Sujet Précédent Sujet Suivant

Infection ukash votre ordinateur est bloqué

Résolu/Fermé
sophlulu Messages postés 46 Date d'inscription dimanche 28 octobre 2012 Statut Membre Dernière intervention 14 décembre 2013 - 28 oct. 2012 à 21:10
 Utilisateur anonyme - 1 nov. 2012 à 01:15
Bonjour ,

je ne suis plutôt novice en la matière et j'ai besoin de votre aide car mon PC infecté est celui du travail(windows XP)
J'ai un message UKASH votre ordinateur est bloqué.Je peux encore accéder quelques secondes à mon bureau et ensuite je suis bloquée.
J'ai donc redémarrer mon ordinateur en mode sans echec afin d'éliminer ce virus, mais malgrè le mode sans échec avec connEction au réseau , je ne peux me connecter à internet ni avec le cable ethernet(il fonctionne bien sur un autre ordi) , ni avec le réseau sans fil.
Par contre le mode sans échec fonctionne bien.
Merci de votre aide, je suis bien démunie et dans l'urgence!
A voir également:

96 réponses

Précédent
Réponse 21 / 96
Utilisateur anonyme
29 oct. 2012 à 10:09
je voudais bien que tu héberges le rapport Pre_Diag comme demandé
je voudrais bien ausi que tu destresses , une desinfection ne se fait pas en 5mn
0
Réponse 22 / 96
sophlulu
29 oct. 2012 à 10:18
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Diag | 2.1029 | g3n-h@ckm@n & Saachaa | ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤

~ Update on 29/10/2012 | 08.50 by g3n-h@ckm@n
~ Informations | Evolution : http://gen-hackman.forum-pro.fr/t64-historique-de-l-outil
~ Informations for the switches Pre_Script : http://gen-hackman.forum-pro.fr/t89-les-switchs
~ Feedback Pre_scan : http://gen-hackman.forum-pro.fr/t93-feedback-pre_scan#505
~ Thx to C_XX , Slyk for their help for the evolution of the tool

~ User : Sophie (Administrateurs) | SID = S-1-5-21-319460888-361279271-2282740394-1005
~ Computer : FR-GAUDIN

~ System : Microsoft Windows XP (32 bits) Service Pack 3
~ RegisteredOwner : Sophie
~ RegisteredOrganization :
~ ProcessorNameString : Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
~ Identifier : x86 Family 6 Model 37 Stepping 2
09:35:22

¤¤¤¤¤¤¤¤¤¤ | Run

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Apoint] : C:\Program Files\DellTPad\Apoint.exe [03/06/2010 10:46:28]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[SysTrayApp] : %ProgramFiles%\IDT\WDM\sttray.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[AESTFltr] : %SystemRoot%\system32\AESTFltr.exe /NoDlg
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[IgfxTray] : C:\WINDOWS\system32\igfxtray.exe [03/06/2010 10:46:40]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[HotKeysCmds] : C:\WINDOWS\system32\hkcmd.exe [03/06/2010 10:46:40]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Persistence] : C:\WINDOWS\system32\igfxpers.exe [03/06/2010 10:46:40]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[IAStorIcon] : C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [03/06/2010 08:20:11]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[IntelZeroConfig] : "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[IntelWireless] : "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[DellControlPoint] : "C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[WavXMgr] : C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [14/01/2010 20:47:22]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[USCService] : C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [14/01/2010 22:53:48]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[PDVDDXSrv] : "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[DellBtrEvent] : D:\Program Files\Dell\Reader 2.0\DellBtrEvent.exe [25/08/2009 19:45:42]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[CardDetectorICON505] : C:\Program Files\CardDetector\ICON505\CardDetector.exe [11/06/2010 09:18:04]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[BEWINTERNET-FR-DMESessionManager] : "C:\Program Files\OrangeBS\BEWInternet\SessionManager\SessionManager.exe"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[AppleSyncNotifier] : C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe [20/04/2011 11:48:18]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[ISUSPM] : "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[ccApp] : "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[APSDaemon] : "C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[QuickTime Task] : "C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[HP Software Update] : C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [10/05/2011 02:41:12]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[] :
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[AdobeAAMUpdater-1.0] : "C:\Program Files\Fichiers communs\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Adobe Reader Speed Launcher] : "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Adobe ARM] : "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[iTunesHelper] : "C:\Program Files\iTunes\iTunesHelper.exe"
[HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[CTFMON.EXE] : C:\WINDOWS\system32\CTFMON.EXE [25/04/2008 13:46:43]
[HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[CTFMON.EXE] : C:\WINDOWS\system32\CTFMON.EXE [25/04/2008 13:46:43]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[ctfmon.exe] : C:\WINDOWS\system32\ctfmon.exe [25/04/2008 13:46:43]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[swg] : C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [19/07/2010 10:03:57]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[LinkMagic for magicolor 1690MF] : C:\Program Files\KONICA MINOLTA\magicolor 1690MF\LinkMagic for magicolor 1690MF\lmmc1690.exe -startup
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[SDP] : C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[FreeMi UPnP Media Server] : C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe [02/04/2011 09:14:18]
[HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[CTFMON.EXE] : C:\WINDOWS\system32\CTFMON.EXE [25/04/2008 13:46:43]


¤¤¤¤¤¤¤¤¤¤ | Others

[HKLM\System\CurrentControlSet\Control\SecurityProviders]|[SecurityProviders] : msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
[HKLM\System\CurrentControlSet\Control\Session Manager]|[BootExecute] : autocheck autochk *
[HKLM\System\ControlSet001\Control]|[SystemBootDevice] : multi(0)disk(0)rdisk(0)partition(2)
[HKLM\system\currentcontrolset\control\lsa]|[SecureBoot] : 1
[HKLM | Winlogon]|[VMApplet] : rundll32 shell32,Control_RunDLL "sysdm.cpl"
[HKLM | Winlogon]|[SFCDisable] : 0
[HKLM | Winlogon]|[WinStationsDisabled] : 0
[HKLM | Winlogon]|[UIHost] : logonui.exe

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]|[DllName] : crypt32.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]|[DllName] : cryptnet.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]|[DllName] : cscdll.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]|[DllName] : %SystemRoot%\System32\dimsntfy.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]|[DllName] : igfxdev.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]|[DllName] : wlnotify.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]|[DllName] : wlnotify.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]|[DllName] : sclgntfy.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]|[DllName] : WlNotify.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]|[DllName] : wlnotify.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]|[DllName] : WgaLogon.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]|[DllName] : wlnotify.dll


[HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]|[PostBootReminder] : {7849596a-48ea-486e-8937-a2a3009f31a9}
[HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]|[CDBurn] : {fbeb8a05-beee-4442-804e-409d6c4515e9}
[HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]|[WebCheck] : {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]|[SysTray] : {35CEC8A3-2BE6-11D2-8773-92E220524153}
[HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]|[WPDShServiceObj] : {AAA288BA-9A4C-45B0-95D7-94D524869DB5}

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]|[{AEB6717E-7E19-11d0-97EE-00C04FD91972}] :

[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Internet Explorer\URLSearchHooks]|[{CFBFAE00-17A6-11D0-99CB-00C04FD64497}] :

[HKLM\Software\Microsoft\Internet Explorer\Toolbar]|[{2318C2B1-4965-11d4-9B18-009027A5CD4F}] : 0x00
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]|[Locked] : 1
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Internet Explorer\Toolbar]|[LinksFolderName] : Liens
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Internet Explorer\Toolbar]|[Locked] : 1
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Internet Explorer\Toolbar]|[SaveLinksOrder] : 0x01000000
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Internet Explorer\Toolbar]|[ShowDiscussionButton] : Yes

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]|[{438755C2-A8BA-11D1-B96B-00A0C90312E1}] : Pré-chargeur Browseui
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]|[{8C7461EF-2B13-11d2-BE35-3078302C2030}] : Démon de cache des catégories de composant

[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2EAA}] -> (Search) -> http://www.pucuy.com/google?q={searchTerms}&sa=Search&cx=partner-pub-3546861938806019:fn51rv5o9ne&cof=FORID%3A10&ie=UTF-8&hl=fr
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Internet Explorer\SearchScopes\{11E4E507-D4AE-41E3-A40F-2CFF218F487F}] -> (Google) -> http://www.google.com/search?hl=en&q={searchTerms}
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Internet Explorer\SearchScopes\{f3d17ef2-8118-4fa3-afea-bb2e18a69054}] -> (iadah) -> http://www.iadah.com/web?search&q={searchTerms}


[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E8944DC-79B5-4650-9C2E-83885548A119}] -> () ->
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A}] -> () ->
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\BF4DA2CC-D21F-451c-8B7D-1E0D7AE12425] -> (PropertySync.exe) -> C:\Program Files\Smiley Bar for Facebook
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{000209FF-0000-0000-C000-000000000046}] -> (winword.exe) -> C:\Program Files\Microsoft Office\Office12
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{003B91A6-61E3-4591-891D-01E94C8CB11E}] -> (Silverlight.Configuration.exe) -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08E8D305-8D6D-49fe-8603-03A926E46AE0}] -> (Adobe_Updater.exe) -> C:\Program Files\Fichiers communs\Adobe\Updater6
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B3FB63-66F4-4EFC-B717-BB283B85E79B}] -> (AcroBroker.exe) -> C:\Program Files\Adobe\Reader 9.0\Reader\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A972DAF-A7EC-4ce3-B6C9-7B523CD6685F}] -> (GoogleToolbarUser_32.exe) -> C:\Program Files\Google\Google Toolbar
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ec76a37-1762-46ff-9b14-765b3e6793be}] -> (agcp.exe) -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] -> () ->
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011441179}] -> (Giant Savings-bg.exe) -> C:\Program Files\Giant Savings
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BBE903C-2776-4574-9855-EC1597ABE3D6}] -> (EXCEL.EXE) -> C:\Program Files\Microsoft Office\Office12
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{358E6F10-DE8A-4602-8424-179CA217F8EE}] -> (AcroRd32Info.exe) -> C:\Program Files\Adobe\Reader 9.0\Reader
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76E2369A-75BA-41F9-8B9E-16059E5CF9A6}] -> (AdobeARM.exe) -> C:\Program Files\Fichiers communs\Adobe\ARM\1.0\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B7FB824-0A43-4bc2-B58D-F6386FEEFD84}] -> (CGuard.exe) -> Choice Guard
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80B84A0A-EDA4-47fd-8BE1-6B49F4197EE5}] -> (GoogleToolbarNotifier.exe) -> C:\Program Files\Google\GoogleToolbarNotifier
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E1F80F4-953F-41E7-8460-E64AE5BE4ED3}] -> (AdobeCollabSync.exe) -> C:\Program Files\Adobe\Reader 9.0\Reader
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C6A861C-B233-4994-AFB1-C158EE4FC578}] -> (AcroRd32.exe) -> C:\Program Files\Adobe\Reader 9.0\Reader
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5054EC7-B9CB-4ad5-9F95-D8171A6D6BFA}] -> () ->
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A89C4660-3DD9-44bc-8194-4824F1733289}] -> (MyCamera.exe) -> C:\Program Files\Canon\CameraWindow\MyCamera
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAD4AE2E-D834-46D4-8B09-490FAC9C722B}] -> () ->
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] -> (TSWbPrxy.exe) -> %systemroot%\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] -> (GoogleUpdateBroker.exe) -> C:\Program Files\Google\Update\1.3.21.123
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] -> (GoogleUpdate.exe) -> C:\Program Files\Google\Update
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] -> (dfsvc.exe) -> c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] -> (dfsvc.exe) ->
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}] -> (ssvagent.exe) -> C:\Program Files\Java\jre6\bin
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE0B94B9-335F-4d2c-8B43-DACCD1EA6FF1}] -> (GoogleToolbarUser_64.exe) -> C:\Program Files\Google\Google Toolbar
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] -> (FlashUtil32_11_4_402_287_ActiveX.exe) -> C:\WINDOWS\system32\Macromed\Flash
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC88B53C-9B2A-1A25-5867-C8612E79DBF6}] -> (POWERPNT.EXE) -> C:\Program Files\Microsoft Office\Office12

¤¤¤¤¤¤¤¤¤¤ | BHO

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] -> () ->
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] -> (Adobe PDF Link Helper) -> C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [30/07/2012 22:43:29]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] -> () ->
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Windows Live ID Sign-in Helper) -> C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [18/08/2009 11:32:12]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}] -> (Smiley Bar for Facebook) -> C:\Program Files\Smiley Bar for Facebook\ScriptHost.dll [10/10/2012 14:12:02]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] -> (Google Toolbar Helper) -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [19/07/2010 10:03:55]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] -> (Google Toolbar Notifier BHO) -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll [22/08/2012 10:03:10]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [09/06/2010 15:52:25]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] -> (JQSIEStartDetectorImpl Class) -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [09/06/2010 15:52:25]

¤¤¤¤¤¤¤¤¤¤ | Firefox


¤¤¤¤¤¤¤¤¤¤ | DNS

[HKLM\SYSTEM\CCS | Tcpip\Parameters]|[DhcpNameServer] : 212.27.40.241 212.27.40.240
[HKLM\SYSTEM\ControlSet001 | Interfaces\{6386BD04-8DC0-4874-8412-C32D25482684}]|[DhcpNameServer] : 212.27.40.241 212.27.40.240
[HKLM\SYSTEM\ControlSet003 | Interfaces\{6386BD04-8DC0-4874-8412-C32D25482684}]|[DhcpNameServer] : 212.27.40.241 212.27.40.240
[HKLM\SYSTEM\CurrentControlSet | Interfaces\{6386BD04-8DC0-4874-8412-C32D25482684}]|[DhcpNameServer] : 212.27.40.241 212.27.40.240

¤¤¤¤¤¤¤¤¤¤ | ActiveX

[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] -> (IEUDINIT) -> Mise à jour de la version d'Internet Explorer
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> (WMPACCESS) -> Microsoft Windows Media Player
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] -> (IEACCESS) -> Internet Explorer
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> (BRANDING.CAB) -> Browser Customizations
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] -> (BRANDING.CAB) -> Personnalisation du navigateur
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> (OEACCESS) -> Outlook Express
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{0213C6AF-5562-4D09-884C-2ADCFC8C2F35}] -> (M2656353) -> Microsoft .NET Framework 1.1 Security Update (KB2656353)
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}] -> (JAVAVM) -> Java (Sun)
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}] -> (MSVML) -> Rendu VML (Vector Graphics Rendering)
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1897C549-AE52-4571-8996-44854F5612B2}] -> (M2656370) -> Microsoft .NET Framework 1.1 Security Update (KB2656370)
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> (NetShow) ->
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> (Microsoft Windows Media Player) -> Microsoft Windows Media Player 6.4
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{283807B5-2C60-11D0-A31D-00AA00B92C03}] -> (DirectAnimation) -> DirectAnimation
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2A3320D6-C805-4280-B423-B665BDE33D8F}] -> (M979906) -> Microsoft .NET Framework 1.1 Security Update (KB979906)
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> (Theme Component) -> Themes Setup
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}] -> (TridataJava) -> Liaison de données Dynamic HTML pour Java
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] -> (MobilePk) -> Offline Browsing Pack
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}] -> (USP10) -> Uniscribe
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3C3901C5-3455-3E0A-A214-0B093A5070A6}] -> (.NETFramework) -> .NET Framework
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3F7924B9-D148-3141-87B1-68F36043A940}] -> (.NETFramework) -> .NET Framework
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{411EDCF7-755D-414E-A74B-3DCD6583F589}] -> (S867460) -> Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4278c270-a269-11d1-b5bf-0000f8051515}] -> (AdvAuth) -> Création avancée
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> (MailNews) -> Microsoft Outlook Express 6
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> (NetMeeting) -> NetMeeting 3.01
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}] -> (activemovie) -> DirectShow
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] -> (DirectDrawEx) -> DirectDrawEx
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] -> (HelpCont) -> Internet Explorer Help
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f216970-c90c-11d1-b5c7-0000f8051515}] -> (DAJava) -> Classes Java DirectAnimation
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] -> (MSVBScript) -> Microsoft Windows Script 5.7
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5056b317-8d4c-43ee-8543-b9d1e234b8f4}] -> (KB923789) -> Mise à jour de sécurité pour Windows XP (KB923789)
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> (Messenger) -> Windows Messenger 4.7
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5A8D6EE0-3E18-11D0-821E-444553540000}] -> (ICW) ->
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] -> (GenSetup) -> Internet Explorer Setup Tools
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] -> (ExtraPack) -> Browsing Enhancements
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> (Microsoft Windows Media Player) -> Microsoft Windows Media Player
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] -> (MSN_Auth) -> MSN Site Access
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}] -> (.NETFramework) -> .NET Framework
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{72AD53CC-CCC0-3757-8480-9EE176866A7C}] -> (.NETFramework) -> .NET Framework
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{73fa19d0-2d75-11d2-995d-00c04f98bbc9}] -> (WebFolders) -> Web Folders
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] -> (WAB) -> Carnet d'adresses 6
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}] -> (.NETFramework) -> .NET Framework
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] -> (IE4Shell_NT) -> Mise à jour du Bureau Windows
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] -> (BASEIE40_W2K) -> Internet Explorer
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> (DOTNETFRAMEWORKS) ->
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}] -> (Fax) -> Fax
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] -> (Tridata) -> Dynamic HTML Data Binding
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{94de52c8-2d59-4f1b-883e-79663d2d9a8c}] -> (Fax Provider) -> Fax Provider
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}] -> () ->
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}] -> (.NETFramework) -> .NET Framework
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C3C986D6-06B1-43BF-90DD-BE30756C00DE}] -> (Windows Revoked Roots Update) -> RevokedRootsUpdate
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] -> (Fontcore) -> Internet Explorer Core Fonts
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}] -> (.NETFramework) -> .NET Framework
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{CC2A9BA0-3BDD-11D0-821E-444553540000}] -> (MSTASK) -> Planificateur de tâches
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}] -> (Windows Movie Maker v2.1) ->
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11cf-96B8-444553540000}] -> (Flash) -> Adobe Flash Player
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] -> (HTMLHelp) -> HTML Help
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] -> (ADSI) -> Active Directory Service Interface
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{EF289A85-8E57-408d-BE47-73B55609861A}] -> (Windows Roots Update) -> RootsUpdate
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}] -> (.NETFramework) -> .NET Framework
[HKU\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> () -> 9,0,0,4503
[HKU\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> () -> 9,0,0,4503
[HKU\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> () -> 4,4,0,3400
[HKU\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}] -> () -> 9,0,0,4503
[HKU\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> () -> 9,0,0,4503
[HKU\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> () -> 9,0,0,4503
[HKU\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> () -> 9,0,0,4503
[HKU\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> () -> 4,4,0,3400
[HKU\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}] -> () -> 9,0,0,4503
[HKU\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> () -> 9,0,0,4503
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] -> () -> 8,0,6001,0
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] -> () -> 8,0,6001,18702
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> () -> 8,0,6001,18702
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] -> () -> 6,0,2900,5512
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> () -> 2,0,0,0
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> () -> 11,0,5721,5145
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> () -> 11,0,5721,5145
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> () -> 1,1,1,7
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> () -> 6,0,2900,5512
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> () -> 4,4,0,3400
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}] -> () -> 11,0,5721,5145
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> () -> 4,7,0,3000
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> () -> 11,0,5721,5145
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] -> () -> 6,0,2600,0000
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] -> () -> 6,0,2900,5512
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] -> () -> 8,0,6001,18702
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> () -> 1,1,0,5000
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}] -> () ->
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\SOFTWARE\Microsoft\Active Setup\Installed Components\{94de52c8-2d59-4f1b-883e-79663d2d9a8c}] -> () ->
[HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> () -> 9,0,0,4503
[HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> () -> 9,0,0,4503
[HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> () -> 4,4,0,3400
[HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}] -> () -> 9,0,0,4503
[HKU\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> () -> 9,0,0,4503

[HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6414512B-B978-451D-A0D8-FCFDF33E833C}] ->
[HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}] ->
[HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}] -> Java Runtime Environment 1.6.0
[HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9E858349-A287-4D37-8C27-034330E160F9}] ->
[HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}] -> Java Runtime Environment 1.6.0
[HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}] -> Java Runtime Environment 1.6.0
[HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}] ->
[HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{F27237D7-93C8-44C2-AC6E-D6057B9A918F}] ->

09:35:26

¤¤¤¤¤¤¤¤¤¤ | HKCR\Applications

[HKCR\Applications\EXCEL.EXE\Shell\open\command] -> "C:\Program Files\Microsoft Office\Office12\EXCEL.EXE" /e
[HKCR\Applications\iexplore.exe\Shell\open\command] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1
[HKCR\Applications\iTunes.exe\Shell\open\command] -> "C:\Program Files\iTunes\iTunes.exe" /open "%L"
[HKCR\Applications\MSOXMLED.EXE\Shell\open\command] -> "C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLED.EXE" /verb open "%1"
[HKCR\Applications\notepad.exe\Shell\open\command] -> %SystemRoot%\system32\NOTEPAD.EXE %1
[HKCR\Applications\ois.exe\Shell\open\command] -> C:\PROGRA~1\MICROS~3\Office12\OIS.EXE /shellOpen "%1"
[HKCR\Applications\PhotoshopElementsEditor.exe\Shell\open\command] -> "C:\Program Files\Adobe\Photoshop Elements 10\PhotoshopElementsEditor.exe" "%1"
[HKCR\Applications\playerplus.exe\Shell\open\command] -> "C:\Program Files\PlayerPlus\playerplus.exe","%1"
[HKCR\Applications\POWERPNT.EXE\Shell\open\command] -> "C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE" "%1"
[HKCR\Applications\QuickTimePlayer.exe\Shell\open\command] -> C:\Program Files\QuickTime\QuickTimePlayer.exe "%1"
[HKCR\Applications\shimgvw.dll\Shell\open\command] -> rundll32.exe %SystemRoot%\system32\shimgvw.dll,ImageView_Fullscreen %1
[HKCR\Applications\uTorrent.exe\Shell\open\command] -> "C:\Program Files\uTorrent\uTorrent.exe" "%1"
[HKCR\Applications\winfxdocobj.exe\Shell\open\command] -> C:\WINDOWS\system32\winfxdocobj.exe %1
[HKCR\Applications\WinRAR.exe\Shell\open\command] -> "C:\Program Files\WinRAR\WinRAR.exe" "%1"
[HKCR\Applications\wmplayer.exe\Shell\open\command] -> C:\Program Files\Windows Media Player\wmplayer.exe /Open "%L"
[HKCR\Applications\wordpad.exe\Shell\open\command] -> "%ProgramFiles%\Windows NT\Accessoires\WORDPAD.EXE" "%1"
[HKCR\Applications\XPSViewer.exe\Shell\open\command] -> "C:\WINDOWS\system32\XPSViewer\XPSViewer.exe" "%1" %*

¤¤¤¤¤¤¤¤¤¤ | Svchost - Netsvcs

Audiov - :
Tapiv - :

09:35:26


¤¤¤¤¤¤¤¤¤¤ | HKU\S-1-5-20

[HKU\S-1-5-20\Software\Intel]
[HKU\S-1-5-20\Software\Microsoft]
[HKU\S-1-5-20\Software\Netscape]
[HKU\S-1-5-20\Software\Policies]
[HKU\S-1-5-20\Software\Classes]
[HKU\S-1-5-20\Software\Microsoft\Active Setup]
[HKU\S-1-5-20\Software\Microsoft\ActiveMovie]
[HKU\S-1-5-20\Software\Microsoft\Clock]
[HKU\S-1-5-20\Software\Microsoft\Command Processor]
[HKU\S-1-5-20\Software\Microsoft\CTF]
[HKU\S-1-5-20\Software\Microsoft\Fax]
[HKU\S-1-5-20\Software\Microsoft\File Manager]
[HKU\S-1-5-20\Software\Microsoft\Internet Explorer]
[HKU\S-1-5-20\Software\Microsoft\Keyboard]
[HKU\S-1-5-20\Software\Microsoft\MediaPlayer]
[HKU\S-1-5-20\Software\Microsoft\MessengerService]
[HKU\S-1-5-20\Software\Microsoft\Microsoft Management Console]
[HKU\S-1-5-20\Software\Microsoft\MSN]
[HKU\S-1-5-20\Software\Microsoft\Multimedia]
[HKU\S-1-5-20\Software\Microsoft\NetDDE]
[HKU\S-1-5-20\Software\Microsoft\NetShow]
[HKU\S-1-5-20\Software\Microsoft\Ntbackup]
[HKU\S-1-5-20\Software\Microsoft\RegEdt32]
[HKU\S-1-5-20\Software\Microsoft\Schedule+]
[HKU\S-1-5-20\Software\Microsoft\Search Assistant]
[HKU\S-1-5-20\Software\Microsoft\SystemCertificates]
[HKU\S-1-5-20\Software\Microsoft\Windows]
[HKU\S-1-5-20\Software\Microsoft\Windows Help]
[HKU\S-1-5-20\Software\Microsoft\Windows Media]
[HKU\S-1-5-20\Software\Microsoft\Windows NT]
[HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion]
[HKU\S-1-5-20\Software\Microsoft\Windows\ShellNoRoam]


¤¤¤¤¤¤¤¤¤¤ | HKU\S-1-5-21-319460888-361279271-2282740394-1005

[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\1ClickDownload]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Adobe]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Alps]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Andrea Electronics]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\AppDataLow]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Apple Computer, Inc.]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Apple Inc.]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Aurigma]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\BI]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\BrowserTemp]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Canon]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Canon_Inc_IC]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\CheckPoint]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Clients]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Cyberlink]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Dell]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\DevNet]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\g3n-h@ckm@n]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\GlarySoft]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\GNU]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Google]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Hewlett-Packard]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\HP]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\IB Updater]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\IDT]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\IM Providers]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\IncrediMail]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\InstallCore]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\InstallShield]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Intel]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\JavaSoft]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Juniper Networks]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\KONICA MINOLTA]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Local AppWizard-Generated Applications]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Macromedia]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Magnet]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\MainConcept]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\MAP-DN]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\mozilla]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\MozillaPlugins]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Netscape]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Nuance]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\ODBC]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Piriform]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Policies]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Roxio]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Skype]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Smiley Bar for Facebook]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Softonic_France]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Somoto]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Sophos]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\SweetIM]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Symantec]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\TeamViewer]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Trolltech]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Visan]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Widcomm]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\WinRAR]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\WinRAR SFX]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\WNLT]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Yahoo]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\YahooPartnerToolbar]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Classes]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Active Setup]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\ActiveMovie]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Advanced INF Setup]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\AntiPhishing]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\ASF Stream Descriptor File]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Clock]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Command Processor]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\ComPstUI]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\CTF]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Direct3D]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\DirectInput]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Driver Signing]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\EventSystem]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Exchange]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Fax]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Feeds]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\File Manager]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Fix it]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\FTP]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\GDIPlus]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Genuine Advantage]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\IdentityCRL]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\IEAK]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Installer]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Internet Account Manager]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Internet Connection Wizard]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Internet Explorer]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Internet Mail and News]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Java VM]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Keyboard]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\MediaPlayer]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\MessengerService]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Microsoft Management Console]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\MM20]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\MPEG2Demultiplexer]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\MS Design Tools]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\MS Switch]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\MSDAIPP]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\MSN]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\MSN Apps]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\MSNMessenger]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Multimedia]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\mxdwdui]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Net Framework Setup]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\NetDDE]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\NetShow]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Network Diagnostic]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Notepad]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Ntbackup]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Office]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Osk]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Outlook Express]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Plus!]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Protected Storage System Provider]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\RAS AutoDial]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\RAS Phonebook]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\RegEdt32]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\SAPI Layer]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Schedule+]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Search Assistant]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Search Enhancement Pack]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Security Center]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Shared]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Shared Tools]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Solitaire]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Speech]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\SQMClient]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\SystemCertificates]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\TPG]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Tracing]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\UCCPlatform]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\VBA]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\VisualStudio]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\WAB]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Wbem]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Web Service Providers]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Windows]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Windows Help]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Windows Live]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Windows Live Contacts]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Windows Media]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Windows NT]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Windows Script]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Windows Script Host]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\winmine]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Windows\CurrentVersion]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Windows\Shell]
[HKU\S-1-5-21-319460888-361279271-2282740394-1005\Software\Microsoft\Windows\ShellNoRoam]


¤¤¤¤¤¤¤¤¤¤ | HKCU\Software\M$\Windows NT & CurrentVersion

[HKCU\Software\Microsoft\Windows NT\CurrentVersion]
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Devices]
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Extensions]
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Network]
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\PrinterPorts]
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Program Manager]
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\TaskManager]
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Time Zones]
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\TrueType]
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows]
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem]
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

¤¤¤¤¤¤¤¤¤¤ | HKLM\Software

[HKLM\Software\781]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\AedgePerformanceBCN]
[HKLM\Software\Alps]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Axalto]
[HKLM\Software\BioAPI]
[HKLM\Software\BROADCOM]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Bunndle]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Canon]
[HKLM\Software\Canon_Inc_IC]
[HKLM\Software\CCleaner]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Dell]
[HKLM\Software\Dell Computer Corporation]
[HKLM\Software\DEVICEVM]
[HKLM\Software\DevNet]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\FreeFallProtection]
[HKLM\Software\GEAR Software]
[HKLM\Software\Gemplus]
[HKLM\Software\GNU]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\HP]
[HKLM\Software\IB Updater]
[HKLM\Software\IDT]
[HKLM\Software\IncrediMail]
[HKLM\Software\InstalledOptions]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Juniper Networks]
[HKLM\Software\KONICA MINOLTA]
[HKLM\Software\Macromedia]
[HKLM\Software\Microsoft]
[HKLM\Software\MicroVision]
[HKLM\Software\Mozilla]
[HKLM\Software\mozilla.org]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\NTRU Cryptosystems]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RocketLife]
[HKLM\Software\Rodenstock]
[HKLM\Software\Roxio]
[HKLM\Software\RSA]
[HKLM\Software\ScanSoft]
[HKLM\Software\Schlumberger]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\SimplyGen]
[HKLM\Software\Sonic]
[HKLM\Software\Sophos]
[HKLM\Software\SweetIM]
[HKLM\Software\Symantec]
[HKLM\Software\TeamViewer]
[HKLM\Software\Visan]
[HKLM\Software\vtapi]
[HKLM\Software\Wave Systems Corp]
[HKLM\Software\Wave Systems Corp.]
[HKLM\Software\WebSupergoo]
[HKLM\Software\WholeSecurity]
[HKLM\Software\Widcomm]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\WinRAR]
[HKLM\Software\WNLT]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Yahoo]
[HKLM\Software\Zenographics]
[HKLM\Software\Microsoft\.NETFramework]
[HKLM\Software\Microsoft\Active Setup]
[HKLM\Software\Microsoft\AD7Metrics]
[HKLM\Software\Microsoft\ADs]
[HKLM\Software\Microsoft\Advanced INF Setup]
[HKLM\Software\Microsoft\ALG]
[HKLM\Software\Microsoft\ASP.NET]
[HKLM\Software\Microsoft\AudioCompressionManager]
[HKLM\Software\Microsoft\BidInterface]
[HKLM\Software\Microsoft\Code Store Database]
[HKLM\Software\Microsoft\COM3]
[HKLM\Software\Microsoft\Command Processor]
[HKLM\Software\Microsoft\Conferencing]
[HKLM\Software\Microsoft\Cryptography]
[HKLM\Software\Microsoft\CTF]
[HKLM\Software\Microsoft\DataAccess]
[HKLM\Software\Microsoft\DataFactory]
[HKLM\Software\Microsoft\DevDiv]
[HKLM\Software\Microsoft\DeviceManager]
[HKLM\Software\Microsoft\Dfrg]
[HKLM\Software\Microsoft\Direct3D]
[HKLM\Software\Microsoft\DirectDraw]
[HKLM\Software\Microsoft\DirectInput]
[HKLM\Software\Microsoft\DirectMusic]
[HKLM\Software\Microsoft\DirectPlay]
[HKLM\Software\Microsoft\DirectPlay8]
[HKLM\Software\Microsoft\DirectPlayNATHelp]
[HKLM\Software\Microsoft\DirectX]
[HKLM\Software\Microsoft\dot3svc]
[HKLM\Software\Microsoft\DownloadManager]
[HKLM\Software\Microsoft\Driver Signing]
[HKLM\Software\Microsoft\DRM]
[HKLM\Software\Microsoft\DrWatson]
[HKLM\Software\Microsoft\EAPOL]
[HKLM\Software\Microsoft\EnterpriseCertificates]
[HKLM\Software\Microsoft\ESENT]
[HKLM\Software\Microsoft\EventSystem]
[HKLM\Software\Microsoft\Exchange]
[HKLM\Software\Microsoft\Factory]
[HKLM\Software\Microsoft\Fax]
[HKLM\Software\Microsoft\Feeds]
[HKLM\Software\Microsoft\Function Discovery]
[HKLM\Software\Microsoft\Fusion]
[HKLM\Software\Microsoft\GETCONN]
[HKLM\Software\Microsoft\HTMLHelp]
[HKLM\Software\Microsoft\IdentityCRL]
[HKLM\Software\Microsoft\IE Setup]
[HKLM\Software\Microsoft\IE4]
[HKLM\Software\Microsoft\IMAPI]
[HKLM\Software\Microsoft\Internet Account Manager]
[HKLM\Software\Microsoft\Internet Connection Wizard]
[HKLM\Software\Microsoft\Internet Domains]
[HKLM\Software\Microsoft\Internet Explorer]
[HKLM\Software\Microsoft\IPSec]
[HKLM\Software\Microsoft\Jet]
[HKLM\Software\Microsoft\Machine Debug Manager]
[HKLM\Software\Microsoft\MediaPlayer]
[HKLM\Software\Microsoft\MessengerService]
[HKLM\Software\Microsoft\Microsoft Reference]
[HKLM\Software\Microsoft\MM20]
[HKLM\Software\Microsoft\MMC]
[HKLM\Software\Microsoft\MMCtlsForIE]
[HKLM\Software\Microsoft\Mobile]
[HKLM\Software\Microsoft\MobilePC]
[HKLM\Software\Microsoft\Mr. Enigma]
[HKLM\Software\Microsoft\MSBuild]
[HKLM\Software\Microsoft\MSDAIPP]
[HKLM\Software\Microsoft\MSDTC]
[HKLM\Software\Microsoft\MSLicensing]
[HKLM\Software\Microsoft\MSMQ]
[HKLM\Software\Microsoft\MSN]
[HKLM\Software\Microsoft\MSOSOAP]
[HKLM\Software\Microsoft\MSSearch36]
[HKLM\Software\Microsoft\MSXML 6.0 Parser and SDK]
[HKLM\Software\Microsoft\MSXML60]
[HKLM\Software\Microsoft\Multimedia]
[HKLM\Software\Microsoft\NET Framework Setup]
[HKLM\Software\Microsoft\NetDDE]
[HKLM\Software\Microsoft\NetSh]
[HKLM\Software\Microsoft\NetShow]
[HKLM\Software\Microsoft\Network Diagnostic]
[HKLM\Software\Microsoft\NetworkAccessProtection]
[HKLM\Software\Microsoft\Non-Driver Signing]
[HKLM\Software\Microsoft\ODBC]
[HKLM\Software\Microsoft\Office]
[HKLM\Software\Microsoft\Ole]
[HKLM\Software\Microsoft\Outlook Express]
[HKLM\Software\Microsoft\PCHealth]
[HKLM\Software\Microsoft\PlayReady]
[HKLM\Software\Microsoft\PowerShell]
[HKLM\Software\Microsoft\Preinstall]
[HKLM\Software\Microsoft\Ras]
[HKLM\Software\Microsoft\RAS AutoDial]
[HKLM\Software\Microsoft\Remote Desktop]
[HKLM\Software\Microsoft\RemovalTools]
[HKLM\Software\Microsoft\RFC1156Agent]
[HKLM\Software\Microsoft\Router]
[HKLM\Software\Microsoft\Rpc]
[HKLM\Software\Microsoft\SchedulingAgent]
[HKLM\Software\Microsoft\Schema Library]
[HKLM\Software\Microsoft\Search Enhancement Pack]
[HKLM\Software\Microsoft\Secure]
[HKLM\Software\Microsoft\Security Center]
[HKLM\Software\Microsoft\Shared]
[HKLM\Software\Microsoft\Shared Tools]
[HKLM\Software\Microsoft\Shared Tools Location]
[HKLM\Software\Microsoft\Silverlight]
[HKLM\Software\Microsoft\SmartCard]
[HKLM\Software\Microsoft\Speech]
[HKLM\Software\Microsoft\SQMClient]
[HKLM\Software\Microsoft\Sysprep]
[HKLM\Software\Microsoft\SystemCertificates]
[HKLM\Software\Microsoft\Tcpip]
[HKLM\Software\Microsoft\TelnetServer]
[HKLM\Software\Microsoft\Terminal Server Client]
[HKLM\Software\Microsoft\Tracing]
[HKLM\Software\Microsoft\Transaction Server]
[HKLM\Software\Microsoft\TShoot]
[HKLM\Software\Microsoft\Tuning Spaces]
[HKLM\Software\Microsoft\UCCPlatform]
[HKLM\Software\Microsoft\udrm]
[HKLM\Software\Microsoft\Updates]
[HKLM\Software\Microsoft\UPnP Device Host]
[HKLM\Software\Microsoft\VBA]
[HKLM\Software\Microsoft\Visio]
[HKLM\Software\Microsoft\VisualStudio]
[HKLM\Software\Microsoft\VSTA Runtime Setup]
[HKLM\Software\Microsoft\vsto runtime Setup]
[HKLM\Software\Microsoft\WAB]
[HKLM\Software\Microsoft\WBEM]
[HKLM\Software\Microsoft\Windows]
[HKLM\Software\Microsoft\Windows Defender]
[HKLM\Software\Microsoft\Windows Genuine Advantage]
[HKLM\Software\Microsoft\Windows Live]
[HKLM\Software\Microsoft\Windows Live Mail]
[HKLM\Software\Microsoft\Windows Media]
[HKLM\Software\Microsoft\Windows Media Device Manager]
[HKLM\Software\Microsoft\Windows Media Player NSS]
[HKLM\Software\Microsoft\Windows Messaging Subsystem]
[HKLM\Software\Microsoft\Windows NT]
[HKLM\Software\Microsoft\Windows Portable Devices]
[HKLM\Software\Microsoft\Windows Script Host]
[HKLM\Software\Microsoft\Windows Scripting Host]
[HKLM\Software\Microsoft\Windows Search]
[HKLM\Software\Microsoft\Wisp]
[HKLM\Software\Microsoft\WZCSVC]
[HKLM\Software\Microsoft\Windows\CurrentVersion]
[HKLM\Software\Microsoft\Windows\Help]
[HKLM\Software\Microsoft\Windows\HTML Help]
[HKLM\Software\Microsoft\Windows\ITStorage]
[HKLM\Software\Microsoft\Windows\Shell]
[HKLM\Software\Microsoft\Windows\WebFolders]
[HKLM\Software\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\Microsoft\Windows\Windows Search]

¤¤¤¤¤¤¤¤¤¤ | Last created/Modified

[MD5.00000000000000000000000000000000] - [27/10/2012 11:43:37] - |D| - [13952650] - C:\Program Files\ffdshow
[MD5.00000000000000000000000000000000] - [20/10/2012 19:03:51] - |D| - [263852] - C:\Program Files\FilesFrog Update Checker
[MD5.00000000000000000000000000000000] - [20/10/2012 18:11:22] - |D| - [662365] - C:\Program Files\FreeMi UPnP Media Server
[MD5.00000000000000000000000000000000] - [27/10/2012 11:43:41] - |D| - [2434588] - C:\Program Files\Haali
[MD5.00000000000000000000000000000000] - [20/10/2012 19:03:44] - |D| - [2028897] - C:\Program Files\IB Updater
[MD5.00000000000000000000000000000000] - [21/10/2012 10:47:41] - |D| - [2367291] - C:\Program Files\iPod
[MD5.00000000000000000000000000000000] - [21/10/2012 10:47:32] - |D| - [153019680] - C:\Program Files\iTunes
[MD5.00000000000000000000000000000000] - [20/10/2012 21:01:36] - |D| - [402] - C:\Program Files\Mozilla Firefox
[MD5.00000000000000000000000000000000] - [20/10/2012 21:00:47] - |D| - [0] - C:\Program Files\OnlineHD.TV
[MD5.00000000000000000000000000000000] - [20/10/2012 19:03:49] - |D| - [281221] - C:\Program Files\Perion
[MD5.00000000000000000000000000000000] - [27/10/2012 11:43:48] - |D| - [1520951] - C:\Program Files\Smiley Bar for Facebook
[MD5.00000000000000000000000000000000] - [25/10/2012 21:52:50] - |D| - [12031169] - C:\Program Files\Webplayer decompression
[MD5.00000000000000000000000000000000] - [10/10/2012 18:47:01] - |HDC| - [1279476] - C:\WINDOWS\$NtUninstallKB2661254-v2$
[MD5.00000000000000000000000000000000] - [10/10/2012 18:49:57] - |HDC| - [13298880] - C:\WINDOWS\$NtUninstallKB2724197$
[MD5.00000000000000000000000000000000] - [10/10/2012 18:47:34] - |HDC| - [842594] - C:\WINDOWS\$NtUninstallKB2749655$
[MD5.00000000000000000000000000000000] - [10/10/2012 18:47:38] - |HDC| - [830094] - C:\WINDOWS\$NtUninstallKB2756822$
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [25/10/2012 20:35:26] - |A| - [0] - C:\WINDOWS\0.log
[MD5.FF0A6443DBC310B57201D60C80BF28EA] - [27/10/2012 20:29:14] - |A| - [10975] - C:\WINDOWS\KB2744842-IE8.log
[MD5.106FABE29614C82E29BC64B44BAE596E] - [28/10/2012 19:54:31] - |A| - [655] - C:\WINDOWS\nsw.log
[MD5.11D47DD7F8CCE1B53724B955D9037498] - [28/10/2012 18:26:09] - |A| - [718042] - C:\WINDOWS\ntbtlog.txt
[MD5.020272B85869B0C152FBD425802C9645] - [21/10/2012 19:41
0
Réponse 23 / 96
sophlulu
29 oct. 2012 à 10:19
Désolée pour le stress , comme je n'y connais rien et c'est l'ordi du boulot, je panique un peu :-)
0
Réponse 24 / 96
Utilisateur anonyme
29 oct. 2012 à 10:24
heberge le rapport ici et donne le lien obtenu

https://www.cjoint.com/
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 96
sophlulu Messages postés 46 Date d'inscription dimanche 28 octobre 2012 Statut Membre Dernière intervention 14 décembre 2013
29 oct. 2012 à 12:23
Le lien a été créé: https://www.cjoint.com/?BJDmn6EMaHI
0
Réponse 26 / 96
Utilisateur anonyme
29 oct. 2012 à 12:40
desinstalle tout Java
desinstalle Smiley Bar for Facebook
desinstalle IB Updater
desinstalle Webplayer decompression

================

ensuite :

selectionne ce texte :

Zip::
C:\Windows\System32\dmwu.exe

Relance Pre_scan puis choisis l'option "Script"

une page va s'ouvrir

logiquement le texte que tu as sélectionné s'y trouve déjà , donc tu fermes et le programme va travailler.

sinon colle-le (clic droit/coller ou ctrl+V) dans la page vierge.

puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte

des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille

heberge C:\_Pre_script.zip sur https://www.cjoint.com/ et donne le lien

0
Réponse 27 / 96
sophlulu
29 oct. 2012 à 13:36
http://cjoint.com/?BJDnJzT312Z
0
Réponse 28 / 96
Utilisateur anonyme
29 oct. 2012 à 13:39
tes protections etaient desactivées ?
0
Réponse 29 / 96
sophlulu
29 oct. 2012 à 13:46
windows sécurité : antivirus désactivé+pare feu activé+mise à jour auto activé
symantec:antivirus alerte bloquée sur warning+proactive threat protection off+network threat protection on
0
Réponse 30 / 96
Utilisateur anonyme
29 oct. 2012 à 14:06
bon en tout cas chez moi cette fonction fonctionne

==

donc à la main :

clic droit sur :

C:\Windows\System32\dmwu.exe

envoyer vers => dossiers compressés , puis envoie l archive
0
Réponse 31 / 96
sophlulu Messages postés 46 Date d'inscription dimanche 28 octobre 2012 Statut Membre Dernière intervention 14 décembre 2013
29 oct. 2012 à 14:22
C:\Windows\System32\dmwu.exe , je le trouve ou?
j'ai du mal à suivre!
0
Réponse 32 / 96
sophlulu Messages postés 46 Date d'inscription dimanche 28 octobre 2012 Statut Membre Dernière intervention 14 décembre 2013
29 oct. 2012 à 14:30
quand je lance préscan /option script le Zip:: C:\Windows\System32\dmwu.exe
apparait bien, je referme préscan et il me crée ce fichier
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script | 2.1029 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Sophie : Microsoft Windows XP (32 bits)

Switchs : https://gen-hackman.kanak.fr/

Impossible to create restorepoint !!!


Script : 14:27:03

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤


Fin : 14:27:03

¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤
0
Réponse 33 / 96
Utilisateur anonyme
Modifié par vigen le 29/10/2012 à 15:01
Un ordi de travail, ne doit servir qu'au travail ;-)

Bon courage G3N ;-)

@sophlulu tu es entre de bonne mains :-)
0
Réponse 34 / 96
sophlulu Messages postés 46 Date d'inscription dimanche 28 octobre 2012 Statut Membre Dernière intervention 14 décembre 2013
29 oct. 2012 à 15:21
c'est une bonne leçon le travail reste le travail !!Et j'ai l'air d'être entre de bonnes mains ;-)
0
Réponse 35 / 96
Utilisateur anonyme
29 oct. 2012 à 15:53
tu as bien ce fichier ?

C:\_Pre_script.zip
0
Réponse 36 / 96
sophlulu
29 oct. 2012 à 15:59
j'ai fait une recherche de fichier sur l'ordinateur et il ne le le trouve pas
0
Réponse 37 / 96
Utilisateur anonyme
29 oct. 2012 à 16:27
donc fais ca :

https://forums.commentcamarche.net/forum/affich-26346313-infection-ukash-votre-ordinateur-est-bloque?page=2#30

le fichier tu le trouves où ? ben tu suis le chemin

disque c:\ => windows => system32 ,etc....
0
Réponse 38 / 96
sophlulu Messages postés 46 Date d'inscription dimanche 28 octobre 2012 Statut Membre Dernière intervention 14 décembre 2013
29 oct. 2012 à 17:23
il n'existe pas sur mon disque dur , j'ai fait plusieurs recherches, rien :-(
0
Réponse 39 / 96
Utilisateur anonyme
29 oct. 2012 à 18:02
affiche les fichiers cachés et les fichiers protégés du systeme
0
Réponse 40 / 96
sophlulu Messages postés 46 Date d'inscription dimanche 28 octobre 2012 Statut Membre Dernière intervention 14 décembre 2013
29 oct. 2012 à 18:19
désolée, je ne suis novice en informatique, comment je dois faire pour afficher ces fichiers?
0
Utilisateur anonyme
Modifié par vigen le 29/10/2012 à 18:45
J'espère que g3n, ne m'en voudras pas ;-) c'est pour gagner du temps, double clic, sur le poste de travail, allez sur "outils" en haut de la fenetre qui apparait, descendre jusqu'a "options des dossiers", allez sur l'onglet "affichage", dans parametres avancés décoché, "masquer les fichiers protégés du système d'exploitation", appuyez sur appliquer et ok..Je repars sur la pointe des pieds :-)
0
Utilisateur anonyme
29 oct. 2012 à 19:36
loooooooooooooooooool !!! si c'est pour cela tu es bienvenu de poster sur tous mes topics :) ^^
mdr !!!
0
Utilisateur anonyme
29 oct. 2012 à 19:38
;-)
0

Discussions similaires

j'ai renversé de l'eau sur mon pc portable
sardine -
moudubulbe -

14 réponses