~ ZHPDiag v2016.6.2.101 Par Nicolas Coolman (2016/06/02) ~ Démarré par Windows77777 (Administrator) (2016/06/04 17:04:40) ~ Site: http://www.nicolascoolman.com ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ Etat de la version: Version OK ~ Mode: Scanner ~ Rapport: C:\Users\Windows77777\Desktop\ZHPDiag.txt ~ Rapport: C:\Users\Windows77777\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Deactivate ~ Démarrage du système: Normal (Normal boot) Windows Seven Black Edition, 64-bit Service Pack 1 (Build 7601) ---\\ Navigateurs Internet (3) - 0s GCIE: Google Chrome v51.0.2704.79 MFIE: Mozilla Firefox 46.0.1 (x86 fr) MSIE: Internet Explorer v8.0.7601.17514 ---\\ Informations sur les produits Windows (4) - 3s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK Windows Activation Technologies : KO ---\\ Surveillance de Logiciels (1) - 5s Adobe Acrobat Reader DC - Français ---\\ Informations sur le système (6) - 0s ~ Operating System: Intel64 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 2088.312 MB (30% free) System Restore: Activé (Enable) System drive C: has 78 GB () free of 142 GB ---\\ Mode de connexion au système (3) - 0s ~ Computer Name: WINDOWS77777-PC ~ User Name: Windows77777 ~ Logged in as Administrator ---\\ Enumération des unités disques (3) - 10s ~ Drive C: has 78 GB free of 142 GB (System) ~ Drive D: has 3 GB free of 3 GB ~ Drive E: has 3 GB free of 6 GB ---\\ Etat du Centre de Sécurité Windows (11) - 1s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Recherche particulière de fichiers génériques (25) - 4s [MD5.AC4C51EB24AA95B77F705AB159189E24] - 20/11/2010 - (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\Explorer.exe [2872320] =>.Microsoft Corporation [MD5.DD81D91FF3B0763C392422865C9AC12E] - 14/07/2009 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568] =>.Microsoft Corporation [MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation [MD5.F6C5302E1F4813D552F41A0AC82455E5] - 20/11/2010 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [1188864] =>.Microsoft Corporation [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - 20/11/2010 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\Windows\System32\Winlogon.exe [390656] =>.Microsoft Corporation [MD5.067FA52BFB59A56110A12312EF9AF243] - 20/11/2010 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation [MD5.A52B6CC24063CC83C78C0E6F24DEEC01] - 20/11/2010 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation [MD5.59DF156711A76BCB993253EC6C9BBF41] - 20/11/2010 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft Corporation [MD5.0D57D091E06BB1E58E72E5D08479FDDF] - 20/11/2010 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [20480] =>.Microsoft Corporation [MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - 20/11/2010 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [499712] =>.Microsoft Corporation [MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Windows® [MD5.B8BD2BB284668C84865658C77574381A] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation [MD5.F036CE71586E93D94DAB220D7BDF4416] - 20/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 20/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] =>.Microsoft Corporation [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 20/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 14/07/2009 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation [MD5.FAF015B07E3A2874A790A39B7D2C579F] - 20/11/2010 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [158208] =>.Microsoft Corporation [MD5.09594D1089C523423B32A4229263F068] - 20/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [261632] =>.Microsoft Corporation [MD5.05D78AA5CB5F3F5C31160BDB955D0B7C] - 20/11/2010 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [1659776] =>.Microsoft Windows® [MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation [MD5.471815800AE33E6F1C32FB1B97C490CA] - 20/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - 20/11/2010 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [119296] =>.Microsoft Corporation [MD5.0D08D2F3B3FF84E433346669B5E0F639] - 20/11/2010 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Windows® ---\\ Liste des services NT non Microsoft et non désactivés (16) - 3s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® O23 - Service: cktSvc (cktSvc) . (...) - C:\Program Files (x86)\Uncheckit\cktSvc.exe (.not file.) O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: YAC Service (iSafeService) . (.Elex do Brasil Participações Ltda - iSafeSvc.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe =>.Superfluous.Elex O23 - Service: JSW Hardware Button Service (JSWHwBtn) . (...) - C:\Program Files (x86)\TP-LINK\QSS\HwBtnSvc.exe O23 - Service: Protect Service(LegpatP) (LegpatP) . (.Copyright (C) 2016 Legpat Authors - Legpat.) - C:\ProgramData\Legpat\Legpat.exe {1121425C73F5B28AE6BF0FAAF2BE407751CF} O23 - Service: Update Service(LegpatU) (LegpatU) . (.Copyright (C) 2016 Legpat Authors - Legpat.) - C:\Program Files (x86)\Legpat\Update\LegpatUpdate.exe {1121425C73F5B28AE6BF0FAAF2BE407751CF} O23 - Service: NO-IP DUC v4.1.1 (NoIPDUCService4) . (.Copyright © 2012 - ducservice.) - C:\Program Files (x86)\No-IP\ducservice.exe O23 - Service: panda_url_filtering Service (panda_url_filtering) . (...) - C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe (.not file.) O23 - Service: qkseeService (qkseeService) . (.Qksee Pvt Ltd. - qksee service.) - C:\Program Files (x86)\qksee\qkseeSvc.exe {4D3C24F70EF8354EEF013BEDD8F0EF61} =>.Superfluous.TaiwanShuiMu O23 - Service: Shefale Cloud (shefaleCloudservice) . (...) - C:\Program Files (x86)\Shefale\shefaleCloudservice.exe =>PUP.Optional.CrossRider O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® O23 - Service: svctcom (svctcom) . (.Birch Grove Software, Inc. - Host Process for Com.) - C:\Windows\SysWOW64\svctcom.exe {009F2D38A791C4E8F05BCACC61E0294389} O23 - Service: UncheckitSvc (UncheckitSvc) . (...) - C:\Program Files (x86)\Uncheckit\UncheckitSvc.exe (.not file.) O23 - Service: WFini WdMan Service (WdMan) . (.WFini LIMITED - WFini.) - C:\ProgramData\cwinpc\WFini.exe {11211E53DC7CFC98A02EDFD9D3C6200DDB65} =>PUP.Optional.WdsManPro O23 - Service: WinZiper service (winzipersvc) . (.Winziper Pvt Ltd. - Winzipper service.) - C:\Program Files (x86)\WinZipper\winzipersvc.exe {0F395E2E0DF921C128D0AB05055AF826} =>.Superfluous.WinZipper ---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (16) - 36s SR - Auto [22/04/2016] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® SS - Auto [03/06/2016] [ 154440] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [03/06/2016] [ 154440] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SR - Auto [24/05/2016] [ 118048] YAC Service (iSafeService) . (.Elex do Brasil Participações Ltda.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe =>.Superfluous.Elex SR - Auto [29/02/2008] [ 16384] JSW Hardware Button Service (JSWHwBtn) . (...) - C:\Program Files (x86)\TP-LINK\QSS\HwBtnSvc.exe SR - Auto [26/05/2016] [ 399768] Protect Service(LegpatP) (LegpatP) . (.Copyright (C) 2016 Legpat Authors.) - C:\ProgramData\Legpat\Legpat.exe {1121425C73F5B28AE6BF0FAAF2BE407751CF} SS - Auto [26/05/2016] [ 532888] Update Service(LegpatU) (LegpatU) . (.Copyright (C) 2016 Legpat Authors.) - C:\Program Files (x86)\Legpat\Update\LegpatUpdate.exe {1121425C73F5B28AE6BF0FAAF2BE407751CF} SS - Demand [03/05/2016] [ 146888] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation® SR - Auto [20/07/2015] [ 12288] NO-IP DUC v4.1.1 (NoIPDUCService4) . (.Copyright © 2012.) - C:\Program Files (x86)\No-IP\ducservice.exe SR - Auto [31/05/2016] [ 767664] qkseeService (qkseeService) . (.Qksee Pvt Ltd..) - C:\Program Files (x86)\qksee\qkseeSvc.exe {4D3C24F70EF8354EEF013BEDD8F0EF61} =>.Superfluous.TaiwanShuiMu SS - Auto [19/05/2016] [ 985752] Shefale Cloud (shefaleCloudservice) . (...) - C:\Program Files (x86)\Shefale\shefaleCloudservice.exe =>PUP.Optional.CrossRider SS - Auto [23/03/2016] [ 327808] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® SR - Auto [31/05/2016] [ 450272] svctcom (svctcom) . (.Birch Grove Software, Inc..) - C:\Windows\SysWOW64\svctcom.exe {009F2D38A791C4E8F05BCACC61E0294389} SR - Auto [01/06/2016] [ 217272] WFini WdMan Service (WdMan) . (.WFini LIMITED.) - C:\ProgramData\cwinpc\WFini.exe {11211E53DC7CFC98A02EDFD9D3C6200DDB65} =>PUP.Optional.WdsManPro SR - Auto [26/05/2016] [ 1068088] WinZiper service (winzipersvc) . (.Winziper Pvt Ltd..) - C:\Program Files (x86)\WinZipper\winzipersvc.exe {0F395E2E0DF921C128D0AB05055AF826} =>.Superfluous.WinZipper ---\\ Tâches planifiées en automatique (36) - 9s [MD5.DE7BC28EAE6A62BC35754D1DCA4ECF38] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1107672] (.Activate.) =>.Adobe Systems, Incorporated® [MD5.5BCE955CF12AF3417F055DADC0212920] [APT] [Browser Updater Task(Core)] (.Tencent.) -- C:\Program Files (x86)\QQBrowser\Update\9EC4F2486B621A0203970BB1F05BE7E2\Update\BrowserUpdate.exe [690144] (.Activate.) =>.Superfluous.Tencent [MD5.3E6442B01E44B3AA31807FEF5235DC54] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3919640] (.Activate.) =>.Piriform Ltd® [MD5.750446ED76A5D13E902174DDDDA1A62B] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440] (.Activate.) =>.Google Inc® [MD5.750446ED76A5D13E902174DDDDA1A62B] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440] (.Activate.) =>.Google Inc® [MD5.CF1E29759CCDF15CDEF8F49ECF632733] [APT] [JetCleanLoginCheckUpdate] (.BlueSprig.) -- C:\Program Files (x86)\BlueSprig\JetClean\AutoUpdate.exe [1050928] (.Activate.) {589D023EC02E552CDAA00B1FA0FDCA85} =>.BlueSprig [MD5.714963080BEC142934E8E23969C41955] [APT] [LegpatUpdateTaskMachineCore] (.Copyright (C) 2016 Legpat Authors.) -- C:\Program Files (x86)\Legpat\Update\LegpatUpdate.exe [532888] (.Activate.) {1121425C73F5B28AE6BF0FAAF2BE407751CF} [MD5.714963080BEC142934E8E23969C41955] [APT] [LegpatUpdateTaskMachineUA] (.Copyright (C) 2016 Legpat Authors.) -- C:\Program Files (x86)\Legpat\Update\LegpatUpdate.exe [532888] (.Activate.) {1121425C73F5B28AE6BF0FAAF2BE407751CF} [MD5.FC2028C1F6634F8EC1649CE9348A31F6] [APT] [Shefale Cloud] (...) -- C:\Program Files (x86)\Shefale\shefaleCloudtask.exe [326296] (.Activate.) =>PUP.Optional.CrossRider [MD5.00000000000000000000000000000000] [APT] [UncheckitTaskMN] (...) -- C:\Program Files (x86)\Uncheckit\cktSvc.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [UncheckitUpdateTaskC] (...) -- C:\Program Files (x86)\Uncheckit\UncheckitUpdate.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [UncheckitUpdateTaskDB] (...) -- C:\Program Files (x86)\Uncheckit\UncheckitUpdate.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [{0024813D-D801-49D8-895E-66E888FEEBAC}] (...) -- C:\Users\Windows77777\Downloads\Programs\nox_setup_v3.5.1.0_full_en.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [{9711BAD5-6F25-4038-A67E-C8BF8ACDBF03}] (...) -- G:\format\Programs\AWCSetup.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [{988A7276-08FA-4012-A080-AA98EEE57574}] (...) -- F:\TL-WN721N_WN722N\Setup.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.EAFB2CDCEA53FE4D600E04BBB6B1800C] [APT] [{B611361C-5311-46DD-B600-0A3A917D7348}] (.Google Inc..) -- C:\Program Files (x86)\Legpat\Application\chrome.exe [1032088] (.Activate.) {1121425C73F5B28AE6BF0FAAF2BE407751CF} =>.Google Inc. [MD5.00000000000000000000000000000000] [APT] [{BBF510A4-2C76-44DE-93A6-9756C0ED51F9}] (...) -- G:\Tools\adguardInstaller.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.EAFB2CDCEA53FE4D600E04BBB6B1800C] [APT] [{BF03EE56-BB96-4B9B-AEED-CBD84B0EF85C}] (.Google Inc..) -- C:\Program Files (x86)\Legpat\Application\chrome.exe [1032088] (.Activate.) {1121425C73F5B28AE6BF0FAAF2BE407751CF} =>.Google Inc. [MD5.00000000000000000000000000000000] [APT] [{E0FB4245-D5B2-4664-97DE-8D351DC779BA}] (...) -- F:\InstMsiW.Exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [{F162E253-A298-4DEE-893D-C6CFF9701438}] (...) -- C:\Users\WINDOW~1\AppData\Local\Temp\French.lng.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.CD11D500328F07AE1666D046F94179E0] [APT] [AVAST Software] (.AVAST Software.) -- C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [702056] (.Activate.) =>.AVAST Software a.s.® O39 - APT: Browser Updater Task(Core) - (.Tencent.) -- C:\Windows\Tasks\Browser Updater Task(Core).job [1510] =>.Superfluous.Tencent O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1066] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1070] =>.Google Inc® O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3886] =>.Adobe Systems, Incorporated® O39 - APT: Browser Updater Task(Core) - (.Tencent.) -- C:\Windows\System32\Tasks\Browser Updater Task(Core) [9426] =>.Superfluous.Tencent O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2786] =>.Piriform Ltd® O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3814] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [4066] =>.Google Inc® O39 - APT: JetCleanLoginCheckUpdate - (.BlueSprig.) -- C:\Windows\System32\Tasks\JetCleanLoginCheckUpdate [3174] {589D023EC02E552CDAA00B1FA0FDCA85} =>.BlueSprig O39 - APT: LegpatUpdateTaskMachineCore - (.Copyright (C) 2016 Legpat Authors.) -- C:\Windows\System32\Tasks\LegpatUpdateTaskMachineCore [3572] {1121425C73F5B28AE6BF0FAAF2BE407751CF} O39 - APT: LegpatUpdateTaskMachineUA - (.Copyright (C) 2016 Legpat Authors.) -- C:\Windows\System32\Tasks\LegpatUpdateTaskMachineUA [3462] {1121425C73F5B28AE6BF0FAAF2BE407751CF} O39 - APT: Shefale Cloud - (...) -- C:\Windows\System32\Tasks\Shefale Cloud [8974] =>PUP.Optional.CrossRider O39 - APT: UncheckitTaskMN - (...) -- C:\Windows\System32\Tasks\UncheckitTaskMN [3888] (.Orphean.) =>.Superfluous.Orphean O39 - APT: UncheckitUpdateTaskC - (...) -- C:\Windows\System32\Tasks\UncheckitUpdateTaskC [3904] (.Orphean.) =>.Superfluous.Orphean O39 - APT: UncheckitUpdateTaskDB - (...) -- C:\Windows\System32\Tasks\UncheckitUpdateTaskDB [3906] (.Orphean.) =>.Superfluous.Orphean ---\\ Processus lancés (32) - 6s [MD5.11F6F9216D8F77EAC196B07D66E819EA] - (.Elex do Brasil Participações Ltda - iSafeSvc.) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048] [PID.952] =>.Superfluous.Elex [MD5.A03A95B389479B2ADE3A288FA2EA11D1] - (.Elex do Brasil Participações Ltda - iSafeSvc2.) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe [118048] [PID.240] =>.Superfluous.Elex [MD5.5E51EE57A8E3EBA67A5537A05EC7353C] - (.Elex do Brasil Participações Ltda - YACTray.) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe [369488] [PID.1572] =>.Superfluous.Elex [MD5.EFE9A681BCA34911BB6E60DEE17A34CE] - (.Qksee Pvt Ltd. - qksee service.) -- C:\Program Files (x86)\qksee\qkseeSvc.exe [767664] [PID.1604] {4D3C24F70EF8354EEF013BEDD8F0EF61} =>.Superfluous.TaiwanShuiMu [MD5.A44381C29F84B24BBA14F4B73ADDC855] - (.Winziper Pvt Ltd. - Winzipper service.) -- C:\Program Files (x86)\WinZipper\winzipersvc.exe [1068088] [PID.1688] {0F395E2E0DF921C128D0AB05055AF826} =>.Superfluous.WinZipper [MD5.36114214BF8D7C464D1E92E4EB6B2DD3] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.2036] =>.Adobe Systems, Incorporated® [MD5.7682CACF67B92FECEE4EF637EA12A47C] - (...) -- C:\Program Files (x86)\TP-LINK\QSS\HwBtnSvc.exe [16384] [PID.1816] [MD5.73466FBEB982515FE5494DF14848E7E5] - (.Copyright (C) 2007 - HwBtnDetector MFC Application.) -- C:\Program Files (x86)\TP-LINK\QSS\HwBtnDetector.exe [28672] [PID.1416] [MD5.2272CD40C6903C859CFC1CAE4902926F] - (.Birch Grove Software, Inc. - Host Process for Com.) -- C:\Windows\SysWOW64\svctcom.exe [450272] [PID.2164] {009F2D38A791C4E8F05BCACC61E0294389} [MD5.D926B327EB8D50E6C67C28473B86443A] - (.WFini LIMITED - WFini.) -- C:\ProgramData\cwinpc\WFini.exe [217272] [PID.2220] {11211E53DC7CFC98A02EDFD9D3C6200DDB65} [MD5.92FDB0658CA16974B4AE80E248A5B118] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [165912] [PID.2700] =>.Intel Corporation® [MD5.4790334710577E4C04B3C770F1055931] - (.Birch Grove Software, Inc. - Host Process for Modules.) -- C:\Windows\SysWOW64\scthost.exe [995040] [PID.2708] {009F2D38A791C4E8F05BCACC61E0294389} [MD5.F8D9FB45F44A7C83378A17C13CB7866A] - (.Birch Grove Software, Inc. - .) -- C:\Windows\SysWOW64\trmhost.exe [68832] [PID.2812] {009F2D38A791C4E8F05BCACC61E0294389} [MD5.B4531BF13B3DDC19A50A71952E6AD198] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3301376] [PID.2832] =>.Tonec Inc. [MD5.56FE3C885B0901601549E23E7A435984] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe [250008] [PID.3148] =>.Google Inc® [MD5.A425CDCEB9D26E9A5ABAFA259799D447] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe [312472] [PID.3164] =>.Google Inc® [MD5.B26B610E68F862777C491227B9616271] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [275608] [PID.3528] =>.Tonec Inc.® [MD5.D48C9C5604A78E84766F4F4D42086FB0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [53130368] [PID.3848] =>.Skype Software Sarl® [MD5.E4042BBEB0814CD5487CC65DAC5421E5] - (.Epic Privacy Browser - Epic Privacy Browser Installer.) -- C:\Users\Windows77777\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096] [PID.3856] =>.Epic Privacy Browser [MD5.B226A5D80962D46821E83FE4B4DA5AEA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1122968] [PID.4320] =>.Google Inc® [MD5.B226A5D80962D46821E83FE4B4DA5AEA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1122968] [PID.4424] =>.Google Inc® [MD5.B226A5D80962D46821E83FE4B4DA5AEA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1122968] [PID.4488] =>.Google Inc® [MD5.B226A5D80962D46821E83FE4B4DA5AEA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1122968] [PID.4856] =>.Google Inc® [MD5.B226A5D80962D46821E83FE4B4DA5AEA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1122968] [PID.4164] =>.Google Inc® [MD5.0557D50CC6515EEBEABD6BC9AD3E54FC] - (.Copyright (C) 2016 Legpat Authors - Legpat.) -- C:\ProgramData\Legpat\Legpat.exe [399768] [PID.196] {1121425C73F5B28AE6BF0FAAF2BE407751CF} [MD5.5A38F3BAD50558F0E09D696ACF612D9E] - (.Copyright © 2012 - ducservice.) -- C:\Program Files (x86)\No-IP\ducservice.exe [12288] [PID.2504] [MD5.3CC4BD54F8336FC8C960DF6B348C71E7] - (.VSee Lab, Inc. - vsee.) -- C:\Users\Windows77777\AppData\Roaming\VSeeInstall\vsee.exe [21664312] [PID.192] {6005117DFA4124D4D2B0E5B672A19374} [MD5.B226A5D80962D46821E83FE4B4DA5AEA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1122968] [PID.4364] =>.Google Inc® [MD5.B226A5D80962D46821E83FE4B4DA5AEA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1122968] [PID.5552] =>.Google Inc® [MD5.B226A5D80962D46821E83FE4B4DA5AEA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1122968] [PID.5008] =>.Google Inc® [MD5.B226A5D80962D46821E83FE4B4DA5AEA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1122968] [PID.4420] =>.Google Inc® [MD5.AD25BA039A4EA22521370C76F3C35F18] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Windows77777\Downloads\ZHPDiag3.exe [2212352] [PID.3508] =>.Nicolas Coolman ---\\ Google Chrome, Démarrage,Recherche,Extensions (39) - 3s G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.nicesearches.com?type=hp&ts=1464601047&from=0d580530&uid=wdcxwd1600aajs-08b4a0_wd-wcat2468759287592&z=72b62af95382f6d72b5f325gfz7qezaq5efgfe5zaq G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [cgbhdenfmgbagncdmgbholejjpmmiank] Ratings Preview for YouTube™ G2 - GCE: Preference [User Data\Default] [cjmhellgomfgjiogcglfnbkkmdieacki] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [cmgnohamicmlkmfjdkfhgpjijkokdlpp] __MSG_extension_name__ G2 - GCE: Preference [User Data\Default] [cpgdkomjahikojeoiigeidjpccncmjkh] ActivTrak Assist G2 - GCE: Preference [User Data\Default] [djnhkfljnimcpelfndpcjcgngmefaobl] __MSG_extName__ G2 - GCE: Preference [User Data\Default] [eemlkeanncmjljgehlbplemhmdmalhdc] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [ekmnknlahnpppljnjacdbpnlpbkckcki] __MSG_name__ G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [fidlffpkjchmiflngkkakcmbjmehkdbg] Zwinky G2 - GCE: Preference [User Data\Default] [fiombgjlkfpdpkbhfioofeeinbehmajg] __MSG_word_title__ G2 - GCE: Preference [User Data\Default] [fnnhpefhblgjhmpphanifemhafgihcpa] __MSG_extension_name__ G2 - GCE: Preference [User Data\Default] [gbchcmhmhahfdphkhkmpfmihenigjmpp] __MSG_PRODUCT_NAME__ G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [hkdlcejbjnnmjgajjjfenejacioiimpp] Facebook Emoticons G2 - GCE: Preference [User Data\Default] [iafagdfmofmfdfhehcmepcbhhpikaeci] VideoScavenger G2 - GCE: Preference [User Data\Default] [iicapmagmhahddefgokbabbgieiogjop] Facebook Unseen G2 - GCE: Preference [User Data\Default] [inmmhkeajgflmokoaaoadgkhhmibjbpj] Facebook Invite All G2 - GCE: Preference [User Data\Default] [ipkbhlfkopeokhpbhgmlonagpppedfej] Distraction Free Facebook Messenger G2 - GCE: Preference [User Data\Default] [jhdnjmjhmfihbfjdgmnappnoaehnhiaf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [jjphmlaoffndcnecccgemfdaaoighkel] Floating for YouTube™ G2 - GCE: Preference [User Data\Default] [jocckddfblijinjnhbmiblknkiolnkco] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [kohoehgoafblafjinhplmhcbphgaaobc] InternetSpeedTracker =>.Superfluous.MindSpark G2 - GCE: Preference [User Data\Default] [lfpacabphcagfehdgnigmfnbjdampbaa] Facebook AdBlock G2 - GCE: Preference [User Data\Default] [ljfjkehpnfnehklmfppkdlkpgngnfdcn] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [mfpiaehgjbbfednooihadalhehabhcjo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [ndjpnladcallmjemlbaebfadecfhkepb] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [ngclhgifilfcjgpjokpjdnndeahjmjgh] Mapper G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [nnckehldicaciogcbchegobnafnjkcne] __MSG_name__ G2 - GCE: Preference [User Data\Default] [ojnfeeadkmdfgjanophbgeldmfddoekd] Friends Visual Map G2 - GCE: Preference [User Data\Default] [omghfjlpggmjjaagoclmmobgdodcjboh] Browsec VPN - Privacy and Security Online G2 - GCE: Preference [User Data\Default] [pegkceflonohbcefcbflfpficfkmpeod] Facebook profile view notification G2 - GCE: Preference [User Data\Default] [pfaogkfljpdfmodbmbogiiblppijleen] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (10) - 1s M0 - MFSP: prefs.js [Windows77777 - 54j0qtu2.default] http://www.nicesearches.com?type=hp&ts=1464601047&from=0d580530&uid=wdcxwd1600aajs-08b4a0_wd-wcat2468759287592&z=72b62af95382f6d72b5f325gfz7qezaq5efgfe5zaq M1 - SPR:Search Page Redirection - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} P2 - EXT: (.mozilla.org - Default Plug-in.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npnul32.dll =>.Mozilla Corporation® P2 - EXT: (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll =>.Adobe Systems, Incorporated® P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.FRA P2 - EXT FILE: (...) -- C:\Users\Windows77777\AppData\Roaming\Mozilla\Firefox\Profiles\54j0qtu2.default\searchplugins\Search Provided by Yahoo.xml =>.Superfluous.YahooSearchProvided P2 - EXT: (...) -- C:\Users\Windows77777\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} =>PUP.Optional.Wajam P2 - EXT: (.Jason Bourne - xRocket Toolbar.) -- C:\Users\Windows77777\AppData\Roaming\Mozilla\Firefox\Profiles\54j0qtu2.default\extensions\arthurj8283@gmail.com P2 - EXT: (.Mike Perry & Scott Squires - Torbutton.) -- C:\Users\Windows77777\AppData\Roaming\Mozilla\Firefox\Profiles\54j0qtu2.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} P2 - FPN: [HKCU] [vsee.com/VSeeDetection] - (.VSee Lab.) -- C:\Users\Windows77777\AppData\Roaming\VSeeInstall\npVSeeDetection.dll ---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (7) - 1s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.search.yahoo.com/ R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.search.yahoo.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://us.search.yahoo.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer,Proxy Management (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation ---\\ Etude du fichier hosts (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (59) ---\\ Browser Helper Object de navigateur (BHO) (2) - 0s O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.® O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl® ---\\ Applications lancées au démarrage du système (21) - 2s O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe =>.Intel Corporation® O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - HKCU\..\Run: [Epic Privacy Browser Installer] . (.Epic Privacy Browser - Epic Privacy Browser Installer.) -- C:\Users\Windows77777\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe =>.Epic Privacy Browser O4 - HKCU\..\Run: [Vidalia] C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe (.not file.) O4 - HKCU\..\Run: [Chromium] . (.The Chromium Authors - Chromium.) -- c:\Users\windows77777\AppData\Local\Chromium\application\chrome.exe =>.The Chromium Authors O4 - HKCU\..\Run: [VSee] . (.VSee Lab, Inc. - vsee.) -- C:\Users\Windows77777\AppData\Roaming\VSeeInstall\vsee.exe {6005117DFA4124D4D2B0E5B672A19374} O4 - HKCU\..\RunOnce: [Application Restart #1] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - HKUS\.DEFAULT\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-18\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-2550205536-3559387574-3878836768-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - HKUS\S-1-5-21-2550205536-3559387574-3878836768-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - HKUS\S-1-5-21-2550205536-3559387574-3878836768-1000\..\Run: [Epic Privacy Browser Installer] . (.Epic Privacy Browser - Epic Privacy Browser Installer.) -- C:\Users\Windows77777\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe =>.Epic Privacy Browser O4 - HKUS\S-1-5-21-2550205536-3559387574-3878836768-1000\..\Run: [Vidalia] C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe (.not file.) O4 - HKUS\S-1-5-21-2550205536-3559387574-3878836768-1000\..\Run: [Chromium] . (.The Chromium Authors - Chromium.) -- c:\Users\windows77777\AppData\Local\Chromium\application\chrome.exe =>.The Chromium Authors O4 - HKUS\S-1-5-21-2550205536-3559387574-3878836768-1000\..\Run: [VSee] . (.VSee Lab, Inc. - vsee.) -- C:\Users\Windows77777\AppData\Roaming\VSeeInstall\vsee.exe {6005117DFA4124D4D2B0E5B672A19374} O4 - HKUS\S-1-5-21-2550205536-3559387574-3878836768-1000\..\RunOnce: [Application Restart #1] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® ---\\ Raccourcis Global Startup (44) - 10s O4 - GS\Desktop [Administrateur]: Algerian Newspapers - Raccourci.lnk . (...) D:\Algerian Newspapers.exe O4 - GS\Desktop [Administrateur]: Messenger.lnk . (...) C:\Program Files (x86)\Messenger for Desktop\Messenger.exe O4 - GS\Desktop [Administrateur]: VSee.lnk . (.VSee Lab, Inc. - vsee.) C:\Users\Windows77777\AppData\Roaming\VSeeInstall\vsee.exe {6005117DFA4124D4D2B0E5B672A19374} O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Windows77777\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Administrateur]: Bandizip.lnk . (.Bandisoft.com - Bandizip.) C:\Program Files\Bandizip\Bandizip64.exe =>.Bandisoft® O4 - GS\Quicklaunch [Administrateur]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Windows77777\AppData\Local\Chromium\Application\chrome.exe =>.The Chromium Authors O4 - GS\Quicklaunch [Administrateur]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE =>.GRETECH® O4 - GS\Quicklaunch [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Administrateur]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\Quicklaunch [Administrateur]: QQPlayer.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>.Superfluous.Tencent O4 - GS\Quicklaunch [Administrateur]: QQ影音.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>.Superfluous.Tencent O4 - GS\Quicklaunch [Administrateur]: Winamp.lnk . (.Nullsoft, Inc. - Winamp.) C:\Program Files (x86)\Winamp\winamp.exe =>.Nullsoft Inc.® O4 - GS\sendTo [Administrateur]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao® O4 - GS\sendTo [Administrateur]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Administrateur]: Bandizip.lnk . (.Bandisoft.com - Bandizip.) C:\Program Files\Bandizip\Bandizip64.exe =>.Bandisoft® O4 - GS\TaskBar [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Administrateur]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\TaskBar [Administrateur]: Skype.lnk . (...) C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe O4 - GS\Desktop [Windows77777]: Algerian Newspapers - Raccourci.lnk . (...) D:\Algerian Newspapers.exe O4 - GS\Desktop [Windows77777]: Messenger.lnk . (...) C:\Program Files (x86)\Messenger for Desktop\Messenger.exe O4 - GS\Desktop [Windows77777]: VSee.lnk . (.VSee Lab, Inc. - vsee.) C:\Users\Windows77777\AppData\Roaming\VSeeInstall\vsee.exe {6005117DFA4124D4D2B0E5B672A19374} O4 - GS\Desktop [Windows77777]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Windows77777\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Windows77777]: Bandizip.lnk . (.Bandisoft.com - Bandizip.) C:\Program Files\Bandizip\Bandizip64.exe =>.Bandisoft® O4 - GS\Quicklaunch [Windows77777]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Windows77777\AppData\Local\Chromium\Application\chrome.exe =>.The Chromium Authors O4 - GS\Quicklaunch [Windows77777]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE =>.GRETECH® O4 - GS\Quicklaunch [Windows77777]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Windows77777]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\Quicklaunch [Windows77777]: QQPlayer.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>.Superfluous.Tencent O4 - GS\Quicklaunch [Windows77777]: QQ影音.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>.Superfluous.Tencent O4 - GS\Quicklaunch [Windows77777]: Winamp.lnk . (.Nullsoft, Inc. - Winamp.) C:\Program Files (x86)\Winamp\winamp.exe =>.Nullsoft Inc.® O4 - GS\sendTo [Windows77777]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao® O4 - GS\sendTo [Windows77777]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Windows77777]: Bandizip.lnk . (.Bandisoft.com - Bandizip.) C:\Program Files\Bandizip\Bandizip64.exe =>.Bandisoft® O4 - GS\TaskBar [Windows77777]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Windows77777]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\TaskBar [Windows77777]: Skype.lnk . (...) C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\CommonDesktop [Public]: JetBoost.lnk . (.BlueSprig - JetBoost.exe.) C:\Program Files (x86)\BlueSprig\JetBoost\JetBoost.exe {589D023EC02E552CDAA00B1FA0FDCA85} =>.BlueSprig O4 - GS\CommonDesktop [Public]: JetClean.lnk . (.BlueSprig - JetClean.exe.) C:\Program Files (x86)\BlueSprig\JetClean\JetClean.exe =>.BlueSprig O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\CommonDesktop [Public]: Quick Boost.lnk . (.BlueSprig - JetBoost.exe.) C:\Program Files (x86)\BlueSprig\JetBoost\JetBoost.exe {589D023EC02E552CDAA00B1FA0FDCA85} =>.BlueSprig O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN® O4 - GS\Programs [Public]: Messenger.lnk . (...) C:\Program Files (x86)\Messenger for Desktop\Messenger.exe O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc ---\\ Modification Domaine/Adresses DNS (2) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.8.1 192.168.8.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{FAAFFBE6-DFBE-4807-A31D-A6C57B572E68}: DhcpNameServer = 192.168.8.1 192.168.8.1 ---\\ Protocole additionnel (25) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation® O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl® O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation® ---\\ Logiciels installés (41) - 19s O42 - Logiciel: ActivTrak Agent v4.4.1 - (.Birch Grove Software, Inc..) [HKLM][64Bits] -- {3F937351-9B8B-4312-A6A2-774FA89D1D94} O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824184103} =>.Adobe Systems Incorporated O42 - Logiciel: AIMP3 - (.AIMP DevTeam.) [HKLM][64Bits] -- AIMP3 =>.AIMP DevTeam O42 - Logiciel: Anti Raccourci 1.0.9 version 1.0.9 - (.format lux Company, Inc..) [HKLM][64Bits] -- {35B534B0-EF7F-414A-9203-B3BD407CB7DA}_is1 O42 - Logiciel: Archiveur WinRAR - (...) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: Auslogics Duplicate File Finder - (.Auslogics Software Pty Ltd.) [HKLM][64Bits] -- {6845255F-15CC-4DD1-94D5-D38F370118B3}_is1 =>.Auslogics Software Pty Ltd® O42 - Logiciel: Bandizip - (.Bandisoft.com.) [HKLM][64Bits] -- Bandizip =>.Bandisoft® O42 - Logiciel: Bel-Arabi 1.00 - (.Company.) [HKLM][64Bits] -- Bel-Arabi 1.00 =>PUP.Optional.Company O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform Ltd® O42 - Logiciel: Cookienator - (.CodeFromThe70s.org.) [HKLM][64Bits] -- {BF307EDA-A176-4D83-9775-D337810CF7A7} =>.CodeFromThe70s.org O42 - Logiciel: FormatFactory 3.2.1.0 - (.Free Time.) [HKLM][64Bits] -- FormatFactory =>.Free Time O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM][64Bits] -- GOM Player =>.Gretech Corporation O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc® O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- HDMI =>.Intel Corporation® O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager =>.Tonec Inc.® O42 - Logiciel: JetBoost - (.BlueSprig.) [HKLM][64Bits] -- JetBoost_is1 {589D023EC02E552CDAA00B1FA0FDCA85} =>.BlueSprig O42 - Logiciel: JetClean - (.BlueSprig.) [HKLM][64Bits] -- BlueSprig_JetClean_is1 =>.BlueSprig O42 - Logiciel: JPEG USB Video Camera Driver v0.93 - (.Generic.) [HKLM][64Bits] -- {9B1473BA-7B0E-4373-A8E2-AED09D9019C4} =>.Generic O42 - Logiciel: K-Lite Codec Pack 10.1.5 Full - (...) [HKLM][64Bits] -- KLiteCodecPack_is1 O42 - Logiciel: Learn French - (...) [HKLM][64Bits] -- ST6UNST #1 O42 - Logiciel: Mozilla Firefox 46.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 46.0.1 (x86 fr) =>.Mozilla Corporation® O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla O42 - Logiciel: No-IP DUC - (.Vitalwerks Internet Solutions LLC.) [HKLM][64Bits] -- NoIPDUC =>.Vitalwerks Internet Solutions LLC O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM][64Bits] -- PowerISO =>.Power Software Ltd O42 - Logiciel: Process Hacker 2.39 (r124) - (.wj32.) [HKLM][64Bits] -- Process_Hacker2_is1 =>.wj32 O42 - Logiciel: Pure Codec 2013.10.01 - (.Dio.) [HKLM][64Bits] -- PureCodec O42 - Logiciel: Sicyon Calculator 5.3 - (.Teodor Krastev.) [HKLM][64Bits] -- {0194757A-03EF-40F9-9174-32CE913C7160}_is1 O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} =>.Microsoft Corporation O42 - Logiciel: Skype™ 7.24 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {FC965A47-4839-40CA-B618-18F486F042C6} =>.Skype Technologies S.A. O42 - Logiciel: SterJo Wireless Passwords - (.SterJo Software.) [HKLM][64Bits] -- {EF6D394B-F560-4681-83CD-B374CD5DEF6D}_is1 =>.Aco Sterjov® O42 - Logiciel: Technitium MAC Address Changer v6.0 - (.Technitium.) [HKLM][64Bits] -- TMACv6.0 =>.Technitium O42 - Logiciel: The KMPlayer (remove only) - (.KMP Media co., Ltd.) [HKLM][64Bits] -- The KMPlayer O42 - Logiciel: TP-LINK Wireless Client Utility - (.TP-LINK.) [HKLM][64Bits] -- {7A2A107B-9695-423F-9462-8F17C178BD35} =>.TP-LINK O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: VSee - (.VSee Lab Inc.) [HKCU][64Bits] -- VSee {6005117DFA4124D4D2B0E5B672A19374} O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM][64Bits] -- Winamp =>.Nullsoft, Inc O42 - Logiciel: WinZip - (.Winzipper Pvt Ltd..) [HKLM][64Bits] -- WinZip {0F395E2E0DF921C128D0AB05055AF826} =>.Superfluous.TaiwanShuiMu O42 - Logiciel: YAC(Yet Another Cleaner!) - (.ELEX DO BRASIL PARTICIPAÇÕES LTDA.) [HKLM][64Bits] -- iSafe =>.Superfluous.Elex O42 - Logiciel: Your Uninstaller! 7 - (.URSoft, Inc..) [HKLM][64Bits] -- YU2010_is1 {2D52C7CF5E69A633AC3AED0E78F988DC} ---\\ HKCU & HKLM Software Keys (133) - 19s HKLM\SOFTWARE\Wow6432Node\Ada2 HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc. HKLM\SOFTWARE\Wow6432Node\Atheros HKLM\SOFTWARE\Wow6432Node\AviSynth HKLM\SOFTWARE\Wow6432Node\Caphyon HKLM\SOFTWARE\Wow6432Node\CDDB HKLM\SOFTWARE\Wow6432Node\CoreCodec HKLM\SOFTWARE\Wow6432Node\CyberGhost HKLM\SOFTWARE\Wow6432Node\CyberLink HKLM\SOFTWARE\Wow6432Node\Data Fellows HKLM\SOFTWARE\Wow6432Node\DivX HKLM\SOFTWARE\Wow6432Node\DivXNetworks HKLM\SOFTWARE\Wow6432Node\EasyBoot Systems HKLM\SOFTWARE\Wow6432Node\Elex-tech =>.Superfluous.Elex HKLM\SOFTWARE\Wow6432Node\Epic Privacy Browser HKLM\SOFTWARE\Wow6432Node\GeekBuddyRSP HKLM\SOFTWARE\Wow6432Node\Genie Soft HKLM\SOFTWARE\Wow6432Node\GNU HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\GRETECH HKLM\SOFTWARE\Wow6432Node\hdcode HKLM\SOFTWARE\Wow6432Node\hohosearchSoftware =>.Superfluous.HohoSearch HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\Internet Download Manager HKLM\SOFTWARE\Wow6432Node\InterVideo HKLM\SOFTWARE\Wow6432Node\KasperskyLab HKLM\SOFTWARE\Wow6432Node\KLCodecPack HKLM\SOFTWARE\Wow6432Node\KMPlayer HKLM\SOFTWARE\Wow6432Node\Lake HKLM\SOFTWARE\Wow6432Node\LAV HKLM\SOFTWARE\Wow6432Node\Legpat HKLM\SOFTWARE\Wow6432Node\Licenses HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\MyLanViewer HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\Panda Software HKLM\SOFTWARE\Wow6432Node\PowerISO HKLM\SOFTWARE\Wow6432Node\PureCodec HKLM\SOFTWARE\Wow6432Node\qksee =>.Superfluous.TaiwanShuiMu HKLM\SOFTWARE\Wow6432Node\qkseeSvc =>.Superfluous.TaiwanShuiMu HKLM\SOFTWARE\Wow6432Node\Reg HKLM\SOFTWARE\Wow6432Node\S3R521 HKLM\SOFTWARE\Wow6432Node\simplitec HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\Sonic HKLM\SOFTWARE\Wow6432Node\Systweak =>.Superfluous.Systweak HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent HKLM\SOFTWARE\Wow6432Node\TP-LINK HKLM\SOFTWARE\Wow6432Node\Uncheckit HKLM\SOFTWARE\Wow6432Node\VideoLAN HKLM\SOFTWARE\Wow6432Node\Vitalwerks HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\VSee HKLM\SOFTWARE\Wow6432Node\WinZiper =>.Superfluous.WinZipper HKLM\SOFTWARE\Wow6432Node\Wow6432Node HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\9EC4F2486B621A0203970BB1F05BE7E2 =>PUP.Optional.CrossRider HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AmiSoftware HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Atheros HKCU\SOFTWARE\Auslogics HKCU\SOFTWARE\AVS HKCU\SOFTWARE\Bandisoft HKCU\SOFTWARE\Bandizip HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\Cookienator HKCU\SOFTWARE\CoreAAC HKCU\SOFTWARE\csastats HKCU\SOFTWARE\CyberLink HKCU\SOFTWARE\DAUM HKCU\SOFTWARE\DivX HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\DScaler5 HKCU\SOFTWARE\EasyBoot Systems HKCU\SOFTWARE\Elecard HKCU\SOFTWARE\Epic Privacy Browser HKCU\SOFTWARE\FreeTime HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\Genie Soft HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\GRETECH HKCU\SOFTWARE\Icaros HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\Intel HKCU\SOFTWARE\Karlis Blumentals HKCU\SOFTWARE\KMPlayer HKCU\SOFTWARE\Legpat HKCU\SOFTWARE\Licenses HKCU\SOFTWARE\Local AppWizard-Generated Applications HKCU\SOFTWARE\MainConcept HKCU\SOFTWARE\MediaInfo HKCU\SOFTWARE\Moonlight Cordless HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\MPC-HC HKCU\SOFTWARE\MyLanViewer HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Paltalk HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\Polipo HKCU\SOFTWARE\PowerISO HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore HKCU\SOFTWARE\PureCodec HKCU\SOFTWARE\Reg HKCU\SOFTWARE\Reimage =>.Superfluous.ReimageRepair HKCU\SOFTWARE\RemoteMouse.net HKCU\SOFTWARE\Rixler Software HKCU\SOFTWARE\Seven Sails Ltda HKCU\SOFTWARE\Skype HKCU\SOFTWARE\systweak =>.Superfluous.Systweak HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\Uncheckit HKCU\SOFTWARE\undefined =>.Superfluous.Downloader HKCU\SOFTWARE\Unity HKCU\SOFTWARE\URSoft HKCU\SOFTWARE\VB and VBA Program Settings HKCU\SOFTWARE\Vitalwerks HKCU\SOFTWARE\VSee HKCU\SOFTWARE\Winamp HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\WPI HKCU\SOFTWARE\YahooPartnerToolbar =>Toolbar.YahooPartner HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software ---\\ Contenu des dossiers Programmes (270) - 28s O43 - CFD: 18/05/2016 - [] D -- C:\Program Files\Amiglobe 2005 O43 - CFD: 26/03/2016 - [] D -- C:\Program Files\Bandizip =>.Bandisoft® O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd® O43 - CFD: 30/05/2016 - [] D -- C:\Program Files\Common Files O43 - CFD: 30/03/2016 - [0] D -- C:\Program Files\CyberGhost 5 O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\DVD Maker O43 - CFD: 17/03/2016 - [0] SHD -- C:\Program Files\Fichiers communs O43 - CFD: 30/05/2016 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\Microsoft Office O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\MSBuild O43 - CFD: 04/04/2016 - [] D -- C:\Program Files\PowerISO O43 - CFD: 06/05/2016 - [] D -- C:\Program Files\Process Hacker 2 {0FF1EF66BD621C65B74B4DE41425717F} O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 02/06/2016 - [] D -- C:\Program Files\Reimage {4320101ADF7A07C7405BC4433AE31FFD} =>.Superfluous.ReimageRepair O43 - CFD: 30/03/2016 - [0] D -- C:\Program Files\TAP-Windows O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\VideoLAN O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\Windows Defender O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\Windows Mail O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 17/03/2016 - [] D -- C:\Program Files\Windows NT O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\Windows Portable Devices O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\Windows Sidebar O43 - CFD: 06/04/2016 - [] D -- C:\Program Files (x86)\%BelArabi_BetaV_1.0% O43 - CFD: 13/04/2016 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems, Incorporated® O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\AIMP3 O43 - CFD: 17/03/2016 - [] D -- C:\Program Files (x86)\Anti Raccourci 1.0.9 O43 - CFD: 22/04/2016 - [] D -- C:\Program Files (x86)\Athan O43 - CFD: 26/04/2016 - [] D -- C:\Program Files (x86)\Auslogics =>.Auslogics Software Pty Ltd® O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\AviSynth 2.5 O43 - CFD: 02/06/2016 - [] D -- C:\Program Files (x86)\BlueSprig {589D023EC02E552CDAA00B1FA0FDCA85} O43 - CFD: 03/06/2016 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 29/03/2016 - [] D -- C:\Program Files (x86)\Cookienator =>.Marton Anka® O43 - CFD: 29/03/2016 - [] D -- C:\Program Files (x86)\CyberLink O43 - CFD: 30/05/2016 - [] D -- C:\Program Files (x86)\Elex-tech =>.Superfluous.Elex O43 - CFD: 22/05/2016 - [] D -- C:\Program Files (x86)\Facebook Password Recovery Master O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\FreeTime =>.chen jun hao® O43 - CFD: 05/04/2016 - [] D -- C:\Program Files (x86)\French O43 - CFD: 30/05/2016 - [] D -- C:\Program Files (x86)\Genie Soft O43 - CFD: 01/06/2016 - [] D -- C:\Program Files (x86)\Google =>.Google Inc® O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\GRETECH =>.GRETECH® O43 - CFD: 26/03/2016 - [] D -- C:\Program Files (x86)\GUMD71C.tmp =>.Google Inc® O43 - CFD: 09/05/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 26/03/2016 - [] D -- C:\Program Files (x86)\Internet Download Manager O43 - CFD: 30/05/2016 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 30/05/2016 - [] D -- C:\Program Files (x86)\JPEG PC Camera O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 30/05/2016 - [] D -- C:\Program Files (x86)\Legpat {1121425C73F5B28AE6BF0FAAF2BE407751CF} O43 - CFD: 26/05/2016 - [] D -- C:\Program Files (x86)\Make ID 1.2 O43 - CFD: 30/05/2016 - [] D -- C:\Program Files (x86)\Messenger for Desktop O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 17/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio O43 - CFD: 17/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 17/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Works O43 - CFD: 26/03/2016 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 30/05/2016 - [] D -- C:\Program Files (x86)\Mobogenie3 =>PUP.Optional.Mobogenie O43 - CFD: 20/05/2016 - [] D -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla Corporation® O43 - CFD: 20/05/2016 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla Corporation® O43 - CFD: 17/03/2016 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 08/05/2016 - [0] D -- C:\Program Files (x86)\MyLanViewer O43 - CFD: 10/05/2016 - [] D -- C:\Program Files (x86)\No-IP O43 - CFD: 29/03/2016 - [] D -- C:\Program Files (x86)\NSIS Uninstall Information O43 - CFD: 07/05/2016 - [0] D -- C:\Program Files (x86)\Panda Security O43 - CFD: 30/05/2016 - [0] D -- C:\Program Files (x86)\pandasecuritytb O43 - CFD: 01/06/2016 - [] D -- C:\Program Files (x86)\Platoward {1121C56E1641B91AF321181E0AE8477CB602} O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\Pure Codec O43 - CFD: 04/06/2016 - [] D -- C:\Program Files (x86)\qksee {4D3C24F70EF8354EEF013BEDD8F0EF61} =>.Superfluous.TaiwanShuiMu O43 - CFD: 30/05/2016 - [] D -- C:\Program Files (x86)\QQBrowser =>.Superfluous.Tencent O43 - CFD: 03/04/2016 - [0] D -- C:\Program Files (x86)\Rapid PHP 2015 O43 - CFD: 03/04/2016 - [0] D -- C:\Program Files (x86)\Rapid PHP 2016 O43 - CFD: 30/05/2016 - [0] D -- C:\Program Files (x86)\Razoghchak O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 06/05/2016 - [] D -- C:\Program Files (x86)\Remote Mouse O43 - CFD: 22/05/2016 - [0] D -- C:\Program Files (x86)\SecurityXploded O43 - CFD: 22/05/2016 - [] D -- C:\Program Files (x86)\Shefale =>PUP.Optional.CrossRider O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\Sicyon calculator O43 - CFD: 30/05/2016 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Software Sarl® O43 - CFD: 10/05/2016 - [0] D -- C:\Program Files (x86)\SoundWire Server O43 - CFD: 29/03/2016 - [] D -- C:\Program Files (x86)\Technitium O43 - CFD: 26/03/2016 - [] D -- C:\Program Files (x86)\Tencent =>.Superfluous.Tencent O43 - CFD: 08/05/2016 - [] D -- C:\Program Files (x86)\The KMPlayer O43 - CFD: 09/05/2016 - [] D -- C:\Program Files (x86)\TP-LINK O43 - CFD: 01/06/2016 - [] D -- C:\Program Files (x86)\TXQQBrowser =>.Superfluous.Tencent O43 - CFD: 04/04/2016 - [0] D -- C:\Program Files (x86)\UltraISO O43 - CFD: 29/05/2016 - [0] D -- C:\Program Files (x86)\Uncheckit O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 30/05/2016 - [0] D -- C:\Program Files (x86)\Vidalia Bundle O43 - CFD: 07/04/2016 - [] D -- C:\Program Files (x86)\VideoLAN O43 - CFD: 03/04/2016 - [0] D -- C:\Program Files (x86)\WiFi Speaker O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\Winamp =>.Nullsoft Inc.® O43 - CFD: 26/03/2016 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 17/03/2016 - [] D -- C:\Program Files (x86)\WinRAR O43 - CFD: 04/06/2016 - [] D -- C:\Program Files (x86)\WinZipper {0F395E2E0DF921C128D0AB05055AF826} =>.Superfluous.WinZipper O43 - CFD: 17/03/2016 - [] D -- C:\Program Files (x86)\Your Uninstaller! 7 O43 - CFD: 31/05/2016 - [] D -- C:\Program Files (x86)\YouWave Android {1121F46A4923EAE1C5CA24D3C6CF87F1D5A3} O43 - CFD: 30/05/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 27/03/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 27/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3 O43 - CFD: 17/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti Raccourci 1.0.9 O43 - CFD: 26/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics O43 - CFD: 26/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandizip O43 - CFD: 27/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 30/05/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 27/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player O43 - CFD: 26/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 02/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBoost O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetClean O43 - CFD: 30/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JPEG PC Camera O43 - CFD: 27/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack O43 - CFD: 04/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Learn French O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 17/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 30/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO O43 - CFD: 06/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2 O43 - CFD: 27/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pure Codec O43 - CFD: 01/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee =>.Superfluous.TaiwanShuiMu O43 - CFD: 10/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sicyon calculator O43 - CFD: 27/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 03/06/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 29/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Technitium MAC Address Changer v6 O43 - CFD: 09/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO O43 - CFD: 30/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uncheckit O43 - CFD: 30/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 17/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 30/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip O43 - CFD: 17/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7 O43 - CFD: 13/04/2016 - [] D -- C:\ProgramData\Adobe O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 09/05/2016 - [] D -- C:\ProgramData\Atheros O43 - CFD: 30/05/2016 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 02/06/2016 - [] D -- C:\ProgramData\BlueSprig O43 - CFD: 03/04/2016 - [] D -- C:\ProgramData\Blumentals O43 - CFD: 17/03/2016 - [0] SHD -- C:\ProgramData\Bureau O43 - CFD: 03/06/2016 - [] D -- C:\ProgramData\Comodo O43 - CFD: 01/06/2016 - [] D -- C:\ProgramData\cwinpc O43 - CFD: 29/03/2016 - [] D -- C:\ProgramData\CyberLink O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 29/03/2016 - [] D -- C:\ProgramData\Epic Privacy Browser O43 - CFD: 06/05/2016 - [] D -- C:\ProgramData\F-Secure O43 - CFD: 17/03/2016 - [0] SHD -- C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 27/03/2016 - [] D -- C:\ProgramData\GRETECH O43 - CFD: 26/03/2016 - [0] D -- C:\ProgramData\IDM O43 - CFD: 29/03/2016 - [] D -- C:\ProgramData\install_clap O43 - CFD: 30/05/2016 - [] D -- C:\ProgramData\Kaspersky Lab O43 - CFD: 01/06/2016 - [] D -- C:\ProgramData\Kaspersky Lab Setup Files O43 - CFD: 26/03/2016 - [] D -- C:\ProgramData\KingSoft O43 - CFD: 30/05/2016 - [] D -- C:\ProgramData\Legpat O43 - CFD: 17/03/2016 - [0] SHD -- C:\ProgramData\Menu Démarrer O43 - CFD: 25/04/2016 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 21/05/2016 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 17/03/2016 - [0] SHD -- C:\ProgramData\Modèles O43 - CFD: 27/03/2016 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 07/05/2016 - [] D -- C:\ProgramData\Panda Security O43 - CFD: 30/05/2016 - [] D -- C:\ProgramData\panda_url_filtering O43 - CFD: 03/06/2016 - [0] D -- C:\ProgramData\Shared Space O43 - CFD: 30/05/2016 - [] D -- C:\ProgramData\Skype O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 29/03/2016 - [] D -- C:\ProgramData\SUPPORTDIR O43 - CFD: 02/06/2016 - [0] AD -- C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 26/03/2016 - [] D -- C:\ProgramData\Tencent =>.Superfluous.Tencent O43 - CFD: 17/03/2016 - [] D -- C:\ProgramData\TP-LINK O43 - CFD: 26/05/2016 - [0] D -- C:\ProgramData\uckt O43 - CFD: 26/05/2016 - [0] D -- C:\ProgramData\Uncheckit O43 - CFD: 10/05/2016 - [] D -- C:\ProgramData\Vitalwerks O43 - CFD: 13/04/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 22/05/2016 - [] D -- C:\Program Files (x86)\Common Files\AV O43 - CFD: 17/03/2016 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\Common Files\EZB Systems O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 30/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 26/03/2016 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 26/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Tencent =>.Superfluous.Tencent O43 - CFD: 04/05/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Adobe O43 - CFD: 27/03/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\AIMP3 O43 - CFD: 24/03/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Alawar Stargaze O43 - CFD: 14/05/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\BlueSprig O43 - CFD: 03/04/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Blumentals O43 - CFD: 25/03/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\DivX O43 - CFD: 31/05/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\DMCache O43 - CFD: 23/05/2016 - [0] D -- C:\Users\Windows77777\AppData\Roaming\eCyber =>.Superfluous.Elex O43 - CFD: 30/05/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Elex-tech =>.Superfluous.Elex O43 - CFD: 27/03/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\GRETECH O43 - CFD: 17/03/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Identities O43 - CFD: 19/05/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\IDM O43 - CFD: 04/05/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Macromedia O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Windows77777\AppData\Roaming\Media Center Programs O43 - CFD: 25/03/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Media Player Classic O43 - CFD: 30/05/2016 - [] SD -- C:\Users\Windows77777\AppData\Roaming\Microsoft O43 - CFD: 22/05/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Mobogenie =>PUP.Optional.Mobogenie O43 - CFD: 19/03/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Mozilla O43 - CFD: 27/03/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\MPC-HC O43 - CFD: 07/05/2016 - [0] D -- C:\Users\Windows77777\AppData\Roaming\Panda Security O43 - CFD: 29/03/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\PotPlayerMini O43 - CFD: 04/04/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\PowerISO O43 - CFD: 06/05/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Process Hacker 2 O43 - CFD: 22/05/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Profiles O43 - CFD: 01/06/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\qksee =>.Superfluous.TaiwanShuiMu O43 - CFD: 10/04/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Sicyon calculator O43 - CFD: 04/06/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Skype O43 - CFD: 22/05/2016 - [0] D -- C:\Users\Windows77777\AppData\Roaming\systweak =>.Superfluous.Systweak O43 - CFD: 26/03/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Tencent =>.Superfluous.Tencent O43 - CFD: 26/05/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Uncheckit O43 - CFD: 17/03/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\URSoft O43 - CFD: 30/05/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\vlc O43 - CFD: 04/06/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\VSee O43 - CFD: 04/06/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\VSeeInstall O43 - CFD: 27/04/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Winamp O43 - CFD: 30/05/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\WinZiper =>.Superfluous.WinZipper O43 - CFD: 04/06/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\ZHP O43 - CFD: 22/05/2016 - [] D -- C:\Users\Windows77777\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108 O43 - CFD: 13/04/2016 - [] D -- C:\Users\Windows77777\AppData\Local\Adobe O43 - CFD: 17/03/2016 - [0] SHD -- C:\Users\Windows77777\AppData\Local\Application Data O43 - CFD: 26/03/2016 - [] D -- C:\Users\Windows77777\AppData\Local\Apps O43 - CFD: 03/05/2016 - [] D -- C:\Users\Windows77777\AppData\Local\Birch Grove O43 - CFD: 03/04/2016 - [] D -- C:\Users\Windows77777\AppData\Local\CEF O43 - CFD: 30/05/2016 - [] D -- C:\Users\Windows77777\AppData\Local\Chromium O43 - CFD: 29/03/2016 - [] D -- C:\Users\Windows77777\AppData\Local\CyberLink O43 - CFD: 26/03/2016 - [0] D -- C:\Users\Windows77777\AppData\Local\Deployment O43 - CFD: 30/05/2016 - [] D -- C:\Users\Windows77777\AppData\Local\ElevatedDiagnostics O43 - CFD: 01/06/2016 - [] D -- C:\Users\Windows77777\AppData\Local\Epic Privacy Browser O43 - CFD: 06/05/2016 - [] D -- C:\Users\Windows77777\AppData\Local\FSDART O43 - CFD: 02/06/2016 - [] D -- C:\Users\Windows77777\AppData\Local\Google O43 - CFD: 17/03/2016 - [0] SHD -- C:\Users\Windows77777\AppData\Local\Historique O43 - CFD: 30/05/2016 - [] D -- C:\Users\Windows77777\AppData\Local\Legpat O43 - CFD: 02/06/2016 - [] D -- C:\Users\Windows77777\AppData\Local\Messenger O43 - CFD: 30/05/2016 - [] D -- C:\Users\Windows77777\AppData\Local\Microsoft O43 - CFD: 17/03/2016 - [0] D -- C:\Users\Windows77777\AppData\Local\Microsoft Help O43 - CFD: 20/05/2016 - [] D -- C:\Users\Windows77777\AppData\Local\Mozilla O43 - CFD: 08/05/2016 - [] D -- C:\Users\Windows77777\AppData\Local\MyLanViewer O43 - CFD: 19/05/2016 - [] D -- C:\Users\Windows77777\AppData\Local\Nox O43 - CFD: 30/05/2016 - [] D -- C:\Users\Windows77777\AppData\Local\Profiles O43 - CFD: 27/03/2016 - [] D -- C:\Users\Windows77777\AppData\Local\Programs O43 - CFD: 03/06/2016 - [] D -- C:\Users\Windows77777\AppData\Local\SterJo Wireless Passwords O43 - CFD: 04/06/2016 - [] D -- C:\Users\Windows77777\AppData\Local\Temp O43 - CFD: 17/03/2016 - [0] SHD -- C:\Users\Windows77777\AppData\Local\Temporary Internet Files O43 - CFD: 17/03/2016 - [0] D -- C:\Users\Windows77777\AppData\Local\VirtualStore O43 - CFD: 10/05/2016 - [] D -- C:\Users\Windows77777\AppData\Local\Vitalwerks O43 - CFD: 30/05/2016 - [] D -- C:\Users\Windows77777\AppData\Local\{90CFA693-B467-CA2B-D9FF-EFC3FD97135B} O43 - CFD: 27/03/2016 - [0] D -- C:\Users\Windows77777\AppData\Local\Programs\Common O43 - CFD: 14/07/2009 - [] RD -- C:\Users\Windows77777\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 27/03/2016 - [] RD -- C:\Users\Windows77777\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 01/06/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome O43 - CFD: 27/03/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory O43 - CFD: 30/05/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 26/03/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 04/04/2016 - [0] D -- C:\Users\Windows77777\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Learn French O43 - CFD: 14/07/2009 - [] RD -- C:\Users\Windows77777\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 10/05/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC O43 - CFD: 03/06/2016 - [] RD -- C:\Users\Windows77777\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 27/03/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tencent =>.Superfluous.Tencent O43 - CFD: 27/03/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer O43 - CFD: 04/06/2016 - [] D -- C:\Users\Windows77777\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VSee O43 - CFD: 17/03/2016 - [0] D -- C:\Users\Windows77777\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 14/07/2009 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft ---\\ Derniers fichiers créés dans Windows Prefetcher (7) - 9s O45 - LFCP:[MD5.DD9C6A6CB0FF337440D3B4E568A31FA4] 22/05/2016 A -- C:\Windows\Prefetch\MOBOGENIE.EXE-66FFC6DD.pf =>PUP.Optional.Mobogenie O45 - LFCP:[MD5.B68D38F0332FB8F46ECEF96CD55D892E] 22/05/2016 A -- C:\Windows\Prefetch\MOBOGENIEHELPER.EXE-8E6C2345.pf =>PUP.Optional.Mobogenie O45 - LFCP:[MD5.568535FF145E27D31D090BC4FCB50F9E] 22/05/2016 A -- C:\Windows\Prefetch\MOBOGENIEINSTALLER.EXE-18B9217A.pf =>PUP.Optional.Mobogenie O45 - LFCP:[MD5.D7E5166E4B4A84AD16B6A12D90D94E92] 22/05/2016 A -- C:\Windows\Prefetch\MOBOGENIEMINI_1002_10006.EXE-A67EE512.pf =>PUP.Optional.Mobogenie O45 - LFCP:[MD5.03F0D2D4ADEE2C33CD4CE613A4D2A515] 22/05/2016 A -- C:\Windows\Prefetch\MOBOGENIEP2SP.EXE-6448CA5D.pf =>PUP.Optional.Mobogenie O45 - LFCP:[MD5.697AA43626643BDA0F4E5F5E2A13786F] 22/05/2016 A -- C:\Windows\Prefetch\MOBOGENIEP2SP.EXE-93FD32FE.pf =>PUP.Optional.Mobogenie O45 - LFCP:[MD5.6B426F8F004114A71339BE9EA03FADD7] 22/05/2016 A -- C:\Windows\Prefetch\MOBOGENIESERVICE.EXE-DD409EEA.pf =>PUP.Optional.Mobogenie ---\\ ShellIconOverlayIdentifiers (SIOI) (2) - 0s O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation ---\\ Enumération des clés StartupReg (2) - 0s O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe =>.Intel Corporation O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe =>.Intel Corporation ---\\ Liste des pilotes du système (55) - 7s O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows® O58 - SDL:2010/11/20 15:32:46 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows® O58 - SDL:2010/11/20 15:32:47 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows® O58 - SDL:2010/01/05 20:23:18 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\drivers\athurx.sys [1847296] =>.Atheros Communications, Inc. O58 - SDL:2009/06/10 22:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd. O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd. O58 - SDL:2009/07/14 03:19:07 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 22:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation O58 - SDL:2009/07/14 03:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows® O58 - SDL:2009/06/10 22:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation O58 - SDL:2009/06/10 22:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc. O58 - SDL:2010/11/20 15:33:35 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows® O58 - SDL:2010/11/20 15:33:38 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows® O58 - SDL:2016/01/28 11:20:10 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [209056] =>.Tonec Inc.® O58 - SDL:2009/09/23 20:23:02 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [6180832] =>.Intel Corporation O58 - SDL:2009/07/14 03:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows® O58 - SDL:2016/05/24 08:54:04 A . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\drivers\iSafeKrnlBoot.sys [55056] =>.Superfluous.Elex O58 - SDL:2016/05/19 08:42:01 A . (.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\drivers\iSafeNetFilter.sys [52392] =>.Superfluous.Elex O58 - SDL:2008/04/28 16:59:26 A . (.Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver.) -- C:\Windows\System32\drivers\jswpslwfx.sys [26624] =>.Atheros Communications, Inc. O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows® O58 - SDL:2010/11/20 15:33:48 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows® O58 - SDL:2010/11/20 15:33:48 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows® O58 - SDL:2009/06/10 22:35:42 A . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS 6.20 64-bit Dr.) -- C:\Windows\System32\drivers\Rt64win7.sys [187392] =>.Realtek Corporation O58 - SDL:2016/02/10 15:21:28 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [137280] =>.Power Software Limited® O58 - SDL:2009/06/10 22:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited, O58 - SDL:2009/07/14 03:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows® O58 - SDL:2013/08/22 14:40:24 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys [40664] =>.OpenVPN Technologies, Inc.® O58 - SDL:2016/03/26 23:02:57 A . (.电脑管家 - 电脑管家-驱动模块.) -- C:\Windows\System32\drivers\TFsFltX64.sys [87864] =>.Superfluous.Tencent O58 - SDL:2016/03/26 23:02:58 A . (.电脑管家 - 电脑管家-TSSK Driver.) -- C:\Windows\System32\drivers\TSSKX64.sys [38200] =>.Superfluous.Tencent O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows® O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows® O58 - SDL:2008/02/22 16:16:08 A . (.Printing Communications Assoc., Inc. (PCAUSA) - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\Windows\System32\drivers\ZDPSp50.sys [24360] =>.Atheros Communications Inc.® O58 - SDL:2008/02/22 16:16:14 A . (.Printing Communications Assoc., Inc. (PCAUSA) - PCAUSA NDIS 5.0 SPR Protocol Driver (AMD64).) -- C:\Windows\System32\drivers\ZDPSp50a64.sys [38440] =>.Atheros Communications Inc.® O58 - SDL:2010/01/05 20:23:18 RA . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\athurx.sys [1847296] =>.Atheros Communications, Inc. ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (10) - 59s O61 - LFC: 2016/06/04 11:36:21 A . (.VSee Lab, Inc..) -- C:\Users\Windows77777\Downloads\vsee24323_1247-r36.4_ga.exe [13620792] {6005117DFA4124D4D2B0E5B672A19374} O61 - LFC: 2016/06/01 12:24:35 A . (.Reimage®.) -- C:\Users\Windows77777\Downloads\Programs\ReimageRepair.exe [775320] {4320101ADF7A07C7405BC4433AE31FFD} =>.Superfluous.ReimageRepair O61 - LFC: 2016/06/04 12:08:29 A . (.Wei Dai.) -- C:\Users\Windows77777\AppData\Roaming\VSeeInstall\cryptopp.dll [1277496] {034736} O61 - LFC: 2016/06/04 12:08:37 A . (.VSee Lab.) -- C:\Users\Windows77777\AppData\Roaming\VSeeInstall\npVSeeDetection.dll [1243160] {413C4A0DDDCDDB7C2796AA145A32F943} O61 - LFC: 2016/06/04 12:08:28 A . (.VSee Lab, Inc..) -- C:\Users\Windows77777\AppData\Roaming\VSeeInstall\vsee.exe [21664312] {6005117DFA4124D4D2B0E5B672A19374} O61 - LFC: 2016/06/04 12:08:29 A . (..) -- C:\Users\Windows77777\AppData\Roaming\VSeeInstall\vseeCryptoppEnc.dll [278528] O61 - LFC: 2016/06/04 12:08:28 A . (..) -- C:\Users\Windows77777\AppData\Roaming\VSeeInstall\vseeRestarter.exe [96824] {6005117DFA4124D4D2B0E5B672A19374} O61 - LFC: 2016/06/04 12:08:28 A . (..) -- C:\Users\Windows77777\AppData\Roaming\VSeeInstall\vseeUninstall.exe [111160] {6005117DFA4124D4D2B0E5B672A19374} O61 - LFC: 2016/06/04 12:16:00 A . (..) -- C:\Users\Windows77777\AppData\Roaming\VSee\data.boussaada1972@gmail.com.bin [7168] O61 - LFC: 2016/05/30 22:22:14 A . (..) -- C:\Users\Windows77777\AppData\Local\Microsoft\Windows\1036\StructuredQuerySchema.bin [330752] ---\\ Associations Shell Spawning (9) - 1s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Menu de démarrage Internet (8) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. ---\\ Recherche d'infection sur les navigateurs (7) - 8s O69 - SBI: prefs.js [Windows77777 - 54j0qtu2.default] user_pref("browser.search.defaultenginename", "Search Provided by Yahoo"); =>.Superfluous.SearchProvided O69 - SBI: prefs.js [Windows77777 - 54j0qtu2.default] user_pref("browser.search.hiddenOneOffs", "Yahoo,Bing,Amazon.fr,DuckDuckGo,eBay France,Portail Lexical - CNRTL,Search Provided by [...] =>.Superfluous.SearchProvided O69 - SBI: prefs.js [Windows77777 - 54j0qtu2.default] user_pref("browser.search.selectedEngine", "Search Provided by Yahoo"); =>.Superfluous.SearchProvided O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Search Provided by Yahoo) - http://us.search.yahoo.com/ =>.Yahoo Search O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (Search Provided by Yahoo) - http://us.search.yahoo.com/ =>.Yahoo Search O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Search Provided by Yahoo) - http://us.search.yahoo.com/ =>.Yahoo Search O69 - SBI: SearchScopes [HKLM] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (@ieframe.dll,-12512) - http://www.bing.com/ ---\\ Enumère les services démarrés par Svchost (32) - 1s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [236032] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504] =>.Microsoft Corporation O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [64512] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll [680960] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\system32\wuaueng.dll [2477536] =>.Microsoft Windows Component Publisher® O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672] =>.Microsoft Corporation O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\system32\mmcss.dll [67584] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [121856] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136192] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1110016] =>.Microsoft Corporation O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [90624] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [44544] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation ---\\ Liste des exceptions du parefeu Windows (23) - 4s O87 - FAEL: "{8C04E89C-23AF-48C8-9B84-F63BD7AAE82B}" [In-None-P6-TRUE] .(...) -- C:\Users\Windows77777\AppData\Local\Temp\recinstalldl\RecInst.exe (.not file.) O87 - FAEL: "{824DF90C-C3EA-4CDE-89BD-6DC5692FF19D}" [In-None-P17-TRUE] .(...) -- C:\Users\Windows77777\AppData\Local\Temp\recinstalldl\RecInst.exe (.not file.) O87 - FAEL: "{7DDA8BF8-A5CB-4B8D-A8F0-C87ECA8988AB}" [In-None-P6-TRUE] .(...) -- C:\Users\Windows77777\AppData\Local\Temp\nscD9BE.tmp\QQPCDetector.exe (.not file.) O87 - FAEL: "{EE0E9C2A-24FE-4C27-AA4E-78895AAAC30E}" [In-None-P17-TRUE] .(...) -- C:\Users\Windows77777\AppData\Local\Temp\nscD9BE.tmp\QQPCDetector.exe (.not file.) O87 - FAEL: "{324E545C-FFD7-4E33-A4C2-8BE7DBF74F30}" [In-None-P6-TRUE] .(...) -- C:\Users\Windows77777\AppData\Local\Temp\nss3278.tmp\QQPCDetector.exe (.not file.) O87 - FAEL: "{9C0C89F5-F90D-4725-9C77-B49911C2633C}" [In-None-P17-TRUE] .(...) -- C:\Users\Windows77777\AppData\Local\Temp\nss3278.tmp\QQPCDetector.exe (.not file.) O87 - FAEL: "{A970DD10-E1E4-4561-9D7D-B2BB5A6855E6}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Common Files\Tencent\QQDownload\118\Tencentdl.exe (.not file.) =>.Superfluous.Tencent O87 - FAEL: "{B6728393-EA4A-4D7E-92D8-8696CFE0ACF8}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Common Files\Tencent\QQDownload\118\Tencentdl.exe (.not file.) =>.Superfluous.Tencent O87 - FAEL: "{45BAFE78-9051-4425-90B9-6A5077C19B65}" [In-None-P6-TRUE] .(...) -- C:\Users\Windows77777\AppData\Local\Temp\nso4FA8.tmpMoboInstall\mobogenieP2sp.exe (.not file.) =>PUP.Optional.Mobogenie O87 - FAEL: "{F46118D2-BB0A-42BB-AD03-9C0E52F280AA}" [In-None-P17-TRUE] .(...) -- C:\Users\Windows77777\AppData\Local\Temp\nso4FA8.tmpMoboInstall\mobogenieP2sp.exe (.not file.) =>PUP.Optional.Mobogenie O87 - FAEL: "{287CD496-DA96-458D-89CF-DFC9D0649DE0}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\pandasecuritytb\cleanupie.exe (.not file.) O87 - FAEL: "{7CB3E8BD-939F-4430-B79A-C50223915B0B}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\pandasecuritytb\cleanupie.exe (.not file.) O87 - FAEL: "{D491372A-0306-49B7-B709-96CC37752948}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe (.not file.) O87 - FAEL: "{10861808-EE0A-47B7-93EC-A7E52F5FC5FC}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe (.not file.) O87 - FAEL: "{52CBED6B-656A-4552-A6BE-224DFFC11B07}" [In-None-P6-TRUE] .(...) -- C:\Users\Windows77777\AppData\Local\Temp\nsf909D.tmpMoboInstall\mobogenieP2sp.exe (.not file.) =>PUP.Optional.Mobogenie O87 - FAEL: "{19DAF7E1-FB7B-4D09-B094-DC24442F6352}" [In-None-P17-TRUE] .(...) -- C:\Users\Windows77777\AppData\Local\Temp\nsf909D.tmpMoboInstall\mobogenieP2sp.exe (.not file.) =>PUP.Optional.Mobogenie O87 - FAEL: "{C4FC318D-DAF3-407E-BDD5-0ECD48C77097}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe (.not file.) =>PUP.Optional.Mobogenie O87 - FAEL: "{CB68658E-0224-4204-9ACF-C5B66241BF17}" [In-None-P17-TRUE] .(.Copyright (C) 2016 Legpat Authors - Legpat.) -- C:\Program Files (x86)\Legpat\Update\LegpatUpdate.exe {1121425C73F5B28AE6BF0FAAF2BE407751CF} O87 - FAEL: "{24CAE754-D57D-4536-9DB0-FC47F967E81C}" [In-None-P17-TRUE] .(.Copyright (C) 2016 Legpat Authors - Legpat.) -- C:\ProgramData\Legpat\Legpat.exe {1121425C73F5B28AE6BF0FAAF2BE407751CF} O87 - FAEL: "{97A2E1AA-8DB7-48CB-979F-E0FB77687A47}" [In-None-P6-TRUE] .(.Birch Grove Software, Inc. - Host Process for Com.) -- C:\Windows\SysWOW64\svctcom.exe {009F2D38A791C4E8F05BCACC61E0294389} O87 - FAEL: "{97CAF941-8CE7-40D8-8CFD-5406E2DD8C03}" [In-None-P17-TRUE] .(.Birch Grove Software, Inc. - Host Process for Com.) -- C:\Windows\SysWOW64\svctcom.exe {009F2D38A791C4E8F05BCACC61E0294389} O87 - FAEL: "TCP Query User{DF116DC8-EA1C-47E8-BE74-1B224A4EDF4D}C:\users\windows77777\appdata\roaming\vseeinstall\vsee.exe" [In-None-P6-TRUE] .(.VSee Lab, Inc. - vsee.) -- C:\users\windows77777\appdata\roaming\vseeinstall\vsee.exe {6005117DFA4124D4D2B0E5B672A19374} O87 - FAEL: "UDP Query User{74AC61F2-3472-4C80-BE4E-82B78EC8890C}C:\users\windows77777\appdata\roaming\vseeinstall\vsee.exe" [In-None-P17-TRUE] .(.VSee Lab, Inc. - vsee.) -- C:\users\windows77777\appdata\roaming\vseeinstall\vsee.exe {6005117DFA4124D4D2B0E5B672A19374} ---\\ Recherche de clés de registre Tracing (10) - 7s HKLM\SOFTWARE\Microsoft\Tracing\Reimage_RASAPI32 =>.Superfluous.ReimageRepair HKLM\SOFTWARE\Microsoft\Tracing\Reimage_RASMANCS =>.Superfluous.ReimageRepair HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32 =>Toolbar.Ask HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS =>Toolbar.Ask HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MobogenieService_RASAPI32 =>PUP.Optional.Mobogenie HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MobogenieService_RASMANCS =>PUP.Optional.Mobogenie HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\qkseeSvc_RASAPI32 =>.Superfluous.TaiwanShuiMu HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\qkseeSvc_RASMANCS =>.Superfluous.TaiwanShuiMu HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\QQLiveDownloader_RASAPI32 =>PUP.Optional.SoftwareEngine HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\QQLiveDownloader_RASMANCS =>PUP.Optional.SoftwareEngine ---\\ Scan Additionnel (59) - 0s HKLM\SYSTEM\CurrentControlSet\Services\qkseeService =>.Superfluous.TaiwanShuiMu C:\Program Files (x86)\qksee\qkseeSvc.exe =>.Superfluous.TaiwanShuiMu HKLM\SYSTEM\CurrentControlSet\Services\WdMan =>PUP.Optional.WdsManPro C:\ProgramData\cwinpc\WFini.exe =>PUP.Optional.WdsManPro HKLM\SYSTEM\CurrentControlSet\Services\winzipersvc =>.Superfluous.WinZipper C:\Program Files (x86)\WinZipper\winzipersvc.exe =>.Superfluous.WinZipper C:\Users\Windows77777\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc =>.Superfluous.MindSpark C:\Users\Windows77777\AppData\Roaming\Mozilla\Firefox\Profiles\54j0qtu2.default\searchplugins\Search Provided by Yahoo.xml =>.Superfluous.YahooSearchProvided C:\Users\Windows77777\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} =>PUP.Optional.Wajam HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bel-Arabi 1.00 =>PUP.Optional.Company HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZip =>.Superfluous.TaiwanShuiMu HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Bel-Arabi 1.00 =>PUP.Optional.Company HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinZip =>.Superfluous.TaiwanShuiMu HKLM\SOFTWARE\Wow6432Node\Elex-tech =>.Superfluous.Elex HKLM\SOFTWARE\Wow6432Node\hohosearchSoftware =>.Superfluous.HohoSearch HKLM\SOFTWARE\Wow6432Node\qksee =>.Superfluous.TaiwanShuiMu HKLM\SOFTWARE\Wow6432Node\qkseeSvc =>.Superfluous.TaiwanShuiMu HKLM\SOFTWARE\Wow6432Node\Systweak =>.Superfluous.Systweak HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent HKLM\SOFTWARE\Wow6432Node\WinZiper =>.Superfluous.WinZipper HKCU\SOFTWARE\9EC4F2486B621A0203970BB1F05BE7E2 =>PUP.Optional.CrossRider HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore HKCU\SOFTWARE\Reimage =>.Superfluous.ReimageRepair HKCU\SOFTWARE\systweak =>.Superfluous.Systweak HKCU\SOFTWARE\undefined =>.Superfluous.Downloader HKCU\SOFTWARE\YahooPartnerToolbar =>Toolbar.YahooPartner C:\Program Files\Reimage =>.Superfluous.ReimageRepair C:\Program Files (x86)\Mobogenie3 =>PUP.Optional.Mobogenie C:\Program Files (x86)\qksee =>.Superfluous.TaiwanShuiMu C:\Program Files (x86)\WinZipper =>.Superfluous.WinZipper C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee =>.Superfluous.TaiwanShuiMu C:\ProgramData\Tencent =>.Superfluous.Tencent C:\Program Files (x86)\Common Files\Tencent =>.Superfluous.Tencent C:\Users\Windows77777\AppData\Roaming\eCyber =>.Superfluous.Elex C:\Users\Windows77777\AppData\Roaming\Elex-tech =>.Superfluous.Elex C:\Users\Windows77777\AppData\Roaming\Mobogenie =>PUP.Optional.Mobogenie C:\Users\Windows77777\AppData\Roaming\qksee =>.Superfluous.TaiwanShuiMu C:\Users\Windows77777\AppData\Roaming\systweak =>.Superfluous.Systweak C:\Users\Windows77777\AppData\Roaming\Tencent =>.Superfluous.Tencent C:\Users\Windows77777\AppData\Roaming\WinZiper =>.Superfluous.WinZipper C:\Users\Windows77777\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tencent =>.Superfluous.Tencent C:\Windows\Prefetch\MOBOGENIE.EXE-66FFC6DD.pf =>PUP.Optional.Mobogenie C:\Windows\Prefetch\MOBOGENIEHELPER.EXE-8E6C2345.pf =>PUP.Optional.Mobogenie C:\Windows\Prefetch\MOBOGENIEINSTALLER.EXE-18B9217A.pf =>PUP.Optional.Mobogenie C:\Windows\Prefetch\MOBOGENIEMINI_1002_10006.EXE-A67EE512.pf =>PUP.Optional.Mobogenie C:\Windows\Prefetch\MOBOGENIEP2SP.EXE-6448CA5D.pf =>PUP.Optional.Mobogenie C:\Windows\Prefetch\MOBOGENIEP2SP.EXE-93FD32FE.pf =>PUP.Optional.Mobogenie C:\Windows\Prefetch\MOBOGENIESERVICE.EXE-DD409EEA.pf =>PUP.Optional.Mobogenie C:\Users\Windows77777\Downloads\Programs\ReimageRepair.exe =>.Superfluous.ReimageRepair HKLM64\SOFTWARE\Microsoft\Tracing\Reimage_RASAPI32 =>.Superfluous.ReimageRepair HKLM64\SOFTWARE\Microsoft\Tracing\Reimage_RASMANCS =>.Superfluous.ReimageRepair HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32 =>Toolbar.Ask HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS =>Toolbar.Ask HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MobogenieService_RASAPI32 =>PUP.Optional.Mobogenie HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MobogenieService_RASMANCS =>PUP.Optional.Mobogenie HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\qkseeSvc_RASAPI32 =>.Superfluous.TaiwanShuiMu HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\qkseeSvc_RASMANCS =>.Superfluous.TaiwanShuiMu HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\QQLiveDownloader_RASAPI32 =>PUP.Optional.SoftwareEngine HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\QQLiveDownloader_RASMANCS =>PUP.Optional.SoftwareEngine ---\\ Récapitulatif des éléments trouvés sur votre station (20) - 0s http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Elex https://www.nicolascoolman.info/2016/05/05/superfluous-taiwanshuimu/ =>.Superfluous.TaiwanShuiMu https://www.nicolascoolman.info/2016/04/30/pup-optional-crossrider/ =>PUP.Optional.CrossRider http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.WdsManPro http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.WinZipper http://www.nicolascoolman.fr/?p=368 =>.Superfluous.Tencent http://www.nicolascoolman.fr/?p=142 =>.Superfluous.MindSpark http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.YahooSearchProvided http://www.nicolascoolman.fr/?p=263 =>PUP.Optional.Wajam http://www.nicolascoolman.fr/link-657/ =>PUP.Optional.Company http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.HohoSearch http://www.nicolascoolman.fr/pup-systweak/ =>.Superfluous.Systweak https://www.nicolascoolman.info/2016/04/22/adware-installcore/ =>Adware.InstallCore http://www.nicolascoolman.fr/?p=1075 =>.Superfluous.ReimageRepair http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Downloader http://www.nicolascoolman.fr/?p=5143 =>Toolbar.YahooPartner http://www.nicolascoolman.fr/?p=215 =>PUP.Optional.Mobogenie http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.SearchProvided http://www.nicolascoolman.fr/?p=235 =>Toolbar.Ask http://www.nicolascoolman.fr/?p=1040 =>PUP.Optional.SoftwareEngine ~ End of the scan, 33435 items in 00h19mn36s (1042)(0)