Sujet Précédent Sujet Suivant

Certains sites sont longs à s'ouvrir

Résolu/Fermé
fleur45490 Messages postés 30 Date d'inscription vendredi 13 septembre 2013 Statut Membre Dernière intervention 3 mai 2014 - 13 sept. 2013 à 15:34
kingk06 Messages postés 10277 Date d'inscription mercredi 12 juin 2013 Statut Membre Dernière intervention 17 mars 2015 - 16 sept. 2013 à 13:47
bonjour,
depuis quelques jours, certains sites sont longs à s'ouvrir et des pages de publicité s'ouvrent. quelquefois une page blanche s'affiche.
j'ai fait défragmentation, ccleaner, antismalware etc... rien ne change.
je vous remercie de votre aide
A voir également:

51 réponses

Précédent
Réponse 21 / 51
kingk06 Messages postés 10277 Date d'inscription mercredi 12 juin 2013 Statut Membre Dernière intervention 17 mars 2015 536
14 sept. 2013 à 11:56
en suite a usbfix passer à SpyKiller.exe et poste le rapport stp !
0
Réponse 22 / 51
fleur45490 Messages postés 30 Date d'inscription vendredi 13 septembre 2013 Statut Membre Dernière intervention 3 mai 2014
14 sept. 2013 à 11:58
++++++++++++++++++++++ RAPPORT SpyKiller 1.0 ++++++++++++++++++++++


Mis à jour le 06.08.2011 à 17.06
Contact : k.lementec@yahoo.fr


C:\Documents and Settings\Admin\Mes documents\Téléchargements\SpyKiller(2).exe -> Lancé à 11:57:44 le 14.09.2013


OS : Windows XP X86 - Français
SP : Service Pack 3

Admin - PERSONNEL


++++++++++++++++++++++++ PROCESSUS FERMÉ ++++++++++++++++++++++++

explorer.exe --> tué


++++++++++++++++++++++++++ SUPPRESSION ++++++++++++++++++++++++++

++++ Clé de Registre


++++ Fichier(s)/Dossier(s)


++++ Fichier Hosts
Fichier Hosts réstauré avec succès!!!

Fin à 11:57:46, 14.09.2013
++++++++++++++++++++++++++++++ E.O.F ++++++++++++++++++++++++++++++
0
Réponse 23 / 51
fleur45490 Messages postés 30 Date d'inscription vendredi 13 septembre 2013 Statut Membre Dernière intervention 3 mai 2014
14 sept. 2013 à 12:04
++++++++++++++++++++++ RAPPORT SpyKiller 1.0 ++++++++++++++++++++++


Mis à jour le 06.08.2011 à 17.06
Contact : k.lementec@yahoo.fr


C:\Documents and Settings\Admin\Mes documents\Téléchargements\SpyKiller(2).exe -> Lancé à 12:03:33 le 14.09.2013


OS : Windows XP X86 - Français
SP : Service Pack 3

Admin - PERSONNEL


++++++++++++++++++++++++ PROCESSUS FERMÉ ++++++++++++++++++++++++

explorer.exe --> tué


++++++++++++++++++++++++++ SUPPRESSION ++++++++++++++++++++++++++

++++ Clé de Registre


++++ Fichier(s)/Dossier(s)


++++ Fichier Hosts
Fichier Hosts réstauré avec succès!!!

Fin à 12:03:36, 14.09.2013
++++++++++++++++++++++++++++++ E.O.F ++++++++++++++++++++++++++++++
0
Réponse 24 / 51
kingk06 Messages postés 10277 Date d'inscription mercredi 12 juin 2013 Statut Membre Dernière intervention 17 mars 2015 536
14 sept. 2013 à 12:07
ok SpyKiller

ok j attends le rapport de suppression de usbfix https://forums.commentcamarche.net/forum/affich-28706837-certains-sites-sont-longs-a-s-ouvrir#20
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 51
fleur45490 Messages postés 30 Date d'inscription vendredi 13 septembre 2013 Statut Membre Dernière intervention 3 mai 2014
14 sept. 2013 à 12:18
############################## | UsbFix V 7.134 | [Suppression]

Utilisateur: Admin (Administrateur) # PERSONNEL
Mis à jour le 06/09/2013 par El Desaparecido
Lancé à 12:15:41 | 14/09/2013

Site Web: https://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: http://wwww.sosvirus.net/contact_eldesaparecido.php

PC: System manufacturer (System Product Name) (X86-based PC)
CPU: AMD Athlon(tm) II X2 250 Processor (3013)
RAM -> [Total : 2815 | Free : 1837]
BIOS: BIOS Date: 08/03/10 17:24:39 Ver: 08.00.14
BOOT: Normal boot

OS: Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 8.0.6001.18702

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 466 Go (417 Go libre(s) - 89%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Disque amovible # 8 Go (28 Mo libre(s) - 0%) [STORE'N'GO] # FAT32
F:\ -> Disque amovible # 4 Go (4 Go libre(s) - 100%) [KINGSTON] # FAT32
G:\ -> Disque amovible # 2 Go (97 Mo libre(s) - 5%) [UDISK] # FAT32
H:\ -> Disque amovible # 4 Go (98 Mo libre(s) - 3%) [] # FAT32

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [HDAudDeck] - C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
HKLM\SOFTWARE | Run : [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe
HKLM\SOFTWARE | Run : [Easy-PrintToolBox] - C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
HKLM\SOFTWARE | Run : [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [] -
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [NSU_agent] - "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
HKLM\SOFTWARE | Run : [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE | Run : [QuickTime Task] - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-20\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-21-796845957-1677128483-839522115-1002\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\ctfmon.exe
HKU\S-1-5-21-796845957-1677128483-839522115-1002\SOFTWARE | Run : [] -
HKU\S-1-5-21-796845957-1677128483-839522115-1002\SOFTWARE | Run : [SFR Mediacenter] - "C:\Program Files\SFR\Mediacenter Evolution\MediaCenter.exe" /tray
HKU\S-1-5-18\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE

################## | Processus Stoppés |

Stoppé! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1972)
Stoppé! C:\Program Files\AVAST Software\Avast\afwServ.exe (2008)
Stoppé! C:\WINDOWS\Explorer.EXE (2020)
Stoppé! C:\WINDOWS\system32\spoolsv.exe (308)
Stoppé! C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe (1676)
Stoppé! C:\Program Files\Java\jre7\bin\jqs.exe (1780)
Stoppé! C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (412)
Stoppé! C:\Program Files\AVAST Software\Avast\avastUI.exe (512)
Stoppé! C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (1832)
Stoppé! C:\WINDOWS\system32\ctfmon.exe (664)
Stoppé! C:\Program Files\SFR\Mediacenter Evolution\MediaCenter.exe (732)
Stoppé! C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (876)
Stoppé! C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (1252)
Stoppé! C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (1356)
Stoppé! C:\Program Files\OpenOffice.org 3\program\soffice.exe (1416)
Stoppé! C:\Program Files\OpenOffice.org 3\program\soffice.bin (1520)
Stoppé! C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe (1876)
Stoppé! C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe (2100)
Stoppé! C:\WINDOWS\system32\wbem\wmiapsrv.exe (3400)
Stoppé! C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (728)
Stoppé! C:\Program Files\TeamViewer\Version8\TeamViewer.exe (472)
Stoppé! C:\Program Files\TeamViewer\Version8\tv_w32.exe (2396)
Stoppé! C:\Program Files\Mozilla Firefox\firefox.exe (460)
Stoppé! C:\Program Files\Mozilla Firefox\plugin-container.exe (2820)
Stoppé! C:\WINDOWS\system32\wscntfy.exe (2992)

################## | Éléments infectieux |

Supprimé! C:\Thumbs.db

(!) Fichiers temporaires supprimés.

################## | Registre |


################## | Mountpoints2 |

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{2480fb8e-4045-11e0-805e-806d6172696f}

################## | Listing |

[24/01/2012 - 00:08:33 | D ] C:\21d632a34b7360a000e3
[04/03/2011 - 14:15:15 | N | 1104] C:\aaw7boot.log
[13/09/2013 - 17:17:07 | D ] C:\AdwCleaner
[24/02/2011 - 23:09:17 | N | 0] C:\AUTOEXEC.BAT
[26/02/2011 - 16:43:04 | D ] C:\BJPrinter
[05/09/2013 - 16:46:16 | N | 228] C:\boot.ini
[05/08/2004 - 14:00:00 | N | 4952] C:\Bootfont.bin
[13/09/2013 - 23:47:13 | D ] C:\Config.Msi
[24/02/2011 - 23:09:17 | N | 0] C:\CONFIG.SYS
[22/02/2013 - 10:35:46 | N | 0] C:\cookies.sqlite
[05/09/2013 - 16:47:47 | D ] C:\dfe9fa9a31530e83785fc28d70ecb49a
[03/03/2011 - 16:28:24 | D ] C:\Documents and Settings
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1028.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1031.txt
[07/11/2007 - 08:00:40 | N | 10134] C:\eula.1033.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1036.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1040.txt
[07/11/2007 - 08:00:40 | N | 118] C:\eula.1041.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1042.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.2052.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.3082.txt
[07/11/2007 - 08:00:40 | N | 1110] C:\globdata.ini
[07/11/2007 - 08:03:18 | N | 562688] C:\install.exe
[07/11/2007 - 08:00:40 | N | 843] C:\install.ini
[07/11/2007 - 08:03:18 | N | 76304] C:\install.res.1028.dll
[07/11/2007 - 08:03:18 | N | 96272] C:\install.res.1031.dll
[07/11/2007 - 08:03:18 | N | 91152] C:\install.res.1033.dll
[07/11/2007 - 08:03:18 | N | 97296] C:\install.res.1036.dll
[07/11/2007 - 08:03:18 | N | 95248] C:\install.res.1040.dll
[07/11/2007 - 08:03:18 | N | 81424] C:\install.res.1041.dll
[07/11/2007 - 08:03:18 | N | 79888] C:\install.res.1042.dll
[07/11/2007 - 08:03:18 | N | 75792] C:\install.res.2052.dll
[07/11/2007 - 08:03:18 | N | 96272] C:\install.res.3082.dll
[24/02/2011 - 23:09:17 | N | 0] C:\IO.SYS
[24/02/2011 - 23:09:17 | N | 0] C:\MSDOS.SYS
[05/08/2004 - 14:00:00 | N | 47564] C:\NTDETECT.COM
[24/02/2011 - 23:46:25 | N | 252240] C:\ntldr
[14/09/2013 - 10:07:24 | ASH | 2145386496] C:\pagefile.sys
[13/09/2013 - 19:53:00 | N | 512] C:\PhysicalDisk0_MBR.bin
[14/09/2013 - 11:45:51 | D ] C:\Program Files
[25/02/2011 - 00:15:30 | SHD ] C:\RECYCLER
[14/09/2013 - 12:03:33 | D ] C:\SpyKiller
[24/02/2011 - 23:38:42 | SHD ] C:\System Volume Information
[14/09/2013 - 12:15:48 | D ] C:\TEMP
[14/09/2013 - 12:16:31 | D ] C:\UsbFix
[14/09/2013 - 12:16:55 | A | 7368] C:\UsbFix [Clean 1] PERSONNEL.txt
[14/09/2013 - 11:31:37 | N | 5176] C:\UsbFix [Scan 1] PERSONNEL.txt
[14/09/2013 - 11:38:33 | N | 5140] C:\UsbFix [Scan 2] PERSONNEL.txt
[31/08/2012 - 12:27:19 | N | 450] C:\user.js
[07/11/2007 - 08:00:40 | N | 5686] C:\vcredist.bmp
[07/11/2007 - 08:09:22 | N | 1442522] C:\VC_RED.cab
[07/11/2007 - 08:12:28 | N | 232960] C:\VC_RED.MSI
[14/09/2013 - 10:08:13 | D ] C:\WINDOWS
[13/09/2013 - 19:53:21 | D ] C:\ZHP

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.sosvirus.net/ |
0
Réponse 26 / 51
kingk06 Messages postés 10277 Date d'inscription mercredi 12 juin 2013 Statut Membre Dernière intervention 17 mars 2015 536
14 sept. 2013 à 12:31
ok super c'est bon mais il faut encore faire ceci ==>

==> Copies uniquement les lignes indiquées en gras ci-dessous dans le presse papier(tu surlignes avec la souris puis clic droit copier de Script ZHPFix jusqu'à la fin Emptytemp)


------------------------------------------------------------------------------------->
Script ZHPFix
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:56847
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline => Infection BT (Cram Toolbar.Adw)
O51 - MPSK:{2480fb8e-4045-11e0-805e-806d6172696f}\AutoRun\command. (...) -- D:\Bin\ASSETUP.exe (.not file.) => Infection USB (Trojan.USB)
O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline
O43 - CFD: 04/03/2011 - 14:18:37 - [0] ----D C:\Program Files\Spybot - Search & Destroy => Spybot - Search & Destroy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 => Internet Explorer Allows Proxy Settings Remotely
O43 - CFD: 04/03/2011 - 14:18:36 - [0,007] ----D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy => Spybot Search & Destroy
C:\WINDOWS\Prefetch\PLUS-HD-3.5-CODEDOWNLOADER.EX-27679EFA.pf
C:\WINDOWS\Prefetch\PLUS-HD-3.5-CHROMEINSTALLER.E-34C70B93.pf
C:\WINDOWS\Prefetch\PLUS-HD-3.5-ENABLER.EXE-0243AC48.pf
C:\WINDOWS\Prefetch\PLUS-HD-3.5-FIREFOXINSTALLER.-38A66CE8.pf
C:\WINDOWS\Prefetch\PLUS-HD-3.5-UPDATER.EXE-07CC2075.pf
McAfee Security Scan Plus v3.0.318.3
P2 - FPN: [HKLM] [@mcafee.com/McAfeeMssPlugin] - (.McAfee, Inc. - McAfee MSS+ NPAPI Plugin.) -- C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} . (.McAfee, Inc. - Quick Browser Identifier for MSS+ Tool.) -- C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [492]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\avast! Emergency Update.job [364]
O44 - LFC:[MD5.A5F637D61719D37A5B4868C385E363C0] - 30/08/2013 - 08:48:13 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys [177864]
O44 - LFC:[MD5.FA72FA503F580C3C628DD8C7D7622E37] - 30/08/2013 - 08:48:12 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswRvrt.sys [49376]
SysRestore
EmptyTemp





==>Lance ZHPFix (icône seringue) à partir du raccourci sur ton Bureau (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en tant qu'administrateur)
- Si tu ne l'as pas, télécharge le depuis ce lien: https://www.zebulon.fr/telechargements/securite/systeme/zhpfix.html
==>Clique sur l'icone représentant le presse-papier ("coller le presse-papier")
le script doit automatiquement apparaitre dans ZHPFix, sinon, colle-le (Ctrl+v)
==>Clique sur le bouton GO pour lancer le nettoyage
==> Copie/colle la totalité du rapport dans ta prochaine réponse.
==> : https://www.cjoint.com/ Copie le lien dans ta prochaine réponse.

==> laisse travailler l'outil et ne touche à rien ...

==> Si il t'est demandé de redémarrer le PC pour finir le nettoyage, fais le !


( ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ ZHPFixReport.txt )

Redémarre le PC et poste le rapport stp.
0
Réponse 27 / 51
fleur45490 Messages postés 30 Date d'inscription vendredi 13 septembre 2013 Statut Membre Dernière intervention 3 mai 2014
14 sept. 2013 à 13:01
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{01E04581-4EEE-11D0-BFE9-00AA005B4383}"=hex:81,45,e0,01,ee,4e,d0,11,bf,e9,00,\
aa,00,5b,43,83,10,00,00,00,00,00,00,00,01,e0,32,f4,01,00,00,00
"{0E5CBF21-D15F-11D0-8301-00AA005B4383}"=hex:21,bf,5c,0e,5f,d1,d0,11,83,01,00,\
aa,00,5b,43,83,22,00,1c,00,08,00,00,00,06,00,00,00,01,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,4c,00,00,00,01,14,02,00,00,00,00,00,c0,00,00,00,00,\
00,00,46,81,00,00,00,10,00,00,00,4a,65,1f,4c,6b,d4,cb,01,ac,f8,04,b0,32,f5,\
cc,01,98,8b,37,51,6b,d4,cb,01,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,47,01,14,00,1f,50,e0,4f,d0,20,ea,3a,69,10,a2,d8,\
08,00,2b,30,30,9d,19,00,2f,43,3a,5c,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,5c,00,31,00,00,00,00,00,63,3e,8d,73,10,00,44,4f,43,55,4d,\
45,7e,31,00,00,44,00,03,00,04,00,ef,be,58,3e,39,a5,5b,40,e4,45,14,00,00,00,\
44,00,6f,00,63,00,75,00,6d,00,65,00,6e,00,74,00,73,00,20,00,61,00,6e,00,64,\
00,20,00,53,00,65,00,74,00,74,00,69,00,6e,00,67,00,73,00,00,00,18,00,36,00,\
31,00,00,00,00,00,ae,3e,39,4a,10,00,41,64,6d,69,6e,00,22,00,03,00,04,00,ef,\
be,58,3e,e8,ac,5b,40,e4,45,14,00,00,00,41,00,64,00,6d,00,69,00,6e,00,00,00,\
14,00,50,00,31,00,00,00,00,00,53,40,f2,7a,11,00,46,61,76,6f,72,69,73,00,3a,\
00,03,00,04,00,ef,be,58,3e,e8,ac,5b,40,4c,4b,14,00,24,00,46,00,61,00,76,00,\
6f,00,72,00,69,00,73,00,00,00,40,73,68,65,6c,6c,33,32,2e,64,6c,6c,2c,2d,31,\
32,36,39,33,00,16,00,36,00,31,00,00,00,00,00,58,3e,ef,ac,10,00,4c,69,65,6e,\
73,00,22,00,03,00,04,00,ef,be,58,3e,eb,ac,5b,40,4c,4b,14,00,00,00,4c,00,69,\
00,65,00,6e,00,73,00,00,00,14,00,00,00,60,00,00,00,03,00,00,a0,58,00,00,00,\
00,00,00,00,70,65,72,73,6f,6e,6e,65,6c,00,00,00,00,00,00,00,f2,dc,f4,28,e2,\
17,61,4d,92,95,34,8c,38,7e,09,71,48,4d,c3,7e,6e,45,e0,11,84,b8,20,cf,30,db,\
30,cf,f2,dc,f4,28,e2,17,61,4d,92,95,34,8c,38,7e,09,71,48,4d,c3,7e,6e,45,e0,\
11,84,b8,20,cf,30,db,30,cf,00,00,00,00
"ITBarLayout"=hex:11,00,00,00,4c,00,00,00,00,00,00,00,34,00,00,00,1f,00,00,00,\
56,00,00,00,01,00,00,00,20,07,00,00,a0,0f,00,00,05,00,00,00,62,05,00,00,26,\
00,00,00,02,00,00,00,21,07,00,00,a0,0f,00,00,04,00,00,00,21,01,00,00,a0,0f,\
00,00,03,00,00,00,20,03,00,00,00,00,00,00,06,00,00,00,29,07,00,00,48,03,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,5b,c3,e6,ee,18,61,dc,11,9c,72,00,13,20,c7,98,47,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"ITBar7Layout"=hex:13,00,00,00,00,00,00,00,00,00,00,00,30,00,00,00,10,00,01,00,\
16,00,00,00,01,00,00,00,00,07,00,00,5e,01,00,00,06,00,00,00,00,03,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,73,28,7c,32,0d,e9,37,4c,aa,9d,10,ac,9b,ab,a4,6c,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"ITBar7Height"=dword:0000002f

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}]
@="&Liens"
"MenuTextPUI"="@browselc.dll,-13138"

[HKEY_CLASSES_ROOT\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}\Implemented Categories]

[HKEY_CLASSES_ROOT\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]

[HKEY_CLASSES_ROOT\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}\InProcServer32]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,53,00,48,00,\
45,00,4c,00,4c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,00,00
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}]
@="&Liens"
"MenuTextPUI"="@browselc.dll,-13138"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}\Implemented Categories]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}\InProcServer32]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,53,00,48,00,\
45,00,4c,00,4c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,00,00
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="C:\\Program Files\\VIA\\VIAudioi\\HDADeck\\HDeck.exe 1"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"Easy-PrintToolBox"="C:\\Program Files\\Canon\\Easy-PrintToolBox\\BJPSMAIN.EXE /logon"
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"Adobe ARM"="\"C:\\Program Files\\Fichiers communs\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
@=""
"APSDaemon"="\"C:\\Program Files\\Fichiers communs\\Apple\\Apple Application Support\\APSDaemon.exe\""
"NSU_agent"="\"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu3ui_agent.exe\""
"KernelFaultCheck"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,\
00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,\
5c,00,64,00,75,00,6d,00,70,00,72,00,65,00,70,00,20,00,30,00,20,00,2d,00,6b,\
00,00,00
"avast"="\"C:\\Program Files\\AVAST Software\\Avast\\avastUI.exe\" /nogui"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"SunJavaUpdateSched"="\"C:\\Program Files\\Fichiers communs\\Java\\Java Update\\jusched.exe\""

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings]
"User Agent"="Mozilla/4.0 (compatible; MSIE 8.0; Win32)"
"IE5_UA_Backup_Flag"="5.0"
"NoNetAutodial"=dword:00000000
"MigrateProxy"=dword:00000001
"EmailName"="IEUser@"
"AutoConfigProxy"="wininet.dll"
"MimeExclusionListForCache"="multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "
"WarnOnPost"=hex:01,00,00,00
"UseSchannelDirectly"=hex:01,00,00,00
"EnableHttp1_1"=dword:00000001
"PrivacyAdvanced"=dword:00000000
"EnableNegotiate"=dword:00000001
"ProxyEnable"=dword:00000000
"WarnOnZoneCrossing"=dword:00000000
"PrivDiscUiShown"=dword:00000001
"GlobalUserOffline"=dword:00000000
"EnableAutodial"=dword:00000000
"ProxyOverride"="<local>"
"UrlEncoding"=dword:00000000
"SecureProtocols"=dword:000000a0
"ZonesSecurityUpgrade"=hex:14,fc,99,74,14,f9,cc,01
"DisableCachingOfSSLPages"=dword:00000000
"CertificateRevocation"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache]
"Signature"="Client UrlCache MMF Ver 5.2"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content]
"CachePrefix"=""
"CacheLimit"=dword:00e8e035

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies]
"CachePrefix"="Cookie:"
"CacheLimit"=dword:00002000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\DOMStore]
"CachePath"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
4c,00,45,00,25,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,20,00,53,00,65,00,74,\
00,74,00,69,00,6e,00,67,00,73,00,5c,00,41,00,70,00,70,00,6c,00,69,00,63,00,\
61,00,74,00,69,00,6f,00,6e,00,20,00,44,00,61,00,74,00,61,00,5c,00,4d,00,69,\
00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,49,00,6e,00,74,00,65,00,\
72,00,6e,00,65,00,74,00,20,00,45,00,78,00,70,00,6c,00,6f,00,72,00,65,00,72,\
00,5c,00,44,00,4f,00,4d,00,53,00,74,00,6f,00,72,00,65,00,00,00
"CachePrefix"="DOMStore"
"CacheLimit"=dword:000003e8
"CacheOptions"=dword:00000008
"CacheRepair"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\feedplat]
"CachePath"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
4c,00,45,00,25,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,20,00,53,00,65,00,74,\
00,74,00,69,00,6e,00,67,00,73,00,5c,00,41,00,70,00,70,00,6c,00,69,00,63,00,\
61,00,74,00,69,00,6f,00,6e,00,20,00,44,00,61,00,74,00,61,00,5c,00,4d,00,69,\
00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,46,00,65,00,65,00,64,00,\
73,00,20,00,43,00,61,00,63,00,68,00,65,00,00,00
"CachePrefix"="feedplat:"
"CacheLimit"=dword:00002000
"CacheOptions"=dword:00000000
"CacheRepair"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\ietld]
"CachePath"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
4c,00,45,00,25,00,5c,00,49,00,45,00,54,00,6c,00,64,00,43,00,61,00,63,00,68,\
00,65,00,00,00
"CachePrefix"="ietld:"
"CacheLimit"=dword:00002000
"CacheOptions"=dword:00000009
"CacheRepair"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013082620130902]
"CachePath"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
4c,00,45,00,25,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,20,00,53,00,65,00,74,\
00,74,00,69,00,6e,00,67,00,73,00,5c,00,48,00,69,00,73,00,74,00,6f,00,72,00,\
69,00,71,00,75,00,65,00,5c,00,48,00,69,00,73,00,74,00,6f,00,72,00,79,00,2e,\
00,49,00,45,00,35,00,5c,00,4d,00,53,00,48,00,69,00,73,00,74,00,30,00,31,00,\
32,00,30,00,31,00,33,00,30,00,38,00,32,00,36,00,32,00,30,00,31,00,33,00,30,\
00,39,00,30,00,32,00,00,00
"CachePrefix"=":2013082620130902: "
"CacheLimit"=dword:00002000
"CacheOptions"=dword:0000000b
"CacheRepair"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013090220130909]
"CachePath"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
4c,00,45,00,25,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,20,00,53,00,65,00,74,\
00,74,00,69,00,6e,00,67,00,73,00,5c,00,48,00,69,00,73,00,74,00,6f,00,72,00,\
69,00,71,00,75,00,65,00,5c,00,48,00,69,00,73,00,74,00,6f,00,72,00,79,00,2e,\
00,49,00,45,00,35,00,5c,00,4d,00,53,00,48,00,69,00,73,00,74,00,30,00,31,00,\
32,00,30,00,31,00,33,00,30,00,39,00,30,00,32,00,32,00,30,00,31,00,33,00,30,\
00,39,00,30,00,39,00,00,00
"CachePrefix"=":2013090220130909: "
"CacheLimit"=dword:00002000
"CacheOptions"=dword:0000000b
"CacheRepair"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013090920130910]
"CachePath"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
4c,00,45,00,25,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,20,00,53,00,65,00,74,\
00,74,00,69,00,6e,00,67,00,73,00,5c,00,48,00,69,00,73,00,74,00,6f,00,72,00,\
69,00,71,00,75,00,65,00,5c,00,48,00,69,00,73,00,74,00,6f,00,72,00,79,00,2e,\
00,49,00,45,00,35,00,5c,00,4d,00,53,00,48,00,69,00,73,00,74,00,30,00,31,00,\
32,00,30,00,31,00,33,00,30,00,39,00,30,00,39,00,32,00,30,00,31,00,33,00,30,\
00,39,00,31,00,30,00,00,00
"CachePrefix"=":2013090920130910: "
"CacheLimit"=dword:00002000
"CacheOptions"=dword:0000000b
"CacheRepair"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013091020130911]
"CachePath"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
4c,00,45,00,25,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,20,00,53,00,65,00,74,\
00,74,00,69,00,6e,00,67,00,73,00,5c,00,48,00,69,00,73,00,74,00,6f,00,72,00,\
69,00,71,00,75,00,65,00,5c,00,48,00,69,00,73,00,74,00,6f,00,72,00,79,00,2e,\
00,49,00,45,00,35,00,5c,00,4d,00,53,00,48,00,69,00,73,00,74,00,30,00,31,00,\
32,00,30,00,31,00,33,00,30,00,39,00,31,00,30,00,32,00,30,00,31,00,33,00,30,\
00,39,00,31,00,31,00,00,00
"CachePrefix"=":2013091020130911: "
"CacheLimit"=dword:00002000
"CacheOptions"=dword:0000000b
"CacheRepair"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013091120130912]
"CachePath"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
4c,00,45,00,25,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,20,00,53,00,65,00,74,\
00,74,00,69,00,6e,00,67,00,73,00,5c,00,48,00,69,00,73,00,74,00,6f,00,72,00,\
69,00,71,00,75,00,65,00,5c,00,48,00,69,00,73,00,74,00,6f,00,72,00,79,00,2e,\
00,49,00,45,00,35,00,5c,00,4d,00,53,00,48,00,69,00,73,00,74,00,30,00,31,00,\
32,00,30,00,31,00,33,00,30,00,39,00,31,00,31,00,32,00,30,00,31,00,33,00,30,\
00,39,00,31,00,32,00,00,00
"CachePrefix"=":2013091120130912: "
"CacheLimit"=dword:00002000
"CacheOptions"=dword:0000000b
"CacheRepair"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013091220130913]
"CachePath"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
4c,00,45,00,25,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,20,00,53,00,65,00,74,\
00,74,00,69,00,6e,00,67,00,73,00,5c,00,48,00,69,00,73,00,74,00,6f,00,72,00,\
69,00,71,00,75,00,65,00,5c,00,48,00,69,00,73,00,74,00,6f,00,72,00,79,00,2e,\
00,49,00,45,00,35,00,5c,00,4d,00,53,00,48,00,69,00,73,00,74,00,30,00,31,00,\
32,00,30,00,31,00,33,00,30,00,39,00,31,00,32,00,32,00,30,00,31,00,33,00,30,\
00,39,00,31,00,33,00,00,00
"CachePrefix"=":2013091220130913: "
"CacheLimit"=dword:00002000
"CacheOptions"=dword:0000000b
"CacheRepair"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013091320130914]
"CachePath"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
4c,00,45,00,25,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,20,00,53,00,65,00,74,\
00,74,00,69,00,6e,00,67,00,73,00,5c,00,48,00,69,00,73,00,74,00,6f,00,72,00,\
69,00,71,00,75,00,65,00,5c,00,48,00,69,00,73,00,74,00,6f,00,72,00,79,00,2e,\
00,49,00,45,00,35,00,5c,00,4d,00,53,00,48,00,69,00,73,00,74,00,30,00,31,00,\
32,00,30,00,31,00,33,00,30,00,39,00,31,00,33,00,32,00,30,00,31,00,33,00,30,\
00,39,00,31,00,34,00,00,00
"CachePrefix"=":2013091320130914: "
"CacheLimit"=dword:00002000
"CacheOptions"=dword:0000000b
"CacheRepair"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013091420130915]
"CachePath"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
4c,00,45,00,25,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,20,00,53,00,65,00,74,\
00,74,00,69,00,6e,00,67,00,73,00,5c,00,48,00,69,00,73,00,74,00,6f,00,72,00,\
69,00,71,00,75,00,65,00,5c,00,48,00,69,00,73,00,74,00,6f,00,72,00,79,00,2e,\
00,49,00,45,00,35,00,5c,00,4d,00,53,00,48,00,69,00,73,00,74,00,30,00,31,00,\
32,00,30,00,31,00,33,00,30,00,39,00,31,00,34,00,32,00,30,00,31,00,33,00,30,\
00,39,00,31,00,35,00,00,00
"CachePrefix"=":2013091420130915: "
"CacheLimit"=dword:00002000
"CacheOptions"=dword:0000000b
"CacheRepair"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\PrivacIE:]
"CachePath"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
4c,00,45,00,25,00,5c,00,50,00,72,00,69,00,76,00,61,00,63,00,49,00,45,00,00,\
00
"CachePrefix"="PrivacIE:"
"CacheLimit"=dword:00000400
"CacheOptions"=dword:00000009
"CacheRepair"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\UserData]
"CachePath"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
4c,00,45,00,25,00,5c,00,55,00,73,00,65,00,72,00,44,00,61,00,74,00,61,00,00,\
00
"CachePrefix"="UserData"
"CacheLimit"=dword:000003e8
"CacheOptions"=dword:00000008
"CacheRepair"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History]
"CachePrefix"="Visited:"
"CacheLimit"=dword:00002000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache]
"Persistent"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Content]
"CacheLimit"=dword:00e8e035

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Cookies]
"CacheLimit"=dword:00002000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\History]
"CacheLimit"=dword:00002000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections]
"DefaultConnectionSettings"=hex:46,00,00,00,6f,04,00,00,01,00,00,00,00,00,00,\
00,07,00,00,00,3c,6c,6f,63,61,6c,3e,00,00,00,00,00,00,00,00,00,00,00,00,90,\
db,35,fd,dc,d4,cb,01,01,00,00,00,c0,a8,01,2d,00,00,00,00,00,00,00,00,00,00,\
00,00
"SavedLegacySettings"=hex:46,00,00,00,e2,32,00,00,01,00,00,00,00,00,00,00,07,\
00,00,00,3c,6c,6f,63,61,6c,3e,00,00,00,00,00,00,00,00,00,00,00,00,90,db,35,\
fd,dc,d4,cb,01,01,00,00,00,c0,a8,01,2d,00,00,00,00,00,00,00,00,00,00,00,00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0]
@=""
"DisplayName"="My Computer"
"Description"="Your computer"
"Icon"="explorer.exe#0100"
"CurrentLevel"=dword:00000000
"Flags"=dword:00000021
"1001"=dword:00000000
"1004"=dword:00000003
"1200"=dword:00000003
"1201"=dword:00000003
"1206"=dword:00000000
"1400"=dword:00000001
"1402"=dword:00000000
"1405"=dword:00000000
"1406"=dword:00000000
"1407"=dword:00000000
"1601"=dword:00000000
"1604"=dword:00000000
"1605"=dword:00000000
"1606"=dword:00000000
"1607"=dword:00000000
"1608"=dword:00000000
"1609"=dword:00000001
"1800"=dword:00000000
"1802"=dword:00000000
"1803"=dword:00000000
"1804"=dword:00000000
"1805"=dword:00000000
"1806"=dword:00000000
"1807"=dword:00000000
"1808"=dword:00000000
"1809"=dword:00000003
"1A00"=dword:00000000
"1A02"=dword:00000000
"1A03"=dword:00000000
"1A04"=dword:00000003
"1A05"=dword:00000000
"1A06"=dword:00000000
"1A10"=dword:00000000
"1C00"=dword:00000000
"1E05"=dword:00030000
"2000"=dword:00010000
"2100"=dword:00000003
"2101"=dword:00000003
"2102"=dword:00000003
"2200"=dword:00000003
"2201"=dword:00000003
"1207"=dword:00000003
"180D"=dword:00000000
"PMDisplayName"="My Computer [Protected Mode]"
"LowIcon"="inetcpl.cpl#005422"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1]
@=""
"DisplayName"="Local intranet"
"Description"="This zone contains all Web sites that are on your organization's intranet."
"Icon"="shell32.dll#0018"
"CurrentLevel"=dword:00000000
"Flags"=dword:00000143
"1001"=dword:00000001
"1004"=dword:00000003
"1200"=dword:00000003
"1201"=dword:00000003
"1206"=dword:00000000
"1400"=dword:00000001
"1402"=dword:00000000
"1405"=dword:00000000
"1406"=dword:00000001
"1407"=dword:00000000
"1601"=dword:00000000
"1604"=dword:00000000
"1605"=dword:00000000
"1606"=dword:00000000
"1607"=dword:00000000
"1608"=dword:00000000
"1609"=dword:00000001
"1800"=dword:00000001
"1802"=dword:00000000
"1803"=dword:00000000
"1804"=dword:00000001
"1805"=dword:00000000
"1806"=dword:00000000
"1807"=dword:00000000
"1808"=dword:00000000
"1809"=dword:00000003
"1A00"=dword:00020000
"1A02"=dword:00000000
"1A03"=dword:00000000
"1A04"=dword:00000003
"1A05"=dword:00000000
"1A06"=dword:00000000
"1A10"=dword:00000000
"1C00"=dword:00000000
"1E05"=dword:00030000
"2000"=dword:00010000
"2100"=dword:00000003
"2101"=dword:00000003
"2102"=dword:00000003
"2200"=dword:00000003
"2201"=dword:00000003
"1207"=dword:00000003
"180D"=dword:00000000
"PMDisplayName"="Local intranet [Protected Mode]"
"LowIcon"="inetcpl.cpl#005423"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2]
@=""
"DisplayName"="Trusted sites"
"Description"="This zone contains Web sites that you trust not to damage your computer or data."
"Icon"="inetcpl.cpl#00004480"
"CurrentLevel"=dword:00000000
"Flags"=dword:00000021
"1001"=dword:00000000
"1004"=dword:00000003
"1200"=dword:00000003
"1201"=dword:00000003
"1206"=dword:00000000
"1400"=dword:00000001
"1402"=dword:00000000
"1405"=dword:00000000
"1406"=dword:00000000
"1407"=dword:00000000
"1601"=dword:00000000
"1604"=dword:00000000
"1605"=dword:00000000
"1606"=dword:00000000
"1607"=dword:00000000
"1608"=dword:00000000
"1609"=dword:00000001
"1800"=dword:00000000
"1802"=dword:00000000
"1803"=dword:00000000
"1804"=dword:00000000
"1805"=dword:00000000
"1806"=dword:00000000
"1807"=dword:00000000
"1808"=dword:00000000
"1809"=dword:00000003
"1A00"=dword:00000000
"1A02"=dword:00000000
"1A03"=dword:00000000
"1A04"=dword:00000003
"1A05"=dword:00000000
"1A06"=dword:00000000
"1A10"=dword:00000000
"1C00"=dword:00000000
"1E05"=dword:00030000
"2000"=dword:00010000
"2100"=dword:00000003
"2101"=dword:00000003
"2102"=dword:00000003
"2200"=dword:00000003
"2201"=dword:00000003
"1207"=dword:00000003
"180D"=dword:00000000
"PMDisplayName"="Trusted sites [Protected Mode]"
"LowIcon"="inetcpl.cpl#005424"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3]
@=""
"DisplayName"="Internet"
"Description"="This zone contains all Web sites you haven't placed in other zones"
"Icon"="inetcpl.cpl#001313"
"CurrentLevel"=dword:00000000
"Flags"=dword:00000021
"1001"=dword:00000001
"1004"=dword:00000003
"1200"=dword:00000003
"1201"=dword:00000003
"1206"=dword:00000003
"1400"=dword:00000001
"1402"=dword:00000000
"1405"=dword:00000000
"1406"=dword:00000003
"1407"=dword:00000000
"1601"=dword:00000001
"1604"=dword:00000000
"1605"=dword:00000000
"1606"=dword:00000000
"1607"=dword:00000000
"1608"=dword:00000000
"1609"=dword:00000001
"1800"=dword:00000001
"1802"=dword:00000000
"1803"=dword:00000000
"1804"=dword:00000001
"1805"=dword:00000001
"1806"=dword:00000001
"1807"=dword:00000001
"1808"=dword:00000000
"1809"=dword:00000000
"1A00"=dword:00020000
"1A02"=dword:00000000
"1A03"=dword:00000000
"1A04"=dword:00000003
"1A05"=dword:00000001
"1A06"=dword:00000000
"1A10"=dword:00000001
"1C00"=dword:00000000
"1E05"=dword:00030000
"2000"=dword:00010000
"2100"=dword:00000003
"2101"=dword:00000003
"2102"=dword:00000003
"2200"=dword:00000003
"2201"=dword:00000003
"1207"=dword:00000003
"180D"=dword:00000001
"PMDisplayName"="Internet [Protected Mode]"
"LowIcon"="inetcpl.cpl#005425"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4]
@=""
"DisplayName"="Restricted sites"
"Description"="This zone contains Web sites that could potentially damage your computer or data."
"Icon"="inetcpl.cpl#00004481"
"CurrentLevel"=dword:00000000
"Flags"=dword:00000021
"1001"=dword:00000003
"1004"=dword:00000003
"1200"=dword:00000003
"1201"=dword:00000003
"1206"=dword:00000003
"1400"=dword:00000003
"1402"=dword:00000003
"1405"=dword:00000003
"1406"=dword:00000003
"1407"=dword:00000003
"1601"=dword:00000001
"1604"=dword:00000001
"1605"=dword:00000000
"1606"=dword:00000003
"1607"=dword:00000003
"1608"=dword:00000003
"1609"=dword:00000001
"1800"=dword:00000003
"1802"=dword:00000001
"1803"=dword:00000003
"1804"=dword:00000003
"1805"=dword:00000001
"1806"=dword:00000003
"1807"=dword:00000001
"1808"=dword:00000000
"1809"=dword:00000000
"1A00"=dword:00010000
"1A02"=dword:00000003
"1A03"=dword:00000003
"1A04"=dword:00000003
"1A05"=dword:00000003
"1A06"=dword:00000003
"1A10"=dword:00000003
"1C00"=dword:00000000
"1E05"=dword:00030000
"2000"=dword:00000003
"2100"=dword:00000003
"2101"=dword:00000003
"2102"=dword:00000003
"2200"=dword:00000003
"2201"=dword:00000003
"1207"=dword:00000003
"180B"=dword:00000003
"180D"=dword:00000001
"PMDisplayName"="Restricted sites [Protected Mode]"
"LowIcon"="inetcpl.cpl#005426"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Passport]
@=""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Passport\DAMap]
@=""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]
@=""
"ProxyByPass"=dword:00000001
"IntranetName"=dword:00000001
"UNCAsIntranet"=dword:00000001
"AutoDetect"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
@=""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\microsoft.com]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\microsoft.com\*.update]
"http"=dword:00000002
"https"=dword:00000002

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults]
@=""
"http"=dword:00000003
"https"=dword:00000003
"ftp"=dword:00000003
"file"=dword:00000003
"@ivt"=dword:00000001
"shell"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges]
@=""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones]
@=""
"SelfHealCount"=dword:00000001
"SecuritySafe"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]
@=""
"DisplayName"="My Computer"
"Description"="Your computer"
"Icon"="explorer.exe#0100"
"CurrentLevel"=dword:00000000
"Flags"=dword:00000021
"1001"=dword:00000000
"1004"=dword:00000000
"1200"=dword:00000000
"1201"=dword:00000001
"1206"=dword:00000000
"1400"=dword:00000000
"1402"=dword:00000000
"1405"=dword:00000000
"1406"=dword:00000000
"1407"=dword:00000000
"1601"=dword:00000000
"1604"=dword:00000000
"1605"=dword:00000000
"1606"=dword:00000000
"1607"=dword:00000000
"1608"=dword:00000000
"1609"=dword:00000001
"1800"=dword:00000000
"1802"=dword:00000000
"1803"=dword:00000000
"1804"=dword:00000000
"1805"=dword:00000000
"1806"=dword:00000000
"1807"=dword:00000000
"1808"=dword:00000000
"1809"=dword:00000003
"1A00"=dword:00000000
"1A02"=dword:00000000
"1A03"=dword:00000000
"1A04"=dword:00000000
"1A05"=dword:00000000
"1A06"=dword:00000000
"1A10"=dword:00000000
"1C00"=dword:00020000
"1E05"=dword:00030000
"2100"=dword:00000000
"2101"=dword:00000003
"2102"=dword:00000000
"2200"=dword:00000000
"2201"=dword:00000000
"2300"=dword:00000001
"2000"=dword:00000000
"1207"=dword:00000000
"180D"=dword:00000000
"2001"=dword:00000003
"2004"=dword:00000003
"PMDisplayName"="My Computer [Protected Mode]"
"LowIcon"="inetcpl.cpl#005422"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1]
@=""
"DisplayName"="Intranet local"
"Description"="Cette zone contient les sites Web situés sur l'intranet de votre société."
"Icon"="shell32.dll#0018"
"CurrentLevel"=dword:00000000
"MinLevel"=dword:00010000
"RecommendedLevel"=dword:00010500
"Flags"=dword:000001db
"1001"=dword:00000001
"1004"=dword:00000003
"1200"=dword:00000000
"1201"=dword:00000003
"1206"=dword:00000000
"1400"=dword:00000000
"1402"=dword:00000000
"1405"=dword:00000000
"1406"=dword:00000001
"1407"=dword:00000000
"1601"=dword:00000000
"1604"=dword:00000000
"1605"=dword:00000000
"1606"=dword:00000000
"1607"=dword:00000000
"1608"=dword:00000000
"1609"=dword:00000001
"1800"=dword:00000001
"1802"=dword:00000000
"1803"=dword:00000000
"1804"=dword:00000001
"1805"=dword:00000000
"1806"=dword:00000000
"1807"=dword:00000000
"1808"=dword:00000000
"1809"=dword:00000003
"1A00"=dword:00020000
"1A02"=dword:00000000
"1A03"=dword:00000000
"1A04"=dword:00000000
"1A05"=dword:00000000
"1A06"=dword:00000000
"1A10"=dword:00000000
"1C00"=dword:00020000
"1E05"=dword:00020000
"2100"=dword:00000000
"2101"=dword:00000000
"2102"=dword:00000000
"2200"=dword:00000000
"2201"=dword:00000000
"2300"=dword:00000001
"2000"=dword:00000000
"1207"=dword:00000000
"180D"=dword:00000000
"2004"=dword:00000000
"2001"=dword:00000000
"PMDisplayName"="Local intranet [Protected Mode]"
"LowIcon"="inetcpl.cpl#005423"
"2500"=dword:00000003

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2]
@=""
"DisplayName"="Trusted sites"
"Description"="This zone contains Web sites that you trust not to damage your computer or data."
"Icon"="inetcpl.cpl#00004480"
"CurrentLevel"=dword:00000000
"MinLevel"=dword:00010000
"RecommendedLevel"=dword:00010000
"Flags"=dword:00000047
"1001"=dword:00000001
"1004"=dword:00000003
"1200"=dword:00000000
"1201"=dword:00000003
"1206"=dword:00000003
"1400"=dword:00000000
"1402"=dword:00000000
"1405"=dword:00000000
"1406"=dword:00000003
"1407"=dword:00000001
"1601"=dword:00000000
"1604"=dword:00000000
"1605"=dword:00000000
"1606"=dword:00000000
"1607"=dword:00000003
"1608"=dword:00000000
"1609"=dword:00000001
"1800"=dword:00000001
"1802"=dword:00000000
"1803"=dword:00000000
"1804"=dword:00000001
"1805"=dword:00000000
"1806"=dword:00000000
"1807"=dword:00000000
"1808"=dword:00000000
"1809"=dword:00000000
"1A00"=dword:00020000
"1A02"=dword:00000000
"1A03"=dword:00000000
"1A04"=dword:00000003
"1A05"=dword:00000001
"1A06"=dword:00000000
"1A10"=dword:00000000
"1C00"=dword:00010000
"1E05"=dword:00020000
"2100"=dword:00000000
"2101"=dword:00000001
"2102"=dword:00000003
"2200"=dword:00000003
"2201"=dword:00000003
"2300"=dword:00000001
"2000"=dword:00000000
"1207"=dword:00000000
"180D"=dword:00000000
"2004"=dword:00000000
"2001"=dword:00000000
"PMDisplayName"="Trusted sites [Protected Mode]"
"LowIcon"="inetcpl.cpl#005424"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]
@=""
"DisplayName"="Internet"
"Description"="This zone contains all Web sites you haven't placed in other zones"
"Icon"="inetcpl.cpl#001313"
"CurrentLevel"=dword:00011500
"MinLevel"=dword:00011000
"RecommendedLevel"=dword:00011000
"Flags"=dword:00000001
"1001"=dword:00000001
"1004"=dword:00000003
"1200"=dword:00000000
"1201"=dword:00000003
"1206"=dword:00000003
"1400"=dword:00000000
"1402"=dword:00000000
"1405"=dword:00000000
"1406"=dword:00000003
"1407"=dword:00000001
"1601"=dword:00000000
"1604"=dword:00000000
"1605"=dword:00000000
"1606"=dword:00000000
"1607"=dword:00000003
"1608"=dword:00000000
"1609"=dword:00000000
"1800"=dword:00000001
"1802"=dword:00000000
"1803"=dword:00000000
"1804"=dword:00000001
"1805"=dword:00000001
"1806"=dword:00000001
"1807"=dword:00000001
"1808"=dword:00000000
"1809"=dword:00000000
"1A00"=dword:00020000
"1A02"=dword:00000000
"1A03"=dword:00000000
"1A04"=dword:00000003
"1A05"=dword:00000001
"1A06"=dword:00000000
"1A10"=dword:00000001
"1C00"=dword:00010000
"1E05"=dword:00020000
"2100"=dword:00000000
"2101"=dword:00000000
"2102"=dword:00000003
"2200"=dword:00000003
"2201"=dword:00000003
"2300"=dword:00000001
"2000"=dword:00000000
"{AEBA21FA-782A-4A90-978D-B72164C80120}"=hex:1a,37,61,59,23,52,35,0c,7a,5f,20,\
17,2f,1e,1a,19,0e,2b,01,73,1e,28,1a,04,1b,0c,3b,c2,21,27,53,0d,36,05,2c,05,\
04,3d,4f,3a,4a,44,33,3a,0a,06,12,68,53,7c,20,13,35,5d,4c,10,27,01,56,7a,2d,\
3f,38,4f,79,0f,16,26,75,53,1c,31,00,56,7a,3e,32,24,4f,79,1b,00,33,71,4d,23,\
32,29,7c,6a,35,31,34,40,72,3b,01,2e,5d,4c,2a,07,15,48,72,38,12,00,56,7a,3e,\
16,3c,71,4d,24,33,35,7c,72,35,0e,3c,1a,41,44,19,0f,31,3a,56,7a,2e,3e,31,0c,\
7c,6a,10,27,0c,05,5d,4c,39,19,12,15,61,54,2e,00,33,32,40,52,03,25,1f,05,5d,\
4c,2c,0c,0a,15,61,54,1a,26,1f,05,5d,4c,10,21,1d,1b,71,4d,3b,24,3a,21,6d,72,\
24,16,3c,32,40,72,21,0f,3a,1a,41,44,1b,1e,01,01,71,4d,32,23,30,27,6d,4d,1f,\
28,10,3c,56,7a,2f,2e,32,16,7c,6a,3a,12,3b,28,75,53,0b,3f,12,01,71,4d,23,32,\
29,27,75,53,12,30,32,1e,4f,79,12,38,17,01,71,4d,30,3e,37,27,6d,72,38,12,3f,\
04,41,44,0a,0e,32,28,49,5f,1c,24,0b,1b,36,21,41,7b,5b,24,39,31,7c,6a,2b,0e,\
25,75,53,1a,2e,26,41,72,34,16,26,71,4d,30,30,3a,7c,6a,07,33,1a,56,7a,3a,00,\
33,71,4d,23,32,29,7c,6a,1a,26,1a,40,52,24,3f,1a,6d,4d,1c,22,28,75,53,13,25,\
20,41,44,0a,0e,32,75,53,08,07,20,71,4d,10,27,0d,05,5d,4c,24,1a,1e,1b,71,4d,\
3f,20,3f,21,6d,4d,10,27,0c,05,5d,4c,39,19,12,3a,56,7a,3a,20,2c,0c,7c,6a,3e,\
0c,37,07,75,53,12,30,32,3a,56,7a,25,2d,23,0c,7c,6a,2b,08,21,3a,56,7a,22,3a,\
32,3a,56,72,24,1e,26,1a,41,44,07,1f,03,1b,75,53,1c,31,01,01,71,4d,32,23,30,\
27,6d,72,34,1e,30,04,41,44,1b,1e,3b,28,49,5f,07,33,12,1b,5d,4c,35,0b,0a,1f,\
75,53,0b,00,34,28,40,72,3b,01,2d,04,41,44,01,05,34,28,40,52,22,36,04,34,48,\
72,38,12,3f,04,41,44,0a,0e,1f,01,71,4d,24,33,35,27,06,1c,68,53,49,14,21,01,\
40,52,10,27,0d,40,52,2c,29,05,6d,4d,1f,28,05,56,7a,2f,2e,32,75,53,07,33,12,\
40,52,3f,3a,19,6d,72,20,00,34,71,4d,1a,26,1a,40,52,24,3f,1a,6d,72,35,08,38,\
5d,4c,2d,01,18,48,7a,27,23,1f,56,7a,3b,2f,3f,4f,79,08,39,01,1b,71,72,33,1f,\
39,3a,56,7a,2e,3e,31,0c,7c,72,35,0e,3f,1a,41,44,0a,0a,35,3a,56,7a,3a,20,2c,\
0c,7c,6a,03,25,1f,05,5d,4c,2c,0c,0a,15,61,54,27,05,34,32,40,52,10,21,09,05,\
5d,4c,2d,01,18,15,61,54,07,37,17,05,5d,4c,1c,24,03,1b,71,4d,30,30,3b,27,6d,\
72,33,17,3f,28,40,72,34,1e,30,04,41,44,1b,1e,00,01,71,4d,2f,2c,2c,27,6d,4d,\
0b,26,3f,3c,56,7a,3a,20,23,16,7c,6a,35,05,33,28,75,53,12,30,17,01,71,4d,30,\
3e,37,27,75,53,13,25,20,1e,4f,79,1f,29,1f,01,71,4d,24,33,35,27,06,21,41,7b,\
5b,3d,24,37,7c,6a,2b,0e,25,40,72,33,1f,39,5d,72,34,1e,30,5d,4c,2a,0d,18,48,\
7a,27,12,3b,71,4d,23,32,12,56,72,20,0c,2e,5d,4c,2c,0c,0a,75,53,1a,26,1f,40,\
72,35,08,38,5d,4c,2d,01,18,75,53,0f,21,27,41,44,07,1f,3e,61,54,3d,06,22,32,\
40,52,2c,29,05,32,48,72,34,1e,05,1b,71,4d,10,27,0c,05,5d,4c,39,19,1a,1b,71,\
4d,23,32,24,21,6d,4d,03,25,1f,05,5d,4c,2c,0c,0a,3a,56,7a,25,2d,23,0c,7c,6a,\
2b,08,21,07,75,53,13,25,20,3a,56,7a,3e,3e,3b,0c,7c,6a,3f,0f,23,3a,56,7a,2f,\
2e,3d,3c,56,72,33,1f,39,04,41,44,1a,0e,05,01,75,53,1c,31,00,01,71,4d,2f,2c,\
2c,27,6d,72,20,0c,2d,04,41,44,06,18,2a,28,49,5f,1a,26,1a,1b,5d,4c,2c,0c,0f,\
1f,75,53,1c,1c,3e,28,40,72,38,12,3f,04,41,44,0a,16,3c,28,40,52,3e,39,06,34,\
21,21,41,7b,5b,23,27,3c,7c,6a,17,37,17,40,52,32,24,05,6d,4d,0e,21,2c,75,53,\
0b,31,31,75,53,08,3e,21,41,44,07,1e,3c,61,54,17,37,17,05,5d,4c,00,33,1e,1b,\
71,4d,2e,39,3b,21,6d,72,20,06,32,32,40,72,21,0f,3c,1a,41,44,1a,0e,1f,01,71,\
4d,20,2c,30,27,6d,4d,0e,21,2c,3c,56,7a,3a,2e,2d,16,7c,6a,3f,07,22,28,6e,02,\
68,4a,7c,21,09,26,5d,4c,29,1d,1f,56,7a,3f,32,38,4f,79,1e,30,01,56,7a,3a,2e,\
2d,4f,79,14,07,22,71,4d,24,30,3b,7c,6a,2a,1e,2f,07,75,53,0c,2d,26,3a,56,7a,\
31,25,3d,0c,7c,6a,3e,0e,35,3a,56,7a,3b,2f,3d,3a,56,72,34,1e,26,04,41,44,0b,\
0a,1e,01,75,53,0e,38,01,01,71,4d,23,30,2b,27,6d,72,21,0f,3c,04,28,1b,67,6b,\
5f,00,22,10,75,53,1f,21,27,41,44,0b,0a,31,75,53,0e,1d,22,71,4d,03,27,1d,40,\
52,3e,39,08,75,53,08,31,21,41,44,1a,0e,32,3a,56,7a,3f,32,38,0c,7c,6a,06,3e,\
0d,05,5d,4c,35,0d,09,15,61,54,29,07,22,32,40,52,17,37,17,1b,5d,4c,3a,19,16,\
1f,61,54,06,3e,0d,1b,5d,4c,03,27,11,01,71,4d,24,33,3b,27,06,21,41,73,41,11,\
25,1d,56,7a,2e,3e,3b,4f,79,18,12,3f,71,4d,2e,39,3b,7c,6a,3e,0e,35,40,72,21,\
0f,3c,5d,4c,36,0d,19,48,72,34,1e,1f,1b,71,4d,00,33,16,05,5d,4c,38,04,01,1b,\
71,4d,23,30,2b,21,6d,4d,1c,24,0d,05,5d,4c,29,1d,17,3c,56,7a,3f,32,38,16,7c,\
6a,39,09,25,09,75,53,0b,31,31,3c,56,7a,3b,2f,3d,16,15,39,5f,7b,42,03,38,02,\
40,20,2c,1e,4f,37,41,7b,5b,23,27,3c,7c,14,07,22,6e,14,68,4a,7c,20,13,35,5d,\
30,37,08,06,37,41,7b,5b,23,27,3c,7c,1b,39,1d,30,02,7c,50,68,3a,3b,34,4f,1b,\
1e,3b,6e,14,68,73,41,0b,22,0a,56,12,30,32,28,09,67,73,41,0b,22,2a,41,2c,0c,\
0f,21,37,41,7b,5b,23,27,3c,7c,08,1c,3e,66,0e,44,4f,56,06,13,05,61,27,23,1f,\
4f,3f,5b,53,7c,20,13,35,5d,3e,39,06,06,0a,68,53,7c,21,09,26,5d,32,12,3f,6e,\
14,68,4a,44,3e,37,02,6d,1c,24,01,4f,3f,5b,73,41,08,38,27,41,38,04,19,6e,14,\
68,4a,44,3e,37,02,6d,3e,0e,35,3b,37,41,7b,5b,24,39,31,7c,08,39,00,4f,3f,7c,\
50,68,3b,1d,3c,71,25,2d,2c,20,3a,7c,50,68,3b,25,3b,4f,01,1d,2a,6e,14,68,4a,\
44,3e,37,02,6d,10,21,09,29,1f,5e,45,67,14,30,07,49,12,16,3c,66,0e,44,73,41,\
08,38,27,41,36,0a,1b,21,3f,42,73,41,10,3b,2d,41,00,33,1e,4f,3f,5b,53,5e,2e,\
07,1d,75,21,07,22,66,0e,7c,50,68,23,24,31,4f,0d,15,01,4f,3f,5b,53,5e,2e,07,\
1d,48,0b,18,3c,6e,14,68,4a,44,26,36,0c,6d,2b,06,25,66,37,41,7b,5b,14,21,01,\
40,3a,31,24,15,37,41,7b,5b,3c,3e,3f,7c,12,38,17,4f,3f,5b,53,5e,2e,07,1d,75,\
35,08,38,36,03,56,76,74,37,08,19,40,07,37,17,29,1f,7c,50,68,23,24,31,4f,07,\
1f,3e,16,17,7c,50,68,20,3a,39,75,25,12,3f,66,0e,44,4f,56,1c,12,1d,56,1c,24,\
0d,29,37,41,7b,5b,3d,24,37,7c,1e,1d,22,66,0e,44,4f,56,1c,12,30,61,23,13,11,\
4f,3f,5b,53,5e,2f,01,15,48,10,27,0c,6e,14,68,4a,7c,36,12,38,5d,24,3f,19,6e,\
14,68,4a,44,21,2c,04,6d,35,05,34,66,0e,44,4f,56,1c,12,1d,56,1c,3b,25,28,09,\
67,6b,5f,01,2c,28,75,24,1e,26,36,37,41,7b,5b,3d,24,37,7c,14,3a,0b,30,37,41,\
7b,5b,36,0c,7c
"{A8A88C49-5EB2-4990-A1A2-0876022C854F}"=hex:1a,37,61,59,23,52,35,0c,7a,5f,20,\
17,2f,1e,1a,19,0e,2b,01,73,1e,28,1a,04,1b,0c,3b,c2,21,2d,53,49,07,25,0f,29,\
01,7c,50,68,3a,3b,34,4f,79,08,39,0d,49,72,33,1f,39,5d,4c,17,37,05,56,7a,2f,\
2e,32,4f,79,1f,12,3b,75,53,0b,3f,12,56,7a,3a,20,23,4f,79,12,05,33,71,4d,3a,\
31,29,7c,6a,2b,08,21,40,72,38,12,3f,5d,4c,39,1d,17,48,72,21,0f,03,56,7a,2f,\
06,22,32,40,52,2c,29,05,3a,56,7a,2e,3e,31,0c,7c,6a,2b,06,25,32,40,52,33,24,\
01,32,75,53,0b,3f,32,04,4f,79,1b,3b,1f,0c,40,72,3b,01,2d,1a,75,53,12,30,3f,\
04,4f,79,08,3f,09,0c,75,53,13,25,20,04,75,53,07,37,17,05,5d,4c,36,0a,1b,3a,\
56,72,35,0e,3c,3c,56,7a,2d,3f,38,16,7c,6a,17,37,01,1b,5d,4c,2a,0d,18,1f,61,\
54,12,12,3b,28,40,52,3f,3a,19,34,48,72,20,0c,17,01,71,4d,1a,26,1a,1b,5d,4c,\
2c,0c,17,01,71,4d,30,3e,37,27,6d,4d,1b,3b,0c,1b,5d,4c,39,1d,17,3c,56,7a,3b,\
2f,3f,16,15,39,5f,7b,42,29,1d,3c,71,4d,30,06,22,71,4d,32,23,30,7c,6a,2a,1e,\
19,75,53,1c,31,20,41,72,24,12,3b,71,4d,23,32,24,7c,6a,03,25,17,56,7a,25,05,\
33,71,4d,3a,31,29,7c,6a,10,21,09,40,52,27,2c,0b,6d,4d,0f,28,2a,75,53,08,3e,\
23,41,44,1b,1e,3c,3a,56,7a,12,34,16,05,75,53,1f,21,2d,04,4f,79,10,27,0c,05,\
5d,4c,39,19,12,15,75,53,0b,3f,32,04,4f,79,1b,00,34,32,40,52,24,3f,19,32,48,\
7a,2c,10,17,1b,71,4d,30,1c,3e,32,40,52,27,2c,0b,32,48,7a,27,16,3c,32,40,52,\
3e,07,20,3a,56,7a,2f,2e,3d,16,7c,6a,12,34,1e,01,71,4d,17,37,01,1b,5d,4c,2a,\
0d,18,3c,56,7a,3e,32,24,16,7c,6a,3e,0c,34,09,75,53,0b,3f,3f,1e,4f,79,12,38,\
12,01,71,72,3b,01,2e,3c,56,7a,2f,24,39,16,7c,72,38,12,3f,04,41,44,0a,0e,32,\
3c,56,7a,3b,2f,3f,16,15,39,7c,50,68,23,24,31,4f,79,08,39,0d,49,5f,12,34,16,\
40,52,17,37,01,40,52,22,38,0b,6d,4d,0f,34,1a,56,7a,3a,20,2c,75,53,03,25,1f,\
40,52,24,3f,19,6d,72,3b,05,34,71,4d,10,21,09,40,52,27,2c,0b,6d,72,24,1e,26,\
5d,4c,36,0a,1b,48,7a,36,13,01,1b,71,4d,32,23,30,21,6d,4d,17,37,01,3a,56,7a,\
2f,06,25,32,40,52,33,24,01,3a,56,7a,3a,20,2c,0c,7c,6a,3e,00,34,32,40,52,24,\
3f,19,32,75,53,12,30,3f,04,4f,79,08,3f,09,0c,40,72,38,12,3f,1a,75,53,0f,21,\
27,04,4f,79,14,3a,0b,0c,75,53,1c,31,21,1e,75,53,12,34,16,1b,5d,4c,29,1d,1d,\
3c,56,72,35,0e,3f,3c,56,7a,3e,32,24,16,7c,6a,03,25,1a,1b,5d,4c,35,0b,0f,1f,\
61,54,27,05,33,28,40,52,24,3f,1a,34,48,72,35,08,1d,01,71,4d,1b,3b,0c,1b,5d,\
4c,39,1d,1f,01,71,4d,24,33,35,27,06,1c,7c,50,68,20,3a,39,4f,79,08,06,22,71,\
4d,32,23,30,7c,6a,2a,1e,19,40,72,35,0e,3f,5d,72,24,1a,25,5d,4c,35,0b,0a,48,\
7a,23,00,34,71,4d,3a,31,12,56,72,3b,01,2e,5d,4c,2a,07,15,75,53,1b,3b,0c,40,\
72,24,1e,26,5d,4c,36,0a,1b,75,53,1c,31,21,04,4f,79,0a,2a,06,0c,40,72,34,1e,\
30,1a,41,44,1b,1e,3b,3a,56,7a,07,33,12,05,75,53,0b,3f,32,04,4f,79,03,25,1f,\
05,5d,4c,2c,0c,0a,15,75,53,12,30,3f,04,4f,79,08,1c,3e,32,40,52,27,2c,0b,32,\
48,7a,27,23,1f,1b,71,4d,24,07,20,32,40,52,22,38,08,34,48,7a,34,17,3f,28,40,\
52,23,16,26,3c,56,7a,2f,2e,32,16,7c,6a,07,33,1a,01,71,4d,03,25,1a,1b,5d,4c,\
35,0b,0f,3c,56,7a,25,2d,2c,16,7c,6a,35,31,37,09,75,53,1c,3b,25,1e,4f,79,13,\
35,00,01,71,72,24,1e,26,3c,56,7a,3b,2f,3f,16,15,21,41,7b,5b,23,27,3c,7c,6a,\
2a,16,3c,71,4d,20,2c,30,7c,6a,06,3e,0d,40,52,3f,38,18,6d,4d,08,27,2c,75,53,\
08,31,21,75,53,1f,21,27,04,4f,79,18,2d,06,0c,75,53,0e,38,21,04,75,53,03,27,\
1d,05,5d,4c,36,0a,19,3a,56,72,34,1e,26,3c,56,7a,3f,32,38,16,7c,6a,06,3e,0d,\
1b,5d,4c,35,0d,09,1f,61,54,29,07,22,28,29,01,5e,45,67,14,30,1f,56,7a,17,37,\
17,40,72,25,1a,39,5d,4c,38,04,01,56,7a,3a,2e,2d,4f,79,14,3a,01,56,7a,3b,2e,\
3d,4f,79,0f,16,3c,32,40,52,32,24,05,32,48,7a,18,28,01,1b,71,4d,23,06,32,32,\
40,52,3e,39,08,32,48,7a,37,16,3c,28,40,52,32,12,3f,3c,56,7a,31,25,3d,16,7c,\
6a,03,27,11,01,71,4d,1c,24,0d,1b,36,1d,56,76,74,14,21,01,40,52,23,28,02,6d,\
4d,0c,34,2b,75,53,0e,38,21,41,44,06,1e,2c,75,53,08,07,22,71,4d,1c,27,0d,40,\
52,23,28,02,3a,56,7a,3f,32,38,0c,7c,6a,39,1d,22,32,40,52,3f,38,18,32,75,53,\
08,3e,21,04,4f,79,0f,29,07,02,40,72,25,1a,39,04,75,53,0e,38,21,1e,4f,79,1b,\
39,1d,02,75,53,08,3e,21,1e,6e,02,7c,50,68,20,3a,39,4f,79,0f,16,3c,75,53,0c,\
2d,1e,56,7a,31,25,3d,4f,79,1b,06,32,71,4d,24,33,3b,7c,6a,3f,0e,25,40,72,34,\
1e,26,1a,41,44,0b,0a,31,3a,56,7a,06,3e,0d,05,75,53,0b,31,31,04,4f,79,1c,24,\
0d,05,5d,4c,29,1d,17,1f,75,53,0c,2d,26,1e,4f,79,1e,1d,22,28,40,52,3f,38,18,\
34,48,7a,22,12,01,01,66,1c,44,73,41,0b,22,2a,41,3a,19,16,21,2d,42,73,41,0b,\
22,2a,41,1c,24,01,4f,2d,5b,53,5e,35,1e,22,75,27,1d,22,66,1c,7c,50,68,3a,3b,\
34,4f,06,1e,11,4f,2d,5b,53,5e,35,1e,22,48,1c,18,2d,6e,02,68,4a,44,3f,2d,31,\
6d,35,05,33,66,21,41,7b,5b,03,38,02,40,3a,31,29,15,21,41,7b,5b,23,27,3c,7c,\
08,3f,1d,4f,2d,5b,53,5e,35,1e,22,75,24,1e,26,36,1d,56,76,74,3e,03,1c,40,1c,\
24,0b,29,01,7c,50,68,3b,25,3b,4f,0b,0a,31,16,05,7c,50,68,3b,25,3b,75,21,07,\
22,66,1c,44,4f,56,07,15,1f,56,06,3e,0d,29,21,41,7b,5b,24,39,31,7c,1b,06,32,\
66,1c,44,4f,56,07,15,32,61,36,13,00,4f,2d,5b,53,5e,36,04,17,48,1a,26,1a,6e,\
02,68,4a,7c,21,09,26,5d,24,3f,1a,6e,02,68,4a,44,3e,37,02,6d,2b,1c,3e,66,1c,\
44,4f,56,07,15,1f,56,0f,21,27,28,1b,67,6b,5f,08,21,2a,75,21,0f,3a,36,21,41,\
7b,5b,3c,3e,3f,7c,18,2d,06,30,21,41,7b,5b,3c,3e,05,56,1c,24,0d,29,01,5e,45,\
67,0c,1c,26,75,27,09,3c,6e,02,68,4a,44,26,36,0c,6d,03,27,1d,29,01,5e,45,67,\
0c,3f,31,49,3d,06,25,66,1c,44,4f,56,1f,14,38,75,3b,01,12,4f,2d,5b,73,41,10,\
3b,2d,41,2c,0c,17,4f,2d,5b,53,5e,2e,07,1d,48,10,21,09,29,01,5e,45,67,0c,1c,\
26,71,3e,3e,3b,20,28,74,4e,68,2a,29,05,56,08,3e,23,6e,02,68,4a,44,21,2c,04,\
6d,3b,1a,20,6e,02,68,4a,44,21,1a,3e,75,21,0f,3c,36,1d,56,76,74,15,3b,1d,56,\
0e,38,01,4f,2d,5b,53,5e,2f,01,15,75,20,0e,2c,36,1d,56,76,74,28,02,21,40,10,\
27,0c,29,01,5e,45,67,0d,35,1d,56,12,05,33,66,1c,7c,50,68,20,3a,39,4f,01,05,\
34,66,1c,44,4f,56,1c,12,30,75,35,08,38,36,1d,56,76,74,15,3b,09,40,2f,20,31,\
15,39,5f,7b,42,20,1a,3e,71,3b,2f,03,4f,2d,5b,53,5e,20,39,74
"1207"=dword:00000003
"180D"=dword:00000001
"2004"=dword:00000000
"2001"=dword:00000000
"PMDisplayName"="Internet [Protected Mode]"
"LowIcon"="inetcpl.cpl#005425"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4]
@=""
"DisplayName"="Restricted sites"
"Description"="This zone contains Web sites that could potentially damage your computer or data."
"Icon"="inetcpl.cpl#00004481"
"CurrentLevel"=dword:00000000
"MinLevel"=dword:00012000
"RecommendedLevel"=dword:00012000
"Flags"=dword:00000003
"1001"=dword:00000003
"1004"=dword:00000003
"1200"=dword:00000003
"1201"=dword:00000003
"1206"=dword:00000003
"1400"=dword:00000003
"1402"=dword:00000003
"1405"=dword:00000003
"1406"=dword:00000003
"1407"=dword:00000003
"1601"=dword:00000001
"1604"=dword:00000001
"1605"=dword:00000000
"1606"=dword:00000003
"1607"=dword:00000003
"1608"=dword:00000003
"1609"=dword:00000001
"1800"=dword:00000003
"1802"=dword:00000001
"1803"=dword:00000003
"1804"=dword:00000003
"1805"=dword:00000001
"1806"=dword:00000003
"1807"=dword:00000001
"1808"=dword:00000000
"1809"=dword:00000000
"1A00"=dword:00010000
"1A02"=dword:00000003
"1A03"=dword:00000003
"1A04"=dword:00000003
"1A05"=dword:00000003
"1A06"=dword:00000003
"1A10"=dword:00000003
"1C00"=dword:00000000
"1E05"=dword:00010000
"2100"=dword:00000003
"2101"=dword:00000003
"2102"=dword:00000003
"2200"=dword:00000003
"2201"=dword:00000003
"2300"=dword:00000003
"2000"=dword:00000003
"{AEBA21FA-782A-4A90-978D-B72164C80120}"=hex:1a,37,61,59,23,52,35,0c,7a,5f,20,\
17,2f,1e,1a,19,0e,2b,01,73,13,37,13,12,14,1a,15,39
"{A8A88C49-5EB2-4990-A1A2-0876022C854F}"=hex:1a,37,61,59,23,52,35,0c,7a,5f,20,\
17,2f,1e,1a,19,0e,2b,01,73,13,37,13,12,14,1a,15,39
"1207"=dword:00000003
"180B"=dword:00000001
"180D"=dword:00000001
"2004"=dword:00000003
"2001"=dword:00000003
"PMDisplayName"="Restricted sites [Protected Mode]"
"LowIcon"="inetcpl.cpl#005426"

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"="McAfee Mss Plugin"
"Path"="C:\\Program Files\\McAfee Security Scan\\3.0.318\\npMcAfeeMss.dll"
"Product"="McAfee MSS"
"Vendor"="McAfee"
"Version"="1.0.0.0"

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
@="MSS+ Identifier"
"NoExplorer"=dword:00000001

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
@="MSS+ Identifier"

[HKEY_CLASSES_ROOT\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\InprocServer32]
@="C:\\Program Files\\McAfee Security Scan\\3.0.318\\McAfeeMSS_IE.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ProgId]
@="McAfeeMssBHO"

[HKEY_CLASSES_ROOT\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\TypeLib]
@="{CAE5E39D-46A2-4954-B96F-5075B0BE9836}"

[HKEY_CLASSES_ROOT\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\Version]
@="1.0"

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
@="MSS+ Identifier"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\InprocServer32]
@="C:\\Program Files\\McAfee Security Scan\\3.0.318\\McAfeeMSS_IE.dll"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ProgId]
@="McAfeeMssBHO"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\Programmable]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\TypeLib]
@="{CAE5E39D-46A2-4954-B96F-5075B0BE9836}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083
0
Réponse 28 / 51
fleur45490 Messages postés 30 Date d'inscription vendredi 13 septembre 2013 Statut Membre Dernière intervention 3 mai 2014
14 sept. 2013 à 13:06
j'espère que j'ai bien fait cette manipulation
0
Réponse 29 / 51
kingk06 Messages postés 10277 Date d'inscription mercredi 12 juin 2013 Statut Membre Dernière intervention 17 mars 2015 536
14 sept. 2013 à 13:15
c'est pas bon a refere ==>Lance <gras>ZHPFix (icône seringue) </gras>à partir du raccourci sur ton Bureau ! tuto ici http://www.forum-entraide-informatique.com/support/zhpfix-tutoriel-t4859.html

image => https://i75.servimg.com/u/f75/16/54/86/66/icanes11.jpg
0
Réponse 30 / 51
fleur45490 Messages postés 30 Date d'inscription vendredi 13 septembre 2013 Statut Membre Dernière intervention 3 mai 2014
14 sept. 2013 à 13:38
Rapport de ZHPFix 2013.9.11.6 par Nicolas Coolman, Update du 11/09/2013
Fichier d'export Registre :
Run by Admin at 14/09/2013 13:32:47
High Elevated Privileges : OK
Windows XP Home Edition Service Pack 3 (Build 2600)

Corbeille vidée

========== Eléments de donnée du Registre ==========
SUPPRIMÉ: R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy

========== Dossiers ==========
SUPPRIME Temporaires Windows

========== Fichiers ==========
SUPPRIMÉ Redémarrage: c:\windows\system32\drivers\aswvmm.sys
SUPPRIMÉ Redémarrage: c:\windows\system32\drivers\aswrvrt.sys
SUPPRIME Temporaires Windows

========== Restauration Système ==========
Point de restauration du système créé avec succès

========== Autre ==========
NON TRAITÉ McAfee Security Scan Plus v3.0.318.3


========== Récapitulatif ==========
1 : Eléments de donnée du Registre
1 : Dossiers
3 : Fichiers
1 : Restauration Système
1 : Autre


End of clean in 00mn 08s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 14/09/2013 11:37:56 [2458]
C:\ZHP\ZHPFix[R2].txt - 14/09/2013 13:32:51 [1098]
0
Réponse 31 / 51
fleur45490 Messages postés 30 Date d'inscription vendredi 13 septembre 2013 Statut Membre Dernière intervention 3 mai 2014
14 sept. 2013 à 13:42
je fais le copier mais je ne sais pas comment faire le copier dans le presse papier. où se trouve le presse papier svp ? merci
0
fleur45490 Messages postés 30 Date d'inscription vendredi 13 septembre 2013 Statut Membre Dernière intervention 3 mai 2014
14 sept. 2013 à 14:12
en fait j'ai fait copier coller
0
Réponse 32 / 51
fleur45490 Messages postés 30 Date d'inscription vendredi 13 septembre 2013 Statut Membre Dernière intervention 3 mai 2014
14 sept. 2013 à 13:46
Rapport de ZHPFix 2013.9.11.6 par Nicolas Coolman, Update du 11/09/2013
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-14-09-2013-13-45-33.txt
Run by Admin at 14/09/2013 13:44:23
High Elevated Privileges : OK
Windows XP Home Edition Service Pack 3 (Build 2600)

Corbeille vidée

========== Eléments de donnée du Registre ==========
SUPPRIMÉ: R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy

========== Dossiers ==========
SUPPRIME Temporaires Windows

========== Fichiers ==========
SUPPRIMÉ Redémarrage: c:\windows\system32\drivers\aswvmm.sys
SUPPRIMÉ Redémarrage: c:\windows\system32\drivers\aswrvrt.sys
SUPPRIME Temporaires Windows

========== Restauration Système ==========
Point de restauration du système créé avec succès

========== Autre ==========
NON TRAITÉ McAfee Security Scan Plus v3.0.318.3


========== Récapitulatif ==========
1 : Eléments de donnée du Registre
1 : Dossiers
3 : Fichiers
1 : Restauration Système
1 : Autre


End of clean in 00mn 05s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 14/09/2013 11:37:56 [2458]
C:\ZHP\ZHPFix[R2].txt - 14/09/2013 12:32:51 [1150]
C:\ZHP\ZHPFix[R3].txt - 14/09/2013 13:44:25 [1150]
0
Réponse 33 / 51
kingk06 Messages postés 10277 Date d'inscription mercredi 12 juin 2013 Statut Membre Dernière intervention 17 mars 2015 536
14 sept. 2013 à 14:17
en fait j'ai fait copier coller => oui
lis bien les instructions prenez votre temps !

==> Copies uniquement tu les lignes indiquées en gras ci-dessous dans le presse papier(tu surlignes avec la souris puis clic droit copier de Script ZHPFix jusqu'à la fin Emptytemp)


Script ZHPFix
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:56847
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline => Infection BT (Cram Toolbar.Adw)
O51 - MPSK:{2480fb8e-4045-11e0-805e-806d6172696f}\AutoRun\command. (...) -- D:\Bin\ASSETUP.exe (.not file.) => Infection USB (Trojan.USB)
O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline
O43 - CFD: 04/03/2011 - 14:18:37 - [0] ----D C:\Program Files\Spybot - Search & Destroy => Spybot - Search & Destroy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 => Internet Explorer Allows Proxy Settings Remotely
O43 - CFD: 04/03/2011 - 14:18:36 - [0,007] ----D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy => Spybot Search & Destroy
C:\WINDOWS\Prefetch\PLUS-HD-3.5-CODEDOWNLOADER.EX-27679EFA.pf
C:\WINDOWS\Prefetch\PLUS-HD-3.5-CHROMEINSTALLER.E-34C70B93.pf
C:\WINDOWS\Prefetch\PLUS-HD-3.5-ENABLER.EXE-0243AC48.pf
C:\WINDOWS\Prefetch\PLUS-HD-3.5-FIREFOXINSTALLER.-38A66CE8.pf
C:\WINDOWS\Prefetch\PLUS-HD-3.5-UPDATER.EXE-07CC2075.pf
McAfee Security Scan Plus v3.0.318.3
P2 - FPN: [HKLM] [@mcafee.com/McAfeeMssPlugin] - (.McAfee, Inc. - McAfee MSS+ NPAPI Plugin.) -- C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} . (.McAfee, Inc. - Quick Browser Identifier for MSS+ Tool.) -- C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [492]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\avast! Emergency Update.job [364]
O44 - LFC:[MD5.A5F637D61719D37A5B4868C385E363C0] - 30/08/2013 - 08:48:13 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys [177864]
O44 - LFC:[MD5.FA72FA503F580C3C628DD8C7D7622E37] - 30/08/2013 - 08:48:12 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswRvrt.sys [49376]
SysRestore
EmptyTemp





==>Lance ZHPFix (icône seringue) à partir du raccourci sur ton Bureau (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en tant qu'administrateur)
- Si tu ne l'as pas, télécharge le depuis ce lien: https://www.zebulon.fr/telechargements/securite/systeme/zhpfix.html
==>Clique sur l'icone représentant le presse-papier ("coller le presse-papier")
le script doit automatiquement apparaitre dans ZHPFix, sinon, colle-le (Ctrl+v)
==>Clique sur le bouton GO pour lancer le nettoyage
==> Copie/colle la totalité du rapport dans ta prochaine réponse.
==> : https://www.cjoint.com/ Copie le lien dans ta prochaine réponse.

==> laisse travailler l'outil et ne touche à rien ...

==> Si il t'est demandé de redémarrer le PC pour finir le nettoyage, fais le !


( ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ ZHPFixReport.txt )

Redémarre le PC et poste le rapport stp.
0
Réponse 34 / 51
fleur45490 Messages postés 30 Date d'inscription vendredi 13 septembre 2013 Statut Membre Dernière intervention 3 mai 2014
14 sept. 2013 à 18:31
Rapport de ZHPFix 2013.9.11.6 par Nicolas Coolman, Update du 11/09/2013
Fichier d'export Registre :
Run by Admin at 14/09/2013 18:29:10
High Elevated Privileges : OK
Windows XP Home Edition Service Pack 3 (Build 2600)

Corbeille vidée

========== Eléments de donnée du Registre ==========
SUPPRIMÉ: R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy

========== Dossiers ==========
SUPPRIME Temporaires Windows

========== Fichiers ==========
SUPPRIMÉ: c:\windows\system32\drivers\aswvmm.sys
SUPPRIMÉ: c:\windows\system32\drivers\aswrvrt.sys
SUPPRIME Temporaires Windows

========== Restauration Système ==========
Point de restauration du système créé avec succès

========== Autre ==========
NON TRAITÉ McAfee Security Scan Plus v3.0.318.3


========== Récapitulatif ==========
1 : Eléments de donnée du Registre
1 : Dossiers
3 : Fichiers
1 : Restauration Système
1 : Autre


End of clean in 00mn 05s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 14/09/2013 11:37:56 [2458]
C:\ZHP\ZHPFix[R2].txt - 14/09/2013 12:32:51 [1150]
C:\ZHP\ZHPFix[R3].txt - 14/09/2013 12:44:25 [1202]
C:\ZHP\ZHPFix[R4].txt - 14/09/2013 18:29:12 [1180]
Rapport de ZHPFix 2013.9.11.6 par Nicolas Coolman, Update du 11/09/2013
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-14-09-2013-18-29-13.txt
Run by Admin at 14/09/2013 18:29:10
High Elevated Privileges : OK
Windows XP Home Edition Service Pack 3 (Build 2600)

Corbeille vidée

========== Eléments de donnée du Registre ==========
SUPPRIMÉ: R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy

========== Dossiers ==========
SUPPRIME Temporaires Windows

========== Fichiers ==========
SUPPRIMÉ: c:\windows\system32\drivers\aswvmm.sys
SUPPRIMÉ: c:\windows\system32\drivers\aswrvrt.sys
SUPPRIME Temporaires Windows

========== Restauration Système ==========
Point de restauration du système créé avec succès

========== Autre ==========
NON TRAITÉ McAfee Security Scan Plus v3.0.318.3


========== Récapitulatif ==========
1 : Eléments de donnée du Registre
1 : Dossiers
3 : Fichiers
1 : Restauration Système
1 : Autre


End of clean in 00mn 05s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 14/09/2013 11:37:56 [2458]
C:\ZHP\ZHPFix[R2].txt - 14/09/2013 12:32:51 [1150]
C:\ZHP\ZHPFix[R3].txt - 14/09/2013 12:44:25 [1202]
C:\ZHP\ZHPFix[R4].txt - 14/09/2013 18:29:12 [1180]
Rapport de ZHPFix 2013.9.11.6 par Nicolas Coolman, Update du 11/09/2013
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-14-09-2013-18-29-13.txt
Run by Admin at 14/09/2013 18:29:10
High Elevated Privileges : OK
Windows XP Home Edition Service Pack 3 (Build 2600)

Corbeille vidée

========== Eléments de donnée du Registre ==========
SUPPRIMÉ: R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy

========== Dossiers ==========
SUPPRIME Temporaires Windows

========== Fichiers ==========
SUPPRIMÉ: c:\windows\system32\drivers\aswvmm.sys
SUPPRIMÉ: c:\windows\system32\drivers\aswrvrt.sys
SUPPRIME Temporaires Windows

========== Restauration Système ==========
Point de restauration du système créé avec succès

========== Autre ==========
NON TRAITÉ McAfee Security Scan Plus v3.0.318.3


========== Récapitulatif ==========
1 : Eléments de donnée du Registre
1 : Dossiers
3 : Fichiers
1 : Restauration Système
1 : Autre


End of clean in 00mn 05s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 14/09/2013 11:37:56 [2458]
C:\ZHP\ZHPFix[R2].txt - 14/09/2013 12:32:51 [1150]
C:\ZHP\ZHPFix[R3].txt - 14/09/2013 12:44:25 [1202]
C:\ZHP\ZHPFix[R4].txt - 14/09/2013 18:29:12 [1180]
0
Réponse 35 / 51
kingk06 Messages postés 10277 Date d'inscription mercredi 12 juin 2013 Statut Membre Dernière intervention 17 mars 2015 536
15 sept. 2013 à 01:25
refais moi un zhpdiag stp !
0
Réponse 36 / 51
fleur45490 Messages postés 30 Date d'inscription vendredi 13 septembre 2013 Statut Membre Dernière intervention 3 mai 2014
15 sept. 2013 à 11:30
~ Rapport de ZHPDiag v2013.9.14.26 - Nicolas Coolman (14/09/2013)
~ Lancé par Admin (15/09/2013 11:28:32)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 23.0.1 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\\ Logiciels de protection du système
avast! Internet Security v8.0.1497.0
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Security Scan Plus v3.0.318.3

---\\ Logiciels d'optimisation du système
CCleaner v3.21 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 25

---\\ Informations sur le système
~ Processor: x86 Family 16 Model 6 Stepping 3, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2815 MB (71% free)
System Restore: Activé (Enable)
System drive C: has 417 GB (89%) free of 466 GB

---\\ Mode de connexion au système
~ Computer Name: PERSONNEL
~ User Name: Admin
~ All Users Names: HelpAssistant, Administrateur, Admin,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\Admin\Application Data\
~ %Desktop% : C:\Documents and Settings\Admin\Bureau\
~ %Favorites% : C:\Documents and Settings\Admin\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Admin\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Admin\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumération des unités disques
C:\ Hard drive, Flash drive, Thumb drive (Free 417 Go of 466 Go)
D:\ CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 30 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 - 19:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.EA7AB3839BE1FFE067A8131F3547160D] - (.Microsoft Corporation - Internet Extensions for Win32.) (.08/08/2013 - 07:05:46.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 19:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 12:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.4B0A100EAF5C49EF3CCA8C641431EACC] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.02/05/2008 - 11:49:39.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 18:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 09:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 19:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 11:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 11:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 12:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 12:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 12:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/04/2008 - 19:09:42.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 12:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 18:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.13/04/2008 - 18:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/497
~ Mes musiques (My Musics) : 20/1261
~ Mes Videos (My Videos) : 2/5
~ Mes Favoris (My Favorites) : 1/12
~ Mes Documents (My Documents) : 2/6539
~ Mon Bureau (My Desktop) : 1/524
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 10s



---\\ Processus lancés
[MD5.9330941C8F6DF417F6DBBE998DB6687E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1880]
[MD5.68E3356BC848124F56BDAC3C70C2E54B] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [137960] [PID.2044]
[MD5.315FFF437563980ADA67D8FB38031A15] - (.VIA Technologies, Inc. - HDeck MFC Application.) -- C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [33747360] [PID.996]
[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208] [PID.1424]
[MD5.CBC7D8E5416AD30CF16DC2FD4A6AA399] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968] [PID.1768]
[MD5.9ECF00E19736054E019C532AED8228FC] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182184] [PID.1896]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [253816] [PID.1924]
[MD5.C156DE6EB37B6C5D6498DD87C23F3FA4] - (.SFR - Mediacenter Evolution.) -- C:\Program Files\SFR\Mediacenter Evolution\MediaCenter.exe [2688368] [PID.1944]
[MD5.F4F87E50519D74C056010C29BAB03CE1] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [5071712] [PID.628]
[MD5.4543367E50BD35E7D1269D42841B156E] - (.Hewlett-Packard Development Company, L.P. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [288472] [PID.744]
[MD5.BD713579A87D698E1F2158CE10E48130] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe [272248] [PID.756]
[MD5.569E547273C25B019054A12A40400ECE] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [11318784] [PID.912]
[MD5.4B723F33D7331F20E06F3A2FD76EC1D5] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [11312128] [PID.940]
[MD5.7DFF82ACDAB23414ABC2A95FEF8982F8] - (.Pas de propriétaire - app_filter Module.) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [370792] [PID.1416]
[MD5.198FF60A42802C319FBA58FDB13EEE49] - (.Pas de propriétaire - NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [167528] [PID.1756]
[MD5.88029974B1C9995CFA3BD9560BBA2EEF] - (.Hewlett-Packard Development Company, L.P. - HP CUE Status.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [239320] [PID.4008]
[MD5.3B1D7D4F4976A36A39C5772A97F65476] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer.exe [12614496] [PID.904]
[MD5.1F70BECCF68B076C804D670A377D7976] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\tv_w32.exe [195936] [PID.3152]
[MD5.B4CF3FB7E9B8EA69757541DCE6CA20ED] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [276376] [PID.3536]
[MD5.72EF708552059546B1AAA82E7AA59439] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [17304] [PID.1528]
[MD5.D15FE044EF9776466FBA00D7FBD7B7B6] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7953408] [PID.3368]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.3588]
~ Processes Running: Scanned in 00mn 02s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\qnaz40j3.default-1360862886531\prefs.js
~ Firefox Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
O1 - Hosts: Copyright (c) 1993-1999 Microsoft Corp.
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Easy-WebPrint - [HKLM]{327C2873-E90D-4c37-AA9D-10AC9BABA46C} . (.Pas de propriétaire - Easy-WebPrint.) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: avast! Online Security - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [AllUsers]: HD ADeck.lnk . (.VIA Technologies, Inc. - HDeck MFC Application.) -- C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
~ Global Startup: 13 Legitimates Filtered in 00mn 00s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Program [AllUsers]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Development Company, L.P. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - GS\Program [AllUsers]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
O4 - GS\Program [Admin]: OpenOffice.org 3.2.lnk . (...) -- C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - HKLM\..\Run: [HDAudDeck] . (.VIA Technologies, Inc. - HDeck MFC Application.) -- C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] . (.CANON INC. - BJPSMAIN.) -- C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [NSU_agent] . (...) -- C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SFR Mediacenter] . (.SFR - Mediacenter Evolution.) -- C:\Program Files\SFR\Mediacenter Evolution\MediaCenter.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-796845957-1677128483-839522115-1002\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-796845957-1677128483-839522115-1002\..\Run: [SFR Mediacenter] . (.SFR - Mediacenter Evolution.) -- C:\Program Files\SFR\Mediacenter Evolution\MediaCenter.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} ((no name)) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} ((no name)) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ((no name)) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{80F404EE-C45C-40BC-9F95-3E657EB33B7C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{80F404EE-C45C-40BC-9F95-3E657EB33B7C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{80F404EE-C45C-40BC-9F95-3E657EB33B7C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TeamViewer 8 (TeamViewer8) . (.TeamViewer GmbH - TeamViewer 8.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
~ Services: 10 Legitimates Filtered in 00mn 04s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (sprestrt) (.Microsoft Corporation - Restaure le registre pour redémarrer la partie GUI du programme d'installation.) -- C:\WINDOWS\system32\sprestrt.exe
~ BEX: 2 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: PC Speed Up Extension - (.Speedchecker.) [HKLM] -- PC Speed Up Extension
O42 - Logiciel: Vivitar Experience Image Manager - (.Sakar.) [HKLM] -- Vivitar Experience Image Manager
~ Logic: 123 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\IncrediMail]
[HKCU\Software\PC Speed Up Extension]
[HKLM\Software\IncrediMail]
~ Key Software: 208 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 31/08/2013 - 15:46:31 - [4,393] ----D C:\Program Files\PC Speed Up Extension
O43 - CFD: 19/02/2012 - 17:19:28 - [0] ----D C:\Program Files\SpeedAres
O43 - CFD: 19/06/2012 - 11:59:15 - [120,223] ----D C:\Program Files\Vivitar Experience Image Manager
O43 - CFD: 19/06/2012 - 11:58:35 - [0,000] ----D C:\Documents and Settings\All Users\Application Data\Vivitar
O43 - CFD: 14/02/2013 - 15:38:31 - [0,039] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\PC Speed Up Extension
O43 - CFD: 07/02/2013 - 15:47:19 - [0,197] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\Updater21810 =>PUP.CrossRider
O43 - CFD: 19/06/2012 - 12:03:14 - [0,490] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\Vivitar Experience Image Manager
O43 - CFD: 19/06/2012 - 11:58:28 - [0,003] ----D C:\Documents and Settings\Admin\Menu Démarrer\Programmes\Vivitar Experience Image Manager
~ Program Folder: 159 Legitimates Filtered in 00mn 26s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.39375035B78695F2C2ED0B81177A3C49] - 15/09/2013 - 08:35:57 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.F7F0DF44A4EF33950EA9CDEF780F1C12] - 15/09/2013 - 08:35:44 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.EFDFC3E58DEB80327E8275971E71A495] - 14/09/2013 - 11:55:54 -SHA- . (...) -- C:\Thumbs.db [3072]
O44 - LFC:[MD5.F7AD36C71231E199CE906082272EC4A4] - 14/09/2013 - 11:55:48 -SHA- . (...) -- C:\WINDOWS\Thumbs.db [8192]
O44 - LFC:[MD5.513678D0A0F7622010FE77826F91F25A] - 14/09/2013 - 11:16:56 ---A- . (...) -- C:\UsbFix [Clean 1] PERSONNEL.txt [8019]
O44 - LFC:[MD5.02E29C1C55BDFB08845A418FF3CDD2CF] - 14/09/2013 - 10:38:33 ----- . (...) -- C:\UsbFix [Scan 2] PERSONNEL.txt [5140]
O44 - LFC:[MD5.755F397DD6A2FD635288E90926DDA9A9] - 14/09/2013 - 10:31:37 ----- . (...) -- C:\UsbFix [Scan 1] PERSONNEL.txt [5176]
O44 - LFC:[MD5.DF7444516825BCD28CE4348EA8387313] - 13/09/2013 - 22:48:21 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [24731]
O44 - LFC:[MD5.685CC3965145DF87AEC70ED8D94E2306] - 13/09/2013 - 22:48:21 ---A- . (...) -- C:\WINDOWS\comsetup.log [8288]
O44 - LFC:[MD5.110301BA902B105C89093E9C162E2A3E] - 13/09/2013 - 22:48:21 ---A- . (...) -- C:\WINDOWS\iis6.log [3964]
O44 - LFC:[MD5.C51931851E5470BF632F5B99C26CE940] - 13/09/2013 - 22:48:21 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.86B92FFAFDF393AEC8307484EC3CB0BA] - 13/09/2013 - 22:48:21 ---A- . (...) -- C:\WINDOWS\msgsocm.log [1236]
O44 - LFC:[MD5.B8A64E6A11F45A08587847E9AC7445D3] - 13/09/2013 - 22:48:21 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [5006]
O44 - LFC:[MD5.5A3729B049F0DDC3575E7183A2DD7E4C] - 13/09/2013 - 22:48:21 ---A- . (...) -- C:\WINDOWS\ocgen.log [11824]
O44 - LFC:[MD5.2A3786E11ABF7707FE8044FC891A67E7] - 13/09/2013 - 22:48:21 ---A- . (...) -- C:\WINDOWS\ocmsn.log [1368]
O44 - LFC:[MD5.96523150177BC15E2EB7F694E474F769] - 13/09/2013 - 22:48:21 ---A- . (...) -- C:\WINDOWS\tsoc.log [9436]
O44 - LFC:[MD5.068D1A5F2ACF821408EB39158CAD5030] - 13/09/2013 - 22:48:14 ---A- . (...) -- C:\WINDOWS\updspapi.log [3307]
O44 - LFC:[MD5.AE503711BC2605BF0EB6A294097C6A3D] - 13/09/2013 - 13:26:57 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.D1E91515BBD545A016F01E7F6F59704B] - 05/09/2013 - 15:56:06 -SHA- . (...) -- C:\WINDOWS\system32\Thumbs.db [5120]
O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 05/09/2013 - 15:46:16 ---A- . (...) -- C:\WINDOWS\system.ini [227]
O44 - LFC:[MD5.115B0DFAC7D49D20153BE1609867BEA3] - 05/09/2013 - 15:46:16 ---A- . (...) -- C:\WINDOWS\win.ini [542]
~ Files: 42 Legitimates Filtered in 00mn 08s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\UsbFix\Go.exe" [Enabled] .(.Pas de propriétaire.) -- C:\UsbFix\Go.exe
~ Keys Export: 25 Legitimates Filtered in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.D48659BB24C48345D926ECB45C1EBDF5] - 13/08/2004 - 03:56:20 R--A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\WINDOWS\system32\Drivers\ASACPI.sys [5810]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: 5 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido - SosVirus.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: ZHPFix 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - () - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
~ Keys: Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.9E70C277EBA5A1EAD6FBF782DA3D31FB] [WIS][14/06/2012] (.Nokia - Nokia Connectivity Cable Driver.) -- C:\Windows\Installer\14f8292.msi [337920]
[MD5.9F044292D9B2460C661067D62881A991] [WIS][26/02/2011] (.eSupportQFolder - eSupportQFolder.) -- C:\Windows\Installer\1af8fb.msi [121344]
[MD5.8F6B8B37431E797FEAC3BE4BB007005C] [WIS][26/02/2011] (.HP Image Transfer - HP Image Transfer.) -- C:\Windows\Installer\1af91e.msi [3155456]
[MD5.FBDBFA9FFCFEE104A4C4631B83D000DE] [WIS][26/02/2011] (.RE Technologies - Photo Utility.) -- C:\Windows\Installer\1af953.msi [1332224]
~ WIS: 76 Legitimates Filtered in 00mn 06s



---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 13/09/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 30/08/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2013 137960 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SS - | Demand 13/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SR - | Auto 21/01/2010 370792 | (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
SS - | Auto 18/02/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 18/02/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 26/08/2013 182184 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SS - | Demand 05/02/2013 235216 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
SS - | Demand 17/08/2013 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 21/01/2010 167528 | (nSvcIp) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
SS - | Auto 16/03/2010 154216 | (nvsvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SS - | Auto 09/08/2007 73728 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe
SS - | Demand 04/01/2012 718888 | (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
SS - | Auto 21/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 02/09/2013 5071712 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
~ Services: Scanned in 00mn 06s



---\\ Scan Additionnel (O88)
Database Version : 12917 - (14/09/2013)
Clés trouvées (Keys found) : 10
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 0

[HKCU\Software\PC Speed Up Extension] =>Rogue.PCSpeedUp
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PC Speed Up Extension] =>Rogue.PCSpeedUp
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{327C2873-E90D-4c37-AA9D-10AC9BABA46C}] =>Toolbar.EasyWebPrint
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{327C2873-E90D-4c37-AA9D-10AC9BABA46C}] =>Toolbar.EasyWebPrint
[HKLM\Software\Classes\CLSID\{327C2873-E90D-4c37-AA9D-10AC9BABA46C}] =>Toolbar.EasyWebPrint
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220122492287}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220222182210}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322712280}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111491187}] =>PUP.CrossRider
C:\Documents and Settings\Admin\Local Settings\Application Data\Updater21810 =>PUP.CrossRider^
~ Additionnel Scan: 238140 Items scanned in 00mn 17s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/27765487-rogue-pcspeedup =>Rogue.PCSpeedUp
~ http://nicolascoolman.webs.com/apps/blog/show/27557062-adware-vidsaver =>Adware.VidSaver
~ MSI: 3 link(s) detected in 00mn 17s



~ 938 Legitimates filtered by white list
End of the scan (441 lines in 01mn 27s)(0)
0
Réponse 37 / 51
kingk06 Messages postés 10277 Date d'inscription mercredi 12 juin 2013 Statut Membre Dernière intervention 17 mars 2015 536
Modifié par kingk06 le 15/09/2013 à 12:05
Il faut héberger ce rapport qui se trouve sur le bureau, celui-ci étant trop long
pour être posté sur le forum Pour héberger le rapport :poste-le ici stp >> https://www.cjoint.com/

Comment se comporte le PC ... ?
0
Réponse 38 / 51
fleur45490 Messages postés 30 Date d'inscription vendredi 13 septembre 2013 Statut Membre Dernière intervention 3 mai 2014
15 sept. 2013 à 12:28
https://www.cjoint.com/?CIpmCmbkMny
0
Réponse 39 / 51
kingk06 Messages postés 10277 Date d'inscription mercredi 12 juin 2013 Statut Membre Dernière intervention 17 mars 2015 536
Modifié par kingk06 le 15/09/2013 à 13:06
==> Copies uniquement tu les lignes indiquées en gras ci-dessous dans le presse papier(tu surlignes avec la souris puis clic droit copier de Script ZHPFix jusqu'à la fin Emptytemp)


------------------------------------------------------------------------------------->
Script ZHPFix
O1 - Hosts: Copyright (c) 1993-1999 Microsoft Corp.
O44 - LFC:[MD5.D1E91515BBD545A016F01E7F6F59704B] - 05/09/2013 - 15:56:06 -SHA- . (...) -- C:\WINDOWS\system32\Thumbs.db [5120]
McAfee Security Scan Plus v3.0.318.3
SS - | Demand 05/02/2013 235216 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe => McAfee%Security Scan
O4 - GS\Program [AllUsers]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,MigrateProxy = 1 => Internet Explorer Allows Proxy Settings Remotely
SysRestore
EmptyTemp
EmptyFlash
EmptyCLSID
FirewallRAZ
EmptyTemp





==>Lance ZHPFix (icône seringue) à partir du raccourci sur ton Bureau (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en tant qu'administrateur)
- Si tu ne l'as pas, télécharge le depuis ce lien: https://www.zebulon.fr/telechargements/securite/systeme/zhpfix.html
==>Clique sur l'icone représentant le presse-papier ("coller le presse-papier")
le script doit automatiquement apparaitre dans ZHPFix, sinon, colle-le (Ctrl+v)
==>Clique sur le bouton GO pour lancer le nettoyage
==> Copie/colle la totalité du rapport dans ta prochaine réponse.
==> : https://www.cjoint.com/ Copie le lien dans ta prochaine réponse.

==> laisse travailler l'outil et ne touche à rien ...

==> Si il t'est demandé de redémarrer le PC pour finir le nettoyage, fais le !


( ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ ZHPFixReport.txt )

Redémarre le PC et poste le rapport stp.
0
Réponse 40 / 51
fleur45490 Messages postés 30 Date d'inscription vendredi 13 septembre 2013 Statut Membre Dernière intervention 3 mai 2014
15 sept. 2013 à 13:19
https://www.cjoint.com/?3IpnsLX3m1L
0

Discussions similaires

"Aucune application permettant d'ouvrir cette URL"
sidojaice -
JIP -

24 réponses
Impossible d'ouvrir des liens via mon Samsung A71
bleuenn29 -
Pierr10 -

4 réponses