Supprimer CrossBrowser et sa cohorteRésolu/Fermé

Question

Configuration: Windows Vista / Firefox 38.0

Bonjour, 

Piégée, damned. Un premier nettoyage avec MalwareBytes, plus de 750 fichiers (!) mis en quarantaine. J'ai aussi désinstallé avec succès SpeedUpMyPC. J'ai installé AdwCleaner et suivi les instructions. Après le scanner, j'ai sauvegardé le rapport. Mais en lançant Nettoyer je n'ai pas d'annonce sur les suppressions, le programme plante tout de suite (la barre de progression s'arrête à environ 10%). J'ai redémarré l'ordi mais le résultat est le même. L'onglet Services n'affiche plus rien, mais Dossiers et Fichiers, oui.

Je joins une copie du rapport, si quelqu'un peut m'aider, grand merci !

# AdwCleaner v4.204 - Rapport créé le 16/05/2015 à 13:33:39
# Mis à jour le 12/05/2015 par Xplode
# Base de données : 2015-05-12.2 [Serveur]
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Nom d'utilisateur : kaNd - INSPIRONNEO
# Exécuté depuis : C:\Users\kaNd\Downloads\adwcleaner_4.204.exe
# Option : Scanner

 [ Services ] *****
 [ Fichiers / Dossiers ] *****

Dossier Trouvé : C:\Program Files\Primary Color
Dossier Trouvé : C:\Users\kaNd\AppData\Local\Alerts_LLC
Dossier Trouvé : C:\Users\kaNd\AppData\Local\BrowserWeb
Dossier Trouvé : C:\Users\kaNd\AppData\Local\Crossbrowse
Dossier Trouvé : C:\Users\kaNd\AppData\LocalLow\vmntoolbar
Dossier Trouvé : C:\Users\kaNd\AppData\Roaming\DriverCure
Dossier Trouvé : C:\Users\kaNd\AppData\Roaming\EmailNotifier
Dossier Trouvé : C:\Users\kaNd\AppData\Roaming\ParetoLogic
Dossier Trouvé : C:\Users\kaNd\AppData\Roaming\Systweak
Dossier Trouvé : C:\Users\kaNd\AppData\Roaming\vmntoolbar
Fichier Trouvé : C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\2hqkncdd.default\user.js
Fichier Trouvé : C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\52rb4lz4.default\user.js
Fichier Trouvé : C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\afxw22er.default-1383234863224\user.js
Fichier Trouvé : C:\Windows\system32oboot.exe

 [ Tâches planifiées ] *****

Tâche Trouvée : ASP
Tâche Trouvée : Crossbrowse
Tâche Trouvée : paretologic registration3
Tâche Trouvée : RegClean Pro
Tâche Trouvée : RegClean Pro_DEFAULT
Tâche Trouvée : RegClean Pro_UPDATES
Tâche Trouvée : WebBarLaunchTask
Tâche Trouvée : WebBarUpdateTask
Tâche Trouvée : NetEngine

 [ Raccourcis ] *****

Raccourci Infecté : C:\Users\kaNd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Raccourci Infecté : C:\Users\kaNd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Search.lnk

 [ Registre ] *****

Clé Trouvée : HKCU\Software\AppDataLow\Software\vmntoolbar
Clé Trouvée : HKCU\Software\Crossbrowse
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{FA6289D6-676C-4497-88CC-9E2E15488944}
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Deal Keeper
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean-Pro_is1
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\vmntoolbar
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A057A204-BACC-4D26-8287-79A187E26987}
Clé Trouvée : HKCU\Software\ParetoLogic
Clé Trouvée : HKCU\Software\SecuredDownload
Clé Trouvée : HKCU\Software\systweak
Clé Trouvée : HKCU\Software\vmntoolbar
Clé Trouvée : HKLM\SOFTWARE\Classes\AppID\{4D6A5312-AB4D-41AA-8BED-0E019B87CA11}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Clé Trouvée : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Clé Trouvée : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Clé Trouvée : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Clé Trouvée : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Clé Trouvée : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Clé Trouvée : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Clé Trouvée : HKLM\SOFTWARE\Classes\speedupmypc
Clé Trouvée : HKLM\SOFTWARE\Classes\vmntoolbar.vmntoolbar
Clé Trouvée : HKLM\SOFTWARE\Classes\vmntoolbar.vmntoolbarmenu button
Clé Trouvée : HKLM\SOFTWARE\Classes\vmntoolbar.vmntoolbartoggle button
Clé Trouvée : HKLM\SOFTWARE\Crossbrowse
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Clé Trouvée : HKLM\SOFTWARE\MixVideoPlayer
Clé Trouvée : HKLM\SOFTWARE\ParetoLogic
Clé Trouvée : HKLM\SOFTWARE\SafeGuard
Clé Trouvée : HKLM\SOFTWARE\systweak
Clé Trouvée : HKLM\SOFTWARE\Uniblue
Clé Trouvée : HKLM\SOFTWARE\WebBar
Donnée Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Valeur Trouvée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A057A204-BACC-4D26-8287-79A187E26987}]

 [ Navigateurs ] *****

-\ Internet Explorer v9.0.8112.16644


-\ Mozilla Firefox v38.0.1 (x86 fr)

[2hqkncdd.default] - Ligne Trouvée : user_pref("browser.search.selectedEngine", "Astromenda");
[52rb4lz4.default] - Ligne Trouvée : user_pref("browser.search.selectedEngine", "Astromenda");
[afxw22er.default-1383234863224] - Ligne Trouvée : user_pref("browser.newtabpage.pinned", "[{\"url\":\"hxxp://www.liberation.fr/\",\"title\":\"Toute l'actualité en direct - photos et vidéos avec Libération - Libération\",\"frecency\":61900,\"lastVisit[...]
[afxw22er.default-1383234863224] - Ligne Trouvée : user_pref("browser.search.defaultenginename", "Ixquick");

-\ Google Chrome v42.0.2311.152

[C:\Users\kaNd\AppData\Local\Google\Chrome\User Data\Default\Web data] - Trouvée [Search Provider] : hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_secureddownload_14_31_ff&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0C0AyDyDtC0ByB0AtAyE0CtN0D0Tzu0SzyyEtAtN1L2XzutBtFtBtCtFtCzztFtAtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCzyyBtAtByDtB0AtG0D0FzztBtGtBzztCtCtG0B0B0CyDtGyEyDyCzy0D0AyEzztCtA0C0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyB0EyC0AtB0F0FtGtC0FtBtBtG0DzzyCzztG0A0AtC0EtGyDyEyBtAtDzzzzyD0D0D0BtD2Q&cr=1225959866&ir=
[C:\Users\kaNd\AppData\Local\Google\Chrome\User Data\Default\Web data] - Trouvée [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M2103F662-43D8-4F0D-AD74-58D4FDB7E8F7&SearchSource=58&CUI=&UM=6&UP=SP88BF967E-1449-4782-B899-61C0BC3F52A8&q={searchTerms}&SSPV=



AdwCleaner[R0].txt - [7331 octets] - [16/05/2015 13:23:04]
AdwCleaner[R1].txt - [6295 octets] - [16/05/2015 13:33:39]
AdwCleaner[S0].txt - [1437 octets] - [16/05/2015 13:26:12]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [6415 octets] ##########

artaban7 · Answer

bonjour,

on va voir ensemble :

Pour le diagnostique il s'agit de ce logiciel : https://nicolascoolman.eu

il suffit de le lancer, de choisir "complet", il va ensuite créer un rapport du système sur le bureau au format .txt qu'il faudra transmettre ici à l'aide de : http://pjjoint.malekal.com/

Si tu as besoins d'explication sur des points précis comme l'utilisation du générateur de fichier, n'hésites pas..

camarill · Answer

Merci beaucoup Artaban. Ce fut rapide. Voici le rapport :

~ Rapport de ZHPDiag v2015.5.13.48 - Nicolas Coolman  (13/05/2015)
~ Lancé par kaNd (16/05/2015 16:53:31)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 38.0.1 (Defaut)
GCIE: Google Chrome v42.0.2311.152

---\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows Operating System - Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : B9HD2
Windows License : OK
Windows Automatic Updates : OK
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)

---\ Logiciels de protection du système
Avast Internet Security v10.2.2218
Malwarebytes Anti-Malware version 2.0.4.1028

---\ Logiciels d'optimisation du système
CCleaner v5.01

---\ Logiciels de partage PeerToPeer

---\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
Adobe Reader X

---\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3581 MB (61% free)
System Restore: Activé (Enable)
System drive C: has 114 GB (38%) free of 295 GB

---\ Mode de connexion au système
~ Computer Name: INSPIRONNEO
~ User Name: kaNd
~ All Users Names: kaNd, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\kaNd\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\kaNd\AppData\Roaming\
~ %Desktop% : C:\Users\kaNd\Desktop\
~ %Favorites% : C:\Users\kaNd\Favorites\
~ %LocalAppData% : C:\Users\kaNd\AppData\Local\
~ %StartMenu% : C:\Users\kaNd\AppData\Roaming\Microsoft\Windows\Start 

Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 114 Go of 295 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 1228 Go of 1863 Go)



---\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] 

EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Fold

er\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Fold

er\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] 

Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto 

Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 42 Scanned in 00mn 00s



---\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - 

Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- 

C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - 

Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- 

C:\Windows\System32\Wininit.exe [96768]
[MD5.E38E89A0939A42F5EE4292DFC48772DF] - (.Microsoft Corporation - 

Extensions Internet pour Win32.) (.10/04/2015 - 16:20:33.) -- 

C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - 

Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) 

-- C:\Windows\System32\Winlogon.exe [314368]
[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - 

Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:53:22.) -- 

C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - 

ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- 

C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD

-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- 

C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - 

SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32

\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS 

Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- 

C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - 

High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- 

C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - 

Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- 

C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP 

Network Address Translator.) (.21/01/2008 - 03:24:25.) -- 

C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - 

Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- 

C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT 

Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32

\Drivers
etBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - 

Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- 

C:\Windows\system32\Drivers
tfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - 

Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- 

C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS 

L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- 

C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - 

Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- 

C:\Windows\system32\Driversdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB 

Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32

\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI 

Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32

\Drivers	dx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - 

Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- 

C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes:  Scanned in 00mn 00s



---\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/500
~ Mes musiques (My Musics) : 1/553
~ Mes Videos (My Videos) : 1/36
~ Mes Favoris (My Favorites) : 1/20
~ Mes Documents (My Documents) : 1/68629
~ Mon Bureau (My Desktop) : 1/31
~ Menu demarrer (Programs) : 1/44
~ Hidden Files:  Scanned in 00mn 56s



---\ Processus lancés
[MD5.65C6AA484AD2287D20541C7735989437] - (.Avast Software s.r.o. - 

avast! Antivirus.) -- C:\Program Files\AVAST 

Software\Avast\avastui.exe   [5515496] [PID.3224]
[MD5.56A1CFFFFC8D646A0388DFBF3EC362CF] - (.Microsoft Corporation - 

Microsoft Tablet PC Input Component.) -- C:\Windows\SYSTEM32

\WISPTIS.exe   [244224] [PID.6080]
[MD5.7122B0AA2212B07BBFC49BD22215BF3B] - (.Microsoft Corporation - 

Tablet PC Input Panel Accessory.) -- C:\Program Files\Common 

Files\microsoft shared\ink\TabTip.exe   [304128] [PID.5500]
[MD5.87AD1837D7826ECB5A33F1890BD48849] - (.Stardock Corporation - Dell 

Dock.) -- C:\Program Files\Dell\DellDock\DellDock.exe   [1320288] 

[PID.4528]
[MD5.9B6145F78620F411AC2C1A645A21F1D2] - (.Mozilla Corporation - 

Thunderbird.) -- C:\Program Files\Mozilla Thunderbird	hunderbird.exe  

 [389744] [PID.3304]
[MD5.14CF73D771FA977A9F1CBAA5C301F912] - (.Mozilla Corporation - 

Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   [376944] 

[PID.4368]
[MD5.BBEAE69C0F5FB2DAD63DD621EED595D4] - (.Pas de propriétaire - Show 

Atwtusb Icon Application.) -- C:\Windows\system32\AtwtusbIcon.exe   

[2963456] [PID.5052]
[MD5.46769F961E4AB53D76A9E734867E0E54] - (.Nicolas Coolman - ZHPDiag.) 

-- C:\Program Files\ZHPDiag\ZHPDiag.exe   [8208896] [PID.5128]
[MD5.54236E79A44F909612391C8A2D70D512] - (.Avast Software s.r.o. - 

avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe 

  [343336] [PID.1768]
[MD5.C569E7F268C43D6C9C4D74EE2F06CCD8] - (.Avast Software s.r.o. - 

avast! firewall service.) -- C:\Program Files\AVAST 

Software\Avast\afwServ.exe   [107448] [PID.1952]
[MD5.E5CA07C1A5A4C7095FC8937D84B37243] - (.Avast Software - 

AvastVirtualBox Interface.) -- C:\Program Files\AVAST 

Software\Avast
g\vbox\AvastVBoxSVC.exe   [3207800] [PID.3260]
[MD5.6ADDB884025A0D1BCC3AD66E9FC57EFF] - (.Pas de propriétaire - 

DedicarzService.) -- C:\Program Files\Orange\ma 

Livebox\dedicarz\DedicarzService.exe   [1970544] [PID.5496]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour 

Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe   [390504] 

[PID.4588]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - 

Service de gestion des licences Microsoft.) -- C:\Windows\system32

\SLsvc.exe   [3408896] [PID.1488]
[MD5.EF716E2D17EE6C4A9732BA5283584D7C] - (.Pas de propriétaire - User 

Mode Tablet Driver.) -- C:\Windows\system32\atwtusb.exe   [535552] 

[PID.4056]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme 

d'installation de Google.) -- C:\Program 

Files\Google\Update\GoogleUpdate.exe   [116648] [PID.532]
[MD5.8715A0D10CFFC8DEE923957F07DAA042] - (.Google Inc. - Google Crash 

Handler.) -- C:\Program Files\Google\Update\1.3.27.5

\GoogleCrashHandler.exe   [244040] [PID.2480]
[MD5.5DAF7081A4BB112FA3F1915819330A3E] - (...) -- C:\Program 

Files\ZHPDiag\pv.exe   [61440] [PID.0]
~ Processes Running:  Scanned in 00mn 02s



---\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\kaNd\AppData\Local\Google\Chrome\User 

Data\Default\Preferences

---\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\kaNd\AppData\Local\Google\Chrome\User 

Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake 

[__MSG_appName__]
G2 - EXT: C:\Users\kaNd\AppData\Local\Google\Chrome\User 

Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf 

[__MSG_appName__]
G2 - EXT: C:\Users\kaNd\AppData\Local\Google\Chrome\User 

Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo 

[__MSG_appName__]
G2 - EXT: C:\Users\kaNd\AppData\Local\Google\Chrome\User 

Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf 

[__MSG_appName__]
G2 - EXT: C:\Users\kaNd\AppData\Local\Google\Chrome\User 

Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [Bookmark 

Manager]
G2 - EXT: C:\Users\kaNd\AppData\Local\Google\Chrome\User 

Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [Avast Online 

Security]
G2 - EXT: C:\Users\kaNd\AppData\Local\Google\Chrome\User 

Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [Chrome 

Hotword Shared Module]
G2 - EXT: C:\Users\kaNd\AppData\Local\Google\Chrome\User 

Data\Default\Extensions
mmhkkegccagdldgiimedpiccmgmieda 

[__MSG_APP_NAME__]
G2 - EXT: C:\Users\kaNd\AppData\Local\Google\Chrome\User 

Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia 

[__MSG_appName__]
~ Google Lines Browser: 18 Scanned in 00mn 00s



---\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  

(P2,M0,M1,M2,M3)
C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\2hqkncdd.defaul

t\prefs.js
C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\2hqkncdd.defaul

t\user.js
C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\52rb4lz4.defaul

t\prefs.js
C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\52rb4lz4.defaul

t\user.js
C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\afxw22er.defaul

t-1383234863224\prefs.js
C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\afxw22er.defaul

t-1383234863224\user.js
M3 - MFPP: Plugins - [kaNd] -- 

C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\afxw22er.defaul

t-1383234863224\searchplugins\duckduckgo.xml
M3 - MFPP: Plugins - [kaNd] -- 

C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\afxw22er.defaul

t-1383234863224\searchplugins\imdb.xml
M3 - MFPP: Plugins - [kaNd] -- 

C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\afxw22er.defaul

t-1383234863224\searchplugins\ixquick.xml
M3 - MFPP: Plugins - [kaNd] -- 

C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\afxw22er.defaul

t-1383234863224\searchplugins\mangafox.xml
M3 - MFPP: Plugins - [kaNd] -- 

C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\afxw22er.defaul

t-1383234863224\searchplugins\mangaupdates.xml
M3 - MFPP: Plugins - [kaNd] -- 

C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\afxw22er.defaul

t-1383234863224\searchplugins\wikipedia-en.xml
M3 - MFPP: Plugins - [kaNd] -- 

C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\afxw22er.defaul

t-1383234863224\searchplugins\wikipedia-ja.xml
M3 - MFPP: Plugins - [kaNd] -- 

C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\afxw22er.defaul

t-1383234863224\searchplugins\yahoo-avast.xml
M3 - MFPP: Plugins - [kaNd] -- 

C:\Users\kaNd\AppData\Roaming\Mozilla\Firefox\Profiles\afxw22er.defaul

t-1383234863224\searchplugins\youtube-ssl.xml
M0 - MFSP: prefs.js [kaNd - afxw22er.default-1383234863224] 

about:newtab
M2 - MFEP: Extension [kaNd - 2hqkncdd.default] 

personas@christopher.beard.xpi
M2 - MFEP: Extension [kaNd - 2hqkncdd.default] staged
M2 - MFEP: Extension [kaNd - 2hqkncdd.default] {55639f4f-70f3-47b6-

9c22-0c740448eb41}.xpi
M2 - MFEP: Extension [kaNd - 2hqkncdd.default] tineye@ideeinc.com.xpi
M2 - MFEP: Extension [kaNd - 2hqkncdd.default] 

YoutubeDownloader@PeterOlayev.com.xpi
M2 - MFEP: Extension [kaNd - 2hqkncdd.default] {4a313247-8330-4a81-

948e-b79936516f78}.xpi
M2 - MFEP: Extension [kaNd - 2hqkncdd.default] {d10d0bf8-f5b5-c8b4-

a8b2-2b9879e08c5d}.xpi  =>.Adblock Plus Extension Mozilla Firefox
M2 - MFEP: Extension [kaNd - 2hqkncdd.default] {e4a8a97b-f2ed-450b-

b12d-ee082ba24781}.xpi
M2 - MFEP: Extension [kaNd - 52rb4lz4.default] 

personas@christopher.beard.xpi
M2 - MFEP: Extension [kaNd - 52rb4lz4.default] staged
M2 - MFEP: Extension [kaNd - 52rb4lz4.default] {55639f4f-70f3-47b6-

9c22-0c740448eb41}.xpi
M2 - MFEP: Extension [kaNd - 52rb4lz4.default] tineye@ideeinc.com.xpi
M2 - MFEP: Extension [kaNd - 52rb4lz4.default] 

YoutubeDownloader@PeterOlayev.com.xpi
M2 - MFEP: Extension [kaNd - 52rb4lz4.default] {4a313247-8330-4a81-

948e-b79936516f78}.xpi
M2 - MFEP: Extension [kaNd - 52rb4lz4.default] {d10d0bf8-f5b5-c8b4-

a8b2-2b9879e08c5d}.xpi  =>.Adblock Plus Extension Mozilla Firefox
M2 - MFEP: Extension [kaNd - 52rb4lz4.default] {e4a8a97b-f2ed-450b-

b12d-ee082ba24781}.xpi
M2 - MFEP: Extension [kaNd - afxw22er.default-1383234863224] 

personas@christopher.beard.xpi
M2 - MFEP: Extension [kaNd - afxw22er.default-1383234863224] staged
M2 - MFEP: Extension [kaNd - afxw22er.default-1383234863224] 

{55639f4f-70f3-47b6-9c22-0c740448eb41}.xpi
M2 - MFEP: Extension [kaNd - afxw22er.default-1383234863224] 

tineye@ideeinc.com.xpi
M2 - MFEP: Extension [kaNd - afxw22er.default-1383234863224] 

YoutubeDownloader@PeterOlayev.com.xpi
M2 - MFEP: Extension [kaNd - afxw22er.default-1383234863224] 

{4a313247-8330-4a81-948e-b79936516f78}.xpi
M2 - MFEP: Extension [kaNd - afxw22er.default-1383234863224] 

{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi  =>.Adblock Plus Extension 

Mozilla Firefox
M2 - MFEP: Extension [kaNd - afxw22er.default-1383234863224] 

{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla 

Firefox\browser\searchplugins\amazon-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla 

Firefox\browser\searchplugins\bing.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla 

Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla 

Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla 

Firefox\browser\searchplugins\eBay-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla 

Firefox\browser\searchplugins\google.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla 

Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla 

Firefox\browser\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- 

C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - 

GEPlugin.) -- C:\Program Files\Google\Google 

Earth\plugin
pgeplugin.dll  =>.Google Inc
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.45.2] - (.Oracle 

Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) 

-- C:\Program Files\Java\jre1.8.0_45\bin\dtplugin
pDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.45.2] - (.Oracle 

Corporation - Next Generation Java Plug-in 11.45.2 for Mozilla 

browsers.) -- C:\Program Files\Java\jre1.8.0_45\bin\plugin2
pjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft 

Corporation - 5.1.40416.0.) -- C:\Program Files\Microsoft 

Silverlight\5.1.40416.0
pctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft 

Corporation - Windows Presentation Foundation (WPF) plug-in for 

Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows 

Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - 

(.Google Inc. - Google Update.) -- C:\Program 

Files\Google\Update\1.3.27.5
pGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - 

(.Google Inc. - Google Update.) -- C:\Program 

Files\Google\Update\1.3.27.5
pGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.5] - (.VideoLAN - VLC 

media player Web Plugin.) -- C:\Program Files\VideoLAN\VLC
pvlc.dll  

=>.VideoLAN
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.2.0] - (.VideoLAN - VLC 

media player Web Plugin.) -- C:\Program Files\VideoLAN\VLC
pvlc.dll  

=>.VideoLAN
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF 

Plug-In For Firefox and Netscape 10.1.14.) -- C:\Program 

Files\Adobe\Reader 10.0\Reader\AIR
ppdf32.dll
P2 - FPN: [HKLM] 

[yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1] - (.Yahoo! 

Inc. - Yahoo! activeX Plug-in Bridge.) -- C:\Program Files\Yahoo!

\Common
pyaxmpb.dll
~ Firefox Browser: 67 Scanned in 00mn 00s



---\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing 

(R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 

www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 

https://fr.yahoo.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 

https://fr.search.yahoo.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 

https://fr.yahoo.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 

https://fr.search.yahoo.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off 

Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page 

= about:securityrisk
R1 - HKCU\SOFTWARE\Microsoft\Internet 

Explorer\Search,Default_Search_URL = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant 

= www.google.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-

99CB-00C04FD64497} . (.Yahoo! Inc. - Yahoo! activeX Plug-in Bridge.) 

(No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled 

= 1
~ IE Browser: 12 Scanned in 00mn 00s



---\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet 

Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet 

Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet 

Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet 

Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet 

Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet 

Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading 

programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL 

"sysdm.cpl"
~ Keys:  Scanned in 00mn 00s



---\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (20)
~ Hosts File:  Scanned in 00mn 00s



---\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-

D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) 

-- C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-

D17F00898D06} . (.Avast Software s.r.o. - IE Webrep plugin.) -- 

C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {A057A204-BACC-4D26-8287-79A187E26987} Clé 

orpheline
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-

9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) 

-- C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
~ BHO: 8 Scanned in 00mn 00s



---\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{A057A204-BACC-4D26-8287-79A187E26987} 

Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [kaNd]: Search.lnk . (.Mozilla Corporation - 

Firefox.)  -- C:\Program Files\Mozilla Firefox\firefox.exe 

https://www.google.com/#u_ip=91.209.35.218  =>PUP.HelperBar
O4 - GS\QuickLaunch [kaNd]: µTorrent.lnk . (.BitTorrent Inc. - 

µTorrent.)  -- C:\Users\kaNd\AppData\Roaming\uTorrent\uTorrent.exe   

=>P2P.BitTorrent
O4 - GS\Program [kaNd]: Search.lnk . (.Mozilla Corporation - Firefox.) 

 -- C:\Program Files\Mozilla Firefox\firefox.exe 

https://www.google.com/#u_ip=91.209.35.218  =>PUP.HelperBar
~ Global Startup: 3 Scanned in 00mn 01s



---\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - 

Windows Defender User Interface.) -- C:\Program Files\Windows 

Defender\MSASCui.exe 
O4 - HKLM\..\Run: [EsternTimesMouseExRun] . (...) -- C:\Program 

Files\Anker Precision Laser Gaming Mouse\AnkerMonEx.exe 
O4 - HKLM\..\Run: [AvastUI.exe] . (.Avast Software s.r.o. - avast! 

Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe 
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe 

Reader and Acrobat Manager.) -- C:\Program Files\Common 

Files\Adobe\ARM\1.0\AdobeARM.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [AtwtusbIcon] . (.Pas de propriétaire - Show Atwtusb 

Icon Application.) -- C:\Windows\System32\AtwtusbIcon.exe 
O4 - HKCU\..\Run: [EPSON S22 Series] . (.SEIKO EPSON CORPORATION - 

EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86

\3\E_FATIGEE.exe   =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) 

-- C:\Program Files\CCleaner\CCleaner.exe   =>.Piriform Ltd
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- 

C:\Users\kaNd\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media 

Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe 
O4 - HKCU\..\Run: 

[GoogleChromeAutoLaunch_A38AA3E4577AB44EDA760BC637D1D7BF] C:\Program 

Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.) 

  =>PUP.CrossBrowser
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet 

Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe   

=>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet 

Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe   

=>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3284423429-1084852273-2406142848-1000\..\Run: 

[EPSON S22 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 

3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGEE.exe   

=>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-3284423429-1084852273-2406142848-1000\..\Run: 

[CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program 

Files\CCleaner\CCleaner.exe   =>.Piriform Ltd
O4 - HKUS\S-1-5-21-3284423429-1084852273-2406142848-1000\..\Run: 

[uTorrent] . (.BitTorrent Inc. - µTorrent.) -- 

C:\Users\kaNd\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-3284423429-1084852273-2406142848-1000\..\Run: 

[ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- 

C:\Windows\ehome\ehTray.exe 
O4 - HKUS\S-1-5-21-3284423429-1084852273-2406142848-1000\..\Run: 

[GoogleChromeAutoLaunch_A38AA3E4577AB44EDA760BC637D1D7BF] C:\Program 

Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.) 

  =>PUP.CrossBrowser
~ Application:  Scanned in 00mn 00s



---\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - 

Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - 

Fournisseur Shim d'affectation de noms de messagerie.) -- 

C:\Windows\system32
apinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - 

Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - 

Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Inc. - Bonjour 

Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - 

Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- 

C:\Windows\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - 

LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 7 Scanned in 00mn 00s



---\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -  ((no name)) - 

(.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!

\Common\Yinsthelper.dll
~ Objets ActiveX:  Scanned in 00mn 00s



---\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{067D4343-C61B-479C-BAC7-

C4BBAF658801}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{067D4343-C61B-479C-BAC7-

C4BBAF658801}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{067D4343-C61B-479C-BAC7-

C4BBAF658801}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{067D4343-C61B-479C-BAC7-

C4BBAF658801}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 

192.168.1.1 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . 

(.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- 

C:\Windows\system32\mshtml.dll  =>.Microsoft Corporation
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-

00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime 

Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft 

Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) 

(O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . 

(.Microsoft Corporation - Contrôleur de site Web.) -- 

C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s



---\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - 

{8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - 

Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32

\browseui.dll
~ STS/SSO:  Scanned in 00mn 00s



---\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . 

(.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - 

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea 

Electronics Corporation - Andrea filters APO access service (32-bit).) 

- C:\Windows\system32\aestsrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) . (.Avast Software 

s.r.o. - avast! Service.) - C:\Program Files\AVAST 

Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) . (.Avast Software 

s.r.o. - avast! firewall service.) - C:\Program Files\AVAST 

Software\Avast\afwServ.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - 

Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dedicarz Service (Dedicarz Service) . (.Pas de 

propriétaire - DedicarzService.) - C:\Program Files\Orange\ma 

Livebox\dedicarz\DedicarzService.exe
O23 - Service: Dock Login Service (DockLoginService) . (.Stardock 

Corporation - Dock Login Service.) - C:\Program 

Files\Dell\DellDock\DockLogin.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google 

Inc. - Programme d'installation de Google.) - C:\Program 

Files\Google\Update\GoogleUpdate.exe  =>.Google Inc
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) 

(sprtsvc_dellsupportcenter) . (.SupportSoft, Inc. - SupportSoft Agent 

Service.) - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) . (.IDT, Inc. - STacSV 

Module.) - C:\Windows\system32\STacSV.exe
O23 - Service: WTService (WTService) . (.Pas de propriétaire - User 

Mode Tablet Driver.) - C:\Windows\system32\atwtusb.exe
~ Services: 11 Scanned in 00mn 10s



---\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\ Tâches planifiées en automatique (O39)
[MD5.3E04F1E482357B1FC8B088197C3D9FF8] [APT] [Adobe Acrobat Update 

Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common 

Files\Adobe\ARM\1.0\AdobeARM.exe   [1022152]
[MD5.B04A4810C6CC205F9DC72DC22E4AB236] [APT] [Adobe Flash Player 

Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32

\Macromed\Flash\FlashPlayerUpdateService.exe   [268464]
[MD5.C50B830CA9BCD63754928CD6C0E2B114] [APT] [avast! Emergency Update] 

(.Avast Software s.r.o..) -- C:\Program Files\AVAST 

Software\Avast\AvastEmUpdate.exe   [1298688]
[MD5.805210C8DB11D5799E7172923959BF98] [APT] [CCleanerSkipUAC] 

(.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe   [5489944]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] 

[GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program 

Files\Google\Update\GoogleUpdate.exe   [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] 

[GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program 

Files\Google\Update\GoogleUpdate.exe   [116648]
[MD5.E159CC49FCF814B64CAA868BFEB60BEB] [APT] [maLivebox] (.Orange.) -- 

C:\Program Files\Orange\ma Livebox\maLivebox.exe   [149728]
[MD5.00000000000000000000000000000000] [APT] [NetEngine] (...) -- 

C:\ProgramData\NetEngine\bin\D10
etengine.exe (.not file.)   [0]  

=>PUP.NetEngine
[MD5.00000000000000000000000000000000] [APT] [{04BA43D8-9C40-44CB-

BECE-0953FA12EA19}] (...) -- 

C:\Users\kaNd\Downloads\64bit_Win7_Win8_Win81_R275.exe (.not file.)   

[0]
[MD5.00000000000000000000000000000000] [APT] [{1D149AB3-D943-4365-

B6CE-711E87F6346C}] (...) -- C:\Users\kaNd\Documents\Jeux\Absolute 

Obedience - Zettai Fukuju Meirei (English Yaoi Game)\Setup.exe (.not 

file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{77095739-1427-4F6D-

A292-F781E77C8662}] (...) -- C:\Users\kaNd\Documents\Jeux\Absolute 

Obedience - Zettai Fukuju Meirei (English Yaoi Game)\dxsetup.exe (.not 

file.)   [0]
[MD5.8879D48F2880E04A147103EB9629A955] [APT] [{B55EC9A4-0CEC-4879-

A575-85303BBD334F}] (.langmaor.) -- C:\Users\kaNd\Downloads\Absolute 

Obedience - Zettai Fukuju Meirei (English Yaoi Game)\Absolute 

Obedience - Zettai Fukuju Meirei (English Yaoi Game)\Setup.exe   

[512000]
[MD5.00000000000000000000000000000000] [APT] [{CCC4114E-CC6F-4934-

AC92-8BC746F57BA1}] (...) -- C:\Users\kaNd\Documents\Jeux\Absolute 

Obedience - Zettai Fukuju Meirei (English Yaoi Game)\Install.exe (.not 

file.)   [0]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) 

-- C:\Windows\Tasks\Adobe Flash Player Updater.job   [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) 

-- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [1002]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- 

C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1052]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- 

C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1052]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- 

C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1056]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- 

C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1056]
O39 - APT:  - (..) -- C:\Windows\Tasks\ParetoLogic Registration3.job   

[442]  =>PUP.Paretologic
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\ParetoLogic 

Registration3   [442]  =>PUP.Paretologic
~ Scheduled Task: 20 Scanned in 00mn 04s



---\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-

94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur 

Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft 

Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-

de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation 

d'Internet Explorer par utilisateur.) -- C:\Windows\system32

\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-

00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- 

C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Installation Support - {0291E591-EA41-4c82-8106-

3DC6CE7F7664} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program 

Files\Yahoo!\Common\Yinsthelper.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0

-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player 

Extension.) -- C:\Windows\System32\wmpdxm.dll  =>.Microsoft 

Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . 

(.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32

	hemeui.dll
O40 - ASIC: Installation Support - {30528230-99F7-4BB4-88D8-

FA1D4F56A2AB} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program 

Files\Yahoo!\Common\Yinsthelper.dll
O40 - ASIC: Installation Support - {347B0667-C7ED-429B-BDE3-

CC8D3BACAA31} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program 

Files\Yahoo!\Common\Yinsthelper.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-

00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program 

Files\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-

00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP 

Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153

-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur 

Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft 

Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-

00AA005B4340} . (.Microsoft Corporation - DLL commune du shell 

Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-

00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation 

d'Internet Explorer par utilisateur.) -- C:\Windows\System32

\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . 

(.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- 

C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . 

(.Google Inc. - Google Chrome Installer.) -- C:\Program 

Files\Google\Chrome\Application\42.0.2311.152\Installer\chrmstp.exe
~ Active Setup: 15 Scanned in 00mn 00s



---\ Pilotes lancés au démarrage du système (O41)
O41 - Driver:  (AFD) . (.Microsoft Corporation - Ancillary Function 

Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (aswKbd) . (.Avast Software s.r.o. - avast! Keyboard 

Filter Driver.) - C:\Windows\system32\drivers\aswKbd.sys
O41 - Driver:  (aswRdr) . (.Avast Software s.r.o. - avast! TDI 

Redirect Driver.) - C:\Windows\system32\drivers\aswRdr.sys
O41 - Driver:  (aswSnx) . (.Avast Software s.r.o. - avast! 

Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver:  (aswSP) . (.Avast Software s.r.o. - avast! self 

protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver:  (aswTdi) . (.Avast Software s.r.o. - avast! TDI Filter 

Driver.) - C:\Windows\system32\drivers\aswTdi.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM 

Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . 

(.Microsoft Corporation - DFS Namespace Client Driver.) - 

C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver:  (i8042prt) . (.Microsoft Corporation - Pilote de port 

i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver:  (kbdclass) . (.Microsoft Corporation - Pilote de la 

classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver:  (kbdhid) . (.Microsoft Corporation - Pilote de filtre 

clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver:  (mouclass) . (.Microsoft Corporation - Pilote de la 

classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface 

driver.) - C:\Windows\System32\DRIVERS
etbios.sys
O41 - Driver:  (netbt) . (.Microsoft Corporation - MBT Transport 

driver.) - C:\Windows\System32\DRIVERS
etbt.sys
O41 - Driver:  (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - 

C:\Windows\System32\drivers
siproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . 

(.Microsoft Corporation - Planificateur de paquets QoS.) - 

C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver:  (RasAcd) . (.Microsoft Corporation - RAS Automatic 

Connection Driver.) - C:\Windows\System32\DRIVERSasacd.sys
O41 - Driver:  (rdbss) . (.Microsoft Corporation - Redirected Drive 

Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERSdbss.sys
O41 - Driver:  (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - 

C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver:  (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - 

C:\Windows\System32\driversdpencdd.sys
O41 - Driver: C:\Windows\System32	cpipcfg.dll (Smb) . (.Microsoft 

Corporation - SMB Transport driver.) - C:\Windows\System32

\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32	cpipcfg.dll (tdx) . (.Microsoft 

Corporation - TDI Translation Driver.) - C:\Windows\System32

\DRIVERS	dx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Terminal Server 

Driver.) - C:\Windows\System32\DRIVERS	ermdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA 

Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (Wanarpv6) . (.Microsoft Corporation - MS Remote Access 

and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Drivers: 98 Scanned in 00mn 01s



---\ Logiciels installés (O42)
O42 - Logiciel: AceFTP 3 Freeware - (...) [HKLM] -- AceFTP 3 Freeware
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- 

Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- 

{34927EBC-98D4-4D53-98BE-510DF5999F50}
O42 - Logiciel: Adobe Digital Editions 4.0 - (.Adobe Systems 

Incorporated.) [HKLM] -- Adobe Digital Editions 4.0
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems 

Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Photoshop 6.0 - (.Adobe Systems, Inc..) [HKLM] 

-- Adobe Photoshop 6.0
O42 - Logiciel: Adobe Reader X (10.1.14) - Français - (.Adobe Systems 

Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) 

[HKLM] -- {AC76BA86-0804-1033-1959-001802114130}
O42 - Logiciel: Adobe SVG Viewer - (.Adobe Systems, Inc..) [HKLM] -- 

Adobe SVG Viewer
O42 - Logiciel: Amazon Kindle - (.Amazon.) [HKCU] -- Amazon Kindle
O42 - Logiciel: Anker Precision Laser Gaming Mouse version 1.1 - 

(.ANKER Technology.) [HKLM] -- {F9A7ED2C-34E1-4A96-9A25-B022C23C3361}

_is1
O42 - Logiciel: Arachnophilia 5.5 - (...) [HKLM] -- Arachnophilia 

5.5_is1
O42 - Logiciel: ArcSoft PhotoStudio 5.5 - (.ArcSoft.) [HKLM] -- 

{85309D89-7BE9-4094-BB17-24999C6118FC}
O42 - Logiciel: Archiveur WinRAR - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: Audacity 1.2.6 - (...) [HKLM] -- Audacity_is1
O42 - Logiciel: Audio Conversion Wizard 2.0 - (.Audio Conversion 

Wizard.) [HKLM] -- Audio Conversion Wizard_is1
O42 - Logiciel: Audio_Wizard - (.Regular Software.) [HKLM] -- 

{C290F826-2166-48F3-88E2-8ECE277D095F}
O42 - Logiciel: Avast Internet Security - (.AVAST Software.) [HKLM] -- 

Avast
O42 - Logiciel: AxCrypt 1.7.3156.0 - (.Axantum Software AB.) [HKLM] -- 

{DB066768-5A50-4C44-815B-4E8A6A39335E}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-

49D7-8612-D92580E0DE5B}
O42 - Logiciel: CA VMN Anti-Spyware (remove only) - (.Visicom Media 

inc..) [HKLM] -- CA_VMN_antispyware
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CanoScan 5600F Scanner Driver - (...) [HKLM] -- 

{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4808
O42 - Logiciel: Canon MP Navigator EX 2.0 - (...) [HKLM] -- MP 

Navigator EX 2.0
O42 - Logiciel: Canon Utilities Solution Menu - (...) [HKLM] -- 

CanonSolutionMenu
O42 - Logiciel: ConTEXT - (.Eden Kirin.) [HKLM] -- ConTEXTEditor_is1
O42 - Logiciel: ConvertHelper 2.2 - (.DownloadHelper.) [HKLM] -- 

{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1
O42 - Logiciel: Dell Dock - (.Stardock Corporation.) [HKLM] -- Dell 

Dock
O42 - Logiciel: Dell Dock - (.Stardock Corporation.) [HKLM] -- 

{C73A3942-84C8-4597-9F9B-EE227DCBA758}
O42 - Logiciel: Dell Resource CD - (.Nom de votre société.) [HKLM] -- 

{42929F0F-CE14-47AF-9FC7-FF297A603021}
O42 - Logiciel: Dell Support Center - (.Dell.) [HKLM] -- {E3BFEE55-

39E2-4BE0-B966-89FE583822C1}
O42 - Logiciel: EPSON S22 Series Manuel - (...) [HKLM] -- EPSON S22 

Series Manual
O42 - Logiciel: EPSON S22 Series Printer Uninstall - (.SEIKO EPSON 

Corporation.) [HKLM] -- EPSON S22 Series
O42 - Logiciel: Four Winds Mah Jong 2.14 - (.Lagarto.) [HKLM] -- 

{55C3CAC8-2243-4107-AE36-3787BED13ED1}
O42 - Logiciel: Français enrichi version 2014.07.17 - (.Denis Liégeois 

(mailto:denis.liegeois@neottia.net).) [HKLM] -- {57A6D4C8-89C2-4C10-

BC0D-C6DD74C9E7FF}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google 

Chrome
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {1A295C25-6E02-

49FB-826B-F0D2C56FFA4E}  =>.Google Inc
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- 

{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- 

{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Installation DAO - (...) [HKLM] -- Installation DAO
O42 - Logiciel: Java 8 Update 45 - (.Oracle Corporation.) [HKLM] -- 

{26A24AE4-039D-4CA4-87B4-2F83218045F0}
O42 - Logiciel: Juice 2.2 - (.Juice Team.) [HKLM] -- Juice
O42 - Logiciel: Kobo - (.Rakuten Kobo Inc..) [HKLM] -- Kobo
O42 - Logiciel: LAME v3.99.3 (for Windows) - (...) [HKLM] -- LAME_is1
O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.4.1028 - 

(.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: MediaDirect - (.Dell.) [HKLM] -- {9C6978E8-B6D0-4AB7-

A7A0-D81A74FBF745}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) 

[HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mozilla Firefox 38.0.1 (x86 fr) - (.Mozilla.) [HKLM] 

-- Mozilla Firefox 38.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- 

MozillaMaintenanceService
O42 - Logiciel: Mozilla Thunderbird 31.6.0 (x86 fr) - (.Mozilla.) 

[HKLM] -- Mozilla Thunderbird 31.6.0 (x86 fr)  =>.Mozilla Corporation
O42 - Logiciel: NVIDIA Drivers - (...) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: OpenOffice 4.1.1 - (.Apache Software Foundation.) 

[HKLM] -- {121727D5-FDF3-4723-BA57-EB383440ED72}
O42 - Logiciel: Orange update - (.Orange.) [HKLM] -- 

OrangeUpdateManager
O42 - Logiciel: OutlookAddinSetup - (.CyberLink.) [HKLM] -- {9BDEF074

-020E-458D-ADC5-8FF68E0C9B56}
O42 - Logiciel: Pilote de clavier français enrichi - (.Denis Liégeois 

- Serge Paccalin.) [HKLM] -- Kbdfrac2
O42 - Logiciel: QuickSet - (.Dell Inc..) [HKLM] -- {4B6AD248-D3BF-

426A-8D64-847288154F13}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek 

Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SigmaTel Audio - (.SigmaTel.) [HKLM] -- {A462213D-

EED4-42C2-9A60-7BDD4D4B0B17}
O42 - Logiciel: Stellarium 0.11.1 - (...) [HKLM] -- Stellarium_is1
O42 - Logiciel: Trust tablet driver - (...) [HKLM] -- RmTablet
O42 - Logiciel: Unlocker 1.9.2 - (.Cedrick Collomb.) [HKLM] -- 

Unlocker
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media 

player  =>.VideoLAN
O42 - Logiciel: Web Shield - (.Irrational Number Applications.) [HKLM] 

-- WebShield
O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM] -- 

WinPcapInst
O42 - Logiciel: Yahoo! Install Manager - (...) [HKLM] -- YInstHelper
O42 - Logiciel: calibre - (.Kovid Goyal.) [HKLM] -- {8FAFEF8C-295D-

4D71-95FC-91D9B7D75F3E}
O42 - Logiciel: mIRC - (.mIRC Co. Ltd..) [HKLM] -- mIRC
O42 - Logiciel: ma Livebox - (.Orange.) [HKLM] -- ma Livebox
O42 - Logiciel: myCANAL - (.player.canalplus.fr.) [HKCU] -- 

1129425581.player.canalplus.fr
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent  

=>P2P.BitTorrent
~ Logic: 57 Scanned in 00mn 00s



---\ HKCU & HKLM Software Keys
[HKCU\Software\ANKERGamingMouse]
[HKCU\Software\ASProtect]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Amazon]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\vmntoolbar]  =>Spyware.VMNToolbar
[HKCU\Software\AppDataLow]
[HKCU\Software\Artweaver]
[HKCU\Software\Audacity]
[HKCU\Software\Axantum]
[HKCU\Software\BitTorrent]  =>P2P.BitTorrent
[HKCU\Software\CA VMN Anti-Spyware]
[HKCU\Software\Canon]
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Crossbrowse]  =>PUP.CrossBrowser
[HKCU\Software\Cyberlink]
[HKCU\Software\DELL]
[HKCU\Software\Dell Computer Corporation]
[HKCU\Software\Disc Soft]
[HKCU\Software\EPSON]
[HKCU\Software\Eden]
[HKCU\Software\Google]
[HKCU\Software\JavaSoft]
[HKCU\Software\Kobo]
[HKCU\Software\Lagarto]
[HKCU\Software\Licenses]
[HKCU\Software\LitexMedia]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Lutus]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\OpenOffice]
[HKCU\Software\ParetoLogic]  =>PUP.Paretologic
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\QtProject]
[HKCU\Software\Regular Software]
[HKCU\Software\SecuredDownload]
[HKCU\Software\SupportSoft]
[HKCU\Software\Trolltech]
[HKCU\Software\Will]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\langmaor]
[HKCU\Software\livrotheque]
[HKCU\Software\mIRC]
[HKCU\Software\systweak]
[HKCU\Software\vmntoolbar]  =>Spyware.VMNToolbar
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\Artweaver]
[HKLM\Software\Axantum]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CA VMN Anti-Spyware]
[HKLM\Software\CXT]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conexant]
[HKLM\Software\Crossbrowse]  =>PUP.CrossBrowser
[HKLM\Software\CyberLink]
[HKLM\Software\Dell Computer Corporation]
[HKLM\Software\Dell]
[HKLM\Software\Disc Soft]
[HKLM\Software\DownloadHelper]
[HKLM\Software\EPSON]
[HKLM\Software\EVALUTEL]
[HKLM\Software\Google]
[HKLM\Software\IDT]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Lagarto]
[HKLM\Software\Lame For Audacity]
[HKLM\Software\Lutus]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MaxPower]
[HKLM\Software\McAfee.com]
[HKLM\Software\MimarSinan]
[HKLM\Software\MixVideoPlayer]  =>PUP.MixVideoPlayer
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice]
[HKLM\Software\Orange]
[HKLM\Software\ParetoLogic]  =>PUP.Paretologic
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SafeGuard]  =>PUP.SafeGuard
[HKLM\Software\SigmaTel]
[HKLM\Software\Sonic]
[HKLM\Software\Stardock]
[HKLM\Software\SupportSoft]
[HKLM\Software\Systweak]
[HKLM\Software\TQ566808]
[HKLM\Software\Uniblue]  =>PUP.UniblueSystem
[HKLM\Software\VideoLAN]
[HKLM\Software\Visicom Media]
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\WebBar]  =>PUP.WebBar
[HKLM\Software\WinPcap]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\calibre]
[HKLM\Software\jumpshot.com]
[HKLM\Software\mozilla.org]
~ Key Software: 253 Scanned in 00mn 00s



---\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData 

(O43)
O43 - CFD: 04/08/2014 - 21:02:52 - [] ----D C:\Program Files\4Winds2
O43 - CFD: 17/02/2015 - 01:39:40 - [] ----D C:\Program Files\Adobe
O43 - CFD: 01/08/2014 - 00:05:30 - [] ----D C:\Program Files\Anker 

Precision Laser Gaming Mouse
O43 - CFD: 31/07/2014 - 23:40:15 - [] ----D C:\Program 

Files\Arachnophilia
O43 - CFD: 31/07/2014 - 23:17:37 - [] ----D C:\Program Files\ArcSoft
O43 - CFD: 31/07/2014 - 23:43:01 - [] ----D C:\Program Files\Audacity
O43 - CFD: 31/07/2014 - 23:43:54 - [] ----D C:\Program Files\Audio 

Wizard
O43 - CFD: 01/08/2014 - 02:00:51 - [] ----D C:\Program Files\AVAST 

Software
O43 - CFD: 14/02/2015 - 23:15:05 - [] ----D C:\Program Files\Axantum
O43 - CFD: 31/07/2014 - 23:41:58 - [] ----D C:\Program Files\Bonjour
O43 - CFD: 31/07/2014 - 23:39:49 - [] ----D C:\Program Files\CA VMN 

Anti-Spyware
O43 - CFD: 06/01/2015 - 23:54:34 - [] ----D C:\Program Files\Calibre2
O43 - CFD: 31/07/2014 - 23:16:55 - [] ----D C:\Program Files\Canon
O43 - CFD: 31/07/2014 - 23:14:55 - [] --H-D C:\Program Files\CanonBJ
O43 - CFD: 23/12/2014 - 18:21:34 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 16/05/2015 - 13:27:55 - [] ----D C:\Program Files\Common 

Files
O43 - CFD: 19/03/2015 - 00:51:32 - [] ----D C:\Program Files\ConTEXT
O43 - CFD: 21/09/2014 - 12:55:55 - [] ----D C:\Program 

Files\ConvertHelper
O43 - CFD: 31/07/2014 - 20:14:53 - [] ----D C:\Program Files\CyberLink
O43 - CFD: 01/08/2014 - 00:39:32 - [] ----D C:\Program Files\Dell
O43 - CFD: 31/07/2014 - 20:51:14 - [] ----D C:\Program Files\Dell 

Support Center
O43 - CFD: 31/07/2014 - 23:12:10 - [] ----D C:\Program Files\Epson
O43 - CFD: 15/08/2014 - 19:20:27 - [] ----D C:\Program Files\EVALUTEL
O43 - CFD: 31/07/2014 - 19:58:23 - [] -SH-D C:\Program Files\Fichiers 

communs
O43 - CFD: 16/05/2015 - 15:41:08 - [] ----D C:\Program Files\Google
O43 - CFD: 15/08/2014 - 18:48:24 - [] ----D C:\Program Files\hkmjw
O43 - CFD: 30/12/2014 - 22:37:37 - [] --H-D C:\Program 

Files\InstallShield Installation Information
O43 - CFD: 31/07/2014 - 21:20:52 - [] ----D C:\Program Files\Intel
O43 - CFD: 14/05/2015 - 14:26:17 - [] ----D C:\Program Files\Internet 

Explorer
O43 - CFD: 22/04/2015 - 22:04:54 - [] ----D C:\Program Files\Java
O43 - CFD: 07/08/2014 - 02:23:40 - [] ----D C:\Program Files\Juice
O43 - CFD: 01/05/2015 - 02:16:07 - [] ----D C:\Program Files\Kobo
O43 - CFD: 30/10/2014 - 23:12:36 - [] ----D C:\Program Files\Lame For 

Audacity
O43 - CFD: 16/08/2014 - 14:37:34 - [] ----D C:\Program Files\langmaor
O43 - CFD: 30/10/2014 - 19:19:48 - [] ----D C:\Program 

Files\LitexMedia
O43 - CFD: 01/08/2014 - 03:55:11 - [] ----D C:\Program 

Files\livrotheque
O43 - CFD: 12/12/2014 - 18:18:37 - [] ----D C:\Program 

Files\Malwarebytes Anti-Malware
O43 - CFD: 08/08/2014 - 01:49:15 - [] ----D C:\Program Files\Microsoft 

Games
O43 - CFD: 31/07/2014 - 20:14:59 - [] ----D C:\Program Files\Microsoft 

Office
O43 - CFD: 14/05/2015 - 14:27:55 - [] ----D C:\Program Files\Microsoft 

Silverlight
O43 - CFD: 17/02/2015 - 01:19:51 - [] ----D C:\Program 

Files\Microsoft.NET
O43 - CFD: 01/08/2014 - 01:23:05 - [] ----D C:\Program Files\mIRC
O43 - CFD: 08/08/2014 - 01:50:04 - [] ----D C:\Program Files\Movie 

Maker
O43 - CFD: 16/05/2015 - 13:42:35 - [] ----D C:\Program Files\Mozilla 

Firefox
O43 - CFD: 16/05/2015 - 13:42:35 - [] ----D C:\Program Files\Mozilla 

Maintenance Service
O43 - CFD: 02/04/2015 - 22:33:18 - [] ----D C:\Program Files\Mozilla 

Thunderbird  =>.Mozilla Corporation
O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 07/11/2014 - 20:20:45 - [] ----D C:\Program 

Files\OpenOffice 4
O43 - CFD: 08/08/2014 - 13:03:51 - [] ----D C:\Program Files\Orange
O43 - CFD: 30/10/2014 - 21:15:00 - [] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\Reference 

Assemblies
O43 - CFD: 31/07/2014 - 21:17:58 - [] ----D C:\Program Files\SigmaTel
O43 - CFD: 31/07/2014 - 23:46:53 - [] ----D C:\Program 

Files\Stellarium
O43 - CFD: 30/12/2014 - 21:57:25 - [0] --H-D C:\Program Files\Temp
O43 - CFD: 02/11/2006 - 15:01:55 - [0] --H-D C:\Program 

Files\Uninstall Information
O43 - CFD: 08/08/2014 - 16:33:10 - [] ----D C:\Program Files\Unlocker
O43 - CFD: 15/08/2014 - 19:45:39 - [] ----D C:\Program Files\uTorrent  

=>P2P.µTorrent
O43 - CFD: 01/08/2014 - 00:50:27 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 31/07/2014 - 23:39:44 - [] ----D C:\Program Files\Visicom 

Media
O43 - CFD: 15/08/2014 - 17:51:11 - [] ----D C:\Program Files\Will
O43 - CFD: 08/08/2014 - 01:50:04 - [] ----D C:\Program Files\Windows 

Calendar
O43 - CFD: 08/08/2014 - 01:50:03 - [] ----D C:\Program Files\Windows 

Collaboration
O43 - CFD: 08/08/2014 - 01:50:00 - [] ----D C:\Program Files\Windows 

Defender
O43 - CFD: 14/05/2015 - 14:26:18 - [] ----D C:\Program Files\Windows 

Journal
O43 - CFD: 08/08/2014 - 01:50:04 - [] ----D C:\Program Files\Windows 

Mail  =>.Microsoft Corporation
O43 - CFD: 08/08/2014 - 01:50:04 - [] ----D C:\Program Files\Windows 

Media Player  =>.Microsoft Corporation
O43 - CFD: 31/07/2014 - 19:58:23 - [] ----D C:\Program Files\Windows 

NT
O43 - CFD: 08/08/2014 - 01:50:03 - [] ----D C:\Program Files\Windows 

Photo Gallery
O43 - CFD: 08/08/2014 - 01:50:04 - [] ----D C:\Program Files\Windows 

Sidebar
O43 - CFD: 31/07/2014 - 23:41:51 - [] ----D C:\Program Files\WinPcap
O43 - CFD: 01/08/2014 - 19:25:56 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 01/08/2014 - 03:54:02 - [] ----D C:\Program Files\Yahoo!
O43 - CFD: 16/05/2015 - 16:53:10 - [] ----D C:\Program Files\ZHPDiag  

=>.Nicolas Coolman
O43 - CFD: 17/08/2014 - 15:04:08 - [] ----D C:\Program Files\Common 

Files\Adobe
O43 - CFD: 19/04/2015 - 16:03:44 - [] ----D C:\Program Files\Common 

Files\Adobe AIR
O43 - CFD: 31/07/2014 - 23:16:49 - [] ----D C:\Program Files\Common 

Files\CANON
O43 - CFD: 31/07/2014 - 23:12:49 - [] ----D C:\Program Files\Common 

Files\EPSON
O43 - CFD: 31/07/2014 - 23:17:01 - [] ----D C:\Program Files\Common 

Files\InstallShield
O43 - CFD: 22/04/2015 - 22:03:44 - [] ----D C:\Program Files\Common 

Files\Java
O43 - CFD: 31/07/2014 - 23:41:48 - [] ----D C:\Program Files\Common 

Files\microsoft shared
O43 - CFD: 02/11/2006 - 13:18:33 - [] ----D C:\Program Files\Common 

Files\Services
O43 - CFD: 02/11/2006 - 13:18:33 - [] ----D C:\Program Files\Common 

Files\SpeechEngines
O43 - CFD: 31/07/2014 - 20:51:02 - [] ----D C:\Program Files\Common 

Files\supportsoft
O43 - CFD: 09/08/2014 - 11:04:30 - [] ----D C:\Program Files\Common 

Files\System
O43 - CFD: 04/08/2014 - 21:03:46 - [] ----D C:\ProgramData\4Winds2
O43 - CFD: 17/08/2014 - 15:08:48 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 16/04/2015 - 16:15:26 - [] ----D C:\ProgramData\AppData
O43 - CFD: 31/07/2014 - 23:41:57 - [] ----D C:\ProgramData\Apple
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Application 

Data
O43 - CFD: 11/04/2015 - 20:39:24 - [] ----D C:\ProgramData\Artweaver
O43 - CFD: 01/08/2014 - 02:00:51 - [] ----D C:\ProgramData\AVAST 

Software
O43 - CFD: 31/07/2014 - 19:58:23 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 29/08/2014 - 13:43:57 - [] --H-D C:\ProgramData\CanonIJScan
O43 - CFD: 08/08/2014 - 18:18:57 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 17/08/2014 - 15:50:58 - [] ----D C:\ProgramData\DAEMON 

Tools Ultra
O43 - CFD: 01/08/2014 - 00:39:32 - [] ----D C:\ProgramData\Dell
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 04/08/2014 - 20:51:48 - [] ----D C:\ProgramData\Downloaded 

Installations
O43 - CFD: 31/07/2014 - 23:12:50 - [] ----D C:\ProgramData\EPSON
O43 - CFD: 31/07/2014 - 19:58:23 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 16/05/2015 - 12:11:38 - [] ----D C:\ProgramData\LiVksjm
O43 - CFD: 01/08/2014 - 13:18:06 - [] ----D 

C:\ProgramData\Malwarebytes
O43 - CFD: 16/10/2014 - 15:59:40 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 31/07/2014 - 19:58:23 - [] -SH-D C:\ProgramData\Menu 

Démarrer
O43 - CFD: 12/12/2014 - 19:28:49 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 31/07/2014 - 19:58:23 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 31/07/2014 - 22:41:38 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 02/08/2014 - 16:41:05 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 22/04/2015 - 22:05:15 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 03/08/2014 - 22:25:27 - [] ----D C:\ProgramData\Orange
O43 - CFD: 10/10/2014 - 20:22:48 - [] ----D C:\ProgramData\Package 

Cache
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 23/08/2014 - 23:01:21 - [] ----D C:\ProgramData\Sun
O43 - CFD: 31/07/2014 - 20:51:28 - [] ----D C:\ProgramData\SupportSoft
O43 - CFD: 23/04/2015 - 19:52:31 - [] ----D C:\ProgramData\Synaptics
O43 - CFD: 14/04/2015 - 10:13:48 - [] ----D C:\ProgramData\Tablet
O43 - CFD: 02/11/2006 - 15:02:04 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 16/05/2015 - 12:09:47 - [] ----D C:\ProgramData\WebShield
O43 - CFD: 02/08/2014 - 12:49:47 - [] ----D 

C:\ProgramData\WindowsSearch
O43 - CFD: 01/08/2014 - 00:39:40 - [] --H-D C:\ProgramData\{088731A3-

EE4A-44A0-9F02-C4181FD3C640}
O43 - CFD: 04/08/2014 - 21:03:01 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Winds
O43 - CFD: 21/01/2008 - 04:43:01 - [] R---D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 31/07/2014 - 23:39:45 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AceFTP 3 Freeware
O43 - CFD: 21/01/2008 - 04:43:26 - [] R---D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative 

Tools
O43 - CFD: 17/02/2015 - 01:39:47 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
O43 - CFD: 01/08/2014 - 00:05:31 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anker Precision 

Laser Gaming Mouse
O43 - CFD: 31/07/2014 - 23:40:15 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arachnophilia
O43 - CFD: 31/07/2014 - 23:17:44 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft 

PhotoStudio 5.5
O43 - CFD: 31/07/2014 - 23:43:54 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Wizard
O43 - CFD: 22/11/2014 - 17:18:44 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 14/02/2015 - 23:15:11 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Axantum AxCrypt
O43 - CFD: 06/01/2015 - 23:54:36 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book 

Management
O43 - CFD: 31/07/2014 - 23:15:54 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan 

5600F Manual
O43 - CFD: 31/07/2014 - 23:16:42 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
O43 - CFD: 31/07/2014 - 23:15:36 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan 5600F
O43 - CFD: 29/08/2014 - 17:06:46 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 19/03/2015 - 00:51:33 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ConTEXT
O43 - CFD: 01/08/2014 - 00:39:39 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
O43 - CFD: 31/07/2014 - 20:49:32 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell QuickSet
O43 - CFD: 31/07/2014 - 20:51:26 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support 

Center
O43 - CFD: 31/07/2014 - 23:12:45 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson
O43 - CFD: 21/01/2008 - 04:42:47 - [] R---D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and 

Upgrades
O43 - CFD: 16/04/2015 - 22:57:27 - [] R---D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 31/07/2014 - 22:53:23 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 23/08/2014 - 23:00:25 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 31/07/2014 - 23:45:19 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Juice
O43 - CFD: 01/08/2014 - 03:56:59 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kobo
O43 - CFD: 01/08/2014 - 03:55:12 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Livrotheque
O43 - CFD: 02/11/2006 - 14:56:46 - [] R---D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 12/12/2014 - 18:18:37 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 

Anti-Malware
O43 - CFD: 14/05/2015 - 13:19:05 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft 

Silverlight
O43 - CFD: 01/08/2014 - 01:23:05 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
O43 - CFD: 07/11/2014 - 20:20:45 - [] -S--D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
O43 - CFD: 30/09/2014 - 09:59:48 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange
O43 - CFD: 16/05/2015 - 12:40:48 - [] R---D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 31/07/2014 - 23:46:54 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium
O43 - CFD: 16/04/2015 - 16:12:51 - [] R---D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 03/08/2014 - 12:22:45 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 01/08/2014 - 19:25:57 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 16/05/2015 - 16:53:12 - [] ----D 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP  =>.Nicolas 

Coolman
O43 - CFD: 17/08/2014 - 15:07:22 - [] ----D 

C:\Users\kaNd\AppData\Roaming\Adobe
O43 - CFD: 11/04/2015 - 20:39:19 - [] ----D 

C:

Supprimer CrossBrowser et sa cohorte

2 réponses

Newsletters