[RÉSOLU] Infection? Sites internet redirigés

G touKC · le 5 novembre 2010

Bonjour

Lors de surf internet (via Chrome) mes recherches sont systématiquement redirigées vers des sites qui n'ont rien à voir

Exemple : En tapant "5870" dans google et en sélectionnant le 1er site trouvé (cdiscount.com) je suis redirigé vers http://www1.tru s tingoo-d s oft.com ou bien http://micro s oftwindow s s ecurity125.com

KESAKO ?

Antivirus (AVG)et pare-feu (Windows Vista) actifs

Malware bytes anti malware ne détecte rien

J'utilisais Firefox auparavant que j'ai abandonné pour la meme raison

J'ai lancé comme un bourrin Combofix, j'ai toujours le meme probleme, j'ai juste le fichier rapport que bien sur je ne sais pas décrypter !

Pourriez-vous m'aider svp ?

Modifié le 13 novembre 2010 par G touKC

Florinator · le 6 novembre 2010

Bonjour,

Le plus difficile dans l'utilisation de ComboFix, ce n'est pas de lire son rapport, malgrés que cela demande quelques connaissances, c'est surtout de réparer ton système si il le plante, il n'est pas la solution à tous les problèmes, et on le répète tout le temps de ne pas l'utiliser à la légère.

On va regarder ce que l'on voit:

Télécharge ZHPDiag crée par Nicolas Coolman

Enregistre le sur ton bureau
Double clique sur l'icône
Suis les instructions à l'ecran
Clique sur pour lancer l'analyse
Clique sur pour copier le rapport
Puis colle le dans ta prochaine réponses
Le rapport se situe aussi sous C:\Program Files\ZebHelpProcess\ZHPDiag.txt

A++

G touKC · le 6 novembre 2010

Bonjour Florinator

Voici le rapport de ZHPdiag :

Rapport de ZHPDiag v1.27.101 par Nicolas Coolman, Update du 05/11/2010

Run by petit at 06/11/2010 13:35:33

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18975

---\\ System Information

Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)

Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3326 MB (66% free)

System drive C: has 19 GB (26%) free of 69 GB

---\\ Logged in mode

Computer Name: PC-DE-PETIT

User Name: petit

All Users Names: petit, ASPNET, Administrateur,

Unselected Option: O1,O45,O61,O62,O65,O82

Logged in as Administrator

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 19 Go of 69 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ Hard drive, Flash drive, Thumb drive (Free 127 Go of 466 Go)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

---\\ Recherche particulière de fichiers génériques

[MD5.81110D3D781A3EABE4512563A11D8B8D] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 07:27:36.) -- C:\Windows\Explorer.exe [2926592]

[MD5.79F2958E7B70493FD74A4032CE81601F] - (.Microsoft Corporation - Application de démarrage de Windows.) (.18/01/2008 23:33:38.) -- C:\Windows\System32\Wininit.exe [96768]

[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]

[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 07:32:26.) -- C:\Windows\System32\drivers\atapi.sys [19944]

---\\ Processus lancés

[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184]

[MD5.963B43595A42D5CE7E4C27C361747AC9] - (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files\AVG\AVG8\avgtray.exe [2048352]

[MD5.ACC6017BA78E00AD19E3619BF3A6C39C] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4702208]

[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952]

[MD5.162E99115197B9098A90097C7FFF2942] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe [739840]

[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376]

[MD5.72B1BA02D12BAFEC388FB80C68080529] - (.Almico Software (www.almico.com) - Pas de description.) -- C:\Program Files\SpeedFan\speedfan.exe [2902528]

[MD5.613F177584ADB153646E692092E5E2BF] - (.Google Inc. - Google Chrome.) -- C:\Users\petit\AppData\Local\Google\Chrome\Application\chrome.exe [974904]

[MD5.AD3D7E95C4F3DAF0E703E3B36A95E288] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [617472]

---\\ Programmes d'extension pour Mozilla Firefox (M2)

M2 - MFEP: prefs.js [petit - s2rx99gz.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant 1.1 (.Microsoft.)

M2 - MFEP: prefs.js [petit - s2rx99gz.default\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] [adblockplus] Adblock Plus 1.2.2 (.Wladimir Palant.)

---\\ Plugins de navigateurs Opera/Firefox(P1/P2)

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Users\petit\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Pages de démarrage d'Internet Explorer (R0)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: (no name) - {AEEC3B59-CA98-4EBA-A140-57B94E283583} Clé orpheline

R3 - URLSearchHook: (no name) - *{AEEC3B59-CA98-4EBA-A140-57B94E283583} Clé orpheline

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} Clé orpheline

R3 - URLSearchHook: (no name) - *{08C06D61-F1F3-4799-86F8-BE1A89362C85} Clé orpheline

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} . (.Pas de propriétaire - AVG Security Toolbar.) (6.010.006.004) -- C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} . (.AVG Technologies CZ, s.r.o. - Safe Search for Internet Explorer.) -- C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} . (.Pas de propriétaire - AVG Security Toolbar.) -- C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} . (.Pas de propriétaire - Pas de description.) -- E:\Divers\FDM\Free Download Manager\iefdm2.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} . (.Orange - IE Toolbar Container.) -- C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} . (.Pas de propriétaire - AVG Security Toolbar.) -- C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe

O4 - HKLM\..\Run: [AVG8_TRAY] . (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe

O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier .exe (.not file.)

O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\petit\AppData\Local\Google\Update\GoogleUpdate.exe

O4 - HKUS\S-1-5-21-1044075169-1303294126-1772134064-1000\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-21-1044075169-1303294126-1772134064-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

O4 - HKUS\S-1-5-21-1044075169-1303294126-1772134064-1000\..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier .exe (.not file.)

O4 - HKUS\S-1-5-21-1044075169-1303294126-1772134064-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\petit\AppData\Local\Google\Update\GoogleUpdate.exe

O4 - Global Startup: C:\Users\petit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netcom.exe - Raccourci.lnk . (.Pas de propriétaire.) -- E:\Divers\Netcom\Netcom.exe (.not file.)

O4 - Global Startup: C:\Users\petit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\speedfan - Raccourci.lnk . (.Almico Software (www.almico.com).) -- C:\Program Files\SpeedFan\speedfan.exe

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\petit\Desktop\Boostez vos neurones ! Logique.lnk . (.Pas de propriétaire.) -- E:\Stimulation cérébrale\Boostez vos neurones !.exe

O4 - Global Startup: C:\Documents And Settings\petit\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\petit\AppData\Local\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Documents And Settings\petit\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Documents And Settings\petit\Desktop\IrfanView.lnk . (.Irfan Skiljan.) -- C:\Program Files\IrfanView\i_view32.exe

O4 - Global Startup: C:\Documents And Settings\petit\Desktop\Maxi Puzzles.lnk . (.Pas de propriétaire.) -- E:\Maxi Puzzles\Maxi Puzzles\jpuzzle.exe

O4 - Global Startup: C:\Documents And Settings\petit\Desktop\Musique Marie-Josée.lnk . (.Pas de propriétaire.) -- E:\Musique Marie-Josée

O4 - Global Startup: C:\Documents And Settings\petit\Desktop\Notre Album PHOTOS.lnk . (.Pas de propriétaire.) -- E:\Album PHOTOS

O4 - Global Startup: C:\Documents And Settings\petit\Desktop\OpenOffice TABLEUR.lnk . (.Pas de propriétaire.) -- C:\Program Files\OpenOffice.org 2.3\program\scalc.exe

O4 - Global Startup: C:\Documents And Settings\petit\Desktop\OpenOffice TEXTE.lnk . (.Pas de propriétaire.) -- C:\Program Files\OpenOffice.org 2.3\program\swriter.exe

O4 - Global Startup: C:\Documents And Settings\petit\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- E:\Divers\Photofiltre\PhotoFiltre.exe

O4 - Global Startup: C:\Documents And Settings\petit\Desktop\Utilitaires.lnk . (.Pas de propriétaire.) -- C:\Users\petit\Utilitaires

O4 - Global Startup: C:\Documents And Settings\petit\Desktop\ .lnk . (.Pas de propriétaire.) -- E:\Jeux

O4 - Global Startup: C:\Users\petit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\petit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe

O4 - Global Startup: C:\Users\petit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

O4 - Global Startup: C:\Users\petit\Desktop\Boostez vos neurones ! Logique.lnk . (.Pas de propriétaire.) -- E:\Stimulation cérébrale\Boostez vos neurones !.exe

O4 - Global Startup: C:\Users\petit\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\petit\AppData\Local\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\petit\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\petit\Desktop\IrfanView.lnk . (.Irfan Skiljan.) -- C:\Program Files\IrfanView\i_view32.exe

O4 - Global Startup: C:\Users\petit\Desktop\Maxi Puzzles.lnk . (.Pas de propriétaire.) -- E:\Maxi Puzzles\Maxi Puzzles\jpuzzle.exe

O4 - Global Startup: C:\Users\petit\Desktop\Musique Marie-Josée.lnk . (.Pas de propriétaire.) -- E:\Musique Marie-Josée

O4 - Global Startup: C:\Users\petit\Desktop\Notre Album PHOTOS.lnk . (.Pas de propriétaire.) -- E:\Album PHOTOS

O4 - Global Startup: C:\Users\petit\Desktop\OpenOffice TABLEUR.lnk . (.Pas de propriétaire.) -- C:\Program Files\OpenOffice.org 2.3\program\scalc.exe

O4 - Global Startup: C:\Users\petit\Desktop\OpenOffice TEXTE.lnk . (.Pas de propriétaire.) -- C:\Program Files\OpenOffice.org 2.3\program\swriter.exe

O4 - Global Startup: C:\Users\petit\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- E:\Divers\Photofiltre\PhotoFiltre.exe

O4 - Global Startup: C:\Users\petit\Desktop\Utilitaires.lnk . (.Pas de propriétaire.) -- C:\Users\petit\Utilitaires

O4 - Global Startup: C:\Users\petit\Desktop\ .lnk . (.Pas de propriétaire.) -- E:\Jeux

O4 - Global Startup: C:\Users\petit\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GameSpy Comrade.lnk . (.IGN Entertainment Inc..) -- C:\Program Files\GameSpy\Comrade\Comrade.exe

O4 - Global Startup: C:\Users\petit\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Users\petit\AppData\Local\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\petit\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\petit\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline

O4 - Global Startup: C:\Users\petit\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline

O4 - Global Startup: C:\Users\petit\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: ajouter cette page à vos favoris Orange - (.not file.) - C:\Users\petit\AppData\Local\Temp\cceE98A.html

O8 - Extra context menu item: Tout télécharger avec Free Download Manager - (.not file.) - file:\\E:\Divers\FDM\Free Download Manager\dlall.htm

O8 - Extra context menu item: traduire la page - (.not file.) - C:\Users\petit\AppData\Local\Temp\cceE988.html

O8 - Extra context menu item: traduire le texte sélectionné - (.not file.) - C:\Users\petit\AppData\Local\Temp\cceE989.html

O8 - Extra context menu item: Télécharger avec Free Download Manager - (.not file.) - file:\\E:\Divers\FDM\Free Download Manager\dllink.htm

O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - (.not file.) - file:\\E:\Divers\FDM\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - (.not file.) - file:\\E:\Divers\FDM\Free Download Manager\dlfvideo.htm

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} . (.not file.) - (.not file.)

O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1285012827048

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{8C237D9E-5F64-4746-9DC2-D9B6D7FB53B9}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{8C237D9E-5F64-4746-9DC2-D9B6D7FB53B9}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS3\Services\Tcpip\..\{8C237D9E-5F64-4746-9DC2-D9B6D7FB53B9}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Protocole additionnel et piratage de protocole (O18)

O18 - Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} . (.Pas de propriétaire - AVG Security Toolbar.) -- C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll

O18 - Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} . (.AVG Technologies CZ, s.r.o. - Safe Search pluggable protocol.) -- C:\Program Files\AVG\AVG8\avgpp.dll

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - AppInit_DLLs: . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Starter.) - C:\Windows\System32\avgrsstx.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) . (.AVG Technologies CZ, s.r.o. - AVG E-Mail Scanner.) - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) . (.France Telecom SA - Orange Connection Kit.) - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

O23 - Service: InCD Helper (InCDsrv) . (.Nero AG - incdsrv.) - E:\Divers\InCd\InCD\InCDsrv.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 258.9.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: PnkBstrA (PnkBstrA) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB (PnkBstrB) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\PnkBstrB.exe

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1044075169-1303294126-1772134064-1000Core.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1044075169-1303294126-1772134064-1000UA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{98188BC8-4A07-46C5-AD31-E7CA7D109416}.job

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Personnalisation du navigateur - >{7517B462-F531-4B95-A517-C86FDBB3DAD3} . (.Pas de propriétaire - Pas de description.) -- Rundll32 IEDKCS32.dll

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_07\bin\regutils.dll

O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r28.) -- C:\Windows\system32\Macromed\Flash\Flash9b.ocx

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: AVG Free AVI Loader Driver x86 (AvgLdx86) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\system32\Drivers\avgldx86.sys

O41 - Driver: AVG Free On-access Scanner Minifilter Driver x86 (AvgMfx86) . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - C:\Windows\system32\Drivers\avgmfx86.sys

O41 - Driver: AVG Free8 Network Redirector (AvgTdiX) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\Windows\system32\Drivers\avgtdix.sys

O41 - Driver: InCDPass (InCDPass) . (.Nero AG - Ahead RW Filter Driver.) - C:\Windows\system32\DRIVERS\InCDPass.sys

---\\ Logiciels installés (O42)

O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}

O42 - Logiciel: 3DMark06 - (.Futuremark.) [HKLM] -- {1AE27FE6-05DB-40CB-A29E-2945980ACE27}

O42 - Logiciel: AVG 8.5 - (.AVG Technologies.) [HKLM] -- AVG8Uninstall

O42 - Logiciel: Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) - (.Adobe Systems, Inc.) [HKLM] -- {6846389C-BAC0-4374-808E-B120F86AF5D7}

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Reader 8.1.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81200000003}

O42 - Logiciel: Adobe Reader 8.1.2 Security Update 1 (KB403742) - (.Pas de propriétaire.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81200000003}_Adobe Reader 8.1.2 - Français

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}

O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: ArmA 2 Uninstall - (.Pas de propriétaire.) [HKLM] -- ArmA 2

O42 - Logiciel: ArmA Queen's Gambit Uninstall - (.Pas de propriétaire.) [HKLM] -- ArmA Queen's Gambit

O42 - Logiciel: ArmA Uninstall - (.Pas de propriétaire.) [HKLM] -- ArmA

O42 - Logiciel: Auslogics Disk Defrag - (.Auslogics Software Pty Ltd.) [HKLM] -- {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1

O42 - Logiciel: BENEATH - (.Pas de propriétaire.) [HKLM] -- BENEATH

O42 - Logiciel: BattlEye Uninstall - (.Pas de propriétaire.) [HKLM] -- BattlEye

O42 - Logiciel: BioShock - (.2K Games.) [HKLM] -- {E280923D-C5D9-4728-8C79-AC9A0DC75875}

O42 - Logiciel: Boostez vos neurones ! Logique - (.Pas de propriétaire.) [HKLM] -- Boostez vos neurones ! Logique

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: CDex extraction audio - (.Pas de propriétaire.) [HKLM] -- CDex

O42 - Logiciel: Cold War Rearmed Demo Uninstall - (.Pas de propriétaire.) [HKLM] -- Cold War Rearmed Demo

O42 - Logiciel: Connexion Internet Orange - (.Pas de propriétaire.) [HKLM] -- {ORAHSS}.UninstallSuite

O42 - Logiciel: Crysis® - (.Electronic Arts.) [HKLM] -- {000E79B7-E725-4F01-870A-C12942B7F8E4}

O42 - Logiciel: EAX4 Unified Redist - (.Creative Labs.) [HKLM] -- {89661B04-C646-4412-B6D3-5E19F02F1F37}

O42 - Logiciel: F.E.A.R. 2 SP Demo - (.Monolith Productions, Inc..) [HKLM] -- {F73D18C1-F4DA-4B9F-9C46-5185F5D3DB7C}

O42 - Logiciel: FEAR - (.Vivendi Universal Games, Inc..) [HKLM] -- {2B653229-9854-4989-B780-D978F5F13EAB}

O42 - Logiciel: FEAR Extraction Point - (.Vivendi Universal Games, Inc..) [HKLM] -- {909BBDB7-BABE-434C-9124-863A9F8D1CF8}

O42 - Logiciel: FEAR Perseus Mandate - (.Sierra Entertainment, Inc..) [HKLM] -- {5B15759F-B7A0-400C-9A5E-634C9D0871CE}

O42 - Logiciel: Far Cry - (.Nom de votre société.) [HKLM] -- InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}

O42 - Logiciel: Float32 2.0 - (.www.thefloatingpoint.org.) [HKLM] -- {FED34B00-1DA2-4F4C-A3EC-A5F5893F5D86}

O42 - Logiciel: Fraps - (.Pas de propriétaire.) [HKLM] -- Fraps

O42 - Logiciel: Free Download Manager 3.0 - (.FreeDownloadManager.ORG.) [HKLM] -- Free Download Manager_is1

O42 - Logiciel: FxVisor - (.Frameworkx.) [HKLM] -- {F691A1F5-2789-46CE-A45A-57763198D384}

O42 - Logiciel: GIMP 2.6.7 - (.Pas de propriétaire.) [HKLM] -- WinGimp-2.0_is1

O42 - Logiciel: GTAIV Patch Universe V2 by knyz - (.Knyz, Inc..) [HKLM] -- {8FD4236C-E373-4ADB-9B41-62D60ED0CC2B}_is1

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome

O42 - Logiciel: Grand Theft Auto IV - (.Rockstar Games.) [HKLM] -- {579BA58C-F33D-4970-9953-B94B43768AC3}

O42 - Logiciel: Grand Theft Auto: Episodes from Liberty City - (.Rockstar Games Inc..) [HKLM] -- {5454083B-1308-4485-BF17-111000028701}

O42 - Logiciel: HP Customer Participation Program 10.0 - (.HP.) [HKLM] -- HPExtendedCapabilities

O42 - Logiciel: HP Imaging Device Functions 10.0 - (.HP.) [HKLM] -- HP Imaging Device Functions

O42 - Logiciel: HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3 - (.HP.) [HKLM] -- {FF1F4E8E-A833-4c4b-A14A-45D5B841B5D8}

O42 - Logiciel: HP Photosmart Essential 2.5 - (.HP.) [HKLM] -- HP Photosmart Essential

O42 - Logiciel: HP Smart Web Printing - (.HP.) [HKLM] -- HP Smart Web Printing

O42 - Logiciel: HP Solution Center 10.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools

O42 - Logiciel: Half-Life® 2 - (.Valve.) [HKLM] -- {D45EC259-4A19-4656-B588-C2C360DD18EA}

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: InCD - (.Pas de propriétaire.) [HKLM] -- InCD!UninstallKey

O42 - Logiciel: IrfanView (remove only) - (.Pas de propriétaire.) [HKLM] -- IrfanView

O42 - Logiciel: Java 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030}

O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}

O42 - Logiciel: LauncherMA - (.Micro Application.) [HKLM] -- {C06EFB22-B5DB-46C5-9215-BCB5C19C0858}

O42 - Logiciel: Living Hell Light - (.Dusel,Andy and Hamers.) [HKLM] -- Living Hell Light

O42 - Logiciel: Living Hell Light - (.Dusel,Andy and Hamers.) [HKLM] -- {A64240FF-9C31-4858-AE9D-65483C5DE63A}

O42 - Logiciel: Logitech SetPoint 6.15 - (.Logitech.) [HKLM] -- SP6

O42 - Logiciel: MSI Afterburner 2.0.0 - (.MSI Co., LTD.) [HKLM] -- Afterburner

O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}

O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Marvell Miniport Driver - (.Marvell.) [HKLM] -- Marvell Miniport Driver

O42 - Logiciel: Maxi Puzzles - (.Pas de propriétaire.) [HKLM] -- Maxi Puzzles_is1

O42 - Logiciel: Metal & Concrete Pack (Part 1) v.10 - (.NeilMc.) [HKLM] -- {3437EF8D-B8D7-44B5-93B5-D6C9A094B62F}_is1

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906

O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}

O42 - Logiciel: Microsoft Games for Windows - LIVE - (.Microsoft Corporation.) [HKLM] -- {2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}

O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {A49F249F-0C91-497F-86DF-B2585E8E76B7}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel

O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}

O42 - Logiciel: Natural Mod - (.pydon.) [HKLM] -- Natural Mod

O42 - Logiciel: Nero - (.ahead software gmbh.) [HKLM] -- {A4D7B764-4140-11D4-88EB-0050DA3579C0}

O42 - Logiciel: Notification Mail - (.Orange.) [HKLM] -- MailNotifier

O42 - Logiciel: OCCT Perestroika 1.1.1 - (.Tetedeiench.) [HKLM] -- OCCT_is1

O42 - Logiciel: OCR Software by I.R.I.S. 10.0 - (.HP.) [HKLM] -- HPOCR

O42 - Logiciel: OpenAL - (.Pas de propriétaire.) [HKLM] -- OpenAL

O42 - Logiciel: OpenOffice.org 2.3 - (.OpenOffice.org.) [HKLM] -- {B087B0C3-F595-485A-B86B-73326BA8693A}

O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}

O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre

O42 - Logiciel: PunkBuster Services - (.Even Balance, Inc..) [HKLM] -- PunkBusterSvc

O42 - Logiciel: Puzzles Collection - (.Pas de propriétaire.) [HKLM] -- {C77A8277-C3BF-4260-A121-0AF897E12F18}

O42 - Logiciel: Qtpfsgui 1.9.3 - (.Qtpfsgui Dev Team.) [HKLM] -- {7020FC34-6E04-4858-924D-354B28CB2402}_is1

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Rockstar Games Social Club - (.Rockstar Games.) [HKLM] -- {08B3869E-D282-424C-9AFC-870E04A4BA14}

O42 - Logiciel: S.T.A.L.K.E.R. - Call of Pripyat [v1.6.02] - (.bitComposer Games.) [HKLM] -- {406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1

O42 - Logiciel: S.T.A.L.K.E.R. - Clear Sky [v1.0005] - (.Deep Silver.) [HKLM] -- S.T.A.L.K.E.R. - Clear Sky_is1

O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473

O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies

O42 - Logiciel: Soluto - (.Soluto.) [HKLM] -- {B0D7190D-B2DD-404E-88E6-74CC0B62054C}

O42 - Logiciel: Source SDK Base 2006 - (.Valve.) [HKLM] -- Steam App 215

O42 - Logiciel: SpeedFan (remove only) - (.Pas de propriétaire.) [HKLM] -- SpeedFan

O42 - Logiciel: Steam - (.Valve.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}

O42 - Logiciel: Switch Sound File Converter - (.NCH Software.) [HKLM] -- Switch

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: VLC 0.9.8 - (.Pas de propriétaire.) [HKLM] -- {756E2E58-D191-4BB2-B454-8871794BF648}_is1

O42 - Logiciel: VLC media player 1.0.0 - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: barre d'outils Orange - (.France Telecom SA.) [HKLM] -- OrangeToolbarFR

O42 - Logiciel: eReg - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ASUS]

[HKCU\Software\AVS4YOU]

[HKCU\Software\Adobe]

[HKCU\Software\Ahead]

[HKCU\Software\AppDataLow\Software\AVG Security Toolbar]

[HKCU\Software\AppDataLow\Software\AVG]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Orange]

[HKCU\Software\AppDataLow\Software\Yahoo]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Auslogics]

[HKCU\Software\Avg]

[HKCU\Software\Bohemia Interactive Studio]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Codemasters]

[HKCU\Software\CoreAAC]

[HKCU\Software\Cygnus Solutions]

[HKCU\Software\Fraps3]

[HKCU\Software\FreeDownloadManager.ORG]

[HKCU\Software\Freeware]

[HKCU\Software\Futuremark]

[HKCU\Software\GNU]

[HKCU\Software\GameSpy]

[HKCU\Software\Google]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\Homegrown Games]

[HKCU\Software\HookNetwork]

[HKCU\Software\I.C.NET Software GmbH]

[HKCU\Software\Informer Technologies, Inc.]

[HKCU\Software\JEDI-VCL]

[HKCU\Software\JavaSoft]

[HKCU\Software\Kegetys]

[HKCU\Software\Leadertech]

[HKCU\Software\Licenses]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Logitech]

[HKCU\Software\MSI]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\Micro Application]

[HKCU\Software\Mind a Game]

[HKCU\Software\Monolith Productions]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\NCH Software]

[HKCU\Software\NCH Swift Sound]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Netcom]

[HKCU\Software\Netscape]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\Opera Software]

[HKCU\Software\Orange]

[HKCU\Software\Pinnacle Systems]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Qtpfsgui]

[HKCU\Software\Realtek]

[HKCU\Software\SecuROM]

[HKCU\Software\Softonic]

[HKCU\Software\SpeedFan]

[HKCU\Software\Sysinternals]

[HKCU\Software\Trolltech]

[HKCU\Software\Unlimited Possibilities]

[HKCU\Software\Unwinder]

[HKCU\Software\Valve]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Yahoo]

[HKCU\Software\encryptX]

[HKCU\Software\kde.org]

[HKCU\Software\perforce]

[HKLM\Software\2K Games]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\ASUS]

[HKLM\Software\AVG Security Toolbar]

[HKLM\Software\AVG]

[HKLM\Software\AVS4YOU]

[HKLM\Software\Activision]

[HKLM\Software\Adobe]

[HKLM\Software\Ahead]

[HKLM\Software\Alienware]

[HKLM\Software\Bohemia Interactive Studio]

[HKLM\Software\Bohemia Interactive]

[HKLM\Software\BrowserChoice]

[HKLM\Software\C07ft5Y]

[HKLM\Software\CXT]

[HKLM\Software\Caphyon]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Conexant]

[HKLM\Software\Crytek]

[HKLM\Software\Cygnus Solutions]

[HKLM\Software\Electronic Arts]

[HKLM\Software\Eset]

[HKLM\Software\Even Balance]

[HKLM\Software\FRANCE TELECOM]

[HKLM\Software\FreeDownloadManager.ORG]

[HKLM\Software\Futuremark]

[HKLM\Software\GSC Game World]

[HKLM\Software\GameSpy]

[HKLM\Software\Google]

[HKLM\Software\HP]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\ICE]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\Khronos]

[HKLM\Software\Licenses]

[HKLM\Software\Logitech]

[HKLM\Software\MSI]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\Marvell]

[HKLM\Software\Micro Application]

[HKLM\Software\MimarSinan]

[HKLM\Software\Monolith Productions, Inc.]

[HKLM\Software\Monolith Productions]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NCH Software]

[HKLM\Software\NCH Swift Sound]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\ODBC]

[HKLM\Software\OpenOffice.org]

[HKLM\Software\Orange]

[HKLM\Software\PegasusImaging]

[HKLM\Software\Pinnacle Systems]

[HKLM\Software\Policies]

[HKLM\Software\Pterodon]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Rockstar Games]

[HKLM\Software\SDLL]

[HKLM\Software\SRS Labs]

[HKLM\Software\Soluto]

[HKLM\Software\Sonic]

[HKLM\Software\Sun Microsystems]

[HKLM\Software\Swearware]

[HKLM\Software\TheFarm51]

[HKLM\Software\TimeGate Studios]

[HKLM\Software\Valve]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volatile]

[HKLM\Software\Waves Audio]

[HKLM\Software\Wow6432Node]

[HKLM\Software\Yahoo]

[HKLM\Software\mozilla.org]

[HKLM\Software\netcom]

[HKLM\Software\perforce]

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)

O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\AGEIA Technologies

O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update

O43 - CFD:Common File Directory ----D- C:\Program Files\ASUS

O43 - CFD:Common File Directory ----D- C:\Program Files\AVG

O43 - CFD:Common File Directory ----D- C:\Program Files\AVS4YOU

O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files

O43 - CFD:Common File Directory ----D- C:\Program Files\Electronic Arts

O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs

O43 - CFD:Common File Directory ----D- C:\Program Files\Frameworkx

O43 - CFD:Common File Directory ----D- C:\Program Files\Fraps

O43 - CFD:Common File Directory ----D- C:\Program Files\Free Download Manager

O43 - CFD:Common File Directory ----D- C:\Program Files\Futuremark

O43 - CFD:Common File Directory ----D- C:\Program Files\GameSpy

O43 - CFD:Common File Directory ----D- C:\Program Files\Grisoft

O43 - CFD:Common File Directory ----D- C:\Program Files\Hewlett-Packard

O43 - CFD:Common File Directory ----D- C:\Program Files\HP

O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Intel

O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer

O43 - CFD:Common File Directory ----D- C:\Program Files\IrfanView

O43 - CFD:Common File Directory ----D- C:\Program Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\Lavasoft

O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech

O43 - CFD:Common File Directory ----D- C:\Program Files\Marvell

O43 - CFD:Common File Directory ----D- C:\Program Files\Micro Application

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games for Windows - LIVE

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET

O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker

O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox

O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild

O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0

O43 - CFD:Common File Directory ----D- C:\Program Files\Natural Mod

O43 - CFD:Common File Directory ----D- C:\Program Files\NCH Software

O43 - CFD:Common File Directory ----D- C:\Program Files\NCH Swift Sound

O43 - CFD:Common File Directory ----D- C:\Program Files\NVIDIA Corporation

O43 - CFD:Common File Directory ----D- C:\Program Files\NVIDIA nTune Performance Application

O43 - CFD:Common File Directory ----D- C:\Program Files\OCCT

O43 - CFD:Common File Directory ----D- C:\Program Files\OpenAL

O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 2.3

O43 - CFD:Common File Directory ----D- C:\Program Files\Orange

O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek

O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies

O43 - CFD:Common File Directory ----D- C:\Program Files\Soluto

O43 - CFD:Common File Directory ----D- C:\Program Files\SpeedFan

O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Wanadoo

O43 - CFD:Common File Directory ----D- C:\Program Files\WBGames

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar

O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR

O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo!

O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ahead

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\AVSMedia

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\France Telecom

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Hewlett-Packard

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\HP

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LogiShrd

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Steam

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard

O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe

O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data

O43 - CFD:Common File Directory ----D- C:\ProgramData\AVG Security Toolbar

O43 - CFD:Common File Directory ----D- C:\ProgramData\avg8

O43 - CFD:Common File Directory ----D- C:\ProgramData\AVS4YOU

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites

O43 - CFD:Common File Directory ----D- C:\ProgramData\FreeDownloadManager.ORG

O43 - CFD:Common File Directory ----D- C:\ProgramData\Hewlett-Packard

O43 - CFD:Common File Directory ----D- C:\ProgramData\HP

O43 - CFD:Common File Directory ----D- C:\ProgramData\HP Product Assistant

O43 - CFD:Common File Directory ----D- C:\ProgramData\InstallShield

O43 - CFD:Common File Directory ----D- C:\ProgramData\Isotx

O43 - CFD:Common File Directory ----D- C:\ProgramData\Lavasoft

O43 - CFD:Common File Directory ----D- C:\ProgramData\Logishrd

O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes

O43 - CFD:Common File Directory ----D- C:\ProgramData\Media Center Programs

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD:Common File Directory ----D- C:\ProgramData\Micro Application

O43 - CFD:Common File Directory -S--D- C:\ProgramData\Microsoft

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles

O43 - CFD:Common File Directory ----D- C:\ProgramData\NCH Software

O43 - CFD:Common File Directory ----D- C:\ProgramData\NCH Swift Sound

O43 - CFD:Common File Directory ----D- C:\ProgramData\NVIDIA

O43 - CFD:Common File Directory ----D- C:\ProgramData\NVIDIA Corporation

O43 - CFD:Common File Directory ----D- C:\ProgramData\Pinnacle

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\SecuROM

O43 - CFD:Common File Directory ----D- C:\ProgramData\Soluto

O43 - CFD:Common File Directory ----D- C:\ProgramData\Spybot - Search & Destroy

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu

O43 - CFD:Common File Directory ---AD- C:\ProgramData\TEMP

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates

O43 - CFD:Common File Directory ----D- C:\ProgramData\Ubisoft

O43 - CFD:Common File Directory ----D- C:\ProgramData\WEBREG

O43 - CFD:Common File Directory ----D- C:\ProgramData\Windows Genuine Advantage