problème connexionRésolu/Fermé

Question

Bonjour, 

j'ai un problème avec mon pc que je n'arrive plus à connecter sur internet. Le message d'erreur est problème dns. J'ai fais toutes les manipulations qu'il fallait, je ne pense pas que cela vienne de la livebox puisque je n'ai aucun soucis en wifi, pas de problème de tv ou téléphone. Faut-il que je le fasse formater, je n'arrive pas à scanner avec antivir et tout les autres logiciels de protection impossible bien sur de faire les mises à jour. Merci de votre aide.



Configuration: Windows 7 / Chrome 22.0.1229.79

Freedomsoul · Answer

Et bien si tu n'as rien d'important, ou que tu sauvegardes les données sures, tu peux formater, tu repartiras sur de bonnes bases.


Sinon, il faut voir depuis quand viens ce problèmes, logiciels récemment installés,... conflit d'anti-virus,...

g3n-h@ckm@n · Answer

salut à transferer via usb 

&#9654 Téléchargez UsbFix (créé par El Desaparecido) sur votre Bureau.

&#9654 Si votre antivirus affiche une alerte, ignorez-la et désactivez l'antivirus temporairement.
&#9654 Branchez toutes vos sources de données externes à votre PC (clé USB, disque dur externe, etc...) sans les ouvrir.
&#9654 Double cliquez sur UsbFix.exe.  

&#9654 Cliquez sur Suppression.
&#9654 Laissez travailler l'outil. 

&#9654 À la fin du scan, un rapport va s'afficher, postez-le dans votre prochaine réponse sur le forum.

&#9654 Le rapport est aussi sauvegardé à la racine du disque système ( C:\UsbFix.txt ).
&#9654 Tutoriel vidéo


== 

Attention !!! : cet outil peut etre détecté à tort comme virus 
Attention !!! : cet outil est puissant suivre scrupuleusement les instructions ci-dessous 

tous les processus "non vitaux de windows" vont être coupés , enregistre ton travail. 

Désactive toutes tes protections si possible , antivirus , sandbox , pare-feux , etc.... 

telecharge et enregistre Pre_Scan sur ton bureau : 

https://forums-fec.be/gen-hackman/Pre_Scan.exe 

si le lien ne fonctionne pas : 

https://toolslib.net 
http://www.archive-host.com 

Avertissement :Il y aura une extinction du bureau pendant le scan --> pas de panique. 

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan_la_date_et_l'heure.txt" sur le bureau. 

si l'outil est relancé plusieurs fois , il te proposera un menu et qu'aucune option n'est demandée, lance l'option "Kill" 

si l'outil est bloqué par l'infection utilise cette version avec extension .pif : 

https://forums-fec.be/gen-hackman/Pre_Scan.pif 

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy" 

Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler 

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan 

Il est possible que l'outil fasse redemarrer ton pc , laisse-le faire 

NE LE POSTE PAS SUR LE FORUM !!! (il est trop long) 

Heberge le rapport sur http://pjjoint.malekal.com puis donne le lien obtenu en echange sur le forum où tu te fais aider  
  
¤¤¤¤¤¤¤¤¤¤ Pre_Scan_Concept ¤¤¤¤¤¤¤¤¤¤

Utilisateur anonyme · Answer

bonjour,


Télécharge et enregistre ADWcleaner sur ton bureau :

ADWCleaner http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner (Merci à Xplode)

Lance, Adwcleaner:

> Si tu utilises Avira et son Webguard,
> Clique sur le point d'interrogation, puis sur options
>Coche la case ASK

NB : Sans détection de la toolbar Ask : en effet, si elle est supprimée, tu perdras la protection résidente d'Avira.

Clique sur OK

(Pour vista et seven => clic droit "executer en tant qu'administrateur")


clique sur suppression et poste son rapport

adblock https://www.commentcamarche.net/telecharger/web-internet/25023-adblock-plus/ plus est un module pour firefox il marche trés bien

colles un rapport avec l'option de suppression de adwcleaner

puis pour avancer >


Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html


(outil de diagnostic)

Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )

Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )

Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.

Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.

Rend toi sur Cjoint : http://www.cijoint.com/

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message

ou sinon pour transmettre ton rapport:
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.

g3n-h@ckm@n · Answer

mmmm......faut suivre une formation pour apprendre ca :) il y a plusieurs sites si ca t'interesse :)

mimie17 · Answer

voila le lien du rapport Prescan

https://pjjoint.malekal.com/files.php?id=20121009_o7b11j8i5o14

mimie17 · Answer

là c'est le rapport AdwCleaner

# AdwCleaner v2.004 - Rapport créé le 09/10/2012 à 10:51:49
# Mis à jour le 06/10/2012 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : MYRIAM - PCMIMI
# Mode de démarrage : Normal
# Exécuté depuis : C:\Documents and Settings\MYRIAM\Bureau\AdwCleaner (1).exe
# Option [Suppression]
# Commutateur(s) utilisé(s) : /DisableAskDetection


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\Bandoo
Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\iWin
Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\Trymedia
Dossier Supprimé : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Bandoo
Dossier Supprimé : C:\Documents and Settings\MYRIAM\Application Data\Bandoo
Dossier Supprimé : C:\Documents and Settings\MYRIAM\Application Data\FissaSearch
Dossier Supprimé : C:\Documents and Settings\MYRIAM\Application Data\iWin
Dossier Supprimé : C:\Documents and Settings\MYRIAM\Application Data\OpenCandy
Dossier Supprimé : C:\Documents and Settings\MYRIAM\Application Data\widestream
Dossier Supprimé : C:\Documents and Settings\MYRIAM\Local Settings\Application Data\Conduit
Dossier Supprimé : C:\Documents and Settings\MYRIAM\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Dossier Supprimé : C:\Documents and Settings\MYRIAM\Local Settings\Application Data\OpenCandy
Dossier Supprimé : C:\Documents and Settings\MYRIAM\Local Settings\Application Data\Oryte_Games_1.9
Dossier Supprimé : C:\Documents and Settings\MYRIAM\Local Settings\Application Data\widestream6 Air
Dossier Supprimé : C:\Program Files\Widestream6
Dossier Supprimé : C:\windows\Installer\{835525BE-63BD-4EC4-9425-00CEAD4849C2}
Dossier Supprimé : E:\widestream
Fichier Supprimé : C:\Documents and Settings\MYRIAM\Local Settings\Application Data\funmoods-speeddial.crx

***** [Registre] *****

Clé Supprimée : HKCU\Software\Binary Noise\mPlayer\kiwee_toolbar_installer.exe
Clé Supprimée : HKCU\Software\FissaSearch
Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Clé Supprimée : HKCU\Software\Headlight
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Bandoo
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
Clé Supprimée : HKCU\Software\Oryte_Games_1.9
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\Spointer
Clé Supprimée : HKCU\Software\WideStream
Clé Supprimée : HKCU\Toolbar
Clé Supprimée : HKLM\Software\Bandoo
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BandooCoordinator.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl
Clé Supprimée : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl
Clé Supprimée : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl.1
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escortIEPane
Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Clé Supprimée : HKLM\SOFTWARE\Classes\f
Clé Supprimée : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Clé Supprimée : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Clé Supprimée : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Clé Supprimée : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Clé Supprimée : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2476266
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Clé Supprimée : HKLM\Software\Messenger Plus!\OpenCandy
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AutocompletePro3_is1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Oryte_Games_1.9 Toolbar
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{24A2A336-026F-4DA1-9547-4B48F65DF26E}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Clé Supprimée : HKLM\Software\Oryte_Games_1.9
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Valeur Supprimée : HKCU\Software\Mozilla\Firefox\Extensions [firefox@bandoo.com]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}]
Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [support@predictad.com]

***** [Navigateurs] *****

-\ Internet Explorer v8.0.6001.18702

Remplacé : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - CustomizeSearch] = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=60341 --> hxxp://www.google.com

*************************

AdwCleaner[S1].txt - [12344 octets] - [09/10/2012 10:51:49]

########## EOF - C:\AdwCleaner[S1].txt - [12405 octets] ##########

mimie17 · Answer

voila le lien du rapport ZHPDiag

https://pjjoint.malekal.com/files.php?id=ZHPDiag_20121009_z11y15p8o5u13

g3n-h@ckm@n · Answer

excuse moi une question :

tu lis ce que j'écris ou pas ?

mimie17 · Answer

c est bien le rapport usbfix que tu veux ?

g3n-h@ckm@n · Answer

ben oui il est où ?

mimie17 · Answer

je recommence je le vois pas dans mes reponses


############################## | UsbFix V 7.097 | [Suppression]

Utilisateur: MYRIAM (Administrateur) # PCMIMI
Mis à jour le 02/09/2012 par El Desaparecido
Lancé à 09:18:16 | 09/10/2012

Site Web: https://www.sosvirus.net/
Forum: http://forum.eldesaparecido.com
Fichier suspect ? : http://eldesaparecido.com/upload.php
Contact: contact@eldesaparecido.com

PC: Gigabyte Technology Co., Ltd. (M61SME-S2L) (X86-based PC
CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 4400+ (2310)
RAM -> [Total : 1023 | Free : 481]
BIOS: Award Modular BIOS v6.00PG
BOOT: Normal boot

OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 8.0.6001.18702

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 49 Go (3 Go libre(s) - 7%) [SYSTEM] # NTFS
D:\ -> CD-ROM
E:\ -> Disque fixe # 184 Go (147 Go libre(s) - 80%) [DATA] # NTFS
G:\ -> Disque fixe # 466 Go (433 Go libre(s) - 93%) [Elements] # NTFS
H:\ -> Disque amovible # 7 Go (6 Go libre(s) - 79%) [CLE USB] # FAT32

################## | Processus Actif |

C:\windows\System32\smss.exe (492)
C:\windows\system32\winlogon.exe (572)
C:\windows\system32\services.exe (616)
C:\windows\system32\lsass.exe (628)
C:\windows\system32\svchost.exe (808)
C:\windows\System32\svchost.exe (932)
C:\windows\system32\svchost.exe (976)
C:\windows\system32\spoolsv.exe (1196)
C:\Program Files\Avira\AntiVir Desktop\sched.exe (1244)
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1372)
C:\Program Files\Bonjour\mDNSResponder.exe (1432)
C:\Program Files\Java\jre6\bin\jqs.exe (1656)
C:\Program Files\CDBurnerXP\NMSAccessU.exe (1688)
C:\windows\System32
vsvc32.exe (1708)
C:\WINDOWS\system32\HPZipm12.exe (1736)
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (1808)
C:\windows\System32\svchost.exe (1948)
C:\windows\Explorer.EXE (116)
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (1404)
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (2040)
C:\windows\RTHDCPL.EXE (2068)
C:\Program Files\iTunes\iTunesHelper.exe (2088)
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (2100)
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (2120)
C:\windows\system32\ctfmon.exe (2128)
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (2184)
C:\Documents and Settings\MYRIAM\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (2200)
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (2264)
C:\Program Files\Micro Application\LauncherMA.exe (2272)
C:\Program Files\iPod\bin\iPodService.exe (2372)
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe (2828)
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (3080)
C:\windows\system32\wuauclt.exe (3372)
C:\windows\System32\svchost.exe (3608)
C:\Documents and Settings\MYRIAM\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (3908)
C:\Documents and Settings\MYRIAM\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (1152)
C:\windows\system32\wscntfy.exe (3568)
C:\UsbFix\Go.exe (3980)

################## | Processus Stoppés |

Stoppé! C:\windows\system32\spoolsv.exe (1196)
Stoppé! C:\Program Files\Avira\AntiVir Desktop\sched.exe (1244)
Stoppé! C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1372)
Stoppé! C:\Program Files\Bonjour\mDNSResponder.exe (1432)
Stoppé! C:\Program Files\Java\jre6\bin\jqs.exe (1656)
Stoppé! C:\Program Files\CDBurnerXP\NMSAccessU.exe (1688)
Stoppé! C:\windows\System32
vsvc32.exe (1708)
Stoppé! C:\WINDOWS\system32\HPZipm12.exe (1736)
Stoppé! C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (1808)
Stoppé! C:\windows\Explorer.EXE (116)
Stoppé! C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (1404)
Stoppé! C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (2040)
Stoppé! C:\windows\RTHDCPL.EXE (2068)
Stoppé! C:\Program Files\iTunes\iTunesHelper.exe (2088)
Stoppé! C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (2100)
Stoppé! C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (2120)
Stoppé! C:\windows\system32\ctfmon.exe (2128)
Stoppé! C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (2184)
Stoppé! C:\Documents and Settings\MYRIAM\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (2200)
Stoppé! C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (2264)
Stoppé! C:\Program Files\Micro Application\LauncherMA.exe (2272)
Stoppé! C:\Program Files\iPod\bin\iPodService.exe (2372)
Stoppé! C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe (2828)
Stoppé! C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (3080)
Stoppé! C:\windows\system32\wuauclt.exe (3372)
Stoppé! C:\Documents and Settings\MYRIAM\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (3908)
Stoppé! C:\Documents and Settings\MYRIAM\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (1152)
Stoppé! C:\windows\system32\wscntfy.exe (3568)

################## | Éléments infectieux |

Supprimé! C:\windows\system32	emp
Supprimé! C:\Recycler\S-1-5-21-57989841-630328440-725345543-1003
Supprimé! E:\Recycler\S-1-5-21-57989841-630328440-725345543-1003
Supprimé! G:\$RECYCLE.BIN\S-1-5-21-1131658597-4005637612-88016806-1000
Supprimé! G:\Recycler\S-1-5-21-57989841-630328440-725345543-1003
Supprimé! G:\autorun.inf

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |


################## | Listing |

[24/11/2007 - 12:59:13 | N | 0] 	C:\AUTOEXEC.BAT
[17/01/2010 - 12:14:39 | N | 296] 	C:\Boot.bak
[28/08/2001 - 12:00:00 | N | 4952] 	C:\Bootfont.bin
[31/12/2010 - 18:11:50 | D ] 	C:\cmdcons
[04/08/2004 - 00:00:08 | N | 263488] 	C:\cmldr
[04/09/2012 - 10:33:37 | D ] 	C:\Config.Msi
[24/11/2007 - 12:59:13 | N | 0] 	C:\CONFIG.SYS
[06/01/2011 - 19:45:33 |  | 2048] 	C:\derniere restau.bkf
[26/03/2012 - 18:52:50 | D ] 	C:\Documents and Settings
[19/05/2010 - 10:00:02 | D ] 	C:\Downloads
[03/07/2008 - 14:30:22 | D ] 	C:\Drivers
[07/11/2008 - 10:52:11 | D ] 	C:\found.000
[24/04/2008 - 20:55:59 | D ] 	C:\found.001
[24/03/2009 - 10:30:20 | N | 179] 	C:\handle.dat
[24/11/2007 - 12:59:13 | N | 0] 	C:\IO.SYS
[06/07/2012 - 17:23:08 | D ] 	C:\kleaner.tmp
[24/11/2007 - 12:59:13 | N | 0] 	C:\MSDOS.SYS
[24/02/2008 - 14:12:43 | N | 47564] 	C:\NTDETECT.COM
[24/03/2009 - 19:07:54 | N | 252240] 	C:
tldr
[29/02/2004 - 17:44:34 | N | 52576] 	C:\orange.bmp
[09/10/2012 - 08:08:21 | ASH | 3221225472] 	C:\pagefile.sys
[09/10/2012 - 09:06:28 | D ] 	C:\Program Files
[09/10/2012 - 09:21:40 | SHD ] 	C:\RECYCLER
[21/12/2011 - 17:58:12 | N | 921632] 	C:\SPC220NC.DAT
[19/04/2008 - 11:52:22 | D ] 	C:\spybot
[09/07/2012 - 07:32:09 | SHD ] 	C:\System Volume Information
[09/11/2011 - 21:26:37 | D ] 	C:\Techno-flash
[06/12/2011 - 09:40:31 | D ] 	C:\Temp
[26/11/2011 - 11:49:44 | D ] 	C:\TLCWIN
[09/10/2012 - 09:21:40 | D ] 	C:\UsbFix
[09/10/2012 - 09:23:25 | A | 5875] 	C:\UsbFix.txt
[09/10/2012 - 08:09:49 | D ] 	C:\WINDOWS
[26/12/2009 - 00:18:22 | D ] 	E:\57ccf2ebfec675bfa94bdd9c8c94f202
[04/02/2012 - 11:07:53 | D ] 	E:\assedic jackie
[07/01/2011 - 13:44:18 | D ] 	E:\bben
[18/06/2012 - 08:57:36 | D ] 	E:\bin
[25/04/2009 - 20:15:38 | D ] 	E:\CDBurnerXP Projects
[11/01/2011 - 08:19:53 | N | 2084] 	E:\cfgsave.dwb
[30/04/2011 - 11:55:48 | N | 20480] 	E:\conforama.doc
[28/11/2007 - 13:41:51 | D ] 	E:\CyberLink
[02/01/2011 - 18:58:24 | ASH | 78] 	E:\desktop.ini
[07/10/2012 - 19:40:37 | D ] 	E:\doc personnel divers
[30/01/2011 - 11:23:23 | N | 754688] 	E:\Doc1.doc
[28/05/2011 - 09:56:08 | N | 3543040] 	E:\Doc2.doc
[18/01/2012 - 08:53:22 | D ] 	E:\dossier facture
[05/10/2012 - 08:48:11 | D ] 	E:\Downloads
[31/12/2009 - 14:31:21 | N | 2945024] 	E:\fiche cluedo.doc
[24/03/2008 - 12:50:55 | N | 20] 	E:\funrecent.fmp
[21/10/2010 - 08:01:35 | D ] 	E:\GameFools
[05/02/2011 - 15:46:28 | N | 1320960] 	E:\histoire.doc
[08/08/2010 - 12:49:52 | N | 3666156] 	E:\IMGP0882.JPG
[01/07/2012 - 21:12:39 | D ] 	E:\JVC
[15/01/2011 - 13:39:23 | D ] 	E:\LDW
[15/05/2011 - 20:12:13 | N | 2375168] 	E:\Le sud.doc
[15/03/2012 - 17:09:03 | D ] 	E:\Ma musique
[23/08/2012 - 21:13:37 | D ] 	E:\MAEL
[02/10/2011 - 17:58:38 | N | 19968] 	E:\Maison  mao  maman  papa  papi  moto  tati  tonton.doc
[30/09/2012 - 14:28:27 | D ] 	E:\maorie
[02/10/2012 - 20:08:22 | D ] 	E:\Maïténa
[29/11/2011 - 16:28:34 | D ] 	E:\Megaplex Madness
[15/03/2012 - 17:11:22 | D ] 	E:\Mes fichiers reçus
[15/03/2012 - 17:11:29 | D ] 	E:\Mes Historiques de Conversation
[19/08/2012 - 22:28:27 | D ] 	E:\Mes images
[16/11/2011 - 09:22:03 | D ] 	E:\Mes numérisations
[05/06/2009 - 10:13:09 | D ] 	E:\Mes vidéos
[21/11/2011 - 19:01:38 | D ] 	E:\Messenger Plus
[06/03/2011 - 13:15:24 | D ] 	E:\msdownld.tmp
[16/09/2012 - 11:35:04 | D ] 	E:\My DAP Downloads
[28/09/2012 - 13:41:17 | D ] 	E:\My Games
[09/05/2012 - 16:24:27 | D ] 	E:\MyWorks
[19/01/2011 - 13:43:50 | N | 1618944] 	E:
apoleon.doc
[21/08/2012 - 19:37:27 | D ] 	E:
ds
[03/02/2011 - 11:23:37 | N | 21504] 	E:\Nom.doc
[01/07/2012 - 21:09:26 | D ] 	E:
os photos
[22/06/2012 - 19:56:16 | D ] 	E:\Nouveau dossier
[17/04/2011 - 11:59:54 | N | 3205476] 	E:\P4170029.JPG
[27/05/2012 - 22:33:57 | D ] 	E:\photos divers
[02/01/2008 - 15:27:07 | D ] 	E:\pochette express
[02/03/2011 - 17:00:49 | N | 19968] 	E:\Poisson globe.doc
[09/10/2012 - 09:21:40 | SHD ] 	E:\RECYCLER
[12/12/2011 - 18:58:37 | D ] 	E:\samsung
[11/01/2011 - 18:33:50 | N | 2052608] 	E:\science.doc
[13/03/2008 - 11:50:44 | D ] 	E:\SlySoft
[11/09/2012 - 14:52:02 | N | 572] 	E:\spider.sav
[28/01/2011 - 15:10:17 | N | 30208] 	E:\statue de la liberte.doc
[02/11/2011 - 18:33:04 | N | 642084] 	E:\Svt téna.odt
[21/08/2012 - 15:57:17 | SHD ] 	E:\System Volume Information
[27/05/2012 - 22:34:09 | ASH | 156672] 	E:\Thumbs.db
[30/09/2012 - 12:32:16 | D ] 	E:	ravail lalou
[03/10/2012 - 10:37:22 | D ] 	E:\TRAVAIL MYRIAM
[03/02/2012 - 16:17:27 | D ] 	E:\Téléchargements
[21/08/2010 - 17:40:04 | D ] 	E:\WideStream
[21/08/2011 - 17:09:26 | SHD ] 	G:\$RECYCLE.BIN
[22/02/2011 - 18:56:36 | D ] 	G:\autorun
[15/03/2012 - 17:06:03 | D ] 	G:\Camille
[10/05/2011 - 14:42:59 | D ] 	G:\jeu psp mao
[11/05/2012 - 13:05:28 | D ] 	G:\jeux pc
[15/03/2012 - 17:07:29 | D ] 	G:\Lucca
[21/04/2012 - 11:12:19 | D ] 	G:
ouveau jeu psp
[15/03/2012 - 17:06:39 | D ] 	G:\photos matthieu
[09/10/2012 - 09:21:40 | SHD ] 	G:\RECYCLER
[08/10/2012 - 13:47:48 | SHD ] 	G:\System Volume Information
[20/02/2012 - 13:57:05 | ASH | 950784] 	G:\Thumbs.db
[01/12/2011 - 17:36:34 | N | 494479] 	H:\ESTIME.odt
[06/04/2012 - 11:46:20 | N | 3835498] 	H:\le velo.odt
[23/05/2012 - 17:27:38 | N | 733054976] 	H:\Spooky.Buddies.2011.FRENCH.DVDRip.XviD-OSEF.By.Emulix.[emule-island.ru].avi
[08/10/2012 - 09:59:50 | N | 50622] 	H:\img018.pdf
[09/10/2012 - 09:02:56 | N | 1271178] 	H:\UsbFix.exe
[08/10/2012 - 14:59:10 | N | 739856] 	H:\chrome_installer.exe
[21/05/2012 - 13:42:30 | D ] 	H:\domaine de Cazes
[28/04/2012 - 16:47:26 | N | 10506] 	H:\Le château des Gray est célèbre pour sa collection de statues et statuettes.docx

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | Upload |

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PCMIMI.zip
http://eldesaparecido.com/upload.php
Merci de votre contribution.

################## | E.O.F |

g3n-h@ckm@n · Answer

relance Pre_scan , clique sur Diag puis heberge Pre_Diag_etc....txt qui apparaitra sur ton bureau

mimie17 · Answer

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Diag | 2.1009 | g3n-h@ckm@n & Saachaa | ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ ~ Update on 09/10/2012 | 00.45 by g3n-h@ckm@n ~ Informations | Evolution : https://gen-hackman.kanak.fr/ ~ Informations for the switches Pre_Script : https://gen-hackman.kanak.fr/ ~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505 ~ Thx to C_XX , Slyk for their help for the evolution of the tool ~ User : MYRIAM (Administrateurs) | SID = S-1-5-21-57989841-630328440-725345543-1003 ~ Computer : PCMIMI ~ System : Microsoft Windows XP (32 bits) Service Pack 3 ~ RegisteredOwner : MIMI ~ RegisteredOrganization : ~ ProcessorNameString : AMD Athlon(tm) 64 X2 Dual Core Processor 4400+ ~ Identifier : x86 Family 15 Model 107 Stepping 2 15:36:45 ¤¤¤¤¤¤¤¤¤¤ | Run [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[NvCplDaemon] : RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[NvMediaCenter] : RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[SchedulingAgent] : mstinit.exe /firstlogon [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Monitor] : C:\windows\Philips\SPC220NC\Monitor.exe [20/09/2008 11:02:39] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Adobe ARM] : "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[PlusService] : C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe [21/11/2011 19:00:46] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[KiesTrayAgent] : C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [29/11/2011 21:58:46] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[APSDaemon] : "C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe" [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[RTHDCPL] : RTHDCPL.EXE [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[iTunesHelper] : "C:\Program Files\iTunes\iTunesHelper.exe" [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[avgnt] : "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[SunJavaUpdateSched] : "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[ctfmon.exe] : C:\windows\system32\ctfmon.exe [29/08/2002 11:45:10] [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[KiesHelper] : C:\Program Files\Samsung\Kies\KiesHelper.exe /s [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[KiesPDLR] : C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [29/11/2011 21:58:56] [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Google Update] : "C:\Documents and Settings\MYRIAM\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Adobe Reader Synchronizer] : "C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CloneCDTray] -> CloneCDTray -> "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSMSGS] -> msmsgs -> "C:\Program Files\Messenger\msmsgs.exe" /background [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon] -> NvCpl -> RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvMediaCenter] -> NvMcTray -> RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg wiz] -> nwiz -> nwiz.exe /install [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl] -> PDVDServ -> "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDCPL] -> RTHDCPL -> RTHDCPL.EXE [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SkyTel] -> SkyTel -> SkyTel.EXE [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^EPSON Status Monitor 3 Environment Check.lnk] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^TrayMin220.lnk] ¤¤¤¤¤¤¤¤¤¤ | Others [HKLM\System\CurrentControlSet\Control\SecurityProviders]|[SecurityProviders] : msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll [HKLM\System\CurrentControlSet\Control\Session Manager]|[BootExecute] : autocheck autochk * [HKLM\System\ControlSet001\Control]|[SystemBootDevice] : multi(0)disk(0)rdisk(0)partition(1) [HKLM\system\currentcontrolset\control\lsa]|[SecureBoot] : 1 [HKLM | Winlogon]|[VMApplet] : rundll32 shell32,Control_RunDLL "sysdm.cpl" [HKLM | Winlogon]|[AutoAdminLogon] : 0 [HKLM | Winlogon]|[SFCDisable] : 0 [HKLM | Winlogon]|[WinStationsDisabled] : 0 [HKLM | Winlogon]|[UIHost] : logonui.exe [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]|[DllName] : crypt32.dll [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]|[DllName] : cryptnet.dll [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]|[DllName] : cscdll.dll [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]|[DllName] : %SystemRoot%\System32\dimsntfy.dll [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]|[DllName] : wlnotify.dll [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]|[DllName] : wlnotify.dll [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]|[DllName] : sclgntfy.dll [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]|[DllName] : WlNotify.dll [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify ermsrv]|[DllName] : wlnotify.dll [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]|[DllName] : wlnotify.dll [HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]|[PostBootReminder] : {7849596a-48ea-486e-8937-a2a3009f31a9} [HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]|[CDBurn] : {fbeb8a05-beee-4442-804e-409d6c4515e9} [HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]|[WebCheck] : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]|[SysTray] : {35CEC8A3-2BE6-11D2-8773-92E220524153} [HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]|[WPDShServiceObj] : {AAA288BA-9A4C-45B0-95D7-94D524869DB5} [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]|[{AEB6717E-7E19-11d0-97EE-00C04FD91972}] : [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks]|[{CFBFAE00-17A6-11D0-99CB-00C04FD64497}] : [HKLM\Software\Microsoft\Internet Explorer\Toolbar]|[{21FA44EF-376D-4D53-9B0F-8A89D3229068}] : 0x00 [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar]|[LinksFolderName] : Liens [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar]|[Locked] : 1 [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar]|[ShowDiscussionButton] : Yes [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar]|[Locked] : 1 [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar]|[LinksFolderName] : Liens [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar]|[ShowDiscussionButton] : Yes [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]|[{438755C2-A8BA-11D1-B96B-00A0C90312E1}] : Pré-chargeur Browseui [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]|[{8C7461EF-2B13-11d2-BE35-3078302C2030}] : Démon de cache des catégories de composant [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\${searchCLSID}] -> (@ieframe.dll,-12512) -> https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?} [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{4A89CA98-3BDF-EAFA-E8B6-158B1BD67994}] -> (Google) -> https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{4A89CA98-3BDF-EAFA-E8B6-158B1BD67994}] -> (@ieframe.dll,-12512) -> https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?} [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}] -> () -> [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] -> () -> [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] -> () -> [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\8c7da5b4-bcdc-4924-bbd7-b148e669c8ad] -> (Oryte_Games_1.9ToolbarHelper.exe) -> C:\Program Files\Oryte_Games_1.9 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\cfb3ee36-872e-45c4-a10f-a4885097d913] -> (Oryte_Games_1.9ToolbarHelper.exe) -> C:\Program Files\Oryte_Games_1.9 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\e840d36b-dea7-4799-9590-3772974ce498] -> (Oryte_Games_1.9ToolbarHelper.exe) -> C:\Program Files\Oryte_Games_1.9 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{003B91A6-61E3-4591-891D-01E94C8CB11E}] -> (Silverlight.Configuration.exe) -> C:\Program Files\Microsoft Silverlight\4.0.50917.0\ [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B3FB63-66F4-4EFC-B717-BB283B85E79B}] -> (AcroBroker.exe) -> C:\Program Files\Adobe\Reader 10.0\Reader\ [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ec76a37-1762-46ff-9b14-765b3e6793be}] -> (agcp.exe) -> C:\Program Files\Microsoft Silverlight\4.0.50917.0\ [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{358E6F10-DE8A-4602-8424-179CA217F8EE}] -> (AcroRd32Info.exe) -> C:\Program Files\Adobe\Reader 10.0\Reader [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44295CB8-D71B-11DA-8750-001185653D78}] -> (googletoolbar1user.exe) -> c:\program files\google [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C0B7A7C-8ECF-422f-9448-0874C41D4532}] -> (WLLoginProxy.exe) -> %ProgramFiles%\Common Files\Microsoft Shared\Windows Live [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76E2369A-75BA-41F9-8B9E-16059E5CF9A6}] -> (AdobeARM.exe) -> C:\Program Files\Fichiers communs\Adobe\ARM\1.0\ [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B7FB824-0A43-4bc2-B58D-F6386FEEFD84}] -> (CGuard.exe) -> Choice Guard [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80B84A0A-EDA4-47fd-8BE1-6B49F4197EE5}] -> (GoogleToolbarNotifier.exe) -> C:\Program Files\Google\GoogleToolbarNotifier [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E1F80F4-953F-41E7-8460-E64AE5BE4ED3}] -> (AdobeCollabSync.exe) -> C:\Program Files\Adobe\Reader 10.0\Reader [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C6A861C-B233-4994-AFB1-C158EE4FC578}] -> (AcroRd32.exe) -> C:\Program Files\Adobe\Reader 10.0\Reader [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2C4A926-ABA8-4983-817F-4EB832F995DA}] -> (wltuser.exe) -> C:\Program Files\Windows Live\Toolbar\ [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C}] -> (OberonBroker.exe) -> C:\Program Files\Fichiers communs\Oberon Media\OberonBroker\1.0.0.63 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAD4AE2E-D834-46D4-8B09-490FAC9C722B}] -> () -> [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] -> (GoogleUpdateBroker.exe) -> C:\Program Files\Google\Update\1.3.21.123 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] -> (GoogleUpdate.exe) -> C:\Program Files\Google\Update [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}] -> (ssvagent.exe) -> C:\Program Files\Java\jre6\bin [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D62088BE-DBCC-11DB-8D0A-D0DD55D89595}] -> (gameinstaller.exe) -> C:\Program Files\RealArcade\Installer\bin [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d8a5d001-3352-40db-9d1c-ed46683193b5}] -> (WindowsLiveWriter.exe) -> C:\Program Files\Windows Live\Writer\ [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] -> (FlashUtil10c.exe) -> C:\windows\system32\Macromed\Flash ¤¤¤¤¤¤¤¤¤¤ | BHO [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] -> (Adobe PDF Link Helper) -> C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [27/07/2012 22:51:32] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] -> () -> [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] -> (Search Helper) -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [19/05/2009 11:36:18] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) -> C:\Program Files\Java\jre6\bin\ssv.dll [28/08/2012 20:49:56] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7CBD26C3-7F51-541E-70D6-28B861C07179}] -> () -> [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d'aide de l'Assistant de connexion Windows Live) -> C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [22/01/2009 15:41:30] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [28/08/2012 20:49:56] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] -> (Windows Live Toolbar Helper) -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [16/04/2010 20:55:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] -> (JQSIEStartDetectorImpl Class) -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [28/08/2012 20:49:56] ¤¤¤¤¤¤¤¤¤¤ | ActiveX [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] -> (IEUDINIT) -> Mise à jour de la version d'Internet Explorer [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> (WMPACCESS) -> Lecteur Windows Media [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] -> (IEACCESS) -> Internet Explorer [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> (OEACCESS) -> Outlook Express [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{CB58DED6-4AF3-4080-9DF1-DEE72075169F}] -> (BRANDING.CAB) -> Personnalisation du navigateur [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}] -> (JAVAVM) -> Microsoft VM [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608555}] -> (IEJAVA) -> Internet Explorer Classes for Java [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}] -> (MSVML) -> Rendu VML (Vector Graphics Rendering) [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> (NetShow) -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> (Microsoft Windows Media Player) -> Lecteur Windows Media Microsoft 6.4 [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{283807B5-2C60-11D0-A31D-00AA00B92C03}] -> (DirectAnimation) -> DirectAnimation [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2A3320D6-C805-4280-B423-B665BDE33D8F}] -> (M979906) -> Microsoft .NET Framework 1.1 Security Update (KB979906) [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> (Theme Component) -> Themes Setup [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2F6EFCE6-10DF-49F9-9E64-9AE3775B2588}] -> (M2416447) -> Microsoft .NET Framework 1.1 Security Update (KB2416447) [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}] -> (TridataJava) -> Liaison de données Dynamic HTML pour Java [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] -> (MobilePk) -> Offline Browsing Pack [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}] -> (USP10) -> Uniscribe [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{411EDCF7-755D-414E-A74B-3DCD6583F589}] -> (S867460) -> Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4278c270-a269-11d1-b5bf-0000f8051515}] -> (AdvAuth) -> Création avancée [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> (MailNews) -> Microsoft Outlook Express 6 [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> (NetMeeting) -> NetMeeting 3.01 [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}] -> (activemovie) -> DirectShow [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}] -> () -> Microsoft DirectX [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] -> (DirectDrawEx) -> DirectDrawEx [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4594FDD1-557F-FA9C-7C2F-D9F814DCB9BE}] -> () -> DirectX [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] -> (HelpCont) -> Internet Explorer Help [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4d64f3ba-f112-4efe-a02e-96680859937c}] -> (KB918899) -> KB918899 [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f216970-c90c-11d1-b5c7-0000f8051515}] -> (DAJava) -> Classes Java DirectAnimation [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] -> (MSVBScript) -> Microsoft Windows Script 5.8 [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> (Messenger) -> Windows Messenger 4.7 [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5A8D6EE0-3E18-11D0-821E-444553540000}] -> (ICW) -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5b7bf89d-d196-4c32-a303-a57b8ab7f18d}] -> (KB918439) -> KB918439 [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] -> (GenSetup) -> Internet Explorer Setup Tools [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] -> (ExtraPack) -> Browsing Enhancements [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> (Microsoft Windows Media Player 8) -> Microsoft Windows Media Player 8 [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] -> (MSN_Auth) -> MSN Site Access [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}] -> (.NETFramework) -> .NET Framework [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> (WebFolders) -> Dossiers Web [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] -> (WAB) -> Carnet d'adresses 6 [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] -> (IE4Shell_NT) -> Mise à jour du Bureau Windows [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] -> (BASEIE40_W2K) -> Internet Explorer [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> (DOTNETFRAMEWORKS) -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] -> (Tridata) -> Dynamic HTML Data Binding [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9A394342-4A68-4EBA-85A6-55B559F4E700}] -> (.NETFramework) -> .NET Framework [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}] -> (.NETFramework) -> .NET Framework [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] -> (Fontcore) -> Internet Explorer Core Fonts [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}] -> (.NETFramework) -> .NET Framework [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{CC2A9BA0-3BDD-11D0-821E-444553540000}] -> (MSTASK) -> Planificateur de tâches [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}] -> (Windows Movie Maker v2.1) -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11cf-96B8-444553540000}] -> (Flash) -> Adobe Flash Player [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{dd772a76-bef3-44d7-8b39-502c8504c1f1}] -> (KB925486) -> KB925486 [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] -> (HTMLHelp) -> HTML Help [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] -> (ADSI) -> Active Directory Service Interface [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{f15ee071-deb7-4cbb-951f-431c98338d8e}] -> (KB911567) -> KB911567 [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}] -> (.NETFramework) -> .NET Framework [HKU\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> () -> 6,4,9,1120 [HKU\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> () -> 6,4,9,1120 [HKU\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> () -> 4,4,0,3385 [HKU\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}] -> () -> 6,4,2600,0 [HKU\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> () -> 8,0,0,4477 [HKU\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> () -> 6,4,9,1120 [HKU\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> () -> 6,4,9,1120 [HKU\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> () -> 4,4,0,3385 [HKU\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}] -> () -> 6,4,2600,0 [HKU\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> () -> 8,0,0,4477 [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] -> () -> 8,0,6001,0 [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] -> () -> 8,0,6001,18702 [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> () -> 2,0,0,0 [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\>{CB58DED6-4AF3-4080-9DF1-DEE72075169F}] -> () -> 0,0,0,0 [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\InitiallyClear] -> () -> [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> () -> 10,0,0,3802 [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> () -> 10,0,0,3802 [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> () -> 1,1,1,7 [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> () -> 6,0,2900,5512 [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> () -> 4,4,0,3385 [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}] -> () -> 10,0,0,3802 [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> () -> 4,7,0,3000 [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> () -> 10,0,0,3802 [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> () -> 10,0,0,1 [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] -> () -> 6,0,2900,5512 [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] -> () -> 6,0,2900,5512 [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] -> () -> 8,0,6001,18702 [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> () -> [HKU\S-1-5-21-57989841-630328440-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}] -> () -> 6,0,2600,0000 [HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] -> () -> 2,0,0,0 [HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] -> () -> 6,0,2800,1106 [HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> () -> 2,0,0,0 [HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> () -> 10,0,0,3802 [HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> () -> 10,0,0,3802 [HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> () -> 1,1,1,7 [HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> () -> 6,0,2900,5512 [HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> () -> 4,4,0,3385 [HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}] -> () -> 10,0,0,3802 [HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> () -> 4,7,0,3000 [HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> () -> 10,0,0,3802 [HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> () -> 10,0,0,1 [HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] -> () -> 6,0,2900,5512 [HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] -> () -> 6,0,2900,5512 [HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] -> () -> 6,0,2900,5512 [HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> () -> [HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes] -> DirectAnimation Java Classes [HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java] -> Microsoft XML Parser for Java [HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0D6709DD-4ED8-40CA-B459-2757AEEF7BEE}] -> [HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{17492023-C23A-453E-A040-C7C580BBF700}] -> [HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}] -> [HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5392B545-31A5-4724-BEF3-4FED1D56FDAC}] -> [HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}] -> [HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{867E13F2-7F31-44FB-AC97-CD38E0DC46EF}] -> [HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}] -> Java Runtime Environment 1.6.0 [HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}] -> Java Runtime Environment 1.6.0 [HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}] -> Java Runtime Environment 1.6.0 [HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}] -> Java Runtime Environment 1.6.0 [HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}] -> 15:36:50 ¤¤¤¤¤¤¤¤¤¤ | HKCR\Applications [HKCR\Applications\bfgprocess.exe\Shell\open\command] -> "C:\Program Files\bfgclient\bfgprocess.exe" "%1" [HKCR\Applications\chrome.exe\Shell\open\command] -> "C:\Documents and Settings\MYRIAM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" -- "%1" [HKCR\Applications\EXCEL.EXE\Shell\open\command] -> "C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE" /e [HKCR\Applications\hpqthb08.exe\Shell\open\command] -> "C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe" /open "%1" [HKCR\Applications\iexplore.exe\Shell\open\command] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKCR\Applications\iTunes.exe\Shell\open\command] -> "C:\Program Files\iTunes\iTunes.exe" /open "%L" [HKCR\Applications\minftnet.exe\Shell\open\command] -> C:\Program Files\Internet Explorer\minftnet.exe %1 [HKCR\Applications\mplayerc.exe\Shell\open\command] -> "C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe" "%1" [HKCR\Applications\MSOXMLED.EXE\Shell\open\command] -> "C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLED.EXE" /verb open "%1" [HKCR\Applications otepad.exe\Shell\open\command] -> %SystemRoot%\system32\NOTEPAD.EXE %1 [HKCR\Applications\ois.exe\Shell\open\command] -> C:\PROGRA~1\MICROS~2\OFFICE11\OIS.EXE /shellOpen "%1" [HKCR\Applications\PowerDirector.exe\Shell\open\command] -> "C:\Program Files\CyberLink\PowerDirector Express\PowerDirector.exe" "%1" [HKCR\Applications\PowerDVD.exe\Shell\open\command] -> "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" "%L" [HKCR\Applications\POWERPNT.EXE\Shell\open\command] -> "C:\Program Files\Microsoft Office\OFFICE11\POWERPNT.EXE" /s "%1" [HKCR\Applications\RegAnyDVD.exe\Shell\open\command] -> "C:\Program Files\SlySoft\AnyDVD\RegAnyDVD.exe" "%1" [HKCR\Applications\RegCloneCD.exe\Shell\open\command] -> "C:\Program Files\SlySoft\CloneCD\RegCloneCD.exe" "%1" [HKCR\Applications\scalc.exe\Shell\open\command] -> "C:\Program Files\OpenOffice.org 3\program\scalc.exe" -o "%1" [HKCR\Applications\shimgvw.dll\Shell\open\command] -> rundll32.exe %SystemRoot%\system32\shimgvw.dll,ImageView_Fullscreen %1 [HKCR\Applications\simpress.exe\Shell\open\command] -> "C:\Program Files\OpenOffice.org 3\program\simpress.exe" -o "%1" [HKCR\Applications\swriter.exe\Shell\open\command] -> "C:\Program Files\OpenOffice.org 3\program\swriter.exe" -o "%1" [HKCR\Applications\vlc.exe\Shell\open\command] -> "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKCR\Applications\WinRAR.exe\Shell\open\command] -> "C:\Program Files\WinRAR\WinRAR.exe" "%1" [HKCR\Applications\WLXPhotoGallery.exe\Shell\open\command] -> C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe /LaunchPhotoViewer /v "%1" [HKCR\Applications\WLXPhotoViewer.dll\Shell\open\command] -> C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe /LaunchPhotoViewer /v "%1" [HKCR\Applications\wmplayer.exe\Shell\open\command] -> C:\Program Files\Windows Media Player\wmplayer.exe /Open "%L" [HKCR\Applications\wordpad.exe\Shell\open\command] -> "%ProgramFiles%\Windows NT\Accessoires\WORDPAD.EXE" "%1" ¤¤¤¤¤¤¤¤¤¤ | Svchost - Netsvcs 15:36:50 ¤¤¤¤¤¤¤¤¤¤ | HKU\S-1-5-20 [HKU\S-1-5-20\Software\Intel] [HKU\S-1-5-20\Software\Microsoft] [HKU\S-1-5-20\Software\Netscape] [HKU\S-1-5-20\Software\Piriform] [HKU\S-1-5-20\Software\Policies] [HKU\S-1-5-20\Software\Classes] [HKU\S-1-5-20\Software\Microsoft\Active Setup] [HKU\S-1-5-20\Software\Microsoft\ActiveMovie] [HKU\S-1-5-20\Software\Microsoft\Clock] [HKU\S-1-5-20\Software\Microsoft\Command Processor] [HKU\S-1-5-20\Software\Microsoft\CTF] [HKU\S-1-5-20\Software\Microsoft\EventSystem] [HKU\S-1-5-20\Software\Microsoft\File Manager] [HKU\S-1-5-20\Software\Microsoft\Internet Explorer] [HKU\S-1-5-20\Software\Microsoft\Keyboard] [HKU\S-1-5-20\Software\Microsoft\MediaPlayer] [HKU\S-1-5-20\Software\Microsoft\Microsoft Management Console] [HKU\S-1-5-20\Software\Microsoft\MovieMaker] [HKU\S-1-5-20\Software\Microsoft\Multimedia] [HKU\S-1-5-20\Software\Microsoft\NetDDE] [HKU\S-1-5-20\Software\Microsoft\NetShow] [HKU\S-1-5-20\Software\Microsoft\Ntbackup] [HKU\S-1-5-20\Software\Microsoft\Office] [HKU\S-1-5-20\Software\Microsoft\RegEdt32] [HKU\S-1-5-20\Software\Microsoft\Schedule+] [HKU\S-1-5-20\Software\Microsoft\Search Assistant] [HKU\S-1-5-20\Software\Microsoft\SystemCertificates] [HKU\S-1-5-20\Software\Microsoft\Windows] [HKU\S-1-5-20\Software\Microsoft\Windows Help] [HKU\S-1-5-20\Software\Microsoft\Windows NT] [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-20\Software\Microsoft\Windows\ShellNoRoam] ¤¤¤¤¤¤¤¤¤¤ | HKU\S-1-5-21-57989841-630328440-725345543-1003 [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\AC3filter] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Adobe] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Ahead] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Alawar] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\ALCATech] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\ALWIL Software] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\AppDataLow] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Apple Computer, Inc.] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Apple Inc.] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\ArberthStudios] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\ArcSoft] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Artifex Mundi] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Artogon] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\ASProtect] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Astar Games] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Avance] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Avira] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\AVS4YOU] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Big Fish Games] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Big Fish Games, Inc] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Big Fish Games, Inc.] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Binary Noise] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\BitDefender] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\BitTorrent] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Boolat Games] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Canneverbe Limited] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\casinonetInstaller] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\CatsEyeGames] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\CDDB] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Clients] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\CoreVorbis] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Cyberlink] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Cybermedia Inc] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Dancing Dots Demo] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\DivXNetworks] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Dlinfo] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\DownloadCenter] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\DQ Team] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\DSP-worx] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\EEEZEE] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\EEEZEE PRODUCTS] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\EEEZEE Products Ltd.] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\ej-technologies] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\eMule] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\etoro] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Farm Mania] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Farm Mania 2] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Freeware] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Fugazo] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\g3n-h@ckm@n] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Gabest] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Game Mill] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\GameHouse] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\GNU] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\GoBit] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\GOG] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Good games] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Google] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\GSpot Appliance Corp] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Haali] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Hewlett-Packard] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\HookNetwork] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\HP] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\IM Providers] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\InstallCore] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Intel] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Intenium] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\IronCode] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\JavaSoft] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\JEDI-VCL] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\JollyBear] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\KC Softwares] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\KillBox] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\KingsIsle] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Licenses] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Local AppWizard-Generated Applications] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Macromedia] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Macrovision] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Magnet] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Malwarebytes' Anti-Malware] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\McAfee] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\MDNAGames] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Meridian93] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Micro Application] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\mif2000] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\MOVAVI] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Mozilla] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\MozillaPlugins] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\NCH Software] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\NCH Swift Sound] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Netscape] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Northcode Inc] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\NVIDIA Corporation] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Oberon Media] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\OceanMediaGames] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\ODBC] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\OpenOffice.org] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\phenomedia publishing gmbh] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\PhotoFiltre] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\PiEyeGames] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Piriform] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Pixela] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\PlayfulAge] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Playrix Entertainment] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Policies] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\PopCap] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Realtek] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Safer Networking Limited] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Samsung] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Sandlot Games] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Screentime Media] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\SecuROM] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Silverback Productions] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Simply Super Software] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Skype] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\SlySoft] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\SOFTWIN] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Sony Corporation] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\SpecialBit] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\SugarGames] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\SulusGames] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Sysinternals] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Test3D] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Textalk AB] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Trolltech] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Usbfix] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Valusoft] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\VB and VBA Program Settings] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\VHLD] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\WinRAR] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\WinRAR SFX] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Wow6432Node] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\WS35] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Xilisoft] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\YahooPartnerToolbar] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Yuna Software] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Zylom] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\?? ?? ???? ????? ??? ?? ????] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Classes] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Active Setup] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\ActiveMovie] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Advanced INF Setup] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\AntiPhishing] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\ASF Stream Descriptor File] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Clock] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Command Processor] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Conferencing] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\ConferencingRTC] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Cryptography] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\CTF] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Direct3D] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\DirectInput] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\DIRECTPLAY] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\DirectShow] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\DirectX Diagnostic Tool] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Driver Signing] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\DUIDebug] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\EventSystem] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Feeds] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\File Manager] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Ftp] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\GDIPlus] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Genuine Advantage] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\IdentityCRL] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\IEAK] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\IMEMIP] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Installer] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Internet Account Manager] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Internet Account Manager Live] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Internet Connection Wizard] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Internet Explorer] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Internet Mail and News] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Java VM] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Keyboard] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Learning Essentials] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\MediaPlayer] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\MessengerService] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Microsoft Management Console] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Microsoft Reference] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\MovieMaker] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\MPEG2Demultiplexer] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\MS Design Tools] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\MSDAIPP] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\MSN6] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\MSNMessenger] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\MSPaper 11.0] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Multimedia] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\NetDDE] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\NetShow] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Network Diagnostic] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Notepad] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Ntbackup] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Office] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\OfficeLive] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\OLE] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Outlook Express] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\PCHealth] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Plus!] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Protected Storage System Provider] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\RAS Autodial] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\RAS Phonebook] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\RegEdt32] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\RTC] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\SAPI Layer] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Schedule+] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Screensavers] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Scrunch] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Search Assistant] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Security Center] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Shared] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Shared Tools] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Solitaire] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Speech] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Spider] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\SQMClient] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\SystemCertificates] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Time] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\TPG] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Tracing] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\UCCPlatform] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\User Location Service] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\VBA] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Visual Basic] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\WAB] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Wbem] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Web Service Providers] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows Genuine Advantage] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows Help] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows Live] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows Live Call] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows Live Contacts] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows Live Mail] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows Media] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows NT] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows Script] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows Script Host] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\winmine] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Wisp] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\zone.com] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\ShellNoRoam] ¤¤¤¤¤¤¤¤¤¤ | HKCU\Software\M$\Windows NT & CurrentVersion [HKCU\Software\Microsoft\Windows NT\CurrentVersion] [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Devices] [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Extensions] [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Network] [HKCU\Software\Microsoft\Windows NT\CurrentVersion\PrinterPorts] [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Program Manager] [HKCU\Software\Microsoft\Windows NT\CurrentVersion\TaskManager] [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server] [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Time Zones] [HKCU\Software\Microsoft\Windows NT\CurrentVersion\TrueType] [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Twain] [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows] [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] ¤¤¤¤¤¤¤¤¤¤ | HKLM\Software [HKLM\Software\685D6D1C-D73A-4F37-B7E5E53660311DDB] [HKLM\Software\Adobe] [HKLM\Software\AdwCleaner] [HKLM\Software\Ahead] [HKLM\Software\Alawar] [HKLM\Software\ALWIL Software] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Avira] [HKLM\Software\AVS4YOU] [HKLM\Software\Big Fish Games] [HKLM\Software\BitDefender] [HKLM\Software\C07ft5Y] [HKLM\Software\Canneverbe Limited] [HKLM\Software\CDDB] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Codec Tweak Tool] [HKLM\Software\Creative Tech] [HKLM\Software\Cyberlink] [HKLM\Software\Dayterium] [HKLM\Software\DIOC] [HKLM\Software\DivXNetworks] [HKLM\Software\EA Games] [HKLM\Software\ej-technologies] [HKLM\Software\Elaborate Bytes] [HKLM\Software\EPSON] [HKLM\Software\Ericsson] [HKLM\Software\Eset] [HKLM\Software\Funbox] [HKLM\Software\Gabest] [HKLM\Software\GameHouse] [HKLM\Software\GameInstaller] [HKLM\Software\GEAR Software] [HKLM\Software\Gemplus] [HKLM\Software\GNU] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\Hewlett-Packard] [HKLM\Software\HP] [HKLM\Software\ICE] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\JVC] [HKLM\Software\KLCodecPack] [HKLM\Software\Lavasoft] [HKLM\Software\LEAD Technologies, Inc.] [HKLM\Software\Licenses] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\MarkAny] [HKLM\Software\McAfee] [HKLM\Software\McAfee.com] [HKLM\Software\mdc] [HKLM\Software\Messenger Plus!] [HKLM\Software\Microsoft] [HKLM\Software\MimarSinan] [HKLM\Software\Mindscape] [HKLM\Software\Mozilla] [HKLM\Software\Mozilla Firefox 3.0.4] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nero] [HKLM\Software\NSIS.Library.RegTool.v3] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\Oberon Media] [HKLM\Software\ODBC] [HKLM\Software\OpenOffice.org] [HKLM\Software\Philips] [HKLM\Software\Phonemonitor] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Python] [HKLM\Software\RealDSF] [HKLM\Software\Realtek] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\ReflexiveArcade] [HKLM\Software\RegisteredApplications] [HKLM\Software\S3R521] [HKLM\Software\Safer Networking Limited] [HKLM\Software\SAMSUNG] [HKLM\Software\Samsung Electronics Co., Ltd.] [HKLM\Software\Sandlot Games] [HKLM\Software\Schlumberger] [HKLM\Software\Secure] [HKLM\Software\SlySoft] [HKLM\Software\SOFTWIN] [HKLM\Software\SugarGames] [HKLM\Software\SUPERAntiSpyware.com] [HKLM\Software\Thomson] [HKLM\Software\Trolltech] [HKLM\Software\Trymedia Systems] [HKLM\Software\Uniblue] [HKLM\Software\VideoLAN] [HKLM\Software\Windows] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\WinRAR] [HKLM\Software\Wow6432Node] [HKLM\Software\X-AVCSD] [HKLM\Software\Yuna Software] [HKLM\Software\Microsoft\.NETFramework] [HKLM\Software\Microsoft\Active Setup] [HKLM\Software\Microsoft\ADs] [HKLM\Software\Microsoft\Advanced INF Setup] [HKLM\Software\Microsoft\ALG] [HKLM\Software\Microsoft\ASP.NET] [HKLM\Software\Microsoft\AudioCompressionManager] [HKLM\Software\Microsoft\BidInterface] [HKLM\Software\Microsoft\Code Store Database] [HKLM\Software\Microsoft\COM3] [HKLM\Software\Microsoft\Command Processor] [HKLM\Software\Microsoft\Conferencing] [HKLM\Software\Microsoft\Cryptography] [HKLM\Software\Microsoft\CTF] [HKLM\Software\Microsoft\DataAccess] [HKLM\Software\Microsoft\DataFactory] [H

g3n-h@ckm@n · Answer

poste-le en lien ci-joint

mimie17 · Answer

voici le lien

https://pjjoint.malekal.com/files.php?id=20121009_v6d6z13f11e6

g3n-h@ckm@n · Answer

desinstalle superantispyware il sert à rien
desinstalle toolbar installer
desinstalle spybot search and destroy rien du tout

=======================

 Attention !!! pense à re-désactiver tes protections

Clique sur ce lien : https://www.cjoint.com/?BJjszraJsNL

Selectionne tout le texte qui s'y trouve CTRL+A puis CTRL+C ou clic droit/copier

Relance Pre_scan puis choisis l'option "Script"

une page va s'ouvrir

logiquement le texte que tu as sélectionné s'y trouve déjà , donc tu fermes et le programme va travailler.

sinon colle-le (clic droit/coller ou ctrl+V) dans la page vierge.

puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte

des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille 

poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail

mimie17 · Answer

j'arrive pas a trouver superantispyware 

et en plus je peux pas copier le texte du lien que tu m'as envoyé sur la cle usb pour pouvoir le transférer sur l'autre ordi

est-ce que je peux taper tout le texte, je suis pas arrivé je sais mais bon si ça en vaut la peine

g3n-h@ckm@n · Answer

pourquoi tu le colles pas dans un documents texte qui lui , tu le glisses dans la clé usb après l'avoir enregistré ?

mimie17 · Answer

ouah c'est là qu'on voit les cracks j'ai fais comme tu m'as indiqué par contre j'ai la fenêtre nettoyage du disque qui s'est affichée, je ne sais pas si c'est normal, je laisse faire pour l'instant et je te tiens au jus demain car là je vais tout mettre en pause, quand à toi tu as du courage, félicitations pour nous aider surtout quand on est pas des pros, milles mercissssssssss

mimie17 · Answer

bonjour, voilà de la lecture pour toi

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script | 2.1009 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

MYRIAM : Microsoft Windows XP (32 bits)

Switchs : https://gen-hackman.kanak.fr/

Script : 21:04:47

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤


¤

¤¤¤¤¤¤¤¤¤¤ | Firefox

1oj2afkj.default : line Not Deleted : user_pref("browser.startup.homepage", "http://start.funmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzutDtDtC0DyB0DzytByDtAtAtCzz0C0CtBtN0D0Tzu0CtByEyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=63824206"); 

¤

¤¤¤¤¤¤¤¤¤¤ | Registry Deletions

Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:1900:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:2869:TCP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:139:TCP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:445:TCP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:137:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:138:UDP
Value Deleted : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:iTunesHelper
Key Deleted : HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}   
Key Deleted : HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}   
Key Deleted : HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}   
Key Deleted : HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\casinonetInstaller    
Key Deleted : HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Safer Networking Limited
Key Deleted : HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\?? ?? ???? ????? ??? ?? ????
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKCR\AppId\FlashAnimator.DLL

¤

C:\windows\system32\Config\systemprofile\Local Settings\Application Data\Windows Internet Name Service : Not Found !
C:\windows\Installer\{2C8574B5-6935-4FCE-860E-F4E8602378FF} : Not Found !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Spybot - Search & Destroy      : Not Found !
C:\Documents and Settings\MYRIAM\Application Data\.zreglib  : Not Found !
C:\Documents and Settings\All Users\Application Data\.zreglib  : Not Found !
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy      : Not Found !
C:\Program Files\Spybot - Search & Destroy      : Not Found !
C:\Program Files\ToolbarInstaller      : Not Found !

¤¤¤¤¤¤¤¤¤¤ | Edition : C:\windows\settings.ini 

[settings]
MusicVolume=dw:50
SfxVolume=dw:50
VoiceVolume=dw:50
Muted=dw:0
ScreenMode=dw:1
WideScreenMode=dw:0
PreferredX=dw:-1
PreferredY=dw:-1
CustomCursors=dw:1
InProgress=dw:0
WaitForVSync=dw:0

¤

¤¤¤¤¤¤¤¤¤¤ | MBR

Windows Version:		Windows XP Professional
Windows Information:		Service Pack 3 (build 2600)
Logical Drives Mask:		0x000000fd

Analysis of file "C:\Pre_Scan\MBR.bin":
Windows XP MBR code detected




¤


¤¤¤¤¤¤¤¤¤¤ | Disk cleaning

Disk cleaned

¤


Fin : 21:09:29

¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤

g3n-h@ckm@n · Answer

pourquoi tu l'as fait plusieurs fois ?

mimie17 · Answer

je me rappelle pas l'avoir fais plusieurs fois

g3n-h@ckm@n · Answer

sisi tu as du double cliquer sur "script" sans t'en rendre compte

======

 fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.


&#9654 Télécharge ici :

Malwarebytes  

&#9654 Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

&#9654 Lance Malwarebyte's .

Fais un examen dit "Complet" .

&#9654 Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
&#9654 à la fin tu cliques sur "résultat" .
&#9654 Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

&#9654 Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


&#9654 Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

mimie17 · Answer

le hic c'est que je ne peux pas faire les mises à jour puisque j'ai pas internet, je peux le lancer quand même ?

g3n-h@ckm@n · Answer

non installe ces mises à jour manuelles une fois que tu l as installé

http://data.mbamupdates.com/tools/mbam-rules.exe

mimie17 · Answer

desole mais j'ai du tout recommencer nous avons eu droit a une coupure de courant, grrrrrrrr

voilà le rapport mbam

www.malwarebytes.org

Version de la base de données: v2012.09.07.13

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
MYRIAM :: PCMIMI [administrateur]

10/10/2012 16:46:47
mbam-log-2012-10-10 (16-46-47).txt

Type d'examen: Examen complet (C:\|E:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 359294
Temps écoulé: 50 minute(s), 10 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 1
C:\Documents and Settings\MYRIAM\Bureau\winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Mis en quarantaine et supprimé avec succès.

(fin)

g3n-h@ckm@n · Answer

bon y'a plus iren alors maintenant precise "nous n'avons pas internet"

mimie17 · Answer

bonjour,
effectivement je n'ai toujours pas internet sur mon pc, faut-il que je crée un nouveau sujet ?

Freedomsoul · Answer

Tu es connecté au réseau sans avoir internet, c'est ça ?

Concernant internet, pourrais tu vérifier si certaines informations sont remplies dans les propriétés Wifi:

Panneau de configuration > Connexions Réseau 
Clique droit sur l'icone qui correspond au wifi > Propriétés
> Double Click sur "Internet Protocol TCP/IP"

vide or not vide ?

si c'est vide, donne les informations fournies dans 

Panneau de configuration > Connexions Réseau 
Clique droit sur l'icone qui correspond au wifi > Statut > Onglet Support > Bouton Détail

mimie17 · Answer

Je suis connecté avec le portable en wifi, par contre mon vieux pc n'a pas le wifi et c'est donc avec lui que je ne peux pas me connecter

je n'arrive pas à trouver l'icone qui correspond au wifi 

si je fais comme tu m'indiques après connexions réseau on me demande de choisir une tache ou une icone du panneau de configuraion

g3n-h@ckm@n · Answer

re

touche windows + R

tape : cmd.exe

dans la fenetre noire tape :

ipconfig /all

as-tu une adresse qui ressemble à ceci ?

169.254.x.x

mimie17 · Answer

non je n'ai aucune adresse

g3n-h@ckm@n · Answer

??????????? 

meme aucune sous 192.168.x.x ?  

faut peut etre remonter dans la fenetre pour voir apparaitre hein ?
  
¤¤¤¤¤¤¤¤¤¤ Pre_Scan_Concept ¤¤¤¤¤¤¤¤¤¤

mimie17 · Answer

desole j'avais mal taper ipconfig
adresse ip 90.57.222.86

mimie17 · Answer

toujours rien mais faut peut etre que je redemarre le pc, non ?

g3n-h@ckm@n · Answer

fais

mimie17 · Answer

non toujours rien

g3n-h@ckm@n · Answer

telecharge cet outil :

https://majorgeeks.com/downloadget.php?id=7141&file=9&evp=18a37c9c3804bd022748a38eb328614e

installe-le , puis lace-le 

rends-toi directement à l'onglet  "start repairs" puis clique sur "start"

l'outil va te proposer de créer un point de restauration tu acceptes

configure-le comme ceci :

https://www.cjoint.com/?BJlkIxxhDqp

puis clique sur start

mimie17 · Answer

snif snif pas de connexion

g3n-h@ckm@n · Answer

touche windows + R

tape :

services.msc

regarde si le service tcpip est sur démarré

mimie17 · Answer

si cest la ligne ecrite
assistance tcp/ip netbios l'etat est démarré
c'est la seule ligne ou tcp ip apparait

mimie17 · Answer

si cest la ligne ecrite
assistance tcp/ip netbios l'etat est démarré
c'est la seule ligne ou tcp ip apparait

mimie17 · Answer

si cest la ligne ecrite
assistance tcp/ip netbios l'etat est démarré
c'est la seule ligne ou tcp ip apparait

g3n-h@ckm@n · Answer

regarde dans ton gestionnaire de peripheriques si tu n'as pas un "?" ou un "!" noir sur fond jaune devant un des peripheriques

mimie17 · Answer

aucun point jaune

Freedomsoul · Answer

ça ne serait pas des parametres tcp/ip mit par défaut ?

g3n-h@ckm@n · Answer

refais un "Diag" avec pre_scan stp

mimie17 · Answer

desole mais douée comme je suis j'avais tout supprimé dans j'ai relance pre_scan

g3n-h@ckm@n · Answer

heberge le rapport il est trop long :  

https://forums-fec.be/upload   
   
¤¤¤¤¤¤¤¤¤¤ Pre_Scan_Concept ¤¤¤¤¤¤¤¤¤¤

mimie17 · Answer

voilà le lien

	https://forums-fec.be/upload/www/?a=d&i=0379546120

mimie17 · Answer

bonjour,
alors miracle, j'ai internet de nouveau sur le pc ce matin pourvu que ça dure.
Merci pour ta aide et surtout pour ta patience. Bonne journée et encore merci

g3n-h@ckm@n · Answer

coucouc bonne nouvelle :)

surement le fait de redemarrer après les action menées :)
 
 on fait le menage dans ce cas :

https://gen-hackman.kanak.fr/

Problème connexion

52 réponses

Discussions similaires

Newsletters