Virus Windows Security, endomagements...

Résolu
lucoco20 Messages postés 201 Date d'inscription   Statut Membre Dernière intervention   -  
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,

Tout à l'heure, en me rendant sur un forum d'objet de collection américain, j'ai choppé un virus :/

A priori j'ai maintenant réussi à le supprimer (j'ai stoppé les deux processus des virus via le gestionnaires des tâches puis je les ai supprimé manuellement dans le dossier où ils s'étaient installé), le virus était Windows Security, un faux anti virus qui trouve des virus imaginaires.

Seulement voilà, ces virus ont légèrement endommagés mon ordi, mon fond d'écran et gris, et la plupart de mes logiciels applications sont transparentes et impossible à lancer.

J'espère que vous pourrez m'aider, j'en ai grandement besoin, merci bien !


A voir également:

56 réponses

Précédent
Réponse 41 / 56
lucoco20 Messages postés 201 Date d'inscription   Statut Membre Dernière intervention  
 
Rapport Java:

JavaRa 1.15 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Sun Apr 17 14:26:34 2011

Found and removed: C:\Program Files\Java\jre1.6.0_04

Found and removed: C:\Documents and Settings\PROPRIETAIRE\Application Data\Sun\Java\jre1.6.0_04

Found and removed: C:\Documents and Settings\PROPRIETAIRE\Application Data\Sun\Java\jre1.6.0_18

Found and removed: C:\Documents and Settings\PROPRIETAIRE\Application Data\Sun\Java\jre1.6.0_20

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Classes\JavaPlugin.160_04

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_04

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_04

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160040}

Found and removed: Software\Classes\JavaPlugin.160_04

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_04

Found and removed: Software\JavaSoft\Java2D\1.6.0_04

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_04

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\bin\

JavaRa 1.15 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Sun Apr 17 14:27:17 2011

------------------------------------

Finished reporting.



Je mets à jour Adobe et je continue les manips ;)

Par contre j'aurais surement une ou deux questions une fois que tout sera fini ^^
0
lucoco20 Messages postés 201 Date d'inscription   Statut Membre Dernière intervention  
 
Et le rapport Delfix:


# DelFix v7.7B - Rapport créé le 17/04/2011 à 14:45
# Mis à jour le 15/04/11 à 19h30 par Xplode
# Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3
# Nom d'utilisateur : PROPRIETAIRE - DEFAULT (Administrateur)
# Exécuté depuis : C:\Documents and Settings\PROPRIETAIRE\Bureau\DelFix.exe
# Option [Suppression]


~~~~~~ Dossier(s) ~~~~~~

Supprimé : C:\USBFix
Supprimé : C:\_OTL
Supprimé : C:\_OTM
Supprimé : C:\Kill'em
Supprimé : C:\Program Files\ZHPDiag
Supprimé : C:\Documents and Settings\PROPRIETAIRE\Bureau\RK_Quarantine
Supprimé : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP

~~~~~~ Fichier(s) ~~~~~~

Supprimé : C:\UsbFix.txt
Supprimé : C:\UsbFix_Upload_Me_DEFAULT.zip
Supprimé : C:\TDSSKiller.2.4.21.0_16.04.2011_22.34.21_log.txt
Supprimé : C:\TDSSKiller.2.4.21.0_16.04.2011_22.46.11_log.txt
Supprimé : C:\ZHPExportRegistry-17-04-2011-00-09-40.txt
Supprimé : C:\ZHPExportRegistry-17-04-2011-00-54-07.txt
Supprimé : C:\JavaRa.log
Supprimé : C:\PhysicalDisk0_MBR.bin
Supprimé : C:\WINDOWS\grep.exe
Supprimé : C:\WINDOWS\PEV.exe
Supprimé : C:\WINDOWS\NIRCMD.exe
Supprimé : C:\WINDOWS\sed.exe
Supprimé : C:\WINDOWS\SWREG.exe
Supprimé : C:\WINDOWS\SWSC.exe
Supprimé : C:\WINDOWS\SWXCACLS.exe
Supprimé : C:\WINDOWS\zip.exe
Supprimé : C:\Documents and Settings\PROPRIETAIRE\Bureau\OTL.exe
Supprimé : C:\Documents and Settings\PROPRIETAIRE\Bureau\OTM.exe
Supprimé : C:\Documents and Settings\PROPRIETAIRE\Bureau\UsbFix.exe
Supprimé : C:\Documents and Settings\PROPRIETAIRE\Bureau\tdsskiller.exe
Supprimé : C:\Documents and Settings\PROPRIETAIRE\Bureau\JavaRa.def
Supprimé : C:\Documents and Settings\PROPRIETAIRE\Bureau\JavaRa.exe
Supprimé : C:\Documents and Settings\PROPRIETAIRE\Bureau\JavaRa.zip
Supprimé : C:\Documents and Settings\PROPRIETAIRE\Bureau\ZHPDiag.txt
Supprimé : C:\Documents and Settings\PROPRIETAIRE\Bureau\RogueKiller.exe
Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
Supprimé : C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk

~~~~~~ Registre ~~~~~~

Clé Supprimée : HKCU\SOFTWARE\USBFix
Clé Supprimée : HKLM\Software\OldTimer Tools
Clé Supprimée : HKLM\Software\Classes\.cfxxe
Clé Supprimée : HKLM\Software\Classes\cfxxefile
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\USBFix
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
Clé Supprimée : HKCU\console_combofixbackup
ACL [0] -> [7] & Clé Supprimée : HKLM\SOFTWARE\Swearware

~~~~~~ Autre ~~~~~~

-> Prefetch vidé

########## EOF - "C:\DelFixSuppr.txt" - [3126 octets] ##########


Bon et bien, un gros merci, c'est vachement sympa ;)

Autre question par contre, est-ce que je dois mettres les MAJ Windows en automatique ? Parce que à ce niveau là j'ai un problème, à chaque fois que je fais des MAJ, McAfee me trouve des chevaux de troie, or je soupçonne que ce ne sont pas réellement des chevaux de troie mais McAfee qui déraille.
Mais j'ai une autre question ^^ La semaine dernière, j'ai du faire une fausse manip et les raccourcis des 5 logiciels microsoft office ont disparu (ils ne sont pas non plus dans le menu démarrer) du coup j'aimerai les rétablir mais je ne sais pas trop comment m'y prendre.

Encore merci :)
0
Réponse 42 / 56
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
ok :)

bah pour les mises à jour charge ça http://www.teamxscript.org/too/Xplode/WinUpdateFix.exe et clique sur générer un rapport pour voir

0
Réponse 43 / 56
lucoco20 Messages postés 201 Date d'inscription   Statut Membre Dernière intervention  
 
WinUpdateFix v1.1 - Rapport créé le 17/04/2011 à 16:50
Mis à jour le 16/01/11 à 20h par Xplode
Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3
Nom d'utilisateur : PROPRIETAIRE - DEFAULT (Administrateur)
Exécuté depuis : C:\Documents and Settings\PROPRIETAIRE\Bureau\WinUpdateFix.exe

~~~~~ Windows Update ~~~~~

Paramètres du centre de sécurité : Les mises à jour automatiques sont activées, mais ne sont pas installées automatiquement.

Dernière recherche effectuée le : 2011-04-17 à 13:50:00
Dernier téléchargement effectué le : 2011-04-13 à 12:03:19
Dernière installation effectuée le : 2011-04-13 à 17:46:38

~~~~~ Services ~~~~~~

[Mises à jour automatiques]

Nom du service : Wuauserv
Etat : Démarré
Statut : Automatique

[Service de transfert intelligent en arrière-plan]

Nom du service : BITS
Etat : Démarré
Statut : Automatique

[Service de cryptographie]

Nom du service : CryptSvc
Etat : Démarré
Statut : Automatique

~~~~~ Proxy ~~~~~~

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

ProxyEnable = 0

... OK !

~~~~~ Hijack.NoWindowsUpdate ~~~~~

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]

... OK !

########## EOF - "C:\WinUpdateFix.txt" - [1359 octets] ##########
0
Réponse 44 / 56
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
bah les mises à jour sont téléchargées mais pas installées automatiquement :P

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 45 / 56
lucoco20 Messages postés 201 Date d'inscription   Statut Membre Dernière intervention  
 
Ouai ouai je suis au courant mais c'est pas réellement ça le problème ^^
A chaque fois que j'en installe McAfee trouve des chevaux de troie que je soupçonne faux, donc "inventés" par McAfee ^^
0
Réponse 46 / 56
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
pour être franc je l'appelle mac à fric

t'as payé la licence ?
0
Réponse 47 / 56
lucoco20 Messages postés 201 Date d'inscription   Statut Membre Dernière intervention  
 
Ouai, l'abonnement se termine en octobre mais on pense pas le renouveler, on va plutot se tourner vers antivir.
0
Réponse 48 / 56
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
excellente idée :P :P
0
Réponse 49 / 56
lucoco20 Messages postés 201 Date d'inscription   Statut Membre Dernière intervention  
 
^^

Et sinon pour mon problèmes d'icones de Word, Excel etc... Tu as une idée ?
0
Réponse 50 / 56
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
ah oui désolé

sur ton bureau clic droit > nouveau raccourci
emplacement tu mets
winword.exe
excel.exe

etc :P

au pire tu cherche ça doit être un truc du genre C:\Program Files\Microsoft Office\Office 12\...
0
Réponse 51 / 56
lucoco20 Messages postés 201 Date d'inscription   Statut Membre Dernière intervention  
 
Justement dans office12 ils n'y sont pas ^^
Donc je peux pas faire comme ça en fait.
0
Réponse 52 / 56
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
▶ Télécharge SEAF (de C_XX) sur ton Bureau.
▶ Lance SEAF
▶ Dans les options, règle "Calculer le checksum" sur "MD5" puis coche "Informations supplémentaires" et "Chercher également dans le Registre"
▶ Tape winword.exe dans le champs de recherche, clique sur "Lancer la recherche" et patiente.
▶ Poste dans ta prochaine réponse le rapport qui apparait à la fin de la recherche.
0
Réponse 53 / 56
lucoco20 Messages postés 201 Date d'inscription   Statut Membre Dernière intervention  
 
1. ========================= SEAF 1.0.1.0 - C_XX
2.
3. Commencé à: 17:38:33 le 17/04/2011
4.
5. Valeur(s) recherchée(s):
6. winword.exe
7.
8. Légende: TC => Date de création, TM => Date de modification, DA => Dernier accès
9.
10. (!) --- Calcul du Hash "MD5"
11. (!) --- Informations supplémentaires
12. (!) --- Recherche registre
13.
14. ====== Fichier(s) ======
15.
16.
17. "C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" [ ARCHIVE | 12317 Ko ]
18. TC: 22/08/2010,14:49:10 | TM: 22/08/2010,14:49:10 | DA: 17/04/2011,15:32:36
19.
20. Hash MD5: 19DD1387B85BB9D5CA49976A4E71E81F
21.
22. CompanyName: Microsoft Corporation
23. ProductName: Microsoft Office 2003
24. InternalName: WinWord
25. OriginalFileName: WinWord.exe
26. LegalCopyright: Copyright © 1983-2003 Microsoft Corporation. All rights reserved.
27. ProductVersion: 11.0.8328
28. FileVersion: 11.0.8328
29.
30. =========================
31.
32.
33. "C:\WINDOWS\Installer\$PatchCache$\Managed\C0403E1900063D11C8EF10054038389C\11.0.5614\WINWORD.EXE" [ ARCHIVE|READONLY | 12038 Ko ]
34. TC: 06/08/2003,21:24:20 | TM: 06/08/2003,21:24:20 | DA: 16/04/2011,16:54:59
35.
36. Hash MD5: 1EEA7DD2F1EA6EFEF380B99A90228D2F
37.
38. CompanyName: Microsoft Corporation
39. ProductName: Microsoft Office 2003
40. InternalName: WinWord
41. OriginalFileName: WinWord.exe
42. LegalCopyright: Copyright © 1983-2003 Microsoft Corporation. All rights reserved.
43. ProductVersion: 11.0.5604
44. FileVersion: 11.0.5604
45.
46. =========================
47.
48.
49. "C:\WINDOWS\Installer\$PatchCache$\Managed\C0403E1900063D11C8EF10054038389C\11.0.8173\WINWORD.EXE" [ ARCHIVE|READONLY | 12310 Ko ]
50. TC: 31/05/2007,13:37:40 | TM: 31/05/2007,13:37:40 | DA: 16/04/2011,16:55:24
51.
52. Hash MD5: 443747857245BF90847AE396C53470A6
53.
54. CompanyName: Microsoft Corporation
55. ProductName: Microsoft Office 2003
56. InternalName: WinWord
57. OriginalFileName: WinWord.exe
58. LegalCopyright: Copyright © 1983-2003 Microsoft Corporation. All rights reserved.
59. ProductVersion: 11.0.8169
60. FileVersion: 11.0.8169
61.
62. =========================
63.
64.
65.
66. ====== Entrée(s) du registre ======
67.
68.
69. [HKLM\Software\Classes\*\OpenWithList\Winword.exe]
70. DA: 06/08/2008 13:58:27
71.
72. [HKLM\Software\Classes\.htm\OpenWithList\Microsoft Office Word\shell\edit\command]
73. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
74.
75. [HKLM\Software\Classes\.htm\OpenWithList\WINWORD.EXE]
76. DA: 17/04/2011 11:45:37
77.
78. [HKLM\Software\Classes\.mht\OpenWithList\Microsoft Office Word\shell\edit\command]
79. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
80.
81. [HKLM\Software\Classes\.mhtml\OpenWithList\WINWORD.EXE]
82. DA: 08/08/2008 17:32:15
83.
84. [HKLM\Software\Classes\.xml\OpenWithList\winword.exe]
85. DA: 08/08/2008 17:28:49
86.
87. [HKLM\Software\Classes\Applications\WINWORD.EXE]
88. DA: 17/04/2011 14:42:48
89.
90. [HKLM\Software\Classes\CLSID\{00020900-0000-0000-C000-000000000046}\DefaultIcon]
91. ""="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE,1" (REG_SZ)
92.
93. [HKLM\Software\Classes\CLSID\{00020901-0000-0000-C000-000000000046}\DefaultIcon]
94. ""="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE,1" (REG_SZ)
95.
96. [HKLM\Software\Classes\CLSID\{00020906-0000-0000-C000-000000000046}\LocalServer32]
97. ""="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" (REG_SZ)
98.
99. [HKLM\Software\Classes\CLSID\{00020907-0000-0000-C000-000000000046}\LocalServer32]
100. ""="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" (REG_SZ)
101.
102. [HKLM\Software\Classes\CLSID\{000209FE-0000-0000-C000-000000000046}\LocalServer32]
103. ""="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE /Automation" (REG_SZ)
104.
105. [HKLM\Software\Classes\CLSID\{000209FF-0000-0000-C000-000000000046}\LocalServer32]
106. ""="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE /Automation" (REG_SZ)
107.
108. [HKLM\Software\Classes\CLSID\{18A06B6B-2F3F-4E2B-A611-52BE631B2D22}\DefaultIcon]
109. ""=""C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE",16" (REG_SZ)
110.
111. [HKLM\Software\Classes\CLSID\{18A06B6B-2F3F-4E2B-A611-52BE631B2D22}\LocalServer32]
112. ""=""C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE"" (REG_SZ)
113.
114. [HKLM\Software\Classes\CLSID\{DC1F5505-3CAA-4BA5-9033-40E04C234618}\LocalServer32]
115. ""="C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE /IMG_WIA" (REG_SZ)
116.
117. [HKLM\Software\Classes\CLSID\{F4754C9B-64F5-4B40-8AF4-679732AC0607}\DefaultIcon]
118. ""=""C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE",15" (REG_SZ)
119.
120. [HKLM\Software\Classes\CLSID\{F4754C9B-64F5-4B40-8AF4-679732AC0607}\LocalServer32]
121. ""=""C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE"" (REG_SZ)
122.
123. [HKLM\Software\Classes\Installer\Components\029E403DA86A1D115B5B0006799C897E]
124. "winword.exe"="XXOtVn-}f(ZXfeAR6.jiWORDFiles>P'os,1@SW=P7v6GPl]Xh" (REG_MULTI_SZ)
125.
126. [HKLM\Software\Classes\Installer\Components\DAB471CB35F255841A5DD075C5911BAE]
127. "winword.exe"="XXOtVn-}f(ZXfeAR6.jiWORDFiles>P'os,1@SW=P7v6GPl]Xh" (REG_MULTI_SZ)
128.
129. [HKLM\Software\Classes\Software\Classes\Applications\winword.exe]
130. DA: 08/08/2008 17:28:48
131.
132. [HKLM\Software\Classes\Word.Backup.8\shell\New\command]
133. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
134.
135. [HKLM\Software\Classes\Word.Backup.8\shell\Open\command]
136. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
137.
138. [HKLM\Software\Classes\Word.Backup.8\shell\Print\command]
139. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /x /n /dde" (REG_SZ)
140.
141. [HKLM\Software\Classes\Word.Backup.8\shell\Printto\command]
142. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
143.
144. [HKLM\Software\Classes\Word.Document.12\DefaultIcon]
145. ""=""C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE",15" (REG_SZ)
146.
147. [HKLM\Software\Classes\Word.Document.12\shell\new\command]
148. ""=""C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" /n /f /dde" (REG_SZ)
149.
150. [HKLM\Software\Classes\Word.Document.12\shell\open\command]
151. ""=""C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
152.
153. [HKLM\Software\Classes\Word.Document.12\shell\OpenAsReadOnly\command]
154. ""=""C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" /h /n /dde" (REG_SZ)
155.
156. [HKLM\Software\Classes\Word.Document.12\shell\Print\command]
157. ""=""C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" /x /n /dde" (REG_SZ)
158.
159. [HKLM\Software\Classes\Word.Document.12\shell\printto\command]
160. ""=""C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
161.
162. [HKLM\Software\Classes\Word.Document.6\protocol\StdFileEditing\server]
163. ""="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" (REG_SZ)
164.
165. [HKLM\Software\Classes\Word.Document.8\HTML Handler\shell\PrintWithOptions\command]
166. ""=""C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" /n" (REG_SZ)
167.
168. [HKLM\Software\Classes\Word.Document.8\protocol\StdFileEditing\server]
169. ""="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" (REG_SZ)
170.
171. [HKLM\Software\Classes\Word.Document.8\shell\Edit\command]
172. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
173.
174. [HKLM\Software\Classes\Word.Document.8\shell\New\command]
175. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /f /dde" (REG_SZ)
176.
177. [HKLM\Software\Classes\Word.Document.8\shell\Open\command]
178. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
179.
180. [HKLM\Software\Classes\Word.Document.8\shell\OpenAsReadOnly\command]
181. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /h /n /dde" (REG_SZ)
182.
183. [HKLM\Software\Classes\Word.Document.8\shell\Print\command]
184. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /x /n /dde" (REG_SZ)
185.
186. [HKLM\Software\Classes\Word.Document.8\shell\Printto\command]
187. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
188.
189. [HKLM\Software\Classes\Word.DocumentMacroEnabled.12\DefaultIcon]
190. ""=""C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE",16" (REG_SZ)
191.
192. [HKLM\Software\Classes\Word.DocumentMacroEnabled.12\shell\new\command]
193. ""=""C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" /n /f /dde" (REG_SZ)
194.
195. [HKLM\Software\Classes\Word.DocumentMacroEnabled.12\shell\open\command]
196. ""=""C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
197.
198. [HKLM\Software\Classes\Word.DocumentMacroEnabled.12\shell\OpenAsReadOnly\command]
199. ""=""C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" /h /n /dde" (REG_SZ)
200.
201. [HKLM\Software\Classes\Word.DocumentMacroEnabled.12\shell\print\command]
202. ""=""C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" /x /n /dde" (REG_SZ)
203.
204. [HKLM\Software\Classes\Word.DocumentMacroEnabled.12\shell\printto\command]
205. ""=""C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
206.
207. [HKLM\Software\Classes\Word.Picture.6\protocol\StdFileEditing\server]
208. ""="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" (REG_SZ)
209.
210. [HKLM\Software\Classes\Word.Picture.8\protocol\StdFileEditing\server]
211. ""="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" (REG_SZ)
212.
213. [HKLM\Software\Classes\Word.RTF.8\shell\Edit\command]
214. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
215.
216. [HKLM\Software\Classes\Word.RTF.8\shell\New\command]
217. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
218.
219. [HKLM\Software\Classes\Word.RTF.8\shell\Open\command]
220. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
221.
222. [HKLM\Software\Classes\Word.RTF.8\shell\Print\command]
223. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /x /n /dde" (REG_SZ)
224.
225. [HKLM\Software\Classes\Word.RTF.8\shell\Printto\command]
226. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
227.
228. [HKLM\Software\Classes\Word.Template.8\shell\New\command]
229. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
230.
231. [HKLM\Software\Classes\Word.Template.8\shell\Open\command]
232. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
233.
234. [HKLM\Software\Classes\Word.Template.8\shell\Print\command]
235. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /x /n /dde" (REG_SZ)
236.
237. [HKLM\Software\Classes\Word.Template.8\shell\Printto\command]
238. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
239.
240. [HKLM\Software\Classes\Word.Wizard.8\shell\New\command]
241. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
242.
243. [HKLM\Software\Classes\WordDocument\protocol\StdFileEditing\server]
244. ""="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" (REG_SZ)
245.
246. [HKLM\Software\Classes\wordhtmlfile\shell\Open\command]
247. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE"" (REG_SZ)
248.
249. [HKLM\Software\Classes\wordhtmltemplate\shell\Open\command]
250. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE"" (REG_SZ)
251.
252. [HKLM\Software\Classes\wordmhtmlfile\DefaultIcon]
253. ""="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE,-16" (REG_SZ)
254.
255. [HKLM\Software\Classes\wordxmlfile\shell\Edit\command]
256. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE"" (REG_SZ)
257.
258. [HKLM\Software\Microsoft\.NETFramework\policy\AppPatch\v2.0.50727.00000\winword.exe]
259. DA: 06/08/2008 17:26:28
260.
261. [HKLM\Software\Microsoft\Internet Explorer\Default HTML Editor\shell\edit\command]
262. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
263.
264. [HKLM\Software\Microsoft\Internet Explorer\Default MHTML Editor\shell\edit\command]
265. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
266.
267. [HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_PASSPORT_SESSION_STORE_KB948608]
268. "winword.exe"="1" (REG_DWORD)
269.
270. [HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PASSPORT_CHECK_302_FOR_SUCCESS_KB949059]
271. "winword.exe"="1" (REG_DWORD)
272.
273. [HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]
274. "winword.exe"="1" (REG_DWORD)
275.
276. [HKLM\Software\Microsoft\MediaPlayer\ShimExclusionList\WINWORD.EXE]
277. DA: 06/08/2008 13:59:23
278.
279. [HKLM\Software\Microsoft\Shared\HTML\Default Editor\shell\Edit\command]
280. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
281.
282. [HKLM\Software\Microsoft\Shared\HTML\Old Default Editor\shell\Edit\command]
283. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
284.
285. [HKLM\Software\Microsoft\Shared\MHTML\Default Editor\shell\Edit\command]
286. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
287.
288. [HKLM\Software\Microsoft\Shared\MHTML\Default Editor\shell\Print\command]
289. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /x /n /dde" (REG_SZ)
290.
291. [HKLM\Software\Microsoft\Shared\MHTML\Old Default Editor\shell\Edit\command]
292. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
293.
294. [HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\Winword.exe]
295. DA: 17/04/2011 14:42:48
296.
297. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E6448487D728324EA3BFBD6EF8763AB]
298. "04DE0F7511F8AA149B62A4660D1D9ACC"="02:\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_PASSPORT_SESSION_STORE_KB948608\winword.exe" (REG_SZ)
299.
300. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB4EDBE115A903645B145216AF54CC5C]
301. "C0403E1900063D11C8EF10054038389C"="C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" (REG_SZ)
302.
303. [HKLM\System\ControlSet001\Control\StillImage\Events\Connected\{DC1F5505-3CAA-4BA5-9033-40E04C234618}]
304. "Icon"="C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE,1" (REG_SZ)
305.
306. [HKLM\System\ControlSet001\Control\StillImage\Events\Connected\{DC1F5505-3CAA-4BA5-9033-40E04C234618}]
307. "Cmdline"="C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE /IMG_WIA" (REG_SZ)
308.
309. [HKLM\System\ControlSet001\Control\StillImage\Events\ScanButton\{DC1F5505-3CAA-4BA5-9033-40E04C234618}]
310. "Icon"="C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE,1" (REG_SZ)
311.
312. [HKLM\System\ControlSet001\Control\StillImage\Events\ScanButton\{DC1F5505-3CAA-4BA5-9033-40E04C234618}]
313. "Cmdline"="C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE /IMG_WIA" (REG_SZ)
314.
315. [HKLM\System\ControlSet003\Control\StillImage\Events\Connected\{DC1F5505-3CAA-4BA5-9033-40E04C234618}]
316. "Icon"="C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE,1" (REG_SZ)
317.
318. [HKLM\System\ControlSet003\Control\StillImage\Events\Connected\{DC1F5505-3CAA-4BA5-9033-40E04C234618}]
319. "Cmdline"="C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE /IMG_WIA" (REG_SZ)
320.
321. [HKLM\System\ControlSet003\Control\StillImage\Events\ScanButton\{DC1F5505-3CAA-4BA5-9033-40E04C234618}]
322. "Icon"="C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE,1" (REG_SZ)
323.
324. [HKLM\System\ControlSet003\Control\StillImage\Events\ScanButton\{DC1F5505-3CAA-4BA5-9033-40E04C234618}]
325. "Cmdline"="C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE /IMG_WIA" (REG_SZ)
326.
327. [HKLM\System\CurrentControlSet\Control\StillImage\Events\Connected\{DC1F5505-3CAA-4BA5-9033-40E04C234618}]
328. "Icon"="C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE,1" (REG_SZ)
329.
330. [HKLM\System\CurrentControlSet\Control\StillImage\Events\Connected\{DC1F5505-3CAA-4BA5-9033-40E04C234618}]
331. "Cmdline"="C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE /IMG_WIA" (REG_SZ)
332.
333. [HKLM\System\CurrentControlSet\Control\StillImage\Events\ScanButton\{DC1F5505-3CAA-4BA5-9033-40E04C234618}]
334. "Icon"="C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE,1" (REG_SZ)
335.
336. [HKLM\System\CurrentControlSet\Control\StillImage\Events\ScanButton\{DC1F5505-3CAA-4BA5-9033-40E04C234618}]
337. "Cmdline"="C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE /IMG_WIA" (REG_SZ)
338.
339. [HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Extensions]
340. "rtf"="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE ^.rtf" (REG_SZ)
341.
342. [HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Extensions]
343. "dot"="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE ^.dot" (REG_SZ)
344.
345. [HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Extensions]
346. "doc"="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE ^.doc" (REG_SZ)
347.
348. [HKU\.DEFAULT\Software\Netscape\Netscape Navigator\Viewers]
349. "application/msword"="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" (REG_SZ)
350.
351. [HKU\.DEFAULT\Software\Netscape\Netscape Navigator\Viewers]
352. "application/rtf"="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" (REG_SZ)
353.
354. [HKU\S-1-5-21-1202660629-492894223-682003330-1004\Software\Microsoft\Internet Explorer\Default MHTML Editor]
355. "Last"=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
356.
357. [HKU\S-1-5-21-1202660629-492894223-682003330-1004\Software\Microsoft\Internet Explorer\Default MHTML Editor\shell\edit\command]
358. ""=""C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde" (REG_SZ)
359.
360. [HKU\S-1-5-21-1202660629-492894223-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithList]
361. "a"="WINWORD.EXE" (REG_SZ)
362.
363. [HKU\S-1-5-21-1202660629-492894223-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\OpenWithList]
364. "a"="WINWORD.EXE" (REG_SZ)
365.
366. [HKU\S-1-5-21-1202660629-492894223-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbk\OpenWithList]
367. "a"="WINWORD.EXE" (REG_SZ)
368.
369. [HKU\S-1-5-21-1202660629-492894223-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Extensions]
370. "rtf"="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE ^.rtf" (REG_SZ)
371.
372. [HKU\S-1-5-21-1202660629-492894223-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Extensions]
373. "dot"="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE ^.dot" (REG_SZ)
374.
375. [HKU\S-1-5-21-1202660629-492894223-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Extensions]
376. "doc"="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE ^.doc" (REG_SZ)
377.
378. [HKU\S-1-5-21-1202660629-492894223-682003330-1004\Software\Microsoft\Windows\ShellNoRoam\MUICache]
379. "C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE"="Microsoft Office Word" (REG_SZ)
380.
381. [HKU\S-1-5-21-1202660629-492894223-682003330-1004\Software\Netscape\Netscape Navigator\Viewers]
382. "application/msword"="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" (REG_SZ)
383.
384. [HKU\S-1-5-21-1202660629-492894223-682003330-1004\Software\Netscape\Netscape Navigator\Viewers]
385. "application/rtf"="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" (REG_SZ)
386.
387. [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Extensions]
388. "rtf"="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE ^.rtf" (REG_SZ)
389.
390. [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Extensions]
391. "dot"="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE ^.dot" (REG_SZ)
392.
393. [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Extensions]
394. "doc"="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE ^.doc" (REG_SZ)
395.
396. [HKU\S-1-5-18\Software\Netscape\Netscape Navigator\Viewers]
397. "application/msword"="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" (REG_SZ)
398.
399. [HKU\S-1-5-18\Software\Netscape\Netscape Navigator\Viewers]
400. "application/rtf"="C:\PROGRA~1\MICROS~3\OFFICE11\WINWORD.EXE" (REG_SZ)
401.
402. =========================
403.
404. Fin à: 17:48:58 le 17/04/2011
405. 398678 Éléments analysés
406.
407. =========================
408. E.O.F
0
Réponse 54 / 56
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
ben voilà :p

C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE

les autres sont aussi dans C:\Program Files\Microsoft Office\OFFICE11\

;)
0
Réponse 55 / 56
lucoco20 Messages postés 201 Date d'inscription   Statut Membre Dernière intervention  
 
Merci beaucoup pour toutes ces aides depuis hier ! Sujet clos ^^
0
Réponse 56 / 56
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
lol de rien avec plaisir :)
0