Scribd
Upload
28 views33 pages

Dodododododo

jfjsjfopd fmfmmfmffmmf ffmf m mfkjpoeireireoe msmf smfsf

Uploaded by

thexp0wer
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
28 views33 pages

Dodododododo

jfjsjfopd fmfmmfmffmmf ffmf m mfkjpoeireireoe msmf smfsf

Uploaded by

thexp0wer
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 33

~ Rapport: C:\Users\MSAMMET\AppData\Roaming\ZHP\ZHPDiag.

txt
~ UAC: Activate
~ Dmarrage du systme: Normal (Normal boot)
Windows 7 Ultimate, 64-bit (Build 7600)
---\\
GCIE:
MFIE:
OPIE:
MSIE:

Navigateurs Internet (4) - 0s


Google Chrome v47.0.2526.73
Mozilla Firefox 42.0 (x86 fr) v42.0
Opera 33.0.1990.115 v33.0.1990.115
Internet Explorer v8.0.7600.16385

---\\ Informations sur les produits Windows (5) - 0s


Windows Server License Manager Script : Absent (Not found)
Windows ID Activation : Inconnue (Unknown)
Windows Licence : Inconnue (Unknown)
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection (1) - 1s
Windows Defender W7 (Activate)
---\\ Logiciels de protection et autres (Superflus) (1) - 1s
McAfee Security Scan Plus v3.11.163.2
---\\ Surveillance de Logiciels (1) - 1s
Adobe Flash Player 19 NPAPI
---\\ Informations sur le systme (6) - 0s
~ Operating System: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4075.356 MB (58% free)
System Restore: Activ (Enable)
System drive C: has 168 GB () free of 231 GB
---\\ Mode de connexion au systme (3) - 0s
~ Computer Name: MSAMMET-PC
~ User Name: MSAMMET
~ Logged in as Administrator
---\\ Enumration des units disques (5) - 0s
~ Drive C: has 168 GB free of 231 GB (System)
~ Drive D: has 119 GB free of 130 GB
~ Drive E: has 23 GB free of 99 GB
~ Drive F: has 13 GB free of 13 GB
~ Drive G: has GB free of 4 GB
---\\ Etat du Centre de Scurit Windows (10) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDeskt
opChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\
NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\
SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Applicati

on: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Recherche particulire de fichiers gnriques (26) - 0s
[MD5.C235A51CB740E45FFA0EBFB9BAFCDA64] - 14/07/2009 - (.Microsoft Corporation Explorateur Windows.) -- C:\Windows\Explorer.exe [2868224]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - 14/07/2009 - (.Microsoft Corporation Processus hte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation Application de dmarrage de Windows.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.B1037F0131C9A010D611F6914E03CD92] - 14/07/2009 - (.Microsoft Corporation Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [1193472]
[MD5.132328DF455B0028F13BF0ABEE51A63A] - 14/07/2009 - (.Microsoft Corporation Application douverture de session Windows.) -- C:\Windows\System32\Winlogon.exe [
389120]
[MD5.00000000000000000000000000000000] - 14/07/2009 - (...) -- C:\Windows\System
32\sppcomapi.dll [231936]
[MD5.05A2D26ACF0939A4E97160315F1FA12E] - 14/07/2009 - (.Microsoft Corporation DNS DLL de lAPI Client.) -- C:\Windows\System32\dnsapi.dll [356352]
[MD5.6D5A49D6479EB753C7879F73A4C35E0F] - 14/07/2009 - (.Microsoft Corporation DNS DLL de lAPI Client.) -- C:\Windows\Syswow64\dnsapi.dll [269824]
[MD5.BA618D26E3803692838A281B34D033C3] - 26/08/2015 - (.Microsoft Corporation DLL client de lAPI uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.
dll.mui [19968]
[MD5.B9384E03479D2506BC924C16A3DB87BC] - 13/07/2009 - (.Microsoft Corporation Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [
500224]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - 13/07/2009 - (.Microsoft Corporation CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - 13/07/2009 - (.Microsoft Corporation SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456]
[MD5.3F1DC527070ACB87E40AFE46EF6DA749] - 13/07/2009 - (.Microsoft Corporation DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - 14/07/2009 - (.Microsoft Corporation High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [
122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 13/07/2009 - (.Microsoft Corporation Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224
]
[MD5.CFDCD8CA87C2A657DEBC150AC35B5E08] - 13/07/2009 - (.Microsoft Corporation Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [157184]
[MD5.9162B273A44AB9DCE5B44362731D062A] - 13/07/2009 - (.Microsoft Corporation MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [259072]
[MD5.356698A13C4630D5B31C37378D469196] - 14/07/2009 - (.Microsoft Corporation Pilote du systme de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [165998
4]
[MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation Pilote de port parallle.) -- C:\Windows\System32\drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - 14/07/2009 - (.Microsoft Corporation RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.
sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - 14/07/2009 - (.Microsoft Corporation Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [1653
76]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation -

SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184]


[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - 13/07/2009 - (.Microsoft Corporation TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [99840]
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - 14/07/2009 - (.Microsoft Corporation Pilote de clich instantan du volume.) -- C:\Windows\System32\drivers\volsnap.sys [
294992]

---\\ Liste des services NT non Microsoft et non dsactivs (20) - 1s


O23 - Service: ASLDR Service (ASLDRService) . (.ASUSTek Computer Inc. - ASLDR Se
rvice.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: AtherosSvc (AtherosSvc) . (.Qualcomm Atheros Commnucations - Admi
nService Application.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS - GFNEXSrv.) - C:\Program


Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Cyclone License Server (CycloneLicenseServer) . (...) - C:\Progra
m Files\Leica Geosystems\Cyclone\CyraLicense.exe
O23 - Service: (cyclonepceservice.Service) . (.Leica Geosystems - CyclonePceSer
vice.) - C:\Program Files\Leica Geosystems\Cyclone\pcebin\cyclonepceservice.exe
O23 - Service: Intel(R) Dynamic Platform and Thermal Framework Processor P (Dptf
ParticipantProcessorService) . (.Intel Corporation - Intel(R) Dynamic Platform a
nd Thermal Frame.) - C:\Windows\System32\DptfParticipantProcessorService.exe
O23 - Service: Intel(R) Dynamic Platform and Thermal Framework Critical Se (Dptf
PolicyCriticalService) . (.Intel Corporation - Intel(R) Dynamic Platform and The
rmal Frame.) - C:\Windows\System32\DptfPolicyCriticalService.exe
O23 - Service: Intel(R) Dynamic Platform and Thermal Framework Low Power M (Dptf
PolicyLpmService) . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal
Frame.) - C:\Windows\System32\DptfPolicyLpmService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Progr
amme d installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpd
ate.exe
O23 - Service: Sentinel Local License Manager (hasplms) . (.SafeNet Inc. - Senti
nel LDK License Manager Service.) - C:\Windows\System32\hasplms.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capabil
ity Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability
Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_s
ervice) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_servi
ce.exe
O23 - Service: Leica HDS Server (Leica HDS Server) . (.Versant Corporation - Fas
tObjects Server (x64) 11.0.) - C:\Program Files\Leica Geosystems\Cyclone\FastObj
ectsServer64.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS)
. (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files
(x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: PSE License Manager (PSE License Manager) . (.Acresso Software In
c. - Acresso Software Inc..) - C:\Program Files (x86)\FLEXlm\bin\lmgrd.exe
O23 - Service: QQPCMgr RTP Service (QQPCRTP) . (.Tencent - -.) - C:\Progr
ncent\QQPCMgr\10.8.16208.227\QQPCRTP.exe =>PUP.Optional.TencentAddressBar
O23 - Service: SSFK (SSFK) . (.TODO: <> - TODO: <>.) - C:\Program Files (x86)\S
exe =>PUP.Optional.MyWebSearch
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU
Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files\Samsung\USB Driver
s\25_escape\conn\ss_conn_service.exe
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Sysintern
als process Explorer - Sysinternals process Explorer.) - C:\ProgramData\Tmp0x0x\
ProtectWindowsManager.exe =>PUP.Optional.WpManager
O23 - Service: ZAtheros Bt and Wlan Coex Agent (ZAtheros Bt and Wlan Coex Agent)
. (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Bluet

ooth Suite\Ath_CoexAgent.exe
---\\ Tches planifies en automatique (29) - 4s
[MD5.280A526E8111AC6A5BCC1A059E1E0340] [APT] [Adobe Flash Player Updater] (.Adob
e Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdate
Service.exe [269000]
[MD5.9EE2D1E2E3A55F8CD62AAB3EE8D8F3AF] [APT] [ASUS Smart Gesture Launcher] (.Asu
sTek.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLa
uncher.exe [18232]
[MD5.2E9DD22EE4AFF39242B0CE7F7CB277BB] [APT] [Driver Detective] (.PC Drivers Hea
dquarters.) -- C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective
.Client.exe [7666976] =>PUP.Optional.DriverDetective
[MD5.2E9DD22EE4AFF39242B0CE7F7CB277BB] [APT] [Driver Detective-RTMRules] (.PC Dr
ivers Headquarters.) -- C:\Program Files (x86)\Driver Detective\DriversHQ.Driver
Detective.Client.exe [7666976] =>PUP.Optional.DriverDetective
[MD5.2E9DD22EE4AFF39242B0CE7F7CB277BB] [APT] [Driver Detective-RTMScan] (.PC Dri
vers Headquarters.) -- C:\Program Files (x86)\Driver Detective\DriversHQ.DriverD
etective.Client.exe [7666976] =>PUP.Optional.DriverDetective
[MD5.2E9DD22EE4AFF39242B0CE7F7CB277BB] [APT] [Driver Detective-RTMUpdater] (.PC
Drivers Headquarters.) -- C:\Program Files (x86)\Driver Detective\DriversHQ.Driv
erDetective.Client.exe [7666976] =>PUP.Optional.DriverDetective
[MD5.7814A8ED32D5186BA651008AFFB55080] [APT] [GoogleUpdateTaskMachineCore] (.Goo
gle Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200]
[MD5.7814A8ED32D5186BA651008AFFB55080] [APT] [GoogleUpdateTaskMachineUA] (.Googl
e Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200]
[MD5.51A2632AAFF24229FB500BC52CFECBF2] [APT] [Opera scheduled Autoupdate 1446589
931] (.Opera Software.) -- C:\Program Files (x86)\Opera\launcher.exe [948856]
[MD5.F2E3A572FB9CAB4C0E8EB05F03602C12] [APT] [WinThruster] (.Solvusoft Corporati
on.) -- C:\Program Files (x86)\WinThruster\WinThruster.exe [7124304] =>.Super
fluous.WinThruster
[MD5.F2E3A572FB9CAB4C0E8EB05F03602C12] [APT] [WinThruster_DEFAULT] (.Solvusoft C
orporation.) -- C:\Program Files (x86)\WinThruster\WinThruster.exe [7124304]
=>.Superfluous.WinThruster
[MD5.F2E3A572FB9CAB4C0E8EB05F03602C12] [APT] [WinThruster_UPDATES] (.Solvusoft C
orporation.) -- C:\Program Files (x86)\WinThruster\WinThruster.exe [7124304]
=>.Superfluous.WinThruster
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Win
dows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\Goo
gleUpdateTaskMachineCore.job [1066]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\Googl
eUpdateTaskMachineUA.job [1070]
O39 - APT: WinThruster_DEFAULT - (.Solvusoft Corporation.) -- C:\Windows\Tasks\W
inThruster_DEFAULT.job [278] =>.Superfluous.WinThruster
O39 - APT: WinThruster_UPDATES - (.Solvusoft Corporation.) -- C:\Windows\Tasks\W
inThruster_UPDATES.job [286] =>.Superfluous.WinThruster
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Win
dows\System32\Tasks\Adobe Flash Player Updater [3940]
O39 - APT: ASUS Smart Gesture Launcher - (.AsusTek.) -- C:\Windows\System32\Task
s\ASUS Smart Gesture Launcher [3538]
O39 - APT: Driver Detective - (.PC Drivers Headquarters.) -- C:\Windows\System32
\Tasks\Driver Detective [3508] =>PUP.Optional.DriverDetective
O39 - APT: Driver Detective-RTMRules - (.PC Drivers Headquarters.) -- C:\Windows
\System32\Tasks\Driver Detective-RTMRules [3792] =>PUP.Optional.DriverDetecti
ve
O39 - APT: Driver Detective-RTMScan - (.PC Drivers Headquarters.) -- C:\Windows\
System32\Tasks\Driver Detective-RTMScan [4336] =>PUP.Optional.DriverDetective
O39 - APT: Driver Detective-RTMUpdater - (.PC Drivers Headquarters.) -- C:\Windo
ws\System32\Tasks\Driver Detective-RTMUpdater [3800] =>PUP.Optional.DriverDet
ective

O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\


Tasks\GoogleUpdateTaskMachineCore [3814]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Ta
sks\GoogleUpdateTaskMachineUA [4066]
O39 - APT: Opera scheduled Autoupdate 1446589931 - (.Opera Software.) -- C:\Wind
ows\System32\Tasks\Opera scheduled Autoupdate 1446589931 [3860]
O39 - APT: WinThruster - (.Solvusoft Corporation.) -- C:\Windows\System32\Tasks\
WinThruster [3106] =>.Superfluous.WinThruster
O39 - APT: WinThruster_DEFAULT - (.Solvusoft Corporation.) -- C:\Windows\System3
2\Tasks\WinThruster_DEFAULT [2880] =>.Superfluous.WinThruster
O39 - APT: WinThruster_UPDATES - (.Solvusoft Corporation.) -- C:\Windows\System3
2\Tasks\WinThruster_UPDATES [3036] =>.Superfluous.WinThruster
---\\ Processus lancs (53) - 3s
[MD5.DC2BA6926FA0CDCE273CC9897F05584A] - (.ASUSTek Computer Inc. - ASLDR Service
.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [107320] [
PID.1244]
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) -- C:\Program Files
(x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1268]
[MD5.A917E4F753B90A5181ECBFA56D5C154A] - (.Qualcomm Atheros Commnucations - Admi
nService Application.) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.ex
e [227456] [PID.1696]
[MD5.347247C0F40A7053EDA597D78AADA454] - (...) -- C:\Program Files\Leica Geosyst
ems\Cyclone\CyraLicense.exe [1373456] [PID.1740]
[MD5.F431427CD83E9A582E06EE3396F5219A] - (.ASUSTek Computer Inc. - HControl.) -C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [303928] [PID.1
812]
[MD5.83215BB4418AD74BAE6803F84BBCEEA5] - (.Leica Geosystems - CyclonePceService.
) -- C:\Program Files\Leica Geosystems\Cyclone\pcebin\cyclonepceservice.exe [109
056] [PID.2004]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (
x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe [2488888] [PID.1792]
[MD5.4F870EF9292559AB9DE6F31527A1DCBF] - (.ASUSTek Computer Inc. - KBFiltr.) -C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe [113312] [PID.214
8]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86
)\ASUS\ATK Package\ATK Hotkey\WDC.exe [174648] [PID.2188]
[MD5.4ED6580BE0D25F0270E7447F60F248EE] - (.AsusTek - ASUS Smart Gesture Loader.)
-- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.e
xe [199992] [PID.2364]
[MD5.DC694B4D6F870095E56B0A9CEB3EC5EE] - (.Qualcomm Atheros Commnucations - Exte
nsion Core.) -- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712] [PI
D.2396]
[MD5.33ECE216B2B85850BD00CAD23046C200] - (.Intel Corporation - Intel(R) Dynamic
Platform and Thermal Frame.) -- C:\Windows\System32\DptfPolicyLpmServiceHelper.e
xe [79376] [PID.2404]
[MD5.1BF864E71C3945A6DCCFA33389C04311] - (.Intel Corporation - igfxTray Module.)
-- C:\Windows\System32\igfxtray.exe [165848] [PID.2412]
[MD5.8A339707D1762216EE658C6593871F6D] - (.Intel Corporation - igfxsrvc Module.)
-- C:\Windows\System32\igfxsrvc.exe [529880] [PID.2436]
[MD5.CD8E2E512ABF8FC99BE7276C67FAB57C] - (.Intel Corporation - hkcmd Module.) -C:\Windows\System32\hkcmd.exe [407512] [PID.2444]
[MD5.1ABEC6B45B80BE71AC7DFCF618608E43] - (.ASUSTeK Computer Inc. - ASUS Quick Ge
sture Exe.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\Q
uickGesture64.exe [21816] [PID.2472]
[MD5.AA03C052F3000CED0A300C0AC949B50F] - (.ASUSTeK Computer Inc. - ASUS Quick Ge
sture Exe.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\Q
uickGesture.exe [20280] [PID.2484]
[MD5.D97DBD3B21E6773F5FB94CB63D0F21A5] - (.Intel Corporation - persistence Modul
e.) -- C:\Windows\System32\igfxpers.exe [444376] [PID.2536]

[MD5.637C513A8A3FFBB3AA05FAFAC3F9174D] - (.Realtek Semiconductor - Gestionnaire


audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152]
[PID.2572]
[MD5.058388D2D86C28C6C345B52ECF251FF7] - (.Intel Corporation - Intel(R) Dynamic
Platform and Thermal Frame.) -- C:\Windows\System32\DptfParticipantProcessorServ
ice.exe [83032] [PID.2096]
[MD5.DD102BC049487894B5214E5CC890F7C7] - (.Intel Corporation - Intel(R) Dynamic
Platform and Thermal Frame.) -- C:\Windows\System32\DptfPolicyConfigTDPService.e
xe [100032] [PID.2352]
[MD5.920DA0F094DDE55DF835FECD7304A0C1] - (.Intel Corporation - Intel(R) Dynamic
Platform and Thermal Frame.) -- C:\Windows\System32\DptfPolicyCriticalService.ex
e [84568] [PID.1776]
[MD5.4BA8E65371129900116259D8513644EB] - (.Intel Corporation - Intel(R) Dynamic
Platform and Thermal Frame.) -- C:\Windows\System32\DptfPolicyLpmService.exe [92
864] [PID.2360]
[MD5.B548063ADC956801046D2DA3037C1D73] - (.SafeNet Inc. - Sentinel LDK License M
anager Service.) -- C:\Windows\System32\hasplms.exe [4913608] [PID.2708]
[MD5.0DB1E3F6189C628675F855C0EB510419] - (.Intel(R) Corporation - Intel(R) Capab
ility Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer
.exe [733696] [PID.2764]
[MD5.515862B13E877BB1EC7D3BC9696C614B] - (.Versant Corporation - FastObjects Ser
ver (x64) 11.0.) -- C:\Program Files\Leica Geosystems\Cyclone\FastObjectsServer6
4.exe [550912] [PID.3144]
[MD5.E175D10D3ADFA6479E3984E695499175] - (.McAfee, Inc. - McAfee Security Scanne
r Scheduler.) -- C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
[330456] [PID.4012]
[MD5.BD9B0E544F4D70E20781A00A27FF98E5] - (.IVT Corporation - Bluetooth Applicati
on.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.
exe [379904] [PID.4040]
[MD5.9DA3B55B17B54789AFB8C657D4ACE4D7] - (.DEVGURU Co., LTD. - MSS CS Connectivi
ty Service.) -- C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_serv
ice.exe [743688] [PID.4208]
[MD5.86B8B1F5C1189D68B07666784BE882FE] - (.Atheros - Atheros Coex Service Applic
ation.) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584] [PI
D.4368]
[MD5.23075147F62C896784C66D706F38360E] - (.ASUSTek Computer Inc. - ATKOSD2.) -C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [328504] [PID.5448]
[MD5.0B50F07E63EE15383CDFDC26D7A3D3E3] - (.ASUSTek Computer Inc. - ATK Media.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [205184] [PID.553
6]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program F
iles (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016] [PID.5548]
[MD5.0B485584F43ABC41895BC32C8E52339A] - (.IVT Corporation - Bluetooth Applicati
on.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpC
S.exe [138752] [PID.5708]
[MD5.1128B38EEC9DAF1B36373B65E87C00A3] - (.Intel Corporation - Intel(R) Dynamic
Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management
Engine Components\DAL\jhi_service.exe [169432] [PID.504]
[MD5.388B04A767082D0B0581AF475DF943D9] - (.Intel Corporation - Intel(R) Local Ma
nagement Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Co
mponents\LMS\LMS.exe [368600] [PID.5984]
[MD5.26F231A36790540BE7E6D2B64DB6E2F1] - (.AsusTek - ASUS Smart Gesture Helper.)
-- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.e
xe [170296] [PID.7324]
[MD5.79FE7F781972884B7AB05B4E60CC5ED9] - (.Sysinternals process Explorer - Sysin
ternals process Explorer.) -- C:\ProgramData\Tmp0x0x\ProtectWindowsManager.exe [
344232] [PID.6668]
[MD5.44D1D137952BE444B2BD998200151DFC] - (.TODO: <> - TODO: <>.) -- C:\Program
86)\SFK\SSFK.exe [155280] [PID.8140]
[MD5.FC03670374BE44BAA71770124A0968F1] - (.Tencent - -TAO.) -- C:\Program Files (x86

)\Tencent\QQPCMgr\10.8.16208.227\TAOFrame.exe [293728] [PID.8720] =>PUP.Optiona


l.TencentAddressBar
[MD5.7C8C3FB2CB2E941ABDBF02DDBFB82657] - (.Tencent - -.) -- C:\Program Fi
\QQPCMgr\10.8.16208.227\QQPCRTP.exe [297608] [PID.3484] =>PUP.Optional.TencentA
ddressBar
[MD5.50301BE8AACD48A4E0C82A574C0EDD91] - (.Tencent - .) -- C:\Program Files (x86)\Te
ncent\QQPCMgr\10.8.16208.227\QQPCTray.exe [355296] [PID.3892] =>PUP.Optional.Te
ncentAddressBar
[MD5.16E27465FC02E6974704FD2187E92144] - (.Tencent - .) -- C:\program files (
files\Tencent\qqdownload\130\tencentdl.exe [1097272] [PID.2320] =>PUP.Optional
.TencentAddressBar
[MD5.50301BE8AACD48A4E0C82A574C0EDD91] - (.Tencent - .) -- C:\Program Files (x86)\Te
ncent\QQPCMgr\10.8.16208.227\QQPCTray.exe [355296] [PID.8332] =>PUP.Optional.Te
ncentAddressBar
[MD5.2468FC8CBC574FBF104C50760E59216B] - (.Copyright 2015 Tencent. All Rights Re
served. - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSo
exe [1132896] [PID.6792] =>PUP.Optional.TencentAddressBar
[MD5.7A9967D4B1C214B317AC78F824CBA7A6] - (.AsusTek - ASUS Smart Gesture Center.)
-- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.e
xe [260408] [PID.8576]
[MD5.EC72274DD11DB930A5D3B34A1CD6F4F4] - (. - .) -- C:\IQIYI Video\LSty
264] [PID.8304] =>.Superfluous.IQIYIVideo
[MD5.4B0583A0A6A22D9F453BFFD467E68190] - (.Mozilla Corporation - Firefox.) -- C:
\Program Files (x86)\Mozilla Firefox\firefox.exe [392872] [PID.5516]
[MD5.344CC9339BA1022F335B46B95AABF32F] - (.Mozilla Corporation - Plugin Containe
r for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [
277672] [PID.1104]
[MD5.BC13FFE3F1B6582AE1ADC2B536AF8CC5] - (.Adobe Systems, Inc. - Adobe Flash Pla
yer 19.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245
.exe [3426504] [PID.9960]
[MD5.BC13FFE3F1B6582AE1ADC2B536AF8CC5] - (.Adobe Systems, Inc. - Adobe Flash Pla
yer 19.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245
.exe [3426504] [PID.9760]
[MD5.3A1F39B8F280D98821AD261FF6936490] - (.Copyright (C) 2015 Nicolas Coolman ZHPDiag.) -- C:\Users\MSAMMET\Desktop\ZHPDiag3.exe [1994240] [PID.8432]
[MD5.3A1F39B8F280D98821AD261FF6936490] - (.Copyright (C) 2015 Nicolas Coolman ZHPDiag.) -- C:\Users\MSAMMET\Desktop\ZHPDiag3.exe [1994240] [PID.4620]
---\\ Google Chrome, Dmarrage,Recherche,Extensions (19) - 0s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://r4---sn-p5h-jhos.gvt
1.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://r6---sn-p5h-jhoz.gvt
1.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://redirector.gvt1.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://tools.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://accounts.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.googleuserc
ontent.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.googleapis.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Goog
le Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Goog
le Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Goog
le Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Goog
le Chrome manifest =>.Google Inc.

G2
le
G2
le
G2
me
G2
le
G2
le

- GCE: Preference [User Data\Default]


Chrome manifest =>.Google Inc.
- GCE: Preference [User Data\Default]
Chrome manifest =>.Google Inc.
- GCE: Preference [User Data\Default]
Hotword Shared Module
- GCE: Preference [User Data\Default]
Chrome manifest =>.Google Inc.
- GCE: Preference [User Data\Default]
Chrome manifest =>.Google Inc.

[coobgpohoikkiipiblmjeljniedjpjpf] Goog
[felcaaldnbdncclmgdcncolpebgiejap] Goog
[lccekmodgklaepjeofjdjpbminllajkg] Chro
[nmmhkkegccagdldgiimedpiccmgmieda] Goog
[pjkljhegncpnkpknbcohdijeoejaedia] Goog

---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (15) - 1s


P2 - EXT FILE: (...) -- C:\Users\MSAMMET\AppData\Roaming\Mozilla\Firefox\Profile
s\ldp4k5fg.default\searchplugins\mysites123.xml =>PUP.Optional.Mysites123
P2 - EXT FILE: (...) -- C:\Users\MSAMMET\AppData\Roaming\Mozilla\Firefox\Profile
s\ldp4k5fg.default\searchplugins\yahoo-lavasoft.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browse
r\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - EXT: (.lightningnewtab.com - Newtab.) -- C:\Users\MSAMMET\AppData\Roaming\M
ozilla\Firefox\Profiles\ldp4k5fg.default\extensions\[email protected] =>PUP.O
ptional.LightningNewTab
P2 - EXT: (.roc - YahooToolsProtected .) -- C:\Users\MSAMMET\AppData\Roaming\Moz
illa\Firefox\Profiles\ldp4k5fg.default\extensions\[email protected]
P2 - FPN: [HKCU] [@iqiyi.com/npWebPlayer] - (.pps-webplayer-plugin.) -- C:\IQIYI
Video\LStyle\npWebPlayer.dll =>.Superfluous.IQIYIVideo
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies A
pS.) -- C:\Users\MSAMMET\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:


\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll
P2 - FPN: [HKLM] [@intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29] - (.I
ntel Corporation.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Co
mponents\IPT\npIntelWebAPIIPT.dll
P2 - FPN: [HKLM] [@intel-webapi.intel.com/Intel WebAPI updater] - (.Intel Corpor
ation.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IP
T\npIntelWebAPIUpdater.dll
P2 - FPN: [HKLM] [@iqiyi.com/npclient] - (.iQiyi.com.) -- C:\IQIYI Video\LStyle\
npclient.dll =>.Superfluous.IQIYIVideo
P2 - FPN: [HKLM] [@iqiyi.com/npWebPlayer] - (.pps-webplayer-plugin.) -- C:\IQIYI
Video\LStyle\npWebPlayer.dll =>.Superfluous.IQIYIVideo
P2 - FPN: [HKLM] [@qq.com/QQPCMgr] - (.Tencent Technology (Shenzhen) Company Lim
ited.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\npQMExtensionsMo
zilla.dll =>PUP.Optional.TencentAddressBar
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc..) - C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc..) - C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
---\\ Internet Explorer,Dmarrage,Recherche,URLSearchHook (17) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hao1
23.com/ =>PUP.Optional.Browser
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hao1
23.com/ =>PUP.Optional.Browser
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = htt
p://www.hao123.com/ =>PUP.Optional.Browser
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.micr
osoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.micr
osoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go

.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:
noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:s
ecurityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://
go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dl
l/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res:
//ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = ht
tp://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL
= http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_U
RL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off P
age = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Pa
ge = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean
=>.Microsoft Internet Explorer
---\\ Internet Explorer,Proxy Management (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
e = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
xy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Proxy = wininet.dll

Settings,ProxyEnabl
Settings,MigratePro
Settings,EnableHttp
Settings,AutoConfig

---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s


F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.ex
e (.Microsoft Corporation.)
---\\ Etude du fichier hosts (2) - 0s
0
~ Le fichier hte est sain (The hosts file is clean) (24)
---\\ Browser Helper Object de navigateur (BHO) (2) - 0s
O2 - BHO: TSWebMon [64Bits] - {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} (Orphean)
O2 - BHO: IESpeakDoc [64Bits] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} (Orphean
)
---\\ Applications lances au dmarrage du systme (25) - 1s
O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] . (.Intel Corporation - Intel(R)
Dynamic Platform and Thermal Frame.) -- C:\Windows\System32\DptfPolicyLpmService
Helper.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Win
dows\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Win
dows\System32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -C:\Windows\System32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD R

ealtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe


O4 - HKCU\..\Run: [WiFi Guard] C:\Users\MSAMMET\AppData\Local\Temp\Rar$EXa0.199\
64-bit\WiFiGuard.exe (.not file.)
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - Torrent.) -- C:\Users\MSAMMET\
AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [apphide] . (. - pps.) -- C:\Program Files (x86)\baidu\pps.exe
O4 - HKCU\..\Run: [HCDNClient] . (.iQIYI.COM - HCDN.) -- C:\IQIYI Video
=>.Superfluous.IQIYIVideo
O4 - HKLM\..\Wow6432Node\Run: [BtTray] . (.IVT Corporation - Bluetooth Applicati
on.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.
exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUSTek Computer Inc. - ATKOSD2.) -C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUSTek Computer Inc. - ATK Media.)
-- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Pro
gram Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd.
- Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAg
ent.exe
O4 - HKLM\..\Wow6432Node\Run: [myWIFIzone] . (.myWIFIzone.com - Internet Access
Blocker.) -- C:\Program Files (x86)\myWIFIzone\myWIFIzone.exe
O4 - HKLM\..\Wow6432Node\Run: [ QQPCTray] . (.Tencent - .) -- C:\Program Files (x86)
\Tencent\QQPCMgr\10.8.16208.227\QQPCTray.exe =>PUP.Optional.TencentAddressBar
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Qualcomm Atheros Commnucation
s - Extension Core.) -- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bure
au Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bure
au Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.)
-- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.)
-- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-4066160204-1538751325-1720907517-1000\..\Run: [WiFi Guard] C:
\Users\MSAMMET\AppData\Local\Temp\Rar$EXa0.199\64-bit\WiFiGuard.exe (.not file.)
O4 - HKUS\S-1-5-21-4066160204-1538751325-1720907517-1000\..\Run: [uTorrent] . (.
BitTorrent Inc. - Torrent.) -- C:\Users\MSAMMET\AppData\Roaming\uTorrent\uTorrent
.exe
O4 - HKUS\S-1-5-21-4066160204-1538751325-1720907517-1000\..\Run: [apphide] . (.
- pps.) -- C:\Program Files (x86)\baidu\pps.exe
O4 - HKUS\S-1-5-21-4066160204-1538751325-1720907517-1000\..\Run: [HCDNClient] .
(.iQIYI.COM - HCDN.) -- C:\IQIYI Video\LStyle\QyKernel.exe =>.Superflu

---\\ Raccourcis Global Startup (17) - 2s


O4 - GS\Desktop [Administrateur]: PPS.lnk . (. - .) C:\IQIYI Vide
lient.exe =>.Superfluous.IQIYIVideo
O4 - GS\Desktop [Administrateur]: PPS .lnk . (. - .) C:\IQIYI
rfluous.IQIYIVideo
O4 - GS\Quicklaunch [Administrateur]: PPS.lnk . (. - .) C:\IQ
uperfluous.IQIYIVideo
O4 - GS\TaskBar [Administrateur]: PPS.lnk . (. - .) C:\IQIYI
fluous.IQIYIVideo
O4 - GS\Startup [Administrateur]: PPS.lnk . (. - .) C:\IQIYI
fluous.IQIYIVideo
O4 - GS\Desktop [Invit]: PPS.lnk . (. - .) C:\IQIYI Video\Common
=>.Superfluous.IQIYIVideo
O4 - GS\Desktop [Invit]: PPS .lnk . (. - .) C:\IQIYI Video\L
IYIVideo
O4 - GS\Quicklaunch [Invit]: PPS.lnk . (. - .) C:\IQIYI Vide

.IQIYIVideo
O4 - GS\TaskBar [Invit]: PPS.lnk . (. - .) C:\IQIYI Video\LS
YIVideo
O4 - GS\Startup [Invit]: PPS.lnk . (. - .) C:\IQIYI Video\LS
YIVideo
O4 - GS\Desktop [MSAMMET]: PPS.lnk . (. - .) C:\IQIYI Video\Commo
xe =>.Superfluous.IQIYIVideo
O4 - GS\Desktop [MSAMMET]: PPS .lnk . (. - .) C:\IQIYI Video\
.IQIYIVideo
O4 - GS\Quicklaunch [MSAMMET]: PPS.lnk . (. - .) C:\IQIYI Vid
ous.IQIYIVideo
O4 - GS\TaskBar [MSAMMET]: PPS.lnk . (. - .) C:\IQIYI Video\L
IQIYIVideo
O4 - GS\Startup [MSAMMET]: PPS.lnk . (. - .) C:\IQIYI Video\L
IQIYIVideo
O4 - GS\CommonDesktop [Public]: WinThruster.lnk . (.Solvusoft Corporation - WinT
hruster.) C:\Program Files (x86)\WinThruster\WinThruster.exe =>.Superfluous.Win
Thruster
O4 - GS\Programs [Public]: PPS.lnk . (. - .) C:\IQIYI Video\L
IQIYIVideo
---\\ Winsock hijacker (Layered Service Provider) (5) - 0s
O10 - WLSP:\Catalog_Entries\000000000001\Winsock LSP File . (...)
System32\LavasoftTcpService.dll (Not File) =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries\000000000002\Winsock LSP File . (...)
System32\LavasoftTcpService.dll (Not File) =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries\000000000003\Winsock LSP File . (...)
System32\LavasoftTcpService.dll (Not File) =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries\000000000004\Winsock LSP File . (...)
System32\LavasoftTcpService.dll (Not File) =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries\000000000016\Winsock LSP File . (...)
System32\LavasoftTcpService.dll (Not File) =>Hijacker.Winsock
---\\
O17 O17 O17 -

-- C:\Windows\
-- C:\Windows\
-- C:\Windows\
-- C:\Windows\
-- C:\Windows\

Modification Domaine/Adresses DNS (3) - 0s


HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Protocole additionnel (23) - 1s


O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Micro
soft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtm
l.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microso
ft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll

O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microso


ft Corporation - Contrle ActiveX pour le flux vido.) -- C:\Windows\SysWOW64\MSVidC
tl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Micros
oft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dl
l
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microso
ft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Micros


oft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dl
l
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Micro
soft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.d
ll

O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microso


ft Corporation - Microsoft InfoTech Storage System Library.) -- C:\Windows\System
32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.
Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\
mshtml.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Micro
soft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.d
ll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Micr
osoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\msht
ml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Micro
soft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\Sy
stem32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsof
t Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Micr
osoft Corporation - Microsoft InfoTech Storage System Library.) -- C:\Windows\Sys
tem32\itss.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microso
ft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.
dll
O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.S
kype Technologies - Skype for COM API.) -- C:\Windows\SysWOW64\skype4com.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsof
t Corporation - Contrle ActiveX pour le flux vido.) -- C:\Windows\SysWOW64\MSVidCt
l.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Mi
crosoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\ms
html.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04
F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) - C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79
ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C
:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04
F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) - C:\Windows\System32\mscoree.dll
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Micr
osoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.
dll
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microso
ft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll

---\\ Logiciels installs (47) - 5s


O42 - Logiciel: Torrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent
O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HK
LM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: ASUS Smart Gesture - (.ASUS.) [HKLM][64Bits] -- {4D3286A6-F6AB-4
98A-82A4-E4F040529F3D}
O42 - Logiciel: ATK Package - (.ASUS.) [HKLM][64Bits] -- {AB5C933E-5C7D-4D30-B31
4-9C83A49B94BE}
O42 - Logiciel: Driver Detective - (.PC Drivers HeadQuarters LP.) [HKLM][64Bits]
-- DriversHQ.DriverDetective.Client =>PUP.Optional.DriverDetective
O42 - Logiciel: DriversCloud.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {6D
D6A506-6E23-4AEA-AE00-B32894D81CEE}
O42 - Logiciel: FLEXlm for PSE 11.6.1.10 - (.Process Systems Enterprise.) [HKLM]

[64Bits] -- FLEXlm for PSE.11.6.1.10


O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC98
0A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Intel(R) Dynamic Platform and Thermal Framework - (.Intel Corpor
ation.) [HKLM][64Bits] -- FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [H
KLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bit
s] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Cor
poration.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel Trusted Connect Service Client - (.Intel Corporation.) [HKL
M][64Bits] -- {89AFB053-A343-46EF-97E4-D593AD7184E6}
O42 - Logiciel: JKSimMet v5.3 - (.JKTech Pty Ltd.) [HKLM][64Bits] -- {C754FCCF-1
427-4489-8E56-A2EF4A41C02A}
O42 - Logiciel: Kingo ROOT version 1.4.0.2390 - (.Kingosoft Technology Ltd..) [H
KLM][64Bits] -- {AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1
O42 - Logiciel: Leica Cyclone 7.4.1 - (.Leica Geosystems.) [HKLM][64Bits] -- {73
A41B75-926C-43F5-B981-C633F6FB3C5C}
O42 - Logiciel: Leica pcE RunTime 2.0.6.6976 - (.Leica Geosystems.) [HKLM][64Bit
s] -- {5A99D3FB-A206-6976-831A-49ED49A7BFC5}
O42 - Logiciel: Leica pcE RunTime 2.0.6.6976 - (.Leica Geosystems.) [HKLM][64Bit
s] -- InstallShield_{5A99D3FB-A206-6976-831A-49ED49A7BFC5}
O42 - Logiciel: LibreOffice 5.0.2.2 - (.The Document Foundation.) [HKLM][64Bits]
-- {71508AE2-346A-4E56-AE95-DBB8DE692258}
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- M
cAfee Security Scan
O42 - Logiciel: Mozilla Firefox 42.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mo
zilla Firefox 42.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- Mozi
llaMaintenanceService
O42 - Logiciel: MyFreeCodec - (...) [HKCU][64Bits] -- MyFreeCodec
O42 - Logiciel: mysites123 uninstall - (.mysites123.) [HKLM][64Bits] -- mysites1
23 uninstall =>PUP.Optional.Mysites123
O42 - Logiciel: myWIFIzone - (.myWIFIzone.com.) [HKLM][64Bits] -- {5D5CCE73-E9C7
-478C-B413-A9444BB24F19}
O42 - Logiciel: Opera Stable 33.0.1990.115 - (.Opera Software.) [HKLM][64Bits] - Opera 33.0.1990.115
O42 - Logiciel: Package de pilotes Windows - ASUS (ATP) Mouse (05/09/2013 1.0.0
.173) - (.ASUS.) [HKLM][64Bits] -- 1016059FBF327ED9E3BAE758BD08CF10D3C6252D
O42 - Logiciel: Pluto TV version 0.1.5 - (.Pluto TV.) [HKLM][64Bits] -- Pluto TV
_is1
O42 - Logiciel: ProM 6.5.1 - (.processmining.org.) [HKLM][64Bits] -- ProM 6.5.1
6.5.1
O42 - Logiciel: Qualcomm Atheros Bluetooth Suite (64) - (.Qualcomm Atheros Commu
nications.) [HKLM][64Bits] -- {A84A4FB1-D703-48DB-89E0-68B6499D2801}
O42 - Logiciel: Ralink Bluetooth Stack64 - (.Mediatek.) [HKLM][64Bits] -- {307AA
214-8490-9119-DA81-C8E875AD1C94}
O42 - Logiciel: Ralink RT2860 Wireless LAN Card - (.Ralink.) [HKLM][64Bits] -- {
8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits]
-- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor C
orp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM
][64Bits] -- {C9661090-C134-46E8-90B2-76D72355C2A6}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits]
-- {758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits]

-- InstallShield_{758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits]
-- {88547073-C566-4895-9005-EBE98EA3F7C7}
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits]
-- InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}
O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co.
, Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -UnityWebPlayer
O42 - Logiciel: Visionneuse Microsoft PowerPoint - (.Microsoft Corporation.) [HK
LM][64Bits] -- {95140000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR
archiver
O42 - Logiciel: WinThruster - (.solvusoft Corporation.) [HKLM][64Bits] -- WinThr
uster_is1 =>.Superfluous.WinThruster
O42 - Logiciel:  - (..) [HKLM][64Bits] -- GeePlayer
O42 - Logiciel:  - (..) [HKLM][64Bits] -- IQIYI Video =>.Superfluous.IQIYIVi
---\\ HKCU & HKLM Software Keys (77) - 5s
HKLM\SOFTWARE\Wow6432Node\Aladdin Knowledge Systems
HKLM\SOFTWARE\Wow6432Node\ASIO
HKLM\SOFTWARE\Wow6432Node\AsLdr
HKLM\SOFTWARE\Wow6432Node\AspenTech
HKLM\SOFTWARE\Wow6432Node\ASUS
HKLM\SOFTWARE\Wow6432Node\Cyra Technologies
HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch
HKLM\SOFTWARE\Wow6432Node\FLEXlm License Manager
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\IO3O
HKLM\SOFTWARE\Wow6432Node\IVT Corporation
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Lavasoft
HKLM\SOFTWARE\Wow6432Node\Leica Geosystems
HKLM\SOFTWARE\Wow6432Node\LibreOffice
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\mcafeeupdater
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Myfree Codec
HKLM\SOFTWARE\Wow6432Node\mysites123Software =>PUP.Optional.Mysites123
HKLM\SOFTWARE\Wow6432Node\myWIFIzone
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\processmining.org
HKLM\SOFTWARE\Wow6432Node\Ralink
HKLM\SOFTWARE\Wow6432Node\Ralink Corporation
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Riegl_LMS
HKLM\SOFTWARE\Wow6432Node\Solvusoft =>.Superfluous.Solvusoft
HKLM\SOFTWARE\Wow6432Node\SuppHelpDir
HKLM\SOFTWARE\Wow6432Node\Tencent =>PUP.Optional.TencentAddressBar
HKLM\SOFTWARE\Wow6432Node\The Document Foundation
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications

HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\ASUS
HKCU\SOFTWARE\Atheros
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\DriverSupport
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\ICSW1.14 =>Adware.InstallCore
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Leica Geosystems
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Myfree Codec
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\PlutoTV
HKCU\SOFTWARE\PPStream
HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore
HKCU\SOFTWARE\QyGameClient =>.Superfluous.IQIYIVideo
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\Samsung
HKCU\SOFTWARE\Solvusoft =>.Superfluous.Solvusoft
HKCU\SOFTWARE\TeleCharger =>.Superfluous.Downloader
HKCU\SOFTWARE\Tencent =>PUP.Optional.TencentAddressBar
HKCU\SOFTWARE\The Document Foundation
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Unity
---\\ Contenu des dossiers
O43 - CFD: 26/08/2015 - []
O43 - CFD: 06/12/2015 - []
O43 - CFD: 26/08/2015 - []
O43 - CFD: 06/12/2015 - []
O43 - CFD: 27/08/2015 - []
ptional.DriverDetective
O43 - CFD: 04/10/2015 - []
O43 - CFD: 26/08/2015 - []
O43 - CFD: 22/10/2015 - []
on Information
O43 - CFD: 26/08/2015 - []
O43 - CFD: 14/07/2009 - []
O43 - CFD: 03/11/2015 - []
O43 - CFD: 03/10/2015 - []
O43 - CFD: 27/08/2015 - []
O43 - CFD: 22/10/2015 - []
O43 - CFD: 24/10/2015 - []
O43 - CFD: 26/11/2015 - []
O43 - CFD: 26/11/2015 - []
O43 - CFD: 26/11/2015 - []
ce
O43 - CFD: 14/07/2009 - []

Programmes (155) - 5s
D -- C:\Program Files
D -- C:\Program Files
D -- C:\Program Files
D -- C:\Program Files
D -- C:\Program Files

(x86)\ASUS
(x86)\baidu
(x86)\Bluetooth Suite
(x86)\Common Files
(x86)\Driver Detective =>PUP.O

D -- C:\Program Files (x86)\FLEXlm


D -- C:\Program Files (x86)\Google
HD -- C:\Program Files (x86)\InstallShield Installati
D
D
D
D
D
D
D
D
D
D

-----------

C:\Program
C:\Program
C:\Program
C:\Program
C:\Program
C:\Program
C:\Program
C:\Program
C:\Program
C:\Program

Files
Files
Files
Files
Files
Files
Files
Files
Files
Files

(x86)\Intel
(x86)\Internet Explorer
(x86)\IO3O LLC
(x86)\JKSimMet v5.3
(x86)\Kingo ROOT
(x86)\Leica Geosystems
(x86)\LibreOffice 5
(x86)\Microsoft Office
(x86)\Mozilla Firefox
(x86)\Mozilla Maintenance Servi

D -- C:\Program Files (x86)\MSBuild

O43 - CFD: 26/11/2015 - [] D -- C:\Program Files (x86)\MSECache


O43 - CFD: 26/08/2015 - [] D -- C:\Program Files (x86)\MyFree Codec
O43 - CFD: 04/11/2015 - [] D -- C:\Program Files (x86)\myWIFIzone
O43 - CFD: 24/11/2015 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 24/11/2015 - [] D -- C:\Program Files (x86)\Pluto TV
O43 - CFD: 26/08/2015 - [] D -- C:\Program Files (x86)\Ralink Corporation
O43 - CFD: 26/08/2015 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 26/08/2015 - [] D -- C:\Program Files (x86)\Samsung
O43 - CFD: 06/12/2015 - [] D -- C:\Program Files (x86)\SFK =>PUP.Optional.MyWeb
Search
O43 - CFD: 26/08/2015 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 06/12/2015 - [] D -- C:\Program Files (x86)\Tencent =>PUP.Optional.T
encentAddressBar
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 03/10/2015 - [] D -- C:\Program Files (x86)\WinRAR
O43 - CFD: 26/08/2015 - [] D -- C:\Program Files (x86)\WinThruster =>.Superfluo
us.WinThruster
O43 - CFD: 26/08/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Pro
grams\Accessories
O43 - CFD: 26/08/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Pro
grams\Administrative Tools
O43 - CFD: 26/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Prog
rams\DriversCloud.com
O43 - CFD: 26/08/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Pro
grams\Games
O43 - CFD: 26/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Prog
rams\Google Chrome
O43 - CFD: 03/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Prog
rams\JKSimMet v5.3
O43 - CFD: 27/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Prog
rams\Kingo ROOT
O43 - CFD: 22/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Prog
rams\Leica Geosystems
O43 - CFD: 24/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Prog
rams\LibreOffice 5.0
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Pro
grams\Maintenance
O43 - CFD: 05/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Prog
rams\McAfee Security Scan Plus
O43 - CFD: 26/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Prog
rams\MyFree Codec
O43 - CFD: 24/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Prog
rams\Pluto TV
O43 - CFD: 04/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Prog
rams\Process Systems Enterprise
O43 - CFD: 24/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Prog
rams\ProM 6.5.1
O43 - CFD: 26/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Prog
rams\Samsung
O43 - CFD: 24/11/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Pro
grams\Startup
O43 - CFD: 14/07/2009 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\P

rograms\Tablet PC
O43 - CFD: 03/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Prog
rams\WinRAR
O43 - CFD: 26/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Prog
rams\WinThruster =>.Superfluous.WinThruster
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 26/08/2015 - [] D -- C:\ProgramData\Atheros
O43 - CFD: 26/08/2015 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 26/08/2015 - [] D -- C:\ProgramData\DriversCloud.com
O43 - CFD: 03/10/2015 - [] D -- C:\ProgramData\FARO
O43 - CFD: 26/08/2015 - [0] SHD -- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 26/08/2015 - [] D -- C:\ProgramData\Intel
O43 - CFD: 06/12/2015 - [0] D -- C:\ProgramData\IQIYI Video =>.Superfluous.IQIY
IVideo
O43 - CFD: 06/12/2015 - [] D -- C:\ProgramData\KingSoft
O43 - CFD: 26/08/2015 - [] D -- C:\ProgramData\ma-config.com
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\Macrovision
O43 - CFD: 26/08/2015 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 26/08/2015 - [] D -- C:\ProgramData\McAfee Security Scan
O43 - CFD: 26/08/2015 - [0] SHD -- C:\ProgramData\Menu Dmarrer
O43 - CFD: 27/08/2015 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 26/08/2015 - [0] SHD -- C:\ProgramData\Modles
O43 - CFD: 27/08/2015 - [] D -- C:\ProgramData\PC Drivers HeadQuarters =>PUP.Op
tional.Generic
O43 - CFD: 26/08/2015 - [] D -- C:\ProgramData\Qualcomm Atheros
O43 - CFD: 26/08/2015 - [] D -- C:\ProgramData\Ralink Driver
O43 - CFD: 26/08/2015 - [] D -- C:\ProgramData\Samsung
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 06/12/2015 - [] D -- C:\ProgramData\Tencent =>PUP.Optional.TencentAd
dressBar
O43 - CFD: 06/12/2015 - [] D -- C:\ProgramData\Tmp0x0x
O43 - CFD: 06/12/2015 - [0] D -- C:\ProgramData\TXQMPC
O43 - CFD: 27/08/2015 - [] D -- C:\ProgramData\UAB
O43 - CFD: 03/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Aladdin Shar
ed
O43 - CFD: 26/08/2015 - [] D -- C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 26/08/2015 - [] D -- C:\Program Files (x86)\Common Files\InstallShiel
d
O43 - CFD: 26/11/2015 - [] D -- C:\Program Files (x86)\Common Files\microsoft sh
ared
O43 - CFD: 26/08/2015 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 26/08/2015 - [] D -- C:\Program Files (x86)\Common Files\QCA_Bluetoot
h
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngine
s
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 06/12/2015 - [] D -- C:\Program Files (x86)\Common Files\Tencent =>P
UP.Optional.TencentAddressBar
O43 - CFD: 26/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\Adobe
O43 - CFD: 26/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\Atheros
O43 - CFD: 26/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\Identities
O43 - CFD: 26/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\InstallShield
O43 - CFD: 06/12/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\IQIYI Video =>
.Superfluous.IQIYIVideo
O43 - CFD: 03/10/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\Leica Geosystem

s
O43 - CFD: 24/10/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\LibreOffice
O43 - CFD: 26/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\MSAMMET\AppData\Roaming\Media Center P
rograms
O43 - CFD: 28/11/2015 - [] SD -- C:\Users\MSAMMET\AppData\Roaming\Microsoft
O43 - CFD: 26/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\Mozilla
O43 - CFD: 06/12/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\mysites123 =>P
UP.Optional.Mysites123
O43 - CFD: 26/11/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\Opera Software
O43 - CFD: 24/11/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\RPEng =>PUP.Op
tional.Generic
O43 - CFD: 26/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\Samsung
O43 - CFD: 03/11/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\Shortcut
O43 - CFD: 26/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\Solvusoft
O43 - CFD: 06/12/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\Tencent =>PUP.
Optional.TencentAddressBar
O43 - CFD: 06/12/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\uTorrent
O43 - CFD: 03/10/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\WinRAR
O43 - CFD: 06/12/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\ZHP
O43 - CFD: 26/08/2015 - [0] D -- C:\Users\MSAMMET\AppData\Local\Adobe
O43 - CFD: 26/08/2015 - [0] SHD -- C:\Users\MSAMMET\AppData\Local\Application Da
ta
O43 - CFD: 26/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\Apps
O43 - CFD: 26/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\bluesoleil
O43 - CFD: 26/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\BMExplorer
O43 - CFD: 06/12/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\CrashDumps
O43 - CFD: 26/08/2015 - [0] D -- C:\Users\MSAMMET\AppData\Local\Deployment
O43 - CFD: 22/10/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\Downloaded Instal
lations
O43 - CFD: 26/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\Google
O43 - CFD: 26/08/2015 - [0] SHD -- C:\Users\MSAMMET\AppData\Local\Historique
O43 - CFD: 27/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\Kingosoft
O43 - CFD: 22/10/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\Leica Geosystems
O43 - CFD: 22/10/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\Leica_Geosystems
O43 - CFD: 26/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\Macromedia
O43 - CFD: 04/10/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\Microsoft
O43 - CFD: 26/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\Mozilla
O43 - CFD: 26/11/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\Opera Software
O43 - CFD: 27/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\PC_Drivers_Headqu
arters =>PUP.Optional.Generic
O43 - CFD: 06/12/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\PlutoTV
O43 - CFD: 26/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\Programs
O43 - CFD: 26/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\Samsung
O43 - CFD: 06/12/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\SysassistByHotWhe
el =>PUP.Optional.Generic
O43 - CFD: 06/12/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\Temp
O43 - CFD: 26/08/2015 - [0] SHD -- C:\Users\MSAMMET\AppData\Local\Temporary Inte
rnet Files
O43 - CFD: 06/12/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\Unity
O43 - CFD: 06/12/2015 - [] D -- C:\Users\MSAMMET\AppData\Local\VirtualStore
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\MSAMMET\AppData\Roaming\Microsoft\Wind
ows\Start Menu\Programs\Accessories
O43 - CFD: 26/08/2015 - [] RD -- C:\Users\MSAMMET\AppData\Roaming\Microsoft\Wind
ows\Start Menu\Programs\Administrative Tools
O43 - CFD: 27/08/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\Microsoft\Windo
ws\Start Menu\Programs\Driver Detective =>PUP.Optional.DriverDetective
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\MSAMMET\AppData\Roaming\Microsoft\Wind
ows\Start Menu\Programs\Maintenance
O43 - CFD: 04/10/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\Microsoft\Windo

ws\Start Menu\Programs\Process Systems Enterprise


O43 - CFD: 06/12/2015 - [] RD -- C:\Users\MSAMMET\AppData\Roaming\Microsoft\Wind
ows\Start Menu\Programs\Startup
O43 - CFD: 03/10/2015 - [] D -- C:\Users\MSAMMET\AppData\Roaming\Microsoft\Windo
ws\Start Menu\Programs\WinRAR
O43 - CFD: 06/12/2015 - [0] D -- C:\Users\MSAMMET\AppData\Roaming\Microsoft\Wind
ows\Start Menu\Programs\
---\\ Derniers fichiers crs dans Windows Prefetcher (7) - 4s
O45 - LFCP:[MD5.EB51E5EC62C29455660D13BD5E34718E] 06/12/2015 A -- C:\Windows\Pre
fetch\AMT_MYSITES123.EXE-576E12DE.pf =>PUP.Optional.Mysites123
O45 - LFCP:[MD5.9A240B093640D2FF805CF2A57859125E] 06/12/2015 A -- C:\Windows\Pre
fetch\[email protected] =>.Superfluous.IQIYIVideo
O45 - LFCP:[MD5.F37F89CC215B37402014D2CF7BEFD08F] 26/11/2015 A -- C:\Windows\Pre
fetch\LAVASOFT.SEARCHPROTECT.WINSER-223FC669.pf =>PUP.Optional.SearchProtect
O45 - LFCP:[MD5.40032F181216DEE033463206D6B5F15D] 06/12/2015 A -- C:\Windows\Pre
fetch\TENCENTDL.EXE-6001ABC5.pf =>PUP.Optional.TencentAddressBar
O45 - LFCP:[MD5.FC3249EB9B96EE76BA946C9852906075] 06/12/2015 A -- C:\Windows\Pre
fetch\TENCENTDL.EXE-D4BCC9C9.pf =>PUP.Optional.TencentAddressBar
O45 - LFCP:[MD5.ACA8DC94F9396F9F03EF1D683DB08E07] 05/12/2015 A -- C:\Windows\Pre
fetch\WINTHRUSTER.EXE-88692EDF.pf =>.Superfluous.WinThruster
O45 - LFCP:[MD5.60638FCC3BC205C0647528EFF5ACFEAB] 06/12/2015 A -- C:\Windows\Pre
fetch\WPM_V20.0.0.2508.EXE-BFB3D873.pf =>PUP.Optional.WpManager
---\\ ShellIconOverlayIdentifiers (SIOI) (2) - 1s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell]
- {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL dextensio
n denvironnement de stockage.) -- C:\Windows\System32\EhStorShell.dll
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9F
C9-929BAA2E7235}. (.Microsoft Corporation - Extensions de linterprteur de commande
s p.) -- C:\Windows\System32\ntshrui.dll
---\\ Liste des pilotes du systme (76) - 2s
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Sto
rport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088]
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storpor
t Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536]
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SC
SI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864]
O58 - SDL:2011/11/22 12:14:54 A . (.SafeNet Inc. - Safenet Inc. Sentinel Data Fi
lter Driver.) -- C:\Windows\System32\drivers\aksdf.sys [78208]
O58 - SDL:2011/11/22 12:14:54 A . (.SafeNet Inc. - Ancillary Function Driver.) - C:\Windows\System32\drivers\aksfridge.sys [139592]
O58 - SDL:2009/07/14 01:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver
.) -- C:\Windows\System32\drivers\aliide.sys [15440]
O58 - SDL:2009/07/14 01:52:21 A . (.Advanced Micro Devices - AHCI 1.2 Device Dri
ver.) -- C:\Windows\System32\drivers\amdsata.sys [106576]
O58 - SDL:2009/07/14 01:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI
Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128]
O58 - SDL:2009/07/14 01:52:21 A . (.Advanced Micro Devices - Storage Filter Driv
er.) -- C:\Windows\System32\drivers\amdxata.sys [28752]
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver
.) -- C:\Windows\System32\drivers\arc.sys [87632]
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver
.) -- C:\Windows\System32\drivers\arcsas.sys [97856]
O58 - SDL:2013/05/28 16:03:20 A . (.ASUS Corporation - Asus TP Filter Driver.) - C:\Windows\System32\drivers\AsusTP.sys [65784]
O58 - SDL:2009/06/10 20:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gi
gabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848]
O58 - SDL:2015/11/26 19:54:26 A . (.SysProgs.org - Portable WinCDEmu driver.) --

C:\Windows\System32\drivers\BazisPortableCDBus.sys [268896]
O58 - SDL:2012/12/19 19:57:44 A . (.IVT Corporation - Bluelet Audio Adapter Driv
er.) -- C:\Windows\System32\drivers\blueletaudio.sys [33968]
O58 - SDL:2009/06/10 20:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Ma
ss-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [1843
2]
O58 - SDL:2009/06/10 20:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Ma
ss-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704
]
O58 - SDL:2009/07/14 01:19:07 A . (.Brother Industries Ltd. - Pilote Brother Srie
I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720]
O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother Serial dri
ver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104]
O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Dr
iver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976]
O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother USB Serial
Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720]
O58 - SDL:2013/01/24 21:45:56 A . (.Qualcomm Atheros - Qualcomm Atheros A2DP dri
ver.) -- C:\Windows\System32\drivers\btath_a2dp.sys [346192]
O58 - SDL:2013/01/24 21:45:56 A . (.Qualcomm Atheros - Qualcomm Atheros Bluetoot
h AVDT driver.) -- C:\Windows\System32\drivers\btath_avdt.sys [115280]
O58 - SDL:2013/01/24 21:45:56 A . (.Qualcomm Atheros - Qualcomm Atheros BUS driv
er.) -- C:\Windows\System32\drivers\btath_bus.sys [34384]
O58 - SDL:2013/01/24 21:45:58 A . (.Qualcomm Atheros - Qualcomm Atheros FILTER d
river.) -- C:\Windows\System32\drivers\btath_flt.sys [89168]
O58 - SDL:2013/01/24 21:45:58 A . (.Qualcomm Atheros - Qualcomm Atheros HCRP dri
ver.) -- C:\Windows\System32\drivers\btath_hcrp.sys [179432]
O58 - SDL:2013/01/24 21:45:58 A . (.Qualcomm Atheros - Qualcomm Atheros FILTER d
river.) -- C:\Windows\System32\drivers\btath_lwflt.sys [77464]
O58 - SDL:2013/01/24 21:46:00 A . (.Qualcomm Atheros - Qualcomm Atheros AVRCP dr
iver.) -- C:\Windows\System32\drivers\btath_rcp.sys [136424]
O58 - SDL:2012/06/15 09:22:02 A . (.IVT Corporation - Bluetooth Audio Bus Driver
.) -- C:\Windows\System32\drivers\BtAudioBus.sys [23136]
O58 - SDL:2012/07/19 15:47:40 A . (.Ralink Corporation - Bluetooth L2CAP_SCO Int
erface Profile Drive.) -- C:\Windows\System32\drivers\BtL2caScoIf.sys [56904]
O58 - SDL:2009/06/10 20:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II
GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480]
O58 - SDL:2009/07/14 01:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Drive
r.) -- C:\Windows\System32\drivers\cmdide.sys [17488]
O58 - SDL:2013/04/22 02:13:30 A . (.Intel Corporation - Intel(R) Dynamic Platfor
m and Thermal Frame.) -- C:\Windows\System32\drivers\DptfDevPch.sys [57216]
O58 - SDL:2013/04/22 02:13:30 A . (.Intel Corporation - Intel(R) Dynamic Platfor
m and Thermal Frame.) -- C:\Windows\System32\drivers\DptfDevProc.sys [120256]
O58 - SDL:2013/04/22 02:13:30 A . (.Intel Corporation - Intel(R) Dynamic Platfor
m and Thermal Frame.) -- C:\Windows\System32\drivers\DptfManager.sys [200808]
O58 - SDL:2009/07/14 01:47:48 A . (.Emulex - Storport Miniport Driver for LightP
ulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496]
O58 - SDL:2009/06/10 20:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II
10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016]
O58 - SDL:2011/09/28 13:31:30 A . (.SafeNet Inc. - Sentinel Hardlock Device Driv
er for Windows.) -- C:\Windows\System32\drivers\hardlock.sys [321536]
O58 - SDL:2009/06/10 20:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge W
inTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys
[31232]
O58 - SDL:2009/07/14 01:47:48 A . (.Hewlett-Packard Company - Smart Array SAS/SA
TA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [77888]
O58 - SDL:2013/05/03 01:54:08 A . (.Intel Corporation - Intel Rapid Storage Tech
nology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys [677360]
O58 - SDL:2013/05/03 01:54:08 A . (.Intel Corporation - Intel Rapid Storage Tech
nology Filter drive.) -- C:\Windows\System32\drivers\iaStorF.sys [28656]

O58 - SDL:2009/07/14 01:48:04 A . (.Intel Corporation - Intel Matrix Storage Man


ager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410688]
O58 - SDL:2013/06/03 09:10:54 A . (.Intel Corporation - Intel Graphics Kernel Mo
de Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [4433696]
O58 - SDL:2009/07/14 01:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid
Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112]
O58 - SDL:2013/05/28 09:32:28 A . (.Intel(R) Corporation - Intel(R) Display Audi
o Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [442368]
O58 - SDL:2013/03/25 09:03:44 A . (.Ralink Corporation - Bluetooth Filter Driver
.) -- C:\Windows\System32\drivers\IvtUrbBtFlt.sys [49584]
O58 - SDL:2012/08/02 03:22:48 A . (. - Keyboard Filter Driver.) -- C:\Windows\Sy
stem32\drivers\kbfiltr.sys [14992]
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (
StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752]
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver
(StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560]
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorP
ort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600]
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver
(StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776]
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Dr
iver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392]
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Softwar
e RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736]
O58 - SDL:2012/09/14 20:29:16 A . (.Ralink Technology, Corp. - Ralink 802.11 Wir
eless Adapter Driver.) -- C:\Windows\System32\drivers\netr28x.sys [1981536]
O58 - SDL:2009/07/14 01:48:26 A . (.IBM Corporation - IBM ServeRAID Controller D
river.) -- C:\Windows\System32\drivers\nfrd960.sys [51264]
O58 - SDL:2009/07/14 01:48:27 A . (.NVIDIA Corporation - NVIDIA nForce(TM) RAID D
river.) -- C:\Windows\System32\drivers\nvraid.sys [149056]
O58 - SDL:2009/07/14 01:45:45 A . (.NVIDIA Corporation - NVIDIA nForce(TM) Sata P
erformance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [167488]
O58 - SDL:2009/07/14 01:45:46 A . (.QLogic Corporation - QLogic Fibre Channel St
or Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816]
O58 - SDL:2009/07/14 01:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport M
iniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592]
O58 - SDL:2013/03/09 04:53:10 A . (.Ralink Technology, Corp. - Ralink Bluetooth
Adapter.) -- C:\Windows\System32\drivers\rtbth.sys [1149232]
O58 - SDL:2013/06/04 13:36:08 A . (.Realtek Semiconductor Corp. - Realtek(r) Hig
h Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [3
441992]
O58 - SDL:2013/03/08 09:12:52 RA . (.RTS Corporation - RTS PCIE READER Driver.)
-- C:\Windows\System32\drivers\RtsPer.sys [460872]
O58 - SDL:2009/06/10 20:37:19 A . (.Macrovision Corporation, Macrovision Europe
Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.s
ys [23040]
O58 - SDL:2009/07/14 01:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID
Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584]
O58 - SDL:2009/07/14 01:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-M
iniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464]
O58 - SDL:2015/05/21 06:02:42 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSU
NG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.
sys [110720]
O58 - SDL:2015/05/21 06:02:42 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSU
NG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.
sys [206080]
O58 - SDL:2009/07/14 01:45:55 A . (.Promise Technology - Promise SuperTrak EX S
eries Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656]
O58 - SDL:2015/12/06 10:12:54 A . (.Tencent - -TAO.) -- C:\Windows\Sy
erator64.sys [99640] =>PUP.Optional.TencentAddressBar

O58 - SDL:2015/12/06 10:12:54 A . (.Tencent Technology(Shenzhen) Company Limited


- TAOKernel.) -- C:\Windows\System32\drivers\TAOKernel64.sys [174392] =>PUP.
Optional.TencentAddressBar
O58 - SDL:2013/05/31 11:30:06 A . (.Intel Corporation - Intel(R) Management Engi
ne Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [99800]
O58 - SDL:2015/12/06 10:12:54 A . (. - -.) -- C:\Windows\System32\dri
7864]
O58 - SDL:2015/12/06 10:12:54 A . (. - -TSSK Driver.) -- C:\Windows\System32\
KX64.sys [38200]
O58 - SDL:2009/07/14 01:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE
Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488]
O58 - SDL:2009/07/14 01:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER
FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872]
---\\ Derniers fichiers modifis ou cres (Utilisateur) (5) - 2s
O61 - LFC: 2015/12/06 14:15:26 A . (.Copyright (C) 2015 Nicolas Coolman.) -- C:\
Users\MSAMMET\Desktop\ZHPDiag3.exe [1994240]
O61 - LFC: 2015/12/06 14:15:26 A . (.Copyright (C) 2015 Nicolas Coolman.) -- C:\
Users\MSAMMET\AppData\Roaming\ZHP\ZHPDiag3.exe [1994240]
O61 - LFC: 2015/12/04 04:03:50 A . (.TODO: <Company name>.) -- C:\Users\MSAMMET\
AppData\Roaming\mysites123\UninstallManager.exe [376832] =>PUP.Optional.Mysit
es123
O61 - LFC: 2015/12/06 09:43:39 A . (..) -- C:\Users\MSAMMET\AppData\Roaming\IQIYI V
ideo\LStyle\QyUpdate\IQIYIsetup_update_20150831.exe [54762696] =>.Superfluous
.IQIYIVideo
O61 - LFC: 2015/12/06 09:36:06 A . (.Unity Technologies ApS.) -- C:\Users\MSAMME
T\AppData\Local\Unity\WebPlayer\Uninstall.exe [644549]
---\\ Associations Shell Spawning (11) - 1s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corp
oration - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corpora
tion - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\even
tvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <OperaStable>[HKLM\..\open\Command] (.Opera Softwa
re - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporati
on - Microsoft Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corpora
tion - diteur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corp
oration - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
---\\ Menu de dmarrage Internet (16) - 0s
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Comm
and] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox
\firefox.exe http://www.mysites123.com/ =>PUP.Optional.Mysites123
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Comm
and] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\App
lication\chrome.exe http://www.mysites123.com/ =>PUP.Optional.Mysites123
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\C
ommand] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.ex http://www
.mysites123.com/ =>PUP.Optional.Mysites123
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\Shell\open\Command
] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\La

uncher.exe http://www.mysites123.com/ =>PUP.Optional.Mysites123


O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\Sho
wIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x
86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\Sho
wIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\
Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\
ShowIconsCommand] (.Microsoft Corporation - Utilitaire dinitialisation dInternet E
xpl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\InstallInfo\ShowIc
onsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86
)\Opera\launcher.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\Rei
nstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x
86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\Rei
nstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\
Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\
ReinstallCommand] (.Microsoft Corporation - Utilitaire dinitialisation dInternet E
xpl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\InstallInfo\Reinst
allCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86
)\Opera\launcher.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\Hid
eIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x
86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\Hid
eIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\
Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\
HideIconsCommand] (.Microsoft Corporation - Utilitaire dinitialisation dInternet E
xpl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\InstallInfo\HideIc
onsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86
)\Opera\launcher.exe
---\\ Recherche d infection sur les navigateurs (15) - 5s
O69 - SBI: prefs.js [MSAMMET - ldp4k5fg.default] user_pref("browser.search.defau
ltenginename", "mysites123"); =>PUP.Optional.Mysites123
O69 - SBI: prefs.js [MSAMMET - ldp4k5fg.default] user_pref("browser.search.searc
hengine.alias", "mysites123"); =>PUP.Optional.Mysites123
O69 - SBI: prefs.js [MSAMMET - ldp4k5fg.default] user_pref("browser.search.searc
hengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchE
ngine
O69 - SBI: prefs.js [MSAMMET - ldp4k5fg.default] user_pref("browser.search.searc
hengine.iconURL", "http://www.mysites123.com/favicon.ico"); =>PUP.Optional.Mysi
tes123
O69 - SBI: prefs.js [MSAMMET - ldp4k5fg.default] user_pref("browser.search.searc
hengine.name", "mysites123"); =>PUP.Optional.Mysites123
O69 - SBI: prefs.js [MSAMMET - ldp4k5fg.default] user_pref("browser.search.searc
hengine.ptid", "amt"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [MSAMMET - ldp4k5fg.default] user_pref("browser.search.searc
hengine.uid", "HGSTXHTS545050A7E680_TMA55CPY3M5DLM3M5DLMX"); =>PUP.Optional.Sea
rchEngine
O69 - SBI: prefs.js [MSAMMET - ldp4k5fg.default] user_pref("browser.search.searc
hengine.url", "http://www.mysites123.com/web/?type=ds&ts=1449394418&z=4a51b64894
125cefce79f0dg5z8z9[...] =>PUP.Optional.Mysites123
O69 - SBI: prefs.js [MSAMMET - ldp4k5fg.default] user_pref("browser.search.selec

tedEngine", "mysites123"); =>PUP.Optional.Mysites123


O69 - SBI: prefs.js [MSAMMET - ldp4k5fg.default] user_pref("extensions.enabledAd
dons", "yahooprotected%40gmail.com:1.0.1.1042,deskCutv2%40gmail.com:0.1.12,%7B97
2ce4c6-7e08-4474-a2[...] =>PUP.Optional.DeskCut
O69 - SBI: prefs.js [MSAMMET - ldp4k5fg.default] user_pref("extensions.quick_sta
rt.enable_search1", false); =>PUP.Optional.QuickStart
O69 - SBI: prefs.js [MSAMMET - ldp4k5fg.default] user_pref("extensions.quick_sta
rt.sd.closeWindowWithLastTab_prev_state", false); =>PUP.Optional.QuickStart
O69 - SBI: prefs.js [MSAMMET - ldp4k5fg.default] user_pref("extensions.xpiState"
, "{\"app-profile\":{\"[email protected]\":{\"d\":\"C:\\\\Users\\\\MSAMMET\\\\
AppData\\\\Roaming\[...] =>PUP.Optional.DeskCut
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultSc
ope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {C0C3A6C6-03BC-4195-8FCB-AEA091301353} - (Yahoo!)
- http://search.yahoo.com/
---\\ Enumre les services dmarrs par Svchost (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporati
on - Service Exprience dapplication.) -- C:\Windows\System32\aelupsvc.dll [72192
]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporati
on - Service de propagation de certificats de ca.) -- C:\Windows\System32\certpr
op.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporati
on - Service de propagation de certificats de ca.) -- C:\Windows\System32\certpr
op.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corpora
tion - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [235520]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client
de stratgie de groupe.) -- C:\Windows\System32\gpsvc.dll [776192]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Exten
sion IKE.) -- C:\Windows\System32\IKEEXT.DLL [845824]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - S
ervice Audio Windows.) -- C:\Windows\System32\audiosrv.dll [676864]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Ges
tionnaire de numrotation automatique d.) -- C:\Windows\System32\rasauto.dll [993
28]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gesti
onnaire de connexions daccs distant.) -- C:\Windows\System32\rasmans.dll [343552
]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corpora
tion - Gestionnaire dinterface dynamique.) -- C:\Windows\System32\mprdim.dll [9
7792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service d
e notification dvnements systm.) -- C:\Windows\System32\Sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corpora
tion - Composants de lapplication dassistance .) -- C:\Windows\System32\ipnathlp.dl
l [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Ser
veur de tlphonie Microsoft Windows(TM.) -- C:\Windows\System32\tapisrv.dll [31641
6]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporati
on - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsr
v.dll [706560]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - A
gent de mise jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll
[2418176]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service d
e transfert intelligent en arrire.) -- C:\Windows\System32\qmgr.dll [848384]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft

Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dl


l [369664]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - S
ervice offrant une connectivit IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll
[565760]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - D
LL de service douverture de session secon.) -- C:\Windows\System32\seclogon.dll
[30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Ser
vice Informations dapplication.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Ser
vice de dcouverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service
Planificateur de classes multimdia.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI
.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation
- Service Configuration des services Bureau .) -- C:\Windows\System32\SessEnv.dl
l [104960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL
du service Explorateur dordinateurs.) -- C:\Windows\System32\browser.dll [1361
92]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Ser
vice EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - S
ervice du Planificateur de tches.) -- C:\Windows\System32\schedsvc.dll [1104384
]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Servi
ce Gestion des cls.) -- C:\Windows\System32\KMSVC.DLL [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corpo
ration - Rapports et solutions aux problmes.) -- C:\Windows\System32\wercplsuppor
t.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - Pro
fSvc.) -- C:\Windows\System32\profsvc.dll [208384]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL d
u service des thmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44
544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Servi
ce BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Ser
vice Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [193536]
---\\ Liste des exceptions du parefeu Windows (62) - 2s
O87 - FAEL: "{89537EC6-FB0C-48DD-8522-B008045A3E34}" [In-None-P6-TRUE] .(.Mozill
a Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O87 - FAEL: "{C857F3DA-6CC5-432B-BAF4-363AFFDB18DA}" [In-None-P17-TRUE] .(.Mozil
la Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O87 - FAEL: "{6AF63A8D-F2FE-462C-A94E-6EBBDBF5319B}" [In-None-P6-TRUE] .(...) -C:\Program Files\ma-config.com\MaConfigAgent.exe (.not file.)


O87 - FAEL: "{4FF2F825-4947-4E23-A944-101EB31BB5F6}" [In-None-P17-TRUE] .(...) - C:\Program Files\ma-config.com\MaConfigAgent.exe (.not file.)
O87 - FAEL: "{08E9E15E-6B31-4688-943D-DBC3C0CE6B46}" [In-None-P6-TRUE] .(.CybelS
oft - DriversCloud.com start detection.) -- C:\Program Files\DriversCloud.com\MC
Detection.exe
O87 - FAEL: "{82D5BA67-4398-4091-95B5-D76313FBF35B}" [In-None-P17-TRUE] .(.Cybel
Soft - DriversCloud.com start detection.) -- C:\Program Files\DriversCloud.com\M
CDetection.exe
O87 - FAEL: "{3E878C7F-4939-44D4-8F96-53729B054042}" [In-None-P17-TRUE] .(...) - C:\Users\MSAMMET\AppData\Local\Temp\nskCB2C.tmp\Installer-75996768.exe (.not f

ile.)
O87 - FAEL: "{FC8929C5-9FAC-4B44-9268-9F3B45A6D8BD}" [Out-None-P17-TRUE] .(...)
-- C:\Users\MSAMMET\AppData\Local\Temp\nskCB2C.tmp\Installer-75996768.exe (.not
file.)
O87 - FAEL: "{3B9A41A5-A4ED-4570-B3A0-8D77B0EF8B9E}" [In-None-P17-TRUE] .(.SafeN
et Inc. - Sentinel LDK License Manager Service.) -- C:\Windows\system32\hasplms.
exe
O87 - FAEL: "{9AF7F340-5374-4C28-AC76-41EFB7EACB19}" [In-None-P17-TRUE] .(.Leica
Geosystems Inc. - Cyclone.) -- C:\Program Files\Leica Geosystems\Cyclone\cyclon
e.exe
O87 - FAEL: "{7B41CE41-5CC2-4C4A-8F0B-6AB1001BCC61}" [In-None-P17-TRUE] .(...) - C:\Program Files\Leica Geosystems\Cyclone\CyraLicense.exe
O87 - FAEL: "{3BB9FEE4-D21F-4F86-8DCB-41E4060B1E07}" [In-None-P17-TRUE] .(.Copyr
ight (C) 2007 Leica Geosystems HDS - CyUserCfg MFC Application.) -- C:\Program F
iles\Leica Geosystems\Cyclone\cyusercfg.exe
O87 - FAEL: "{C3EC84BD-D128-4E63-9CF9-22D57FE58E16}" [In-None-P17-TRUE] .(...) - C:\Program Files\Leica Geosystems\Cyclone\FastObjectsServer.exe (.not file.)
O87 - FAEL: "{4B6EEC17-580F-4AF8-93DA-AC86BA345600}" [In-None-P17-TRUE] .(.Leica
Geosystems - CyclonePceService.) -- C:\Program Files\Leica Geosystems\Cyclone\p
cebin\CyclonePceService.exe
O87 - FAEL: "{7E05AD05-DCA4-4158-894C-98FA791B6AF3}" [In-None-P17-TRUE] .(.Copyr
ight (C) 2001 - Board MFC Application.) -- C:\Program Files\Leica Geosystems\Cyc
lone\HDS4500\LRCServer.exe
O87 - FAEL: "{F4CEA9D2-69B6-42C8-B406-D556866750C8}" [In-None-P6-TRUE] .(.Mozill
a Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O87 - FAEL: "{42F19950-7C71-4A02-8565-7B81ABFC6790}" [In-None-P17-TRUE] .(.Mozil
la Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O87 - FAEL: "{22B4D22C-60FE-42E1-ACB2-093D197A2A73}" [In-None-P6-TRUE] .(.BitTor


rent Inc. - Torrent.) -- C:\Users\MSAMMET\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{1629BAFE-05F1-4A3B-BAC4-A846BE6D6618}" [Out-None-P6-TRUE] .(.BitTo
rrent Inc. - Torrent.) -- C:\Users\MSAMMET\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{C5CFA65A-FD01-4534-AC03-E5F72C146BD8}" [In-None-P17-TRUE] .(.BitTo
rrent Inc. - Torrent.) -- C:\Users\MSAMMET\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{9D77770A-FE19-4E0F-8ED1-EA0C3AF6D944}" [In-None-P6-TRUE] .(.BitTor
rent Inc. - Torrent.) -- C:\Users\MSAMMET\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{C0ED9DA9-AB45-4BB6-A504-3DEDC4F842FA}" [In-None-P17-TRUE] .(.BitTo
rrent Inc. - Torrent.) -- C:\Users\MSAMMET\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{D924221F-1E38-49E1-9AAB-7C57E11354F9}" [Out-None-P17-TRUE] .(.BitT
orrent Inc. - Torrent.) -- C:\Users\MSAMMET\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{F0AF2767-9C34-462A-A8DB-8268FF4CE03D}" [In-None-P17-TRUE] .(.Googl
e Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chr
ome.exe
O87 - FAEL: "{69496E7D-4F4D-40A6-9B4C-E655A54DD6FD}" [In-None-P17-TRUE] .(. - 
I Video\GeePlayer\GeePlayer.exe =>.Superfluous.IQIYIVideo
O87 - FAEL: "{BF6BF4F9-36D6-405F-9194-710C1430C251}" [In-None-P17-TRUE] .(. - 
rs\MSAMMET\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe =>.Superfluous.IQIYI
Video
O87 - FAEL: "{778C0A85-FFAA-48B3-9F81-55FCCFC3348A}" [In-None-P17-TRUE] .(. - 
I Video\LStyle\QyClient.exe =>.Superfluous.IQIYIVideo
O87 - FAEL: "{E8F095DF-FC69-4E1D-BDFC-A7A65FB7A5A6}" [In-None-P17-TRUE] .(...) - C:\IQIYI Video\LStyle\QyWebPlayer.exe (.not file.) =>.Superfluous.IQIYIVideo
O87 - FAEL: "{0653BCA2-1F6E-4F09-9799-2330F77A59AA}" [In-None-P17-TRUE] .(...) - C:\IQIYI Video\Common\QyKernel.exe (.not file.) =>.Superfluous.IQIYIVideo
O87 - FAEL: "{3A6860CA-06F6-4DAF-B27F-E5D77C4644E0}" [In-None-P17-TRUE] .(. - PPS
IYI Video\LStyle\QyPlayer.exe =>.Superfluous.IQIYIVideo
O87 - FAEL: "{CA592C1E-F0A7-4FA0-8FEB-2A8AE2F33A56}" [In-None-P17-TRUE] .(.Tence
nt - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCmgrInst
e =>PUP.Optional.TencentAddressBar
O87 - FAEL: "{06553F29-734F-4B33-8376-2F71C311F5D2}" [In-None-P17-TRUE] .(.Tence

nt - .) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCTray.exe =>PUP


.Optional.TencentAddressBar
O87 - FAEL: "{7FE3A76E-5C19-4C77-B549-509606C843F1}" [In-None-P17-TRUE] .(.Tence
nt - .) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCMgr.exe =>PUP.
Optional.TencentAddressBar
O87 - FAEL: "{99F4F045-1DC7-4262-AA6E-1F692CCE24DA}" [In-None-P17-TRUE] .(.Tence
nt - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCRTP
nal.TencentAddressBar
O87 - FAEL: "{36D25F72-DF1B-42AB-B366-2F4D6981F7C2}" [In-None-P17-TRUE] .(.Tence
nt - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMDL.exe =
al.TencentAddressBar
O87 - FAEL: "{853E5F57-D4F7-40D4-9817-2462CE124EAD}" [In-None-P17-TRUE] .(.Tence
nt - -crash.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\bugreport.
=>PUP.Optional.TencentAddressBar
O87 - FAEL: "{082F10B9-16FE-4587-8D01-3390794FDBE0}" [In-None-P17-TRUE] .(.Tence
nt - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCFil
Optional.TencentAddressBar
O87 - FAEL: "{31BBB4BA-228E-474D-A9B6-B9EC1BAF1198}" [In-None-P17-TRUE] .(.Tence
nt - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCLeakSca
P.Optional.TencentAddressBar
O87 - FAEL: "{C91F5DED-CC42-49B1-9C47-9F34D3077FDD}" [In-None-P17-TRUE] .(.Tence
nt - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPConfig.e
ptional.TencentAddressBar
O87 - FAEL: "{7B05B337-9207-4F4F-BAD3-1172B62A502B}" [In-None-P17-TRUE] .(.Tence
nt - .) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftMgr.exe =>
PUP.Optional.TencentAddressBar
O87 - FAEL: "{4CFB2D36-7CDD-4963-9AF2-FC482301AF71}" [In-None-P17-TRUE] .(.Tence
nt - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\plugins
Flow.exe =>PUP.Optional.TencentAddressBar
O87 - FAEL: "{51332586-FA2B-4015-BF46-DD05D3A913A1}" [In-None-P17-TRUE] .(.Tence
nt - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCBTU.exe
ional.TencentAddressBar
O87 - FAEL: "{12682D7A-CBC1-4B2B-B18B-A00A5F162D06}" [In-None-P17-TRUE] .(.Tence
nt - .) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCClinic.exe =>P
UP.Optional.TencentAddressBar
O87 - FAEL: "{A9BEE911-F64C-4BE6-A5EB-E19CC5FD7E9E}" [In-None-P17-TRUE] .(.Copyr
ight (C) 2012 - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\
exe =>PUP.Optional.TencentAddressBar
O87 - FAEL: "{ABFA939F-4364-4A83-B3C7-9A045923D630}" [In-None-P17-TRUE] .(.Tence
nt - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUpdate\
exe =>PUP.Optional.TencentAddressBar
O87 - FAEL: "{B21A4FD5-3117-4992-887E-5A64C4104DEA}" [In-None-P17-TRUE] .(.Copyr
ight (C) 2012 - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\
e.exe =>PUP.Optional.TencentAddressBar
O87 - FAEL: "{37D95270-34B3-4B4E-8EC6-D96F26EE9FA3}" [In-None-P17-TRUE] .(.Tence
nt - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSysOpti
>PUP.Optional.TencentAddressBar
O87 - FAEL: "{FC6FD619-ABC3-481B-87B6-B440AE4EAE9B}" [In-None-P17-TRUE] .(.Tence
nt - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCUpdateAVLib
=>PUP.Optional.TencentAddressBar
O87 - FAEL: "{9A2EAD38-7D84-46DD-8B8F-6CC529EB9847}" [In-None-P17-TRUE] .(.Tence
nt - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQRepair.exe
ptional.TencentAddressBar
O87 - FAEL: "{AB5512F8-47E5-473D-A33B-41C2A3A32F18}" [In-None-P17-TRUE] .(.Tence
nt - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\Uninst.exe
onal.TencentAddressBar
O87 - FAEL: "{6870A9DF-438A-407B-869A-B666E455CE3A}" [In-None-P17-TRUE] .(.Tence
nt - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCPatch.e
ptional.TencentAddressBar
O87 - FAEL: "{F4EC892E-4368-4BCD-B7DA-BB7AB453CDDB}" [In-None-P17-TRUE] .(.Tence

nt - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\T


al.TencentAddressBar
O87 - FAEL: "{07C44DFC-E922-4916-9DDB-031C392305D3}" [In-None-P17-TRUE] .(.Tence
nt - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMRouterM
Optional.TencentAddressBar
O87 - FAEL: "{41F5F2BD-4C62-47B9-ACAD-4AE4D0BE2FFB}" [In-None-P17-TRUE] .(.Tence
nt - -.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMAccountProt
xe =>PUP.Optional.TencentAddressBar
O87 - FAEL: "{C0F6A979-5243-4D89-9C61-AC5DE9019707}" [In-None-P17-TRUE] .(.Tence
nt - .) -- C:\program files (x86)\common files\tencent\qqdownload\130\tencent
UP.Optional.TencentAddressBar
O87 - FAEL: "{F27E6EB0-AF69-4FA0-9FE0-51676E8837C0}" [In-None-P17-TRUE] .(...) - C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe =
>PUP.Optional.TencentAddressBar
O87 - FAEL: "{B34F7B20-FBEA-42D3-99BF-AACCDB05D2CB}" [In-None-P17-TRUE] .(. - 
I Video\GeePlayer\GeePlayer.exe =>.Superfluous.IQIYIVideo
O87 - FAEL: "{C5E158F8-0CA7-4111-A2AB-504F6AD4065B}" [In-None-P17-TRUE] .(. - 
rs\MSAMMET\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe =>.Superfluous.IQIYI
Video
O87 - FAEL: "{042C01D1-2A4E-4B25-B0D9-F8B02ED5DB40}" [In-None-P17-TRUE] .(. - 
I Video\LStyle\QyClient.exe =>.Superfluous.IQIYIVideo
O87 - FAEL: "{499F6D22-0501-46FB-A725-1FAD5CF53011}" [In-None-P17-TRUE] .(.iQIYI
.COM - HCDN.) -- C:\IQIYI Video\LStyle\QyKernel.exe =>.Superfluous.IQI
O87 - FAEL: "{B1EF32F6-01C8-4A1A-9C3E-00DFF70F27BB}" [In-None-P17-TRUE] .(. - 
I Video\LStyle\QyMiniPlayer.exe =>.Superfluous.IQIYIVideo
O87 - FAEL: "{BAA188FF-C133-4054-BD1F-992A6168D23E}" [In-None-P17-TRUE] .(. - PPS
IYI Video\LStyle\QyPlayer.exe =>.Superfluous.IQIYIVideo
---\\ Services non Microsoft (SR=Dmarr,SS=Stopp) (29) - 13s
SS - Demand [11/11/2015] [ 269000] Adobe Flash Player Update Service (AdobeFla
shPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macrom
ed\Flash\FlashPlayerUpdateService.exe
SR - Auto [15/01/2013] [ 107320] ASLDR Service (ASLDRService) . (.ASUSTek Co
mputer Inc..) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
SR - Auto [24/01/2013] [ 227456] AtherosSvc (AtherosSvc) . (.Qualcomm Athero
s Commnucations.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
SR - Auto [21/11/2011] [ 96896] ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - Demand [10/01/2013] [ 138752] BsHelpCS (BsHelpCS) . (.IVT Corporation.) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
SS - Demand [03/06/2013] [ 279000] Intel(R) Content Protection HECI Service (c
phs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe
SR - Auto [27/08/2012] [ 1373456] Cyclone License Server (CycloneLicenseServe
r) . (...) - C:\Program Files\Leica Geosystems\Cyclone\CyraLicense.exe
SR - Auto [27/08/2012] [ 109056] (cyclonepceservice.Service) . (.Leica Geos
ystems.) - C:\Program Files\Leica Geosystems\Cyclone\pcebin\cyclonepceservice.ex
e
SR - Auto [22/04/2013] [ 83032] Intel(R) Dynamic Platform and Thermal Frame
work Processor P (DptfParticipantProcessorService) . (.Intel Corporation.) - C:\
Windows\System32\DptfParticipantProcessorService.exe
SR - Auto [22/04/2013] [ 84568] Intel(R) Dynamic Platform and Thermal Frame
work Critical Se (DptfPolicyCriticalService) . (.Intel Corporation.) - C:\Window
s\System32\DptfPolicyCriticalService.exe
SR - Auto [22/04/2013] [ 92864] Intel(R) Dynamic Platform and Thermal Frame
work Low Power M (DptfPolicyLpmService) . (.Intel Corporation.) - C:\Windows\Sys
tem32\DptfPolicyLpmService.exe
SS - Auto [26/08/2015] [ 144200] Service Google Update (gupdate) (gupdate) .
(.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - Demand [26/08/2015] [ 144200] Service Google Update (gupdatem) (gupdatem)

. (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe


SR - Auto [01/12/2011] [ 4913608] Sentinel Local License Manager (hasplms) .
(.SafeNet Inc..) - C:\Windows\System32\hasplms.exe
SR - Auto [11/05/2013] [ 733696] Intel(R) Capability Licensing Service Inter
face (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.
) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SS - Demand [11/05/2013] [ 822232] Intel(R) Capability Licensing Service TCP I
P Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R
) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SR - Auto [31/05/2013] [ 169432] Intel(R) Dynamic Application Loader Host In
terface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\I
ntel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - Auto [27/08/2012] [ 550912] Leica HDS Server (Leica HDS Server) . (.Ver
sant Corporation.) - C:\Program Files\Leica Geosystems\Cyclone\FastObjectsServer
64.exe
SR - Auto [31/05/2013] [ 368600] Intel(R) Management and Security Applicatio
n Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\In
tel(R) Management Engine Components\LMS\LMS.exe
SS - Demand [31/07/2015] [ 289256] McAfee Security Scan Component Host Service
(McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security
Scan\3.11.163\McCHSvc.exe
SS - Demand [24/11/2015] [ 147624] Mozilla Maintenance Service (MozillaMainten
ance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Serv
ice\maintenanceservice.exe
SS - Auto [27/11/2009] [ 1500424] PSE License Manager (PSE License Manager) .
(.Acresso Software Inc..) - C:\Program Files (x86)\FLEXlm\bin\lmgrd.exe
SR - Auto [06/12/2015] [ 297608] QQPCMgr RTP Service (QQPCRTP) . (.Tencent.)
- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCRTP.exe =>PUP.Opti
onal.TencentAddressBar
SR - Auto [06/12/2015] [ 155280] SSFK (SSFK) . (.TODO: <>.) - C:\Program Files
(x86)\SFK\SSFK.exe =>PUP.Optional.MyWebSearch
SR - Auto [21/05/2015] [ 743688] SAMSUNG Mobile Connectivity Service (ss_con
n_service) . (.DEVGURU Co., LTD..) - C:\Program Files\Samsung\USB Drivers\25_esc
ape\conn\ss_conn_service.exe
SR - Demand [06/12/2015] [ 293728] TAOFrame (TAOFrame) . (.Tencent.) - C:\Prog
ram Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOFrame.exe =>PUP.Optional.Tenc
entAddressBar
SR - Auto [06/12/2015] [ 344232] WindowsMangerProtect Service (WindowsManger
Protect) . (.Sysinternals process Explorer.) - C:\ProgramData\Tmp0x0x\ProtectWin
dowsManager.exe =>PUP.Optional.WpManager
SR - Auto [24/01/2013] [ 323584] ZAtheros Bt and Wlan Coex Agent (ZAtheros B
t and Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Bluetooth Suite\At
h_CoexAgent.exe
---\\ Recherche de cls de registre Tracing (8) - 1s
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\amt_mysites123_RASAPI32 =>PUP.Optio
nal.Mysites123
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\amt_mysites123_RASMANCS =>PUP.Optio
nal.Mysites123
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Setup_WinThruster_[2015_Edition]_RAS
API32 =>.Superfluous.WinThruster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Setup_WinThruster_[2015_Edition]_RAS
MANCS =>.Superfluous.WinThruster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tencentdl_RASAPI32 =>PUP.Optional.T
encentAddressBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tencentdl_RASMANCS =>PUP.Optional.T
encentAddressBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WinThruster_RASAPI32 =>.Superfluous
.WinThruster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WinThruster_RASMANCS =>.Superfluous

.WinThruster
---\\ Scan Additionnel (104) - 0s
HKLM\SYSTEM\CurrentControlSet\Services\QQPCRTP =>PUP.Optional.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCRTP.exe =>PUP.Optiona
l.TencentAddressBar
HKLM\SYSTEM\CurrentControlSet\Services\SSFK =>PUP.Optional.MyWebSearch
C:\Program Files (x86)\SFK\SSFK.exe =>PUP.Optional.MyWebSearch
HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect =>PUP.Optional.WpMa
nager
C:\ProgramData\Tmp0x0x\ProtectWindowsManager.exe =>PUP.Optional.WpManager
C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe =>
PUP.Optional.DriverDetective
C:\Program Files (x86)\WinThruster\WinThruster.exe =>.Superfluous.WinThruster
C:\Windows\Tasks\WinThruster_DEFAULT.job =>.Superfluous.WinThruster
C:\Windows\Tasks\WinThruster_UPDATES.job =>.Superfluous.WinThruster
C:\Windows\System32\Tasks\Driver Detective =>PUP.Optional.DriverDetective
C:\Windows\System32\Tasks\Driver Detective-RTMRules =>PUP.Optional.DriverDetect
ive
C:\Windows\System32\Tasks\Driver Detective-RTMScan =>PUP.Optional.DriverDetecti
ve
C:\Windows\System32\Tasks\Driver Detective-RTMUpdater =>PUP.Optional.DriverDete
ctive
C:\Windows\System32\Tasks\WinThruster =>.Superfluous.WinThruster
C:\Windows\System32\Tasks\WinThruster_DEFAULT =>.Superfluous.WinThruster
C:\Windows\System32\Tasks\WinThruster_UPDATES =>.Superfluous.WinThruster
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOFrame.exe =>PUP.Option
al.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCTray.exe =>PUP.Option
al.TencentAddressBar
C:\program files (x86)\common files\Tencent\qqdownload\130\tencentdl.exe =>PUP.
Optional.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftTrayTips.exe =>PU
P.Optional.TencentAddressBar
C:\IQIYI Video\LStyle\QyClient.exe =>.Superfluous.IQIYIVideo
C:\Users\MSAMMET\AppData\Roaming\Mozilla\Firefox\Profiles\ldp4k5fg.default\searc
hplugins\mysites123.xml =>PUP.Optional.Mysites123
C:\Users\MSAMMET\AppData\Roaming\Mozilla\Firefox\Profiles\ldp4k5fg.default\exten
sions\[email protected] =>PUP.Optional.LightningNewTab
C:\IQIYI Video\LStyle\npclient.dll =>.Superfluous.IQIYIVideo
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\npQMExtensionsMozilla.dll
=>PUP.Optional.TencentAddressBar
C:\IQIYI Video\LStyle\QyKernel.exe =>.Superfluous.IQIYIVideo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DriversHQ.D
riverDetective.Client =>PUP.Optional.DriverDetective
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IQIYI Video
=>.Superfluous.IQIYIVideo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mysites123
uninstall =>PUP.Optional.Mysites123
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinThruster
_is1 =>.Superfluous.WinThruster
HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch
HKLM\SOFTWARE\Wow6432Node\mysites123Software =>PUP.Optional.Mysites123
HKLM\SOFTWARE\Wow6432Node\Solvusoft =>.Superfluous.Solvusoft
HKLM\SOFTWARE\Wow6432Node\Tencent =>PUP.Optional.TencentAddressBar
HKCU\SOFTWARE\ICSW1.14 =>Adware.InstallCore
HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore
HKCU\SOFTWARE\QyGameClient =>.Superfluous.IQIYIVideo
HKCU\SOFTWARE\Solvusoft =>.Superfluous.Solvusoft
HKCU\SOFTWARE\TeleCharger =>.Superfluous.Downloader

HKCU\SOFTWARE\Tencent =>PUP.Optional.TencentAddressBar
C:\Program Files (x86)\Driver Detective =>PUP.Optional.DriverDetective
C:\Program Files (x86)\SFK =>PUP.Optional.MyWebSearch
C:\Program Files (x86)\Tencent =>PUP.Optional.TencentAddressBar
C:\Program Files (x86)\WinThruster =>.Superfluous.WinThruster
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster =>.Superfluous
.WinThruster
C:\ProgramData\IQIYI Video =>.Superfluous.IQIYIVideo
C:\ProgramData\PC Drivers HeadQuarters =>PUP.Optional.Generic
C:\ProgramData\Tencent =>PUP.Optional.TencentAddressBar
C:\Program Files (x86)\Common Files\Tencent =>PUP.Optional.TencentAddressBar
C:\Users\MSAMMET\AppData\Roaming\IQIYI Video =>.Superfluous.IQIYIVideo
C:\Users\MSAMMET\AppData\Roaming\mysites123 =>PUP.Optional.Mysites123
C:\Users\MSAMMET\AppData\Roaming\RPEng =>PUP.Optional.Generic
C:\Users\MSAMMET\AppData\Roaming\Tencent =>PUP.Optional.TencentAddressBar
C:\Users\MSAMMET\AppData\Local\PC_Drivers_Headquarters =>PUP.Optional.Generic
C:\Users\MSAMMET\AppData\Local\SysassistByHotWheel =>PUP.Optional.Generic
C:\Users\MSAMMET\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driver De
tective =>PUP.Optional.DriverDetective
C:\Windows\Prefetch\AMT_MYSITES123.EXE-576E12DE.pf =>PUP.Optional.Mysites123
C:\Windows\Prefetch\[email protected] =>.Superfluous.IQIY
IVideo
C:\Windows\Prefetch\LAVASOFT.SEARCHPROTECT.WINSER-223FC669.pf =>PUP.Optional.Se
archProtect
C:\Windows\Prefetch\TENCENTDL.EXE-6001ABC5.pf =>PUP.Optional.TencentAddressBar
C:\Windows\Prefetch\TENCENTDL.EXE-D4BCC9C9.pf =>PUP.Optional.TencentAddressBar
C:\Windows\Prefetch\WINTHRUSTER.EXE-88692EDF.pf =>.Superfluous.WinThruster
C:\Windows\Prefetch\WPM_V20.0.0.2508.EXE-BFB3D873.pf =>PUP.Optional.WpManager
C:\Windows\System32\drivers\TAOAccelerator64.sys =>PUP.Optional.TencentAddressB
ar
C:\Windows\System32\drivers\TAOKernel64.sys =>PUP.Optional.TencentAddressBar
C:\Users\MSAMMET\AppData\Roaming\mysites123\UninstallManager.exe =>PUP.Optional
.Mysites123
C:\Users\MSAMMET\AppData\Roaming\IQIYI Video\LStyle\QyUpdate\IQIYIsetup_update_2
0150831.exe =>.Superfluous.IQIYIVideo
C:\IQIYI Video\GeePlayer\GeePlayer.exe =>.Superfluous.IQIYIVideo
C:\Users\MSAMMET\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe =>.Superfluous
.IQIYIVideo
C:\IQIYI Video\LStyle\QyPlayer.exe =>.Superfluous.IQIYIVideo
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCmgrInstallGuide.exe =
>PUP.Optional.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCMgr.exe =>PUP.Optiona
l.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMDL.exe =>PUP.Optional.T
encentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\bugreport.exe =>PUP.Optio
nal.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCFileOpen.exe =>PUP.Op
tional.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCLeakScan.exe =>PUP.Op
tional.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPConfig.exe =>PUP.Optio
nal.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftMgr.exe =>PUP.Opt
ional.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\plugins\QMNetMon\QQPCNetFl
ow.exe =>PUP.Optional.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCBTU.exe =>PUP.Optiona
l.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCClinic.exe =>PUP.Opti

onal.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCLaunch.exe =>PUP.Opti
onal.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUpdate\QQPCMgrUpdate.exe
=>PUP.Optional.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftGame.exe =>PUP.Op
tional.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSysOptimize.exe =>PUP
.Optional.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCUpdateAVLib.exe =>PUP
.Optional.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQRepair.exe =>PUP.Option
al.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\Uninst.exe =>PUP.Optional
.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCPatch.exe =>PUP.Optio
nal.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TpkUpdate.exe =>PUP.Optio
nal.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMRouterMgr.exe =>PUP.Opt
ional.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMAccountProtection.exe =
>PUP.Optional.TencentAddressBar
C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe =>P
UP.Optional.TencentAddressBar
C:\IQIYI Video\LStyle\QyMiniPlayer.exe =>.Superfluous.IQIYIVideo
HKLM\SYSTEM\CurrentControlSet\Services\TAOFrame =>PUP.Optional.TencentAddressBa
r
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\amt_mysites123_RASAPI32 =>PUP.Optio
nal.Mysites123
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\amt_mysites123_RASMANCS =>PUP.Optio
nal.Mysites123
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Setup_WinThruster_[2015_Edition]_RAS
API32 =>.Superfluous.WinThruster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Setup_WinThruster_[2015_Edition]_RAS
MANCS =>.Superfluous.WinThruster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tencentdl_RASAPI32 =>PUP.Optional.T
encentAddressBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tencentdl_RASMANCS =>PUP.Optional.T
encentAddressBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WinThruster_RASAPI32 =>.Superfluous
.WinThruster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WinThruster_RASMANCS =>.Superfluous
.WinThruster
---\\ Rcapitulatif des lments trouvs sur votre station (18) - 0s
http://www.nicolascoolman.fr/?p=368 =>PUP.Optional.TencentAddressBar
http://www.nicolascoolman.fr/?p=220 =>PUP.Optional.MyWebSearch
http://www.nicolascoolman.fr/?p=173 =>PUP.Optional.WpManager
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.DriverDetective
http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.WinThruster
http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.IQIYIVideo
http://www.nicolascoolman.fr/?p=5028 =>PUP.Optional.Mysites123
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.LightningNewTab
http://www.nicolascoolman.fr/?p=546 =>PUP.Optional.Browser
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SweetSearch
http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.Solvusoft
http://www.nicolascoolman.fr/?p=279 =>Adware.InstallCore
http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.Downloader
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Generic

http://www.nicolascoolman.fr/?p=1633
http://www.nicolascoolman.fr/?p=4664
http://www.nicolascoolman.fr/?p=4664
http://www.nicolascoolman.fr/?p=666

=>PUP.Optional.SearchProtect
=>PUP.Optional.SearchEngine
=>PUP.Optional.DeskCut
=>PUP.Optional.QuickStart

~ End of the scan, 23382 items in 60 seconds (1005)(0)

You might also like