows\Installer\5baa46d.msi [3675136] =>.Nero AG
[MD5.CF923AE2AE987717DD95DAB5741101E4] [WIS][2017/04/28 16:07:13] (.Nero AG - Nero Core Components.) -- C:\Windows\Installer\5baa489.msi [4368896] =>.Nero AG
[MD5.5C48784412433E81C3042EB7DCA8E8CF] [WIS][2017/04/28 16:06:32] (.Nero AG - Nero 12 Disc Menus Basic.) -- C:\Windows\Installer\5baa490.msi [1199104] =>.Nero AG
[MD5.5D45ACFD67B27A1827ED7DE9394BD6A7] [WIS][2017/04/28 16:06:29] (.Nero AG - Nero 12 Kwik Themes Basic.) -- C:\Windows\Installer\5baa498.msi [1216000] =>.Nero AG
[MD5.3CBA1EE77FAD369495F65B961C610306] [WIS][2017/04/28 16:07:00] (.Nero AG - Nero 12 Effects Basic.) -- C:\Windows\Installer\5baa4a8.msi [1216000] =>.Nero AG
[MD5.B20E93BB8832968008E1C02EC1AC68E7] [WIS][2017/04/28 16:06:29] (.Nero AG - Nero 12 PiP Effects Basic.) -- C:\Windows\Installer\5baa4b0.msi [1217536] =>.Nero AG
[MD5.F309F9A5B61687F41B1751F38DBC0721] [WIS][2017/04/28 16:06:28] (.Nero AG - Nero Prerequisites.) -- C:\Windows\Installer\5baa4b8.msi [3815936] =>.Nero AG
[MD5.F7CE41D712528A2E7F161C2504A70D21] [WIS][2017/04/28 16:07:08] (.Nero AG - Nero CoverDesigner.) -- C:\Windows\Installer\5baa4d4.msi [1812992] =>.Nero AG
[MD5.DB4F92889B441AB528EAE256D9F60112] [WIS][2017/04/28 16:06:36] (.Nero AG - Nero MediaHome.) -- C:\Windows\Installer\5baa4e4.msi [3638272] =>.Nero AG
[MD5.32ADB203A53F4DD325A71DE3EACFFE48] [WIS][2017/04/28 16:06:11] (.Nero AG - Nero RescueAgent 2017.) -- C:\Windows\Installer\5baa4ec.msi [5207040] =>.Nero AG
[MD5.5E1F140F41530269EFDD0DBEE93DEFBF] [WIS][2017/04/28 16:06:10] (.Nero AG - Nero 12 Video Samples.) -- C:\Windows\Installer\5baa504.msi [1181696] =>.Nero AG
[MD5.1411D00156B0A48CF4D9ED1DC40FD5E3] [WIS][2017/04/28 16:06:07] (.Nero AG - Nero Update.) -- C:\Windows\Installer\5baa54f.msi [1418240] =>.Nero AG
[MD5.7C8096FBB380769BBB7DCDCF0D8BDB04] [WIS][2017/04/28 16:07:08] (.Nero AG - Nero Device Updates.) -- C:\Windows\Installer\5baa57c.msi [866816] =>.Nero AG
[MD5.466EB5C5E441F8DC01EADCFA055E2522] [WIS][2017/04/28 16:06:07] (.Nero AG - Music Recorder.) -- C:\Windows\Installer\5baa589.msi [2380288] =>.Nero AG
[MD5.E29F3AA683570834CE5ED325CCDC4BC3] [WIS][2017/04/28 16:17:52] (.Nero AG - Nero 2017 Content Pack.) -- C:\Windows\Installer\5baa58e.msi [5825024] =>.Nero AG
[MD5.20A8E2D357DB562D8EB553E1F12AA65B] [WIS][2017/04/28 16:17:52] (.Nero AG - Nero 12 Image Samples.) -- C:\Windows\Installer\5baa595.msi [1183744] =>.Nero AG
[MD5.0F3B09422C91C1A4A49E415CED992CDC] [WIS][2017/04/28 16:17:54] (.Nero AG - Nero Family and Events Themes.) -- C:\Windows\Installer\5baa59d.msi [1357824] =>.Nero AG
[MD5.A979E28530670221E72AE79639C709A2] [WIS][2017/04/28 16:17:54] (.Nero AG - Nero Football (Soccer) Themes.) -- C:\Windows\Installer\5baa5a5.msi [1306112] =>.Nero AG
[MD5.58F57328C8ED1801158A24FBCF42810C] [WIS][2017/04/28 16:17:53] (.Nero AG - Nero Retro Film Themes.) -- C:\Windows\Installer\5baa5ad.msi [1369600] =>.Nero AG
[MD5.A4FD891D8C23154E8708E53F68B2ADCE] [WIS][2017/04/28 16:17:53] (.Nero AG - Nero 12 PiP Effects 1.) -- C:\Windows\Installer\5baa5b5.msi [1254912] =>.Nero AG
[MD5.77277FC414715A38E448E27BAD164FE4] [WIS][2017/04/28 16:17:52] (.Nero AG - Nero Platinum Effects 12.) -- C:\Windows\Installer\5baa5bd.msi [1231872] =>.Nero AG
[MD5.CABDA747CF75556B534A77F4C872F836] [WIS][2017/04/28 16:17:52] (.Nero AG - Nero 12 Video Transitions 1.) -- C:\Windows\Installer\5baa5c5.msi [1195520] =>.Nero AG
[MD5.0A833FE993B21971647DAAEB8D095668] [WIS][2017/04/28 16:18:32] (.Nero AG - Nero 12 Cliparts.) -- C:\Windows\Installer\5baa5ce.msi [1228288] =>.Nero AG
[MD5.360C53B14F643FF65064E36D747CCE04] [WIS][2017/04/28 16:18:29] (.Nero AG - Nero 12 Disc Menus 1.) -- C:\Windows\Installer\5baa5d6.msi [1216512] =>.Nero AG
[MD5.D006CFFC65BE5CE54DF60B0F7F9CE169] [WIS][2017/04/28 16:18:23] (.Nero AG - Nero 12 Disc Menus 2.) -- C:\Windows\Installer\5baa5de.msi [1485824] =>.Nero AG
[MD5.D5A904BDDA5ED863DF27D2E249A45CC4] [WIS][2017/04/28 16:18:16] (.Nero AG - Nero 12 Disc Menus 3.) -- C:\Windows\Installer\5baa5e6.msi [1241088] =>.Nero AG
[MD5.F55D27A5855B2AB887A1949F9E6D5CBC] [WIS][2017/04/28 16:18:10] (.Nero AG - Nero Abstract Themes.) -- C:\Windows\Installer\5baa5ee.msi [1201152] =>.Nero AG
[MD5.FCAB727A92FDD3140A5C5D7D00A623F3] [WIS][2017/04/28 16:17:59] (.Nero AG - Nero Holiday and Sports Themes.) -- C:\Windows\Installer\5baa5f6.msi [1291264] =>.Nero AG
[MD5.9C80694079A302C38D59BE08FE64341C] [WIS][2016/12/16 01:51:47] (.Baisvik - Driver Fixer installation package.) -- C:\Windows\Installer\67fb2df.msi [17867776]
[MD5.BE1EDECD114D816589C42FF4B022AED6] [WIS][2016/05/18 17:22:56] (.© Copyright 2015 HP Development Company, L.P..) -- C:\Windows\Installer\68712fe.msi [4710912]
[MD5.843FA48882248542A13727E554DF5759] [WIS][2017/07/21 10:03:14] (.Realnetworks - vs2015_redist x86.) -- C:\Windows\Installer\70542f.msi [1089536] =>.Realnetworks
[MD5.CCED5B66D129BF4CEE74277C85A45CD7] [WIS][2016/05/24 13:09:30] (.Oracle - Java SE Development Kit 7.0.) -- C:\Windows\Installer\77b918.msi [482816] =>.Oracle
[MD5.B14699F8593437CD62F17CA6405B5D70] [WIS][2017/07/03 20:16:04] (.Nitro - Nitro Pro 10.5.1.17.) -- C:\Windows\Installer\7b621.msi [442335232] =>.Nitro
[MD5.E0BEE57B802ADF755C69CAE057F6D001] [WIS][2015/11/25 20:05:50] (.Intel Corporation - Intel(R) Biometric and Context Agent Redist.) -- C:\Windows\Installer\8420be0.msi [34631680] =>.Intel Corporation
[MD5.003A1A6D128303A7A271AAA746008DD2] [WIS][2015/11/25 20:05:42] (.Intel Corporation - Intel(R) Biometric and Context Agent 2.0.87.) -- C:\Windows\Installer\8420be5.msi [15446016] =>.Intel Corporation
[MD5.A04E16FA33082B02CB691F122BAB15B3] [WIS][2015/10/27 07:55:00] (.Intel Corporation - Intel® RealSense™ SDK 2014 Runtime (x64): .) -- C:\Windows\Installer\8420bea.msi [2801664] =>.Intel Corporation
[MD5.BC979CBDF692C4E4ACE70F376108F4E4] [WIS][2016/06/09 06:32:32] (.HP - HP PC Hardware Diagnostics UEFI.) -- C:\Windows\Installer\8556cc0.msi [21662208] =>.HP
[MD5.3B8244292FB0ABAD623E415202AD79E7] [WIS][2017/08/20 00:15:39] (.Oracle Corporation - Java SE Development Kit 8 Update 144 (64-bi.) -- C:\Windows\Installer\8bc7164.msi [1212416] =>.Oracle Corporation
[MD5.F0EE2E7F283866A2A0FEA9BE2D12A979] [WIS][2018/01/10 06:35:10] (.Google Inc. - Google Update Helper.) -- C:\Windows\Installer\903d8.msi [40960] =>.Google Inc.
[MD5.02AC00F770E9926861C82648A46ED034] [WIS][2018/01/20 11:46:31] (.Oracle Corporation - Java SE Runtime Environment 8 Update 161.) -- C:\Windows\Installer\c362c.msi [35008512] =>.Oracle Corporation
[MD5.E946494A22B2263D5DB177EFB3763E82] [WIS][2018/01/20 11:46:23] (.Oracle Corporation - Java SE Runtime Environment 8 Update 161.) -- C:\Windows\Installer\c3631.msi [39129088] =>.Oracle Corporation
[MD5.1CE69AAB7A515676FA76AD9072411664] [WIS][2018/01/20 11:46:25] (.Oracle Corporation - Java Auto Updater.) -- C:\Windows\Installer\c363c.msi [765952] =>.Oracle Corporation
[MD5.C44B9C174FF1B1A2A69B962360BF2272] [WIS][2017/05/03 16:59:41] (.Nero AG - Nero SharedVideoCodecs.) -- C:\Windows\Installer\cc20a3.msi [866304] =>.Nero AG
[MD5.88498A1432EC3BBBD903E13DE820F7A0] [WIS][2017/05/03 16:59:51] (.Nero AG - Nero Disc to Device.) -- C:\Windows\Installer\cc212c.msi [3717632] =>.Nero AG
[MD5.6CCF35034A7E74C9EA2941B8FB5ECED0] [WIS][2017/05/03 17:00:26] (.Nero AG - Nero Info.) -- C:\Windows\Installer\cc2135.msi [2698752] =>.Nero AG
[MD5.C7A02429DABA8B98746839295329F999] [WIS][2017/05/03 17:00:32] (.Nero AG - Nero Burning ROM 15.) -- C:\Windows\Installer\cc213f.msi [3159552] =>.Nero AG
[MD5.7C5A696D5BCDC9D1A3DB160D0878EA00] [WIS][2017/05/03 17:00:36] (.Nero AG - Nero Express 15.) -- C:\Windows\Installer\cc2149.msi [3006464] =>.Nero AG
[MD5.6009FAC527335485E9F27DD47013F79E] [WIS][2017/05/03 17:00:51] (.Nero AG - Nero BurningCore 15.) -- C:\Windows\Installer\cc2189.msi [2833920] =>.Nero AG
[MD5.F1260030FE13E9CA0C86791171A1EE2B] [WIS][2017/05/03 17:01:26] (.Nero AG - Nero Launcher.) -- C:\Windows\Installer\cc21b5.msi [4124160] =>.Nero AG
[MD5.3C8AB28BC6BC56E3E2CDEC420478300C] [WIS][2017/05/03 17:01:45] (.Nero AG - Nero Video 2017.) -- C:\Windows\Installer\cc23a7.msi [5765632] =>.Nero AG
[MD5.F492882E1038FD36E58D5BBB86AD3806] [WIS][2017/05/03 17:03:19] (.Nero AG - Nero Recode.) -- C:\Windows\Installer\cc24a2.msi [4475392] =>.Nero AG

---\\ SCAN ADDITIONNEL (33) - 11s
HKLM\SYSTEM\CurrentControlSet\Services\TCPSvc =>Trojan.ProxyAgent
C:\Users\eric\AppData\Local\Temp\csrss\proxy\Tor\tor.exe =>Trojan.ProxyAgent
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509} =>.SUP.Orphan
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{13D67BB7-DB5F-48AA-884D-7A5D94168509} =>.SUP.Orphan
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA} =>.SUP.Orphan
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3049C3E9-B461-4BC5-8870-4C09146192CA} =>.SUP.Orphan
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 =>HackTool.KMSpico
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 =>HackTool.KMSpico
C:\Program Files\BDSCJGDHLE\BDSCJGDHL.exe =>Adware.Wizzcaster
C:\Program Files\BDSCJGDHLE\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\BDSCJGDHLE =>Adware.Wizzcaster
C:\Program Files\KMSpico =>HackTool.KMSpico
C:\Program Files\L76ZO09L6P\L76ZO09L6.exe =>Adware.Wizzcaster
C:\Program Files\L76ZO09L6P\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\L76ZO09L6P =>Adware.Wizzcaster
C:\Program Files\XSBDBY8FNB\XSBDBY8FN.exe =>Adware.Wizzcaster
C:\Program Files\XSBDBY8FNB\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\XSBDBY8FNB =>Adware.Wizzcaster
C:\Program Files (x86)\1a641ce1-bb17-40f5-a1fc-3ea2f4cf1fdb1490347953 =>Adware.CrossRider
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
C:\ProgramData\159d8e6ff42042bbae0f0def4445b047 =>Adware.Suspect
C:\ProgramData\1faff803c0964a86b82fdd284408c283 =>Adware.Suspect
C:\ProgramData\b945d8214d7047bd89ea300fbaf0006d =>Adware.Suspect
C:\Users\eric\AppData\Roaming\dll4c4dqy3m\vlsmh5qj2bq.exe =>Heuristic.Wizzcaster
C:\Users\eric\AppData\Roaming\dll4c4dqy3m =>Heuristic.Wizzcaster
C:\Users\eric\AppData\Roaming\n2dddu3iwrk\yhpppi0pl3s.exe =>Heuristic.Wizzcaster
C:\Users\eric\AppData\Roaming\n2dddu3iwrk =>Heuristic.Wizzcaster
C:\Users\eric\AppData\Roaming\py4fb2s5qpf\hsftbemcrx5.exe =>Heuristic.Wizzcaster
C:\Users\eric\AppData\Roaming\py4fb2s5qpf =>Heuristic.Wizzcaster
C:\Windows\System32\drivers\mwescontroller.sys =>Adware.MyWebShield
C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\File System\000 =>.SUP.Temporary.Chrome
C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome
C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\File System\002 =>.SUP.Temporary.Chrome

---\\ RÉCAPITULATIF DES ÉLÉMENTS TROUVÉS SUR VOTRE STATION (16) - 0s
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Trojan.ProxyAgent
https://nicolascoolman.eu/2017/12/26/sup-akamaihd/ =>.SUP.AkamaiHD
https://nicolascoolman.eu/2017/09/07/pup-optional-salus/ =>.SUP.Linkury
https://nicolascoolman.eu/2017/09/12/origine-lignes-orphelines/ =>.SUP.Orphan
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider
https://nicolascoolman.eu/2017/02/23/tencentadressbar/ =>.SUP.Tencent
https://nicolascoolman.eu/2017/12/23/sup-magicbit/ =>.SUP.Magicbit
https://www.nicolascoolman.com/fr/trojan-vonteera/ =>PUP.Optional.Vonteera
https://nicolascoolman.eu/2017/12/22/sup-downloader/ =>.SUP.Downloader
https://nicolascoolman.eu/2017/09/15/adware-wizzcaster/ =>Adware.Wizzcaster
https://nicolascoolman.eu/2017/03/02/adware-suspect/ =>Adware.Suspect
https://nicolascoolman.eu/2017/09/15/adware-wizzcaster/ =>Heuristic.Wizzcaster
https://nicolascoolman.eu/2017/11/29/le-format-clsid-registre-windows/ =>.SUP.Empty.CLSID
https://nicolascoolman.eu/2017/10/14/adware-mywebshield/ =>Adware.MyWebShield
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Chrome

~ Unselected Options: O38, O108, O82,
~ End of the scan, 43264 items in 06mn18s (1667)(0)

Signaler le contenu de ce document