Seeearch en page d'accueil !!!

# AdwCleaner Beta 1.1 - Rapport créé le 10/08/2011 à 10:15
# Mis à jour le 07/08/11 à 19h par Xplode
# Système d'exploitation : Windows (TM) Vista Home Premium (64 bits) [version 6.0.6001]
# Nom d'utilisateur : anne - PC-DE-ANNE (Administrateur)
# Exécuté depuis : C:\Users\anne\Downloads\AdwCleaner.exe
# Option [Recherche]


***** [Processus] *****


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier présent : C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\OfferBox
Dossier présent : C:\Users\anne\AppData\Local\Conduit
Dossier présent : C:\Users\anne\AppData\LocalLow\Conduit
Dossier présent : C:\Users\anne\AppData\LocalLow\ConduitEngine
Dossier présent : C:\Users\anne\AppData\Roaming\OfferBox
Dossier présent : C:\Users\AppData\LocalLow\Conduit
Dossier Présent : C:\Program Files (x86)\Conduit
Dossier Présent : C:\Program Files (x86)\ConduitEngine
Dossier Présent : C:\Program Files (x86)\OfferBox

***** [Registre] *****

Clé Présente : HKCU\Software\AppDataLow\Software\Conduit
Clé Présente : HKCU\Software\AppDataLow\Software\conduitEngine
Clé Présente : HKCU\Software\AppDataLow\Toolbar
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Présente : HKCU\Software\Offerbox
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Clé Présente : HKLM\SOFTWARE\Classes\Conduit.Engine
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Clé Présente : HKLM\SOFTWARE\Conduit
Clé Présente : HKLM\SOFTWARE\conduitEngine
Valeur présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
[x64] Clé Présente : HKCU\Software\AppDataLow\Software\Conduit
[x64] Clé Présente : HKCU\Software\AppDataLow\Software\conduitEngine
[x64] Clé Présente : HKCU\Software\AppDataLow\Toolbar
[x64] Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
[x64] Clé Présente : HKCU\Software\Offerbox
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Conduit.Engine

***** [Navigateurs] *****

-> Navigateur par défaut : Firefox

-\\ Internet Explorer v8.0.6001.19088

[OK] Le registre ne comporte aucune entrée illégitime.

-\\ Mozilla Firefox v3.6.18 (fr)

Profil : 8knt2v3o.default
Fichier : C:\Users\anne\AppData\Roaming\Mozilla\Firefox\Profiles\8knt2v3o.default\prefs.js

[OK] Le fichier ne comporte aucune entrée illégitime.


*************************

C:\AdwCleaner[R1].txt - [2766 bytes] - [10/08/2011 10:16:49]

########## EOF - "C:\AdwCleaner[R1].txt" - [2941 octets] ##########

RogueKiller V5.3.1 [06/08/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html

Systeme d'exploitation: Windows Vista (6.0.6001 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: anne [Droits d'admin]
Mode: Recherche -- Date : 12/08/2011 09:36:52

Processus malicieux: 1
[HJ NAME] svchost.exe -- c:\windows\syswow64\svchost.exe -> KILLED [TermProc]

Entrees de registre: 3
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (proxy-web.santesurf.com:3128) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

Fichier HOSTS:
127.0.0.1 localhost
::1 localhost


Termine : << RKreport[1].txt >>
RKreport[1].txt

# AdwCleaner Beta 1.1 - Rapport créé le 10/08/2011 à 10:22
# Mis à jour le 07/08/11 à 19h par Xplode
# Système d'exploitation : Windows (TM) Vista Home Premium (64 bits) [version 6.0.6001]
# Nom d'utilisateur : anne - PC-DE-ANNE (Administrateur)
# Exécuté depuis : C:\Users\anne\Downloads\AdwCleaner.exe
# Option [Suppression]


***** [Processus] *****


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\OfferBox
Dossier Supprimé : C:\Users\anne\AppData\Local\Conduit
Dossier Supprimé : C:\Users\anne\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\anne\AppData\LocalLow\ConduitEngine
Dossier Supprimé : C:\Users\anne\AppData\Roaming\OfferBox
Dossier Supprimé : C:\Users\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Program Files (x86)\Conduit
Dossier Supprimé : C:\Program Files (x86)\ConduitEngine
Dossier Supprimé : C:\Program Files (x86)\OfferBox

***** [Registre] *****

Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKCU\Software\AppDataLow\Software\conduitEngine
Clé Supprimée : HKCU\Software\AppDataLow\Toolbar
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKCU\Software\Offerbox
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Clé Supprimée : HKLM\SOFTWARE\Conduit
Clé Supprimée : HKLM\SOFTWARE\conduitEngine
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]

***** [Paramètres Navigateurs] *****

-> Navigateur par défaut : Firefox
-\\ Internet Explorer v8.0.6001.19088

[OK] Le registre ne comporte aucune entrée illégitime.

-\\ Mozilla Firefox v3.6.18 (fr)

Profil : 8knt2v3o.default
Fichier : C:\Users\anne\AppData\Roaming\Mozilla\Firefox\Profiles\8knt2v3o.default\Prefs.js

[OK] Le fichier ne comporte aucune entrée illégitime.


*************************

C:\AdwCleaner[R1].txt - [2897 bytes] - [10/08/2011 10:28:12]
C:\AdwCleaner[S1].txt - [2450 bytes] - [10/08/2011 10:28:12]

########## EOF - "C:\AdwCleaner[S1].txt" - [2625 octets] ##########

Manque Rapport Ad-remover ici en 2/

Par contre impossible de lancer Ad-Remover , error administrator !

n'arrive pas à poster le rapport : titre du message non renseigné !???

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 10:37:59 le 10/08/2011, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 1 (X64)
anne@PC-DE-ANNE (HP-Pavilion VD040AA-ABF s5117fr)

============== RECHERCHE ==============


Dossier trouvé: C:\Users\anne\AppData\Roaming\FissaSearch
Dossier trouvé: C:\Program Files (x86)\FissaSearch
Dossier trouvé: C:\Users\anne\AppData\Roaming\freeTVRadio
Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freeTVRadio
Dossier trouvé: C:\Program Files (x86)\freeTVRadio
Fichier trouvé: C:\Users\anne\Downloads\freeTVRadio-setup(2).exe
Fichier trouvé: C:\Users\anne\Downloads\freeTVRadio-setup(3).exe
Fichier trouvé: C:\Users\anne\Downloads\freeTVRadio-setup(4).exe
Fichier trouvé: C:\Users\anne\Downloads\freeTVRadio-setup.exe

Clé trouvée: HKLM\Software\Classes\CLSID\{15DA9195-DF45-4384-8A17-5F6075406338}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{15DA9195-DF45-4384-8A17-5F6075406338}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{15DA9195-DF45-4384-8A17-5F6075406338}
Clé trouvée: HKLM\Software\Classes\CLSID\{7FCC73D8-0CD9-4553-81F6-E827F6AE4432}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FCC73D8-0CD9-4553-81F6-E827F6AE4432}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FCC73D8-0CD9-4553-81F6-E827F6AE4432}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FCC73D8-0CD9-4553-81F6-E827F6AE4432}
Clé trouvée: HKLM\Software\Classes\CLSID\{DA1D4AD8-E662-4E1C-BDF5-AD72FD69F0ED}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DA1D4AD8-E662-4E1C-BDF5-AD72FD69F0ED}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA1D4AD8-E662-4E1C-BDF5-AD72FD69F0ED}
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2633954
Clé trouvée: HKLM\Software\FissaSearch
Clé trouvée: HKLM\Software\freeTVRadio
Clé trouvée: HKCU\Software\freeTVRadio
Clé trouvée: HKCU\Software\Grand Virtual
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44BD4446-40DA-453B-A41D-76A926C0CCE4}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C8574B5-6935-4FCE-860E-F4E8602378FF}

Valeur trouvée: HKCU\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.18 (fr)] ****

HKLM_Extensions|{7BA52691-1876-45ce-9EE6-54BCB3B04BBC} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ (x)
HKCU_Extensions|offerboxffx@offerbox.com - C:\Users\anne\AppData\Roaming\OfferBox\offerboxffx@offerbox.com (x)

-- C:\Users\anne\AppData\Roaming\Mozilla\FireFox\Profiles\8knt2v3o.default --
User.js - browser.startup.homepage, hxxp://www.seeearch.com/
Prefs.js - browser.download.dir, C:\\Users\\anne\\Downloads
Prefs.js - browser.startup.homepage, hxxp://www.seeearch.com/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.18

========================================

**** Internet Explorer Version [8.0.6001.19088] ****

HKCU_Main|Default_Page_URL - hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=93&bd=Pavilion&pf=cndt
HKCU_Main|Default_Search_URL - hxxp://www.google.com/ie
HKCU_Main|Search bar - hxxp://www.google.com/ie
HKCU_Main|Search Page - hxxp://www.google.com
HKCU_Main|Start Page - hxxp://seeearch.com/
HKLM_Main|Default_Page_URL - hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=93&bd=Pavilion&pf=cndt
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=93&bd=Pavilion&pf=cndt
HKCU_URLSearchHooks|{7fcc73d8-0cd9-4553-81f6-e827f6ae4432} - "Free TV Radio Toolbar" (C:\Program Files (x86)\Free_TV_Radio\prxtbFree.dll)
HKCU_URLSearchHooks|{D0D4D607-4E08-49A2-B5E0-DDFDFEAACCDF} (x)
HKLM_URLSearchHooks|{7fcc73d8-0cd9-4553-81f6-e827f6ae4432} - "Free TV Radio Toolbar" (C:\Program Files (x86)\Free_TV_Radio\prxtbFree.dll)
HKCU_SearchScopes\{BA5E0CCB-D8A9-4F11-897E-E72AB4FAABC5} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)
HKLM_SearchScopes\{BA5E0CCB-D8A9-4F11-897E-E72AB4FAABC5} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)
HKCU_Toolbar\WebBrowser|{DE9C389F-3316-41A7-809B-AA305ED9D922} (C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll)
HKCU_Toolbar\WebBrowser|{7FCC73D8-0CD9-4553-81F6-E827F6AE4432} (C:\Program Files (x86)\Free_TV_Radio\prxtbFree.dll)
HKCU_Toolbar\WebBrowser|{1FDA7DDD-25CE-4034-9D5B-38A120A14218} (C:\Program Files (x86)\seeearch\seeearch.dll)
HKLM_Toolbar|{DE9C389F-3316-41A7-809B-AA305ED9D922} (C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll)
HKLM_Toolbar|{7fcc73d8-0cd9-4553-81f6-e827f6ae4432} (C:\Program Files (x86)\Free_TV_Radio\prxtbFree.dll)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
HKLM_Toolbar|{1FDA7DDD-25CE-4034-9D5B-38A120A14218} (C:\Program Files (x86)\seeearch\seeearch.dll)
HKLM_ElevationPolicy\{44BD4446-40DA-453B-A41D-76A926C0CCE4} - C:\Program Files (x86)\ConduitEngine\ConduitEngineHelper.exe (x)
HKLM_ElevationPolicy\{49FB11F0-95FF-420B-836F-1E4363114427} - C:\Users\anne\AppData\Local\Conduit\CT2633954\Free_TV_RadioAutoUpdateHelper.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{8E1210E3-0641-4FBB-A040-4630EF449989} - C:\Program Files (x86)\Free_TV_Radio\Free_TV_RadioToolbarHelper.exe (?)
HKLM_ElevationPolicy\{ADADAEE2-457A-4984-A57C-E01C3A2BA612} - c:\program files (x86)\aol\aol toolbar 5.0\AolTbServer.exe (AOL LLC)
BHO\{2DA14D1D-AE74-4A74-A0FE-C79504755DB8} - "TBSB06155 Class" (C:\Program Files (x86)\seeearch\seeearch.dll)
BHO\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - "AOL Toolbar BHO" (C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll)
BHO\{7fcc73d8-0cd9-4553-81f6-e827f6ae4432} - "Free TV Radio Toolbar" (C:\Program Files (x86)\Free_TV_Radio\prxtbFree.dll)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 0 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 10/08/2011 10:38:21 (7060 Octet(s))

Fin à: 10:39:03, 10/08/2011

============== E.O.F ==============

çà y est !! pfiou suis pas doué !! lol

https://pjjoint.malekal.com/files.php?id=y13b10s6q13t13c11d14i5p15x13w11k12n8o15q11f7o10h6u13x5

voilà le lien , merci t'expliques bien c'est facile du coup !!

Rapport de ZHPFix 1.12.3347 par Nicolas Coolman, Update du 09/08/2011
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-10-08-2011-14-31-48.txt
Run by anne at 10/08/2011 14:31:48
Windows Vista Home Premium Edition, 64-bit Service Pack 1 (Build 6001)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Clé(s) du Registre ==========
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
SUPPRIME Key: HKLM\Software\Classes\Toolbar.CT2633954
SUPPRIME Key: HKLM\Software\Wow6432Node\Classes\Toolbar.CT2633954
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1FDA7DDD-25CE-4034-9D5B-38A120A14218}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1FDA7DDD-25CE-4034-9D5B-38A120A14218}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
SUPPRIME Key: HKLM\Software\Classes\Installer\Features\5B4758C25396ECF468E04F8E063287FF
SUPPRIME Key: HKLM\Software\Classes\Installer\Products\5B4758C25396ECF468E04F8E063287FF
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5B4758C25396ECF468E04F8E063287FF
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64B074831FB9EA045A886FDAD6C1D224
SUPPRIME Key: HKLM\Software\Wow6432Node\FissaSearch
SUPPRIME Key: HKCU\Software\freetvradio
SUPPRIME Key: HKLM\Software\Wow6432Node\freetvradio
SUPPRIME Key: HKCU\Software\Grand Virtual
SUPPRIME Key: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\OfferBox

========== Valeur(s) du Registre ==========
ABSENT Valeur Standard Profile: FirewallRaz :
ABSENT Valeur Domain Profile: FirewallRaz :

========== Dossier(s) ==========
SUPPRIME Folder*: c:\programdata\microsoft\windows\start menu\programs\freetvradio
SUPPRIME Folder: c:\users\anne\appdata\roaming\fissasearch
SUPPRIME Folder: c:\users\anne\appdata\roaming\freetvradio
SUPPRIME Folder*: c:\program files (x86)\fissasearch
SUPPRIME Folder*: c:\program files (x86)\freetvradio
SUPPRIME Folder*: c:\program files (x86)\seeearch
SUPPRIME Temporaires Windows: : 91
SUPPRIME Flash Cookies: 248

========== Fichier(s) ==========
SUPPRIME Temporaires Windows: : 373
SUPPRIME Flash Cookies: 105


========== Récapitulatif ==========
16 : Clé(s) du Registre
2 : Valeur(s) du Registre
8 : Dossier(s)
2 : Fichier(s)


========== Chemin du fichier rapport ==========
C:\ZHP\ZHPFixReport.txt



End of the scan in 02mn 12s

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Version de la base de données: 7425

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19088

10/08/2011 15:36:00
mbam-log-2011-08-10 (15-36-00).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 392316
Temps écoulé: 1 heure(s), 1 minute(s), 32 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

apparemment tout est "propre" !! et maintenant ?? ;)

Rapport de ZHPFix 1.12.3347 par Nicolas Coolman, Update du 09/08/2011
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-11-08-2011-09-31-32.txt
Run by anne at 11/08/2011 09:31:32
Windows Vista Home Premium Edition, 64-bit Service Pack 1 (Build 6001)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Clé(s) du Registre ==========
ABSENT Key: CLSID BHO: {2DA14D1D-AE74-4A74-A0FE-C79504755DB8}
ABSENT Key: CLSID BHO: {7fcc73d8-0cd9-4553-81f6-e827f6ae4432}
SUPPRIME Key: HKCU\Software\Grand Virtual
SUPPRIME Key: HKCU\Software\freeTVRadio
ABSENT Key: HKLM\Software\FissaSearch
ABSENT Key: HKLM\Software\freeTVRadio
SUPPRIME Key: StartupReg: OfferBox

========== Valeur(s) du Registre ==========
SUPPRIME URLSearchHook: {7fcc73d8-0cd9-4553-81f6-e827f6ae4432}
SUPPRIME URLSearchHook: {D0D4D607-4E08-49A2-B5E0-DDFDFEAACCDF}
ABSENT Valeur Standard Profile: FirewallRaz :
ABSENT Valeur Domain Profile: FirewallRaz :

========== Elément(s) de donnée du Registre ==========
REMPLACE Value NoActiveDesktopChanges : Good (0) - Bad (1)
SUPPRIME R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page
SUPPRIME R0 - HKUS\S-1-5-21-250957994-1872948898-440536447-1000\Software\Microsoft\Internet Explorer\Main,Start Page

========== Préférences navigateur ==========
ABSENT Mozilla Pref: http://ww10.seeearch.com

========== Dossier(s) ==========
SUPPRIME Folder: C:\Users\anne\AppData\Roaming\FissaSearch
SUPPRIME Folder: C:\Users\anne\AppData\Roaming\freeTVRadio
SUPPRIME Folder*: C:\Program Files (x86)\Fissa@Aedgency
SUPPRIME Folder*: C:\Program Files (x86)\FissaSearch
SUPPRIME Folder*: C:\Program Files (x86)\freeTVRadio
SUPPRIME Temporaires Windows: : 91
SUPPRIME Flash Cookies: 251

========== Fichier(s) ==========
ABSENT File: c:\program files (x86)\seeearch\seeearch.dll
SUPPRIME c:\program files (x86)\free_tv_radio\prxtbfree.dll
SUPPRIME Temporaires Windows: : 379
SUPPRIME Flash Cookies: 106


========== Récapitulatif ==========
7 : Clé(s) du Registre
4 : Valeur(s) du Registre
3 : Elément(s) de donnée du Registre
7 : Dossier(s)
4 : Fichier(s)
1 : Préférences navigateur


========== Chemin du fichier rapport ==========
C:\ZHP\ZHPFixReport.txt



End of the scan in 02mn 17s

Rapport de ZHPDiag v1.28.1321 par Nicolas Coolman, Update du 09/08/2011
Run by anne at 11/08/2011 09:41:40
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19088
MFIE: Mozilla Firefox v3.6.18 (fr) (Defaut)
OBIE: Safari v5.33.21.1

---\\ Windows Product Information
Windows Vista Home Premium Edition, 64-bit Service Pack 1 (Build 6001)
Windows Server License Manager Script : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4093 MB (66% free)
System Restore: Activé (Enable)
System drive C: has 347 GB (76%) free of 451 GB

---\\ Logged in mode
~ Computer Name: PC-DE-ANNE
~ User Name: anne
~ All Users Names: anne, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\anne\AppData\Roaming\
~ %Desktop% : C:\Users\anne\Desktop\
~ %Favorites% : C:\Users\anne\Favorites\
~ %LocalAppData% : C:\Users\anne\AppData\Local\
~ %StartMenu% : C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 347 Go of 451 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.BBD8E74F23D7605CB0CDB57A1B25D826] - (.Microsoft Corporation - Explorateur Windows.) (.07/07/2009 - 20:30:09.) -- C:\Windows\Explorer.exe [3080704]
[MD5.10446646D128E580C46615338E74E672] - (....) (.02/11/2006 - 12:16:05.) -- C:\Windows\system32\rundll32.exe [46592]
[MD5.117EA87DF785CA1B9D821F6F213DCE07] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:50:23.) -- C:\Windows\system32\Wininit.exe [123904]
[MD5.79F3767D90BA6D04D936DC16FDCB4FB2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/06/2011 - 07:28:00.) -- C:\Windows\system32\wininet.dll [1147904]
[MD5.856491FCED98093D824B9EB2892F564A] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/01/2008 - 03:49:47.) -- C:\Windows\system32\Winlogon.exe [406016]
[MD5.1898FAE8E07D97F2F6C2D5326C633FAC] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 03:46:50.) -- C:\Windows\system32\drivers\atapi.sys [22584]
[MD5.FE86BA5AC3B50E2CA911E9C60C07B638] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.21/01/2008 - 03:50:39.) -- C:\Windows\system32\drivers\ntfs.sys [1540152]
[MD5.7C42D832F43C74A707E11AA6BB53F6D2] - (....) (.07/07/2009 - 19:43:40.) -- C:\Windows\system32\fr-FR\user32.dll.mui [19968]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/620
~ Mes musiques (My Musics) : 3/38
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 2/24
~ Mes Documents (My Documents) : 3/66
~ Mon Bureau (My Desktop) : 2/359
~ Menu demarrer (Programs) : 7/37
~ Scan Hidden Files in 00mn 00s



---\\ Processus lancés
[MD5.83170B8E03213093B065A9638E146499] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [7424000]
[MD5.873867A02F0E83F18CF871E776B651DC] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [7418368]
[MD5.CD441BF2F5CFD46B5105891DDFFDFBA2] - (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1328424]
[MD5.017335C7AEFA8ED76750DB95A78D6BFA] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [185640]
[MD5.F0E2D55BB5C7E106E92DF972C1B277A6] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200]
[MD5.690A6DF02625A46ABEE250C6151B7FBA] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe [54576]
[MD5.5E4C9C25D603AE46DEDCBD9674F86E21] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe [149280]
[MD5.33E5A8FC8EB0EE42478F8538D0215D8F] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [35696]
[MD5.3103FE27C967675B019E880AA6DA3D6D] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [935288]
[MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3451496]
[MD5.638C728F21CCC7EC4F8517A212C34353] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421160]
[MD5.33BFCE71F407F24E5DFDB7DD46CE2D6D] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [449584]
[MD5.2DA1426E6D9C119A776AB9C75CAE335F] - (.Brother Industries, Ltd. - Control Center 3 Main Program.) -- C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe [450560]
[MD5.C354A712DCCA3E4AC3C4B8C6A9BD28A0] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [664064]
[MD5.F96EBC5A624349D81DCC7600A3C5DC43] - (.Microsoft Corporation - Console IME.) -- C:\Windows\SysWOW64\conime.exe [69120]
~ Scan Processes Running in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M0 - MFSP: prefs.js [anne - 8knt2v3o.default] http://ww10.seeearch.com
M2 - MFEP: prefs.js [anne - 8knt2v3o.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.)
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeploytk.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww10.seeearch.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com
R0 - HKUS\S-1-5-21-250957994-1872948898-440536447-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww10.seeearch.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = https://www.google.com/?gws_rd=ssl
R1 - HKUS\S-1-5-21-250957994-1872948898-440536447-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R3 - URLSearchHook: (no name) [64Bits] - {7fcc73d8-0cd9-4553-81f6-e827f6ae4432} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {D0D4D607-4E08-49A2-B5E0-DDFDFEAACCDF} . (...) (No version) -- (.not file.)
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy-web.santesurf.com:3128
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: TBSB06155 [64Bits] - {2DA14D1D-AE74-4A74-A0FE-C79504755DB8} . (...) -- C:\Program Files (x86)\seeearch\seeearch.dll (.not file.)
O2 - BHO: AOL Toolbar BHO [64Bits] - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} . (.AOL LLC - AOL IE Toolbar Dynamic Link Library.) -- C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Free TV Radio [64Bits] - {7fcc73d8-0cd9-4553-81f6-e827f6ae4432} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\Free_TV_Radio\prxtbFree.dll
O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [HP Remote Software] . (.Pas de propriétaire - Core functionality module for HP Remote sof.) -- C:\Program Files\Hewlett-Packard\HP Remote\HP REMOTE V1.0.5.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
O4 - HKLM\..\Run: [SmartMenu] . (.Hewlett-Packard - HP MediaSmart SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePDIRShortCut] c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exer\7.0 (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [UpdatePSTShortCut] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [TSMAgent] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer for HP TouchSmart] . (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O4 - HKLM\..\Wow6432Node\Run: [DVDAgent] . (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [BrMfcWnd] . (.Brother Industries, Ltd. - Brother Status Monitor MFC Application.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
O4 - HKLM\..\Wow6432Node\Run: [ControlCenter3] . (.Brother Industries, Ltd. - ControlCenter Program.) -- C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk . (.CyberLink.) -- C:\Program Files (x86)\Cyberlink\CyberLink DVD Suite Deluxe\PowerStarter.exe
O4 - Global Startup: C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\anne\Desktop\Ad-Remover.lnk . (...) -- C:\Program Files (x86)\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\anne\Desktop\adsl TV.lnk . (.adsl TV / FM.) -- C:\Program Files (x86)\adslTV\adsltv.exe
O4 - Global Startup: C:\Users\anne\Desktop\Internet - Raccourci.lnk - Clé orpheline
O4 - Global Startup: C:\Users\anne\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\anne\Desktop\UltraVNC Server.lnk . (.UltraVNC.) -- C:\Program Files (x86)\UltraVNC\winvnc.exe
O4 - Global Startup: C:\Users\anne\Desktop\UltraVNC Viewer.lnk . (.UltraVNC.) -- C:\Program Files (x86)\UltraVNC\vncviewer.exe
O4 - Global Startup: C:\Users\anne\Desktop\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Adobe Reader 9.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
O4 - Global Startup: C:\Users\anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk . (...) -- C:\Windows\Installer\{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}\SafariIco.exe
O4 - Global Startup: C:\Users\anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\avast! Antivirus.lnk . (...) -- C:\Program Files\Alwil Software\Avast4\ashAvast.exe (.not file.)
O4 - Global Startup: C:\Users\anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk . (...) -- c:\Windows\Installer\{D2E8F543-D23A-4A38-AFFC-4BDEBFBA6FDA}\_BD15A4BF3888028F418EC7.exe
O4 - Global Startup: C:\Users\anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
O4 - Global Startup: C:\Users\anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Recherche AOL Toolbar . (...) -- C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - (.not file.) - C:\Windows\system32\GPhotos.scr
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~2\Office12\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{964FC93A-6602-4C30-A2E5-0659BFCEFE6D}: NameServer = 192.168.201.12,192.168.201.14,194.2.2.20,194.2.0.50
O17 - HKLM\System\CCS\Services\Tcpip\..\{791B1F78-4353-4B89-A6F6-8AA6BC8B6413}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{964FC93A-6602-4C30-A2E5-0659BFCEFE6D}: NameServer = 192.168.201.12,192.168.201.14,194.2.2.20,194.2.0.50
O17 - HKLM\System\CS1\Services\Tcpip\..\{791B1F78-4353-4B89-A6F6-8AA6BC8B6413}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{964FC93A-6602-4C30-A2E5-0659BFCEFE6D}: NameServer = 192.168.201.12,192.168.201.14,194.2.2.20,194.2.0.50
O17 - HKLM\System\CS2\Services\Tcpip\..\{791B1F78-4353-4B89-A6F6-8AA6BC8B6413}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{964FC93A-6602-4C30-A2E5-0659BFCEFE6D}: NameServer = 192.168.201.12,192.168.201.14,194.2.2.20,194.2.0.50
O17 - HKLM\System\CS3\Services\Tcpip\..\{791B1F78-4353-4B89-A6F6-8AA6BC8B6413}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (...) --
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (...) --
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) [64Bits] - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 185.8.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: uvnc_service (uvnc_service) . (.UltraVNC - VNC server for Win32.) - C:\Program Files (x86)\UltraVNC\WinVNC.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCDRScheduledMaintenance.job
[MD5.0C8A70BC3BAAF7BF69DCA495C1E1AB79] [APT] [HP Health Check] (.Hewlett-Packard.) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
[MD5.8B84B3ECFB9D6B50B989D6DB8143F365] [APT] [PCDRScheduledMaintenance] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe
[MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 02s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\system32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: AOL Toolbar 5.0 - (.AOL LLC.) [HKLM] -- AOL Toolbar
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for the 2007 Microsoft Office suites
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop CS3 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_32e9033392a51340b32fdc6ad893ab7
O42 - Logiciel: BetClic Poker.fr (Remove Only) - (.Pas de propriétaire.) [HKLM] -- BetClic Poker.fr
O42 - Logiciel: Brother MFL-Pro Suite - (.Brother Industries, Ltd..) [HKLM] -- {D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: Flash Etiq - (.Pas de propriétaire.) [HKCU] -- FLASHETIQ
O42 - Logiciel: Free TV Radio Toolbar - (.Free TV Radio.) [HKLM] -- Free_TV_Radio Toolbar
O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {0295F89F-F698-4101-9A7D-49F407EC2D82}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {B84739A3-F943-47E4-95D8-96381EF5AC48}
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM] -- WildTangent hp Master Uninstall
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM] -- {B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP Total Care Setup - (.Hewlett-Packard.) [HKLM] -- {784BEA84-FA66-4B19-BB80-7B545F248AC6}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: Magic Desktop - (.EasyBits Software AS.) [HKLM] -- EasyBits Magic Desktop
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox (3.6.18) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.18)
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Open Criteria Client - (.Prologue Software.) [HKLM] -- InstallShield_{2DC9FA4D-C49A-484B-953F-7670EEC1836B}
O42 - Logiciel: Open Criteria Client - (.Prologue Software.) [HKLM] -- InstallShield_{6C1E3DF3-ABDA-4A4F-BAC0-17EF2211262F}
O42 - Logiciel: Outils de diagnostic du matériel - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor for Windows
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: Python 2.6 pywin32-212 - (.Python Software Foundation.) [HKLM] -- pywin32-py2.6
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870
O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD907315-705A-4475-A1A0-2A1245803E4D}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A0173254-F442-4D04-9154-43FA157B83D0}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870
O42 - Logiciel: UltraVNC 1.0.4 - (.1.0.4.) [HKLM] -- Ultravnc2_is1
O42 - Logiciel: UniTerm 3.1b - (.Prologue.) [HKLM] -- InstallShield_{5C7CCCF1-71FE-4A6D-B5FD-45EBA64B80CF}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: VLC media player 1.1.10 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Version d'évaluation de Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: adsl TV - (.adsl TV / FM.) [HKLM] -- {3AFDD2C6-8663-46B5-B195-6CEB00D44768}
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\AOL]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Alliance Software]
[HKCU\Software\AppDataLow\Software\Free_TV_Radio]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Binary Noise]
[HKCU\Software\Brother]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\EasyBits]
[HKCU\Software\Foxit Software]
[HKCU\Software\Google]
[HKCU\Software\Grand Virtual]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MimarSinan]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\ORL]
[HKCU\Software\Oak Technology]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Orange]
[HKCU\Software\PC SOFT]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Prologue Software Applications]
[HKCU\Software\Prologue Software]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Softthinks]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\Wow6432Node]
[HKCU\Software\freeTVRadio]
[HKCU\Software\funkitron]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Alliance Software]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Brother Industries, Ltd.]
[HKLM\Software\Brother]
[HKLM\Software\CLSID]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EasyBits]
[HKLM\Software\FissaSearch]
[HKLM\Software\Free_TV_Radio]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\HipSoft]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\Inventel]
[HKLM\Software\JavaSoft]
[HKLM\Software\LightScribe]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\Oak Technology]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Prologue Software]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\Sonic]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\Symantec]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WildTangent]
[HKLM\Software\Wilson WindowWare]
[HKLM\Software\Wow6432Node]
[HKLM\Software\freeTVRadio]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/09/2009 - 09:35:56 - [115180647] ----D- C:\Program Files\Alliance Software
O43 - CFD: 06/04/2011 - 09:26:28 - [0] ----D- C:\Program Files\Alwil Software
O43 - CFD: 06/04/2011 - 09:19:24 - [172512738] ----D- C:\Program Files\AVAST Software
O43 - CFD: 26/04/2011 - 11:22:38 - [195825] ----D- C:\Program Files\Bonjour
O43 - CFD: 25/05/2011 - 17:26:08 - [7278424] ----D- C:\Program Files\CCleaner
O43 - CFD: 17/05/2010 - 09:27:22 - [222519782] ----D- C:\Program Files\Common Files
O43 - CFD: 02/09/2009 - 16:55:20 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 07/07/2009 - 12:56:56 - [13818322] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 17/06/2011 - 09:06:56 - [5586739] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 26/04/2011 - 11:25:26 - [1939563] ----D- C:\Program Files\iPod
O43 - CFD: 26/04/2011 - 11:25:52 - [2345448] ----D- C:\Program Files\iTunes
O43 - CFD: 02/11/2006 - 17:07:28 - [93941175] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 11/09/2009 - 15:24:52 - [1141526] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 13/08/2010 - 09:49:26 - [116183662] ----D- C:\Program Files\Movie Maker
O43 - CFD: 02/11/2006 - 17:07:28 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 02/09/2009 - 16:57:06 - [126093] R---D- C:\Program Files\Online Services
O43 - CFD: 03/09/2009 - 09:15:02 - [136308915] ----D- C:\Program Files\PC-Doctor for Windows
O43 - CFD: 07/07/2009 - 12:08:58 - [8462400] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 17:07:28 - [36338345] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 02/11/2006 - 17:44:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 07/07/2009 - 20:46:30 - [1302528] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 07/07/2009 - 20:46:30 - [2999808] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 07/07/2009 - 20:46:30 - [6395856] ----D- C:\Program Files\Windows Defender
O43 - CFD: 07/07/2009 - 20:46:30 - [9655416] ----D- C:\Program Files\Windows Journal
O43 - CFD: 17/06/2011 - 09:06:56 - [9619128] ----D- C:\Program Files\Windows Mail
O43 - CFD: 15/10/2010 - 19:37:38 - [5140215] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 02/09/2009 - 16:55:20 - [8041742] ----D- C:\Program Files\Windows NT
O43 - CFD: 07/07/2009 - 20:46:30 - [16354466] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 02/09/2009 - 16:56:46 - [9437613] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 24/12/2009 - 17:28:10 - [6246981] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 16/06/2011 - 19:39:44 - [206110465] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 02/11/2006 - 15:33:54 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 15:33:54 - [608256] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 07/07/2009 - 20:46:30 - [9551378] ----D- C:\Program Files\Common Files\System
O43 - CFD: 21/01/2011 - 16:30:50 - [81976668] ----D- C:\ProgramData\Adobe
O43 - CFD: 07/07/2009 - 13:06:26 - [13624086] ----D- C:\ProgramData\AOL
O43 - CFD: 24/12/2009 - 17:30:06 - [232029766] ----D- C:\ProgramData\Apple
O43 - CFD: 09/05/2010 - 12:08:38 - [139389668] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 17:42:18 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 06/04/2011 - 09:18:56 - [4840044] ----D- C:\ProgramData\AVAST Software
O43 - CFD: 07/09/2009 - 09:53:06 - [41093] ----D- C:\ProgramData\Brother
O43 - CFD: 02/09/2009 - 16:55:20 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 07/07/2009 - 12:51:24 - [128296] ----D- C:\ProgramData\CyberLink
O43 - CFD: 02/11/2006 - 17:42:18 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 17:42:18 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 02/09/2009 - 16:55:20 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 17:42:18 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 19/10/2009 - 17:03:56 - [9147] ----D- C:\ProgramData\FLEXnet
O43 - CFD: 02/09/2009 - 17:00:38 - [45835600] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 10/08/2011 - 14:33:36 - [7202010] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 02/09/2009 - 16:55:20 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 09/09/2010 - 16:30:26 - [155582327] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 16/06/2011 - 19:44:14 - [57688] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 02/09/2009 - 16:55:20 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 17/05/2010 - 09:27:44 - [16092] ----D- C:\ProgramData\Norton
O43 - CFD: 07/07/2009 - 13:06:56 - [7345395] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 07/07/2009 - 12:38:20 - [229986] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 07/07/2009 - 12:38:32 - [2825549] ----D- C:\ProgramData\PC-Doctor for Windows
O43 - CFD: 02/11/2006 - 17:42:18 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 12/09/2009 - 10:01:58 - [64] ----D- C:\ProgramData\Symantec
O43 - CFD: 07/07/2009 - 12:51:38 - [254094] ----D- C:\ProgramData\Temp
O43 - CFD: 02/11/2006 - 17:42:18 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 23/06/2010 - 19:27:24 - [2816129058] ----D- C:\ProgramData\WildTangent
O43 - CFD: 24/12/2009 - 17:35:08 - [1942] ----D- C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}
O43 - CFD: 19/04/2010 - 10:20:46 - [893135] ----D- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 11/09/2009 - 15:29:12 - [6904843] ----D- C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC}
O43 - CFD: 23/10/2009 - 15:59:38 - [10007726] ----D- C:\Users\anne\AppData\Roaming\Adobe
O43 - CFD: 04/12/2010 - 11:57:18 - [339933573] ----D- C:\Users\anne\AppData\Roaming\Apple Computer
O43 - CFD: 07/09/2009 - 09:59:26 - [0] R---D- C:\Users\anne\AppData\Roaming\Brother
O43 - CFD: 07/05/2010 - 14:41:00 - [0] ----D- C:\Users\anne\AppData\Roaming\FissaSearch
O43 - CFD: 07/05/2010 - 14:48:36 - [638] ----D- C:\Users\anne\AppData\Roaming\freeTVRadio
O43 - CFD: 04/09/2009 - 19:03:30 - [2768] ----D- C:\Users\anne\AppData\Roaming\funkitron
O43 - CFD: 05/09/2009 - 15:45:26 - [1802] ----D- C:\Users\anne\AppData\Roaming\Gaijin Ent
O43 - CFD: 02/09/2009 - 17:06:12 - [26582] ----D- C:\Users\anne\AppData\Roaming\Hewlett-Packard
O43 - CFD: 02/09/2009 - 16:58:22 - [23456] ----D- C:\Users\anne\AppData\Roaming\HP TCS
O43 - CFD: 02/09/2009 - 17:05:40 - [0] ----D- C:\Users\anne\AppData\Roaming\Identities
O43 - CFD: 07/09/2009 - 09:53:06 - [0] ----D- C:\Users\anne\AppData\Roaming\InstallShield
O43 - CFD: 02/09/2009 - 17:12:22 - [42554] ----D- C:\Users\anne\AppData\Roaming\Macromedia
O43 - CFD: 10/08/2011 - 14:33:40 - [1078] ----D- C:\Users\anne\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 17:07:26 - [0] ----D- C:\Users\anne\AppData\Roaming\Media Center Programs
O43 - CFD: 13/10/2010 - 18:52:58 - [4661315] -S--D- C:\Users\anne\AppData\Roaming\Microsoft
O43 - CFD: 22/09/2009 - 19:07:18 - [79016693] ----D- C:\Users\anne\AppData\Roaming\Mozilla
O43 - CFD: 02/12/2009 - 12:10:08 - [23723226] ----D- C:\Users\anne\AppData\Roaming\OpenOffice.org
O43 - CFD: 12/04/2011 - 12:26:48 - [0] ----D- C:\Users\anne\AppData\Roaming\PeerNetworking
O43 - CFD: 04/06/2010 - 15:09:48 - [0] ----D- C:\Users\anne\AppData\Roaming\TeamViewer
O43 - CFD: 23/06/2010 - 11:56:26 - [13824] ----D- C:\Users\anne\AppData\Roaming\Template
O43 - CFD: 09/08/2011 - 15:56:16 - [730556] ----D- C:\Users\anne\AppData\Roaming\vlc
O43 - CFD: 02/09/2009 - 17:21:26 - [715] ----D- C:\Users\anne\AppData\Roaming\WildTangent
O43 - CFD: 02/09/2009 - 17:24:52 - [4176] ----D- C:\Users\anne\AppData\Roaming\_MDLogs
O43 - CFD: 11/08/2011 - 09:41:42 - [23157544] ----D- C:\Users\anne\AppData\Local\Temp
O43 - CFD: 23/10/2009 - 15:59:18 - [3636101] ----D- C:\Users\anne\AppData\Local\Adobe
O43 - CFD: 22/07/2011 - 17:05:52 - [13974079] ----D- C:\Users\anne\AppData\Local\adslTV
O43 - CFD: 02/09/2009 - 17:12:06 - [14340] ----D- C:\Users\anne\AppData\Local\AOL
O43 - CFD: 24/12/2009 - 17:00:08 - [0] ----D- C:\Users\anne\AppData\Local\Apple
O43 - CFD: 04/12/2010 - 12:03:54 - [54897706] ----D- C:\Users\anne\AppData\Local\Apple Computer
O43 - CFD: 02/09/2009 - 16:55:28 - [0] -SH-D- C:\Users\anne\AppData\Local\Application Data
O43 - CFD: 05/05/2011 - 10:05:10 - [0] ----D- C:\Users\anne\AppData\Local\Apps
O43 - CFD: 10/08/2011 - 09:11:10 - [25063465] ----D- C:\Users\anne\AppData\Local\Google
O43 - CFD: 02/09/2009 - 17:06:10 - [5364273] ----D- C:\Users\anne\AppData\Local\Hewlett-Packard
O43 - CFD: 02/09/2009 - 16:55:28 - [0] -SH-D- C:\Users\anne\AppData\Local\Historique
O43 - CFD: 08/11/2010 - 00:19:16 - [66057007] ----D- C:\Users\anne\AppData\Local\Microsoft
O43 - CFD: 23/03/2011 - 16:11:44 - [1222039] ----D- C:\Users\anne\AppData\Local\Microsoft Games
O43 - CFD: 30/11/2009 - 16:07:46 - [96836] ----D- C:\Users\anne\AppData\Local\Microsoft Help
O43 - CFD: 02/09/2009 - 19:28:36 - [58667955] ----D- C:\Users\anne\AppData\Local\Mozilla
O43 - CFD: 11/09/2009 - 15:28:50 - [285696] ----D- C:\Users\anne\AppData\Local\Seven Zip
O43 - CFD: 02/09/2009 - 16:55:28 - [0] -SH-D- C:\Users\anne\AppData\Local\Temporary Internet Files
O43 - CFD: 09/11/2010 - 19:56:02 - [2099867] ----D- C:\Users\anne\AppData\Local\VirtualStore
O43 - CFD: 07/09/2009 - 11:49:56 - [208] ----D- C:\Users\anne\AppData\Local\WDSetup
O43 - CFD: 11/08/2011 - 09:41:50 - [3999173] ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 11/09/2009 - 15:29:10 - [12686438] ----D- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD: 10/08/2011 - 10:38:00 - [1552321] ----D- C:\Program Files (x86)\Ad-Remover
O43 - CFD: 21/01/2011 - 10:10:50 - [758215462] ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 13/02/2011 - 16:59:04 - [41267124] ----D- C:\Program Files (x86)\adslTV
O43 - CFD: 07/07/2009 - 13:06:26 - [2956750] ----D- C:\Program File

bjr ,

par contre tjrs pareil pour le moment , dès que je lance mozilla je tombe sur seeearch , en changeant la page d'accueil et en mettant google çà marche mais dès que j'éteins et que je rallume , rebelote ... tiens moi au courant ! A+

1/ introuvable !

Dans le même chemin est ce que tu trouves : user.js ?

C'est à dire ici : C:\Users\anne\AppData\Roaming\Mozilla\Firefox\Profiles\8knt2v3o.default\

Non plus j'ai même pas roaming ...

et ici : C:\Program Files (x86)\seeearch\seeearch.dll ?

Je l'ai supprimé hier mais çà n'a rien changé , qd j'ai rallumé le pc ce matin çà m'a remis seeearch en page d'accueil ...

Si le problème n'est pas encore résolu, tu suis les procédures indiquées ici

Salut Fish,

Fais faire un script ZHPFix uniquement sur cette ligne:

C:\Users\anne\AppData\Roaming\Mozilla\Firefox\Profiles\8knt2v3o.default\user.js

Et cela devrait être OK

Salut,
D'accord et Merci, le problème c'est qu'il n'a pas trouvé ce chemin d'accès..

Je vais lancer ce Script

çà mouline ZHPFix depuis plus d'une demi heure , c'est normal ? il spasse rien , pas de rapport final ...

voilà c'est fait , voici le lien ...

https://pjjoint.malekal.com/files.php?id=v15v9v12n10p8g13g9k7f6d11j8f7g11s9d11u15r11e10y14q10

merci !!

Apparemment ct déjà désinstallé ... c'est à n'y rien comprendre !!

je fais çà demain , bonne soirée et merci pour le coup de main !

De rien
A demain...

bjr , il faut donc faire tout çà pour résoudre mon pb ??

OTM se met en beugue , il commence et ensuite "ne répond pas" .............. what's the pb ??

1. ========================= SEAF 1.0.1.0 - C_XX
2.
3. Commencé à: 09:24:03 le 12/08/2011
4.
5. Valeur(s) recherchée(s):
6. user.js
7.
8. Légende: TC => Date de création, TM => Date de modification, DA => Dernier accès
9.
10.
11. ====== Fichier(s) ======
12.
13.
14. "C:\Users\anne\AppData\Roaming\Mozilla\Firefox\Profiles\8knt2v3o.default\user.js" [ NOT_CONTENT_INDEXED|ARCHIVE | 66 o ]
15. TC: 09/08/2011,15:43:08 | TM: 06/06/2011,13:12:27 | DA: 09/08/2011,15:43:08
16.
17.
18. =========================
19.
20.
21. =========================
22.
23. Fin à: 09:25:55 le 12/08/2011
24. 285788 Éléments analysés
25.
26. =========================
27. E.O.F

RogueKiller V5.3.1 [06/08/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html

Systeme d'exploitation: Windows Vista (6.0.6001 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: anne [Droits d'admin]
Mode: Suppression -- Date : 12/08/2011 10:08:00

Processus malicieux: 0

Entrees de registre: 3
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (proxy-web.santesurf.com:3128) -> NOT REMOVED, USE PROXYFIX
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

Fichier HOSTS:
127.0.0.1 localhost
::1 localhost


Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

rebelote "ne répond pas" ............

je copie çà dans OTM ?

Avant tous lance RogueKiller et choisis l'option 4 puis poste le rapport

RogueKiller V5.3.1 [06/08/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html

Systeme d'exploitation: Windows Vista (6.0.6001 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: anne [Droits d'admin]
Mode: Proxy RAZ -- Date : 12/08/2011 10:38:21

Processus malicieux: 0

Entrees de registre: 1
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (proxy-web.santesurf.com:3128) -> DELETED

Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

voilà 4 ème fois que je le fais et tjrs pareil le programme ne répond pas ...

çà se lance au début et après rien !