Sujet Précédent Sujet Suivant

SVP virus, pc ki rame je veu faire le menage

Résolu/Fermé
Sophie - 3 juin 2008 à 14:23
 Sophie - 9 juin 2008 à 16:37
Bonjour,

J'ai mon ordi qui rame... Mon antivirus est perimé je souhaiterais en acheter un bon sur le net.

J'ai besoin de conseil pour remettre mon ordi en etat svp.

Je n'arrive plus a aller dans panneau de configuration ni dans mon poste de travaille.

Je comp^rend plus rien...

Aider moi a faire le menage dans mon ordi...

J'arrive a me connecter sur le net une fois sur deux

pouvais vous m'aider svp ...?????

Merci d'avance
A voir également:

123 réponses

Précédent
Réponse 81 / 123
Sophie
6 juin 2008 à 08:50
desoler de te l'avoir envoyer en plusieur fois mais mon ordi plante est jpenser ke sa te lenvoyer po :)

Sa a pas marcher??? peut tu me redonner les instruction jsuis un peu perdu du coup lol...

Mici d'avance de ta patience :)
0
Réponse 82 / 123
Utilisateur anonyme
6 juin 2008 à 10:21
Re ,
ceci :



/!\ Manip crée spécialement pour cet utilisateur , ne pas reproduire chez soi ... /!\

Crée un nouveau document texte : clic droit de souris sur le bureau, "Nouveau"> "Document Texte". Ouvre-le et copie-colle dedans de ce qui est en citation en gras ci-dessous, (copie tout d'un trait) : ( y compris Regedit4, et la ligne vide en dessous )

REGEDIT4

[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"=-
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"=-
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"Alcmtr"=-
"devenv"=-




Puis "fichier" -> "enregistrer sous" :
dans : sur le bureau
Nom du fichier : fix.reg
Type de fichier : "tous les fichiers"
clique sur "enregistrer"

Cela doit ressembler à ça

Double clique sur fix.reg

→ tu dois OBLIGATOIREMENT* avoir un message "voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
Si c'est bien le cas, clique sur "oui"

*Prevenir si le message n'apparait pas.
0
Réponse 83 / 123
Sophie
6 juin 2008 à 10:59
Re,

mais je l'ai fais ca et j'ai bien sur mon bureau licone fix.reg

J(ai eu le message aussi :)
0
Réponse 84 / 123
Utilisateur anonyme
6 juin 2008 à 11:03
Re ,

Clique droit sur fix.reg > modifier > copie/colle le contenu ici.

a++
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 85 / 123
Sophie
6 juin 2008 à 11:10
REGEDIT4

[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"=-
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"=-
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"Alcmtr"=-
"devenv"=-
0
Réponse 86 / 123
Utilisateur anonyme
6 juin 2008 à 11:40
Re ,

au temps pour moi ..
supprime le fix.reg.

Recommence le avec :

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Alcmtr"=-
"devenv"=-

Reposte un system scan en ne cochant QUE Registry run keys

A++

0
Réponse 87 / 123
Sophie
6 juin 2008 à 11:57
SystemScan - www.suspectfile.com - ver. 3.5.5 (code: holifay & bReAkdOWn)

Running on: Windows XP HOME Edition, Service Pack 2 (2600.5.1)
System directory: C:\WINDOWS
SystemScan file: C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\CD9FG9R0\sys11839[1].exe
Running in: User mode
Date: 07/11/2008
Time: 10:50:48

Output limited to:
-Registry Run Keys

===================== REGISTRY SCAN =====================


-----HKLM\Software\Microsoft\Windows\CurrentVersion\Run-----

[Run]
"ATICCC"="\"C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe\""
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe"
"MAFWTaskbarApp"="C:\WINDOWS\system32\MAFWTray.exe"
"RTHDCPL"="RTHDCPL.EXE"
"SkyTel"="SkyTel.EXE"
"PKR Pal"="\"C:\Program Files\PKR\pkrpal.exe\" -osboot"
"H2O"="C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe"
"FLMOFFICE4DMOUSE"="C:\Program Files\Trust\DS-4500X Wireless Laser Deskset\Mouse\mouse32a.exe"
"OFFICEKB"="C:\Program Files\Trust\DS-4500X Wireless Laser Deskset\Keyboard\kbdap32a.EXE"
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe"

[Run\avp6_post_uninstall]

[Run\OptionalComponents]
@=""

[Run\OptionalComponents\IMAIL]
"Installed"="1"
@=""

[Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
@=""

[Run\OptionalComponents\MSFS]
"Installed"="1"
@=""

-----HKCU\Software\Microsoft\Windows\CurrentVersion\Run-----

[Run]
"MsnMsgr"="\"C:\Program Files\MSN Messenger\MsnMsgr.Exe\" /background"
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

-----HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run-----

[Run]

-----HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run-----

[Run]

-----HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run-----

[Run]

-----HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows-----

[Windows]
"AppInit_DLLs"=""

-----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad-----

[ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
#### HKCR\CLSID\{7849596a-48ea-486e-8937-a2a3009f31a9}\InprocServer32 @=expand:"%SystemRoot%\system32\SHELL32.dll"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
#### HKCR\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 @=expand:"%SystemRoot%\system32\SHELL32.dll"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
#### HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InprocServer32 @=expand:"C:\WINDOWS\system32\webcheck.dll"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
#### HKCR\CLSID\{35CEC8A3-2BE6-11D2-8773-92E220524153}\InprocServer32 @="C:\WINDOWS\system32\stobject.dll"

-----HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks-----

[ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
#### HKCR\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\InprocServer32 @="shell32.dll"

-----HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon-----

[Winlogon]
"Shell"="Explorer.exe"
"System"=""
"Userinit"="C:\WINDOWS\system32\userinit.exe,"
"VmApplet"="rundll32 shell32,Control_RunDLL \"sysdm.cpl\""
"UIHost"=expand:"logonui.exe"
"LogonType"=dword:00000001
"WinStationsDisabled"="0"

[Winlogon\GPExtensions]

[Winlogon\GPExtensions\{3610eda5-77ef-11d2-8dc5-00c04fa31a66}]
"@="Quota du disque Microsoft"
"DllName"=expand:"dskquota.dll"

[Winlogon\GPExtensions\{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}]
"@="Internet Explorer Zonemapping"
"DllName"=expand:"iedkcs32.dll"

[Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}]
"DllName"=expand:"scecli.dll"
"@="Security"

[Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}]
"DllName"="iedkcs32.dll"
"@="Internet Explorer Branding"

[Winlogon\GPExtensions\{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}]
"DllName"=expand:"scecli.dll"
"@="EFS recovery"

[Winlogon\GPExtensions\{C631DF4C-088F-4156-B058-4375F0853CD8}]
"@="Microsoft Offline Files"
"DllName"=expand:"%SystemRoot%\System32\cscui.dll"

[Winlogon\GPExtensions\{c6dc5466-785a-11d2-84d0-00c04fb169f7}]
"@="Installation de logiciel"
"DllName"=expand:"appmgmts.dll"

[Winlogon\Notify]

[Winlogon\Notify\!SASWinLogon]

[Winlogon\Notify\AtiExtEvent]
"DLLName"="Ati2evxx.dll"

[Winlogon\Notify\crypt32chain]
"DllName"=expand:"crypt32.dll"

[Winlogon\Notify\cryptnet]
"DllName"=expand:"cryptnet.dll"

[Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"

[Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"

[Winlogon\Notify\Schedule]
"DllName"=expand:"wlnotify.dll"

[Winlogon\Notify\sclgntfy]
"DllName"=expand:"sclgntfy.dll"

[Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"

[Winlogon\Notify\termsrv]
"DllName"=expand:"wlnotify.dll"

[Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"

[Winlogon\SpecialAccounts]

[Winlogon\SpecialAccounts\UserList]
"HelpAssistant"=dword:00000000
"TsInternetUser"=dword:00000000
"SQLAgentCmdExec"=dword:00000000
"NetShowServices"=dword:00000000
"IWAM_"=dword:00010000
"IUSR_"=dword:00010000
"VUSR_"=dword:00010000

-----HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon-----

[Winlogon]
"ParseAutoexec"="1"
"ExcludeProfileDirs"="Local Settings;Temporary Internet Files;Historique;Temp"
"BuildNumber"=dword:00000a28

-----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options-----

[Image File Execution Options\Your Image File Name Here without a path]
"Debugger"="ntsd -d"

-----HKLM\System\CurrentControlSet\Control\Session Manager\-----

[Session Manager]
"BootExecute"=multi:"autocheck autochk *\00\00"

[Session Manager\SubSystems]
"Windows"=expand:"%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16"

-----HKLM\SYSTEM\CurrentControlSet\Control\WOW-----

[WOW]
"cmdline"=expand:"%SystemRoot%\system32\ntvdm.exe"
"wowcmdline"=expand:"%SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386"

-----HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run-----

[run]

-----HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce-----

[RunOnce]

-----HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx-----

[RunOnceEx]

-----HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices-----

[RunServices]

-----HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce-----

[RunServicesOnce]

-----HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce-----

[RunOnce]

-----HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx-----

-----HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices-----

[RunServices]

-----HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run-----

-----HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce-----

[RunServicesOnce]

-----HKLM\Software\Microsoft\Command Processor\Autorun-----

-----HKCU\Software\Microsoft\Command Processor\Autorun-----

-----HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load-----

-----HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup-----

-----HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon-----

-----HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon-----

-----HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Runonce-----

-----HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Run-----

-----HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms-----

-----HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Runonce-----

-----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler-----

[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
#### HKCR\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InprocServer32 @=expand:"%SystemRoot%\system32\browseui.dll"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
#### HKCR\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InprocServer32 @=expand:"%SystemRoot%\system32\browseui.dll"

-----HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects-----

[Browser Helper Objects]
@=""

[Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
@=""

[Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
#### HKCR\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\InprocServer32 @="C:\PROGRA~1\SPYBOT~1\SDHelper.dll"

[Browser Helper Objects\{7009fcd4-05be-44f4-9583-93fe419ab7b0}]
#### HKCR\CLSID\{7009fcd4-05be-44f4-9583-93fe419ab7b0}\InprocServer32 @="C:\Program Files\Multi_Media_France\tbMul0.dll"
@=""

[Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
#### HKCR\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\InprocServer32 @="C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll"

-----HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks-----

[URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=""
#### HKCR\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\InprocServer32 @="C:\WINDOWS\system32\ieframe.dll"

-----HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig-----

-----HKCU\Control Panel\Desktop\-----

[Desktop]
"SCRNSAVE.EXE"="C:\WINDOWS\system32\ssstars.scr"

[Desktop\WindowMetrics]

-----HKEY_CLASSES_ROOT\exefile\shell\open\command-----

[command]
@="\"%1\" %*"

-----HKEY_CLASSES_ROOT\comfile\shell\open\command-----

[command]
@="\"%1\" %*"

-----HKEY_CLASSES_ROOT\batfile\shell\open\command-----

[command]
@="\"%1\" %*"

-----HKEY_CLASSES_ROOT\piffile\shell\open\command-----

[command]
@="\"%1\" %*"

-----HKEY_CLASSES_ROOT\scrFile\shell\open\command-----

[command]
@="\"%1\" %*"

-----HKEY_CLASSES_ROOT\htafile\shell\open\command-----

[Command]
@="C:\WINDOWS\system32\mshta.exe \"%1\" %*"

-----HKEY_CLASSES_ROOT\logfile\shell\open\command-----

-----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL-----

[URL]

[URL\DefaultPrefix]
@="http://"

[URL\Prefixes]
"ftp"="ftp://"
"gopher"="gopher://"
"home"="http://"
"mosaic"="http://"
"www"="http://"

-----HKLM\SYSTEM\CurrentControlSet\Control\Lsa-----

[Lsa]

[Lsa\AccessProviders]

[Lsa\AccessProviders\Windows NT Access Provider]
"ProviderPath"=expand:"%SystemRoot%\system32\ntmarta.dll"

[Lsa\Audit]

[Lsa\Audit\PerUserAuditing]

[Lsa\Audit\PerUserAuditing\System]

[Lsa\Data]

[Lsa\SSO]

[Lsa\SSO\Passport1.4]
"SSOURL"="http://www.passport.com"

[Lsa\SspiCache]

[Lsa\SspiCache\digest.dll]
"Name"="Digest"
"Comment"="Digest SSPI Authentication Package"

[Lsa\SspiCache\msapsspc.dll]
"Name"="DPA"
"Comment"="DPA Security Package"

[Lsa\SspiCache\msnsspc.dll]
"Name"="MSN"
"Comment"="MSN Security Package"

-----HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess-----

[SharedAccess]
"DependOnGroup"=multi:"\00"
"DependOnService"=multi:"Netman\00WinMgmt\00\00"
"Description"="Assure la traduction d'adresses de réseau, l'adressage, les services de résolution de noms et/ou les services de prévention d'intrusion pour un réseau de petite entreprise ou un réseau domestique."
"DisplayName"="Pare-feu Windows / Partage de connexion Internet"
"ErrorControl"=dword:00000001
"ImagePath"=expand:"%SystemRoot%\system32\svchost.exe -k netsvcs"
"ObjectName"="LocalSystem"
"Start"=dword:00000002
"Type"=dword:00000020

[SharedAccess\Epoch]
"Epoch"=dword:0000249e

[SharedAccess\Parameters]
"ServiceDll"=expand:"%SystemRoot%\System32\ipnathlp.dll"

[SharedAccess\Parameters\FirewallPolicy]

[SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications]

[SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enaxxxxx@xxxxxres.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enaxxxxx@xxxxxres.dll,-20000"

[SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=dword:00000001
"DoNotAllowExceptions"=dword:00000000

[SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enaxxxxx@xxxxxres.dll,-22019"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Resolume 2.41\resolume.exe"="C:\Program Files\Resolume 2.41\resolume.exe:*:Enabled:Resolume 2.41"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX02.937\emule.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX02.937\emule.exe:*:Disabled:eMule"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\0exinjs.aa.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\0exinjs.aa.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\22exinjs.aa.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\22exinjs.aa.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\23exinjs.aa.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\23exinjs.aa.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\83exinjs.aa.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\83exinjs.aa.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\86exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\86exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\82exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\82exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\42exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\42exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\98exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\98exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\36exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\36exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\59exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\59exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\49exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\49exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\8exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\8exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\47exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\47exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\20exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\20exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\78exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\78exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\80exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\80exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\74exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\74exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\18exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\18exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\64exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\64exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\57exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\57exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\92exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\92exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\11exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\11exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\50exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\50exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\43exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\43exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\95exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\95exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\52exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\52exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\23exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\23exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\6exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\6exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\39exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\39exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\68exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\68exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\61exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\61exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\26exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\26exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\34exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\34exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\19exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\19exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\32exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\32exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\14exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\14exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\29exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\29exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\66exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\66exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\99exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\99exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\54exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\54exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\94exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\94exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\85exinjs.ab.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\85exinjs.ab.exe:*:Enabled:Microsoft Update"
"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe:*:Disabled:Kaspersky Anti-Virus"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\BitDownload\BitDownload.exe"="C:\Program Files\BitDownload\BitDownload.exe:*:Enabled:Torrent P2P application"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\16ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\16ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\25ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\25ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\35ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\35ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\43ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\43ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\58ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\58ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\26ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\26ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\87ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\87ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60ex:*:Enabled:Microsoft Update"
"C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe"="C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\44ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\44ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\50ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\50ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\7ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\7ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\42ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\42ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\3ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\3ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\21ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\21ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\40ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\40ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\2ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\2ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\4ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\4ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\65ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\65ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\37ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\37ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\31ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\31ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\72ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\72ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\92ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\92ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\68ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\68ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\45ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\45ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\96ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\96ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\33ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\33ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\79ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\79ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\10ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\10ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\22ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\22ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\55ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\55ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\66ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\66ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\94ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\94ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\52ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\52ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\0ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\0ex:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\63ex"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\63ex:*:Enabled:Microsoft Update"
"C:\Documents and Settings\Propriétaire\Local Settings\Temp\10exmdnk23.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temp\10exmdnk23.exe:*:Disabled:10exmdnk23"
"C:\Documents and Settings\Propriétaire\Local Settings\Temp\33exmdnk25.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temp\33exmdnk25.exe:*:Disabled:33exmdnk25"
"C:\Documents and Settings\Propriétaire\Local Settings\Temp\0exmdnk26.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temp\0exmdnk26.exe:*:Disabled:0exmdnk26"
"C:\Documents and Settings\Propriétaire\Local Settings\Temp\58exmdnk30.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temp\58exmdnk30.exe:*:Disabled:58exmdnk30"
"C:\kav\kis7.0\french\setup.exe"="C:\kav\kis7.0\french\setup.exe:*:Enabled:Programme d'installation de Kaspersky Internet Security 7.0"
"C:\kav\kav7.0\french\setup.exe"="C:\kav\kav7.0\french\setup.exe:*:Enabled:Programme d'installation de Kaspersky Anti-Virus 7.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enaxxxxx@xxxxxres.dll,-20000"

[SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

[SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Disaxxxxx@xxxxxres.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disaxxxxx@xxxxxres.dll,-22008"
"17053:TCP"="17053:TCP:*:Enabled:NortonAV"
"12192:TCP"="12192:TCP:*:Enabled:NortonAV"

[SharedAccess\Setup]
"ServiceUpgrade"=dword:00000001

[SharedAccess\Setup\InterfacesUnfirewalledAtUpdate]
"All"=dword:00000001

-----HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Firewall\-----

-----HKEY_LOCAL_MACHINE\SOFTWARE\Winsock2-----

-----HKLM\Software\Microsoft\Ole-----

[Ole]
"DefaultLaunchPermission"=hex:01,00,04,80,5c,00,00,00,6c,00,00,00,00,00,00,00,\
"MachineLaunchRestriction"=hex:01,00,04,80,48,00,00,00,58,00,00,00,00,00,00,00,\
"MachineAccessRestriction"=hex:01,00,04,80,44,00,00,00,54,00,00,00,00,00,00,00,\
"EnableDCOM"="Y"

[Ole\AppCompat]

[Ole\AppCompat\ActivationSecurityCheckExemptionList]
"{A50398B8-9075-4FBF-A7A1-456BF21937AD}"="1"
"{AD65A69D-3831-40D7-9629-9B0B50A93843}"="1"
"{0040D221-54A1-11D1-9DE0-006097042D69}"="1"
"{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}"="1"

[Ole\NONREDIST]
"System.EnterpriseServices.Thunk.dll"=""

-----HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\-----

-----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\-----

[Security Center]
"FirstRunDisabled"=dword:00000001
"AntiVirusDisableNotify"=dword:00000000
"FirewallDisableNotify"=dword:00000000
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000000

[Security Center\Monitoring]

[Security Center\Monitoring\AhnlabAntiVirus]

[Security Center\Monitoring\ComputerAssociatesAntiVirus]

[Security Center\Monitoring\KasperskyAntiVirus]

[Security Center\Monitoring\McAfeeAntiVirus]

[Security Center\Monitoring\McAfeeFirewall]

[Security Center\Monitoring\PandaAntiVirus]

[Security Center\Monitoring\PandaFirewall]

[Security Center\Monitoring\SophosAntiVirus]

[Security Center\Monitoring\SymantecAntiVirus]

[Security Center\Monitoring\SymantecFirewall]

[Security Center\Monitoring\TinyFirewall]

[Security Center\Monitoring\TrendAntiVirus]

[Security Center\Monitoring\TrendFirewall]

[Security Center\Monitoring\ZoneLabsFirewall]

-----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\-----

[SystemRestore]
"DisableSR"=dword:00000000
"CreateFirstRunRp"=dword:00000001
"DSMin"=dword:000000c8
"DSMax"=dword:00000190
"RPSessionInterval"=dword:00000000
"RPGlobalInterval"=dword:00015180
"RPLifeInterval"=dword:0076a700
"CompressionBurst"=dword:0000003c
"TimerInterval"=dword:00000078
"DiskPercent"=dword:0000000c
"ThawInterval"=dword:00000384
"RestoreDiskSpaceError"=dword:00000000
"RestoreStatus"=dword:00000000
"RestoreSafeModeStatus"=dword:00000001

[SystemRestore\Cfg]
"DiskPercent"=dword:0000000c
"MachineGuid"="{D88DDE61-D342-465C-AFF5-295FBD9AB56F}"

[SystemRestore\SnapshotCallbacks]
@=""

-----HKEY_CURRENT_USER\Software\VB and VBA Program Settings-----

[VB and VBA Program Settings]

[VB and VBA Program Settings\CCleaner]

[VB and VBA Program Settings\CCleaner\Options]

-----HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\-----

-----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions-----

[AdvancedOptions]

-----HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions-----

-----HKLM\Software\Microsoft\Active Setup\Installed Components-----

[Installed Components]

[Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
"@="IE7 Uninstall Stub"
"ComponentID"="IEUDINIT"
"StubPath"="C:\WINDOWS\system32\ieudinit.exe"

[Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
#### HKCR\CLSID\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\InprocServer32 @="C:\WINDOWS\system32\wmpdxm.dll"
"Stubpath"="C:\WINDOWS\inf\unregmp2.exe /ShowWMP"
"@="Microsoft Windows Media Player"
"ComponentID"="WMPACCESS"

[Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
"@="Internet Explorer"
"ComponentID"="IEACCESS"
"StubPath"="C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig"

[Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"@="Browser Customizations"
"ComponentiD"="BRANDING.CAB"
"StubPath"="RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP"

[Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
"@="Personnalisation du navigateur"
"ComponentID"="BRANDING.CAB"
"StubPath"="RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP"

[Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
"@="Outlook Express"
"ComponentID"="OEACCESS"
"StubPath"=expand:"%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE"

[Installed Components\{0E92DD42-76F5-4EF2-B381-F9C1D72BE23D}]
"@="Security Update for Microsoft .NET Framework 2.0 (KB922770)"
"ComponentID"="KB922770"

[Installed Components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}]
"@="Rendu VML (Vector Graphics Rendering)"
"ComponentID"="MSVML"

[Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
#### HKCR\CLSID\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}\InprocServer32 @="C:\WINDOWS\system32\wmpdxm.dll"
"ComponentID"="NetShow"
"StubPath"=""

[Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
#### HKCR\CLSID\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\InprocServer32 @="C:\WINDOWS\system32\wmpdxm.dll"
"ComponentID"="Microsoft Windows Media Player"
"StubPath"=""
"@="Lecteur Windows Media Microsoft 6.4"

[Installed Components\{283807B5-2C60-11D0-A31D-00AA00B92C03}]
"@="DirectAnimation"
"ComponentID"="DirectAnimation"

[Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
"@="Themes Setup"
"ComponentID"="Theme Component"
"StubPath"=expand:"%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll"

[Installed Components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}]
"@="Liaison de données Dynamic HTML pour Java"
"ComponentID"="TridataJava"

[Installed Components\{3919E8B8-A291-74E5-5DBF-8FB615E8FCED}]
"@="Themes Setup"
"ComponentID"="Theme Component"

[Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}]
"@="Offline Browsing Pack"
"ComponentID"="MobilePk"

[Installed Components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}]
"@="Uniscribe"
"ComponentID"="USP10"

[Installed Components\{411EDCF7-755D-414E-A74B-3DCD6583F589}]
"ComponentID"="S867460"
"@="Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)"

[Installed Components\{4278c270-a269-11d1-b5bf-0000f8051515}]
"@="Création avancée"
"ComponentID"="AdvAuth"

[Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
"@="Microsoft Outlook Express 6"
"ComponentID"="MailNews"
"StubPath"=expand:"\"%ProgramFiles%\Outlook Express\setup50.exe\" /APP:OE /CALLER:WINNT /user /install"

[Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
"@="NetMeeting 3.01"
"ComponentID"="NetMeeting"
"StubPath"="rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT"

[Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}]
"@="DirectShow"
"ComponentID"="activemovie"

[Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}]
"@="DirectDrawEx"
"ComponentID"="DirectDrawEx"

[Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}]
"@="Internet Explorer Help"
"ComponentID"="HelpCont"

[Installed Components\{4f216970-c90c-11d1-b5c7-0000f8051515}]
"@="Classes Java DirectAnimation"
"ComponentID"="DAJava"

[Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}]
"@="Microsoft Windows Script 5.6"
"ComponentID"="MSVBScript"

[Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
"KeyFileName"="C:\Program Files\Messenger\msmsgs.exe"
"@="Windows Messenger 4.7"
"ComponentID"="Messenger"
"StubPath"="rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser"

[Installed Components\{5A8D6EE0-3E18-11D0-821E-444553540000}]
"(Default)"="Internet Connection Wizard"
"ComponentID"="ICW"

[Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
"@="Internet Explorer Setup Tools"
"ComponentID"="GenSetup"

[Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}]
"@="Browsing Enhancements"
"ComponentID"="ExtraPack"
"KeyFileName"="C:\WINDOWS\system32\msieftp.dll"

[Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
#### HKCR\CLSID\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\InprocServer32 @="C:\WINDOWS\system32\wmp.dll"
"@="Microsoft Windows Media Player"
"ComponentID"="Microsoft Windows Media Player"
"StubPath"="rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub"

[Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}]
"@="MSN Site Access"
"ComponentID"="MSN_Auth"

[Installed Components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}]
"ComponentID"=".NETFramework"
"@=".NET Framework"

[Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
"@="Carnet d'adresses 6"
"ComponentID"="WAB"
"StubPath"=expand:"\"%ProgramFiles%\Outlook Express\setup50.exe\" /APP:WAB /CALLER:WINNT /user /install"

[Installed Components\{8056AC9E-49C5-4375-9ADE-B2F862C9DF51}]
"ComponentID"="KB928365"
"@="Security Update for Microsoft .NET Framework 2.0 (KB928365)"

[Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
"@="Mise à jour du Bureau Windows"
"ComponentID"="IE4Shell_NT"
"StubPath"=expand:"regsvr32.exe /s /n /i:U shell32.dll"

[Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
"@="Internet Explorer"
"ComponentID"="BASEIE40_W2K"
"StubPath"="C:\WINDOWS\system32\ie4uinit.exe -BaseSettings"

[Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\AuthorizedCDFPrefix]

[Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
"StubPath"="C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install"
"ComponentID"="DOTNETFRAMEWORKS"

[Installed Components\{8D1D0E9A-C799-4D28-9E29-0061D1E66E43}]
"ComponentID"="M928366"
"@="Microsoft .NET Framework 1.1 Hotfix (KB928366)"

[Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}]
"@="Dynamic HTML Data Binding"
"ComponentID"="Tridata"

[Installed Components\{967B098A-042D-4367-BAC9-8BC11684174F}]
"@="Security Update for Microsoft .NET Framework 2.0 (KB917283)"
"ComponentID"="KB917283"

[Installed Components\{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}]

[Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}]
"@="Internet Explorer Core Fonts"
"ComponentID"="Fontcore"

[Installed Components\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}]
"ComponentID"=".NETFramework"
"@=".NET Framework"

[Installed Components\{CC2A9BA0-3BDD-11D0-821E-444553540000}]
"@="Planificateur de tâches"
"ComponentID"="MSTASK"

[Installed Components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}]
"ComponentID"="Windows Movie Maker v2.1"

[Installed Components\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
"@="Adobe Flash Player"
"ComponentID"="Flash"

[Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}]
"@="HTML Help"
"ComponentID"="HTMLHelp"

[Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}]
"@="Active Directory Service Interface"
"ComponentID"="ADSI"

-----Comparing registry keys CCS1 vs CCS2 -----
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\aawservice
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\aswTdi DisplayName REG_SZ avast! Network Shield Support
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\aswTdi ErrorControl REG_DWORD 1 (0x1)
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\aswTdi Type REG_DWORD 1 (0x1)
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\aswTdi Group REG_SZ PNP_TDI
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\aswTdi Start REG_DWORD 1 (0x1)
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\aswTdi DependOnService REG_MULTI_SZ tcpip\0\0
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\aswTdi Tag REG_DWORD 9 (0x9)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\aswTdi\Parameters ProviderStart REG_DWORD 3 (0x3)
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\aswTdi\Parameters ProviderStart REG_DWORD 1 (0x1)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\AVG Anti-Spyware Driver
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\AVG Anti-Spyware Guard
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\AvgAsCln
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\AVP
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\BITS Start REG_DWORD 3 (0x3)
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\BITS Start REG_DWORD 2 (0x2)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Dhcp\Parameters {6317C625-DA29-42BA-9ADD-C0C897993031} REG_BINARY 1A0000000000000002000000000000002EAECB4705D40000060000000000000008000000000000002EAECB473E0410463E041145030000000000000004000000000000002EAECB47C0A801010F0000000000000005000000000000002EAECB476C6F63616C000000330000000000000004000000000000002EAECB4700015180010000000000000004000000000000002EAECB47FFFFFF00360000000000000004000000000000002EAECB47C0A80101350000000000000001000000000000002EAECB4705000000
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Dhcp\Parameters {6317C625-DA29-42BA-9ADD-C0C897993031} REG_BINARY FC000000000000000000000000000000D9F313491A0000000000000002000000000000000F34154905D40000060000000000000008000000000000000F341549D043DEDED043DCDC030000000000000004000000000000000F341549C0A801010F0000000000000005000000000000000F3415496C6F63616C000000330000000000000004000000000000000F34154900015180010000000000000004000000000000000F341549FFFFFF00360000000000000004000000000000000F341549C0A80101350000000000000001000000000000000F34154905000000
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Eventlog\Application\ESENT EventMessageFile REG_EXPAND_SZ c:\windows\system32\ESENT.dll
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Application\ESENT EventMessageFile REG_EXPAND_SZ C:\WINDOWS\system32\ESENT.dll
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Eventlog\Application\ESENT CategoryMessageFile REG_EXPAND_SZ c:\windows\system32\ESENT.dll
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Application\ESENT CategoryMessageFile REG_EXPAND_SZ C:\WINDOWS\system32\ESENT.dll
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\DS
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\LSA
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\NetDDE Object
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\SC Manager
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\Security
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\Security Account Manager
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\Spooler
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Eventlog\System Sources REG_MULTI_SZ WZCSVC\0Workstation\0WindowsMedia\0Windows Update Agent\0Windows Script Host\0Windows Installer 3.1\0Windows File Protection\0Win32k\0W32Time\0VolSnap\0viaide\0VgaSave\0USER32\0UPS\0ultra\0udfs\0toside\0TermServSessDir\0TermService\0TermServDevices\0TermDD\0tdi\0TCPMon\0Tcpip\0System Error\0sym_u3\0sym_hi\0symc8xx\0symc810\0StillImage\0SSDPSRV\0Srv\0srservice\0sr\0sparrow\0sndblst\0Simbad\0SideBySide\0sfloppy\0Setup\0Service de stockage amovible\0Service Control Manager\0Server\0serial\0scsiport\0Schedule\0Schannel\0SCardSvr\0Save Dump\0SAM\0RTL8023xp\0RSVP\0RemoteAccess\0redbook\0Rdbss\0RasMan\0RasAuto\0ql1280\0ql1240\0ql12160\0ql10wnt\0ql1080\0PSched\0Print\0PptpMiniport\0PolicyAgent\0PlugPlayManager\0perc2\0pcmcia\0pciide\0pci\0parvdm\0partmgr\0parport\0OSPFMib\0OSPF\0null\0NtServicePack\0ntfs\0npfs\0Nla\0NIC1394\0Netlogon\0NetDDE\0NetBT\0NetBIOS\0NdisWan\0NdisIP\0ndis\0Mup\0msfs\0msadlib\0MrxSmb\0MRxDAV\0mraid35x\0mouhid\0mouclass\0Modem\0LsaSrv\0LmHosts\0LDMS\0LDM\0lbrtfdc\0Kerberos\0kbdhid\0kbdclass\0isapnp\0irsir\0IPXSAP\0IPXRouterManager\0IPXRIP\0IPXCP\0IPSec\0IPRouterManager\0IPRIP2\0IPNATHLP\0IPMGM\0IPBOOTP\0intelppm\0intelide\0ini910u\0IGMPv2\0i8042prt\0i2omp\0i2omgmt\0Http\0hpn\0ftdisk\0fs_rec\0flpydisk\0Fips\0fdc\0fastfat\0eventlog\0efs\0dpti2o\0Dnscache\0Dnsapi\0dmio\0dmboot\0Distributed Link Tracking Client\0disk\0Dhcp\0DfsSvc\0DfsDriver\0DCOM\0dac960nt\0dac2w2k\0cpqarray\0cmdide\0changer\0cdrom\0Cdm\0cdfs\0cdaudio\0cd20xrnt\0cbidf2k\0Browser\0BITS\0beep\0Atmarpc\0ati2mtag\0Ati HotKey Poller\0atdisk\0atapi\0AsyncMac\0asc3550\0asc3350p\0asc\0Arp1394\0Application Popup\0apphelp\0amsint\0ami0nt\0aliide\0Alerter\0aic78xx\0aic78u2\0aha154x\0adpu160m\0acpiec\0acpi\0abp480n5\0abiosdsk\0System\0\0
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\System Sources REG_MULTI_SZ WZCSVC\0Workstation\0WindowsMedia\0Windows Update Agent\0Windows Script Host\0Windows Installer 3.1\0Windows File Protection\0Win32k\0W32Time\0VolSnap\0viaide\0VgaSave\0USER32\0UPS\0ultra\0udfs\0toside\0TermServSessDir\0TermService\0TermServDevices\0TermDD\0tdi\0TCPMon\0Tcpip\0System Error\0sym_u3\0sym_hi\0symc8xx\0symc810\0StillImage\0SSDPSRV\0Srv\0srservice\0sr\0sparrow\0sndblst\0Simbad\0SideBySide\0sfloppy\0Setup\0Service de stockage amovible\0Service Control Manager\0Server\0serial\0scsiport\0Schedule\0Schannel\0SCardSvr\0Save Dump\0SAM\0RTL8023xp\0RSVP\0RemoteAccess\0redbook\0Rdbss\0RasMan\0RasAuto\0ql1280\0ql1240\0ql12160\0ql10wnt\0ql1080\0PSched\0Print\0PptpMiniport\0PolicyAgent\0PlugPlayManager\0perc2\0pcmcia\0pciide\0pci\0parvdm\0partmgr\0parport\0OSPFMib\0OSPF\0null\0NtServicePack\0ntfs\0npfs\0Nla\0NIC1394\0Netlogon\0NetDDE\0NetBT\0NetBIOS\0NdisWan\0NdisIP\0ndis\0Mup\0msfs\0msadlib\0MrxSmb\0MRxDAV\0mraid35x\0mouhid\0mouclass\0Modem\0LsaSrv\0LmHosts\0LDMS\0LDM\0lbrtfdc\0Kerberos\0kbdhid\0kbdclass\0isapnp\0irsir\0IPXSAP\0IPXRouterManager\0IPXRIP\0IPXCP\0IPSec\0IPRouterManager\0IPRIP2\0IPNATHLP\0IPMGM\0IPBOOTP\0Internet Explorer 7 Disk\0intelppm\0intelide\0ini910u\0IGMPv2\0i8042prt\0i2omp\0i2omgmt\0Http\0hpn\0ftdisk\0fs_rec\0flpydisk\0Fips\0fdc\0fastfat\0eventlog\0efs\0dpti2o\0Dnscache\0Dnsapi\0dmio\0dmboot\0Distributed Link Tracking Client\0disk\0Dhcp\0DfsSvc\0DfsDriver\0DCOM\0dac960nt\0dac2w2k\0cpqarray\0cmdide\0changer\0cdrom\0Cdm\0cdfs\0cdaudio\0cd20xrnt\0cbidf2k\0Browser\0BITS\0beep\0Atmarpc\0ati2mtag\0Ati HotKey Poller\0atdisk\0atapi\0AsyncMac\0asc3550\0asc3350p\0asc\0Arp1394\0Application Popup\0apphelp\0amsint\0ami0nt\0aliide\0Alerter\0aic78xx\0aic78u2\0aha154x\0adpu160m\0acpiec\0acpi\0abp480n5\0abiosdsk\0System\0\0
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\kl1
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\klif
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\lanmanserver\parameters Guid REG_BINARY 5004971301681449958DAA43046B5866
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\lanmanserver\parameters Guid REG_BINARY A4F927298FE44C46AC7FCF14FB095E78
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\MRxDAV\EncryptedDirectories
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\PerfDisk\Performance WbemAdapFileSignature REG_BINARY 97F41DFEE99BC2AE60BAD78679FB40A1
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\PerfDisk\Performance WbemAdapFileTime REG_BINARY 0020E7D4F03DC601
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\PerfDisk\Performance WbemAdapFileSize REG_DWORD 27136 (0x6A00)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\PerfDisk\Performance WbemAdapStatus REG_DWORD 0 (0x0)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\PerfNet\Performance WbemAdapFileSignature REG_BINARY 7FD03F93453FAFBABB6E29B11E9E731C
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\PerfNet\Performance WbemAdapFileTime REG_BINARY 0020E7D4F03DC601
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\PerfNet\Performance WbemAdapFileSize REG_DWORD 17408 (0x4400)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\PerfNet\Performance WbemAdapStatus REG_DWORD 0 (0x0)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\SharedAccess\Epoch Epoch REG_DWORD 8851 (0x2293)
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\SharedAccess\Epoch Epoch REG_DWORD 9374 (0x249E)
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List %windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enaxxxxx@xxxxxres.dll,-20000
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List C:\kav\kis7.0\french\setup.exe REG_SZ C:\kav\kis7.0\french\setup.exe:*:Enabled:Programme d'installation de Kaspersky Internet Security 7.0
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List C:\kav\kav7.0\french\setup.exe REG_SZ C:\kav\kav7.0\french\setup.exe:*:Enabled:Programme d'installation de Kaspersky Anti-Virus 7.0
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List %windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enaxxxxx@xxxxxres.dll,-20000
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Spooler\Performance WbemAdapFileSignature REG_BINARY E415A3D071D315CD84F6F593A3A060B3
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Spooler\Performance WbemAdapFileTime REG_BINARY 0020E7D4F03DC601
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Spooler\Performance WbemAdapFileSize REG_DWORD 146944 (0x23E00)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Spooler\Performance WbemAdapStatus REG_DWORD 0 (0x0)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\TapiSrv\Performance WbemAdapFileSignature REG_BINARY 0483F001E58AF7EA90B23BA9ACB367D3
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\TapiSrv\Performance WbemAdapFileTime REG_BINARY 0020E7D4F03DC601
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\TapiSrv\Performance WbemAdapFileSize REG_DWORD 5632 (0x1600)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\TapiSrv\Performance WbemAdapStatus REG_DWORD 0 (0x0)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters DhcpNameServer REG_SZ 62.4.16.70 62.4.17.69
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters DhcpNameServer REG_SZ 208.67.222.222 208.67.220.220
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{6317C625-DA29-42BA-9ADD-C0C897993031} LeaseObtainedTime REG_DWORD 1204444334 (0x47CA5CAE)
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{6317C625-DA29-42BA-9ADD-C0C897993031} LeaseObtainedTime REG_DWORD 1226039951 (0x4913E28F)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{6317C625-DA29-42BA-9ADD-C0C897993031} T1 REG_DWORD 1204487534 (0x47CB056E)
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{6317C625-DA29-42BA-9ADD-C0C897993031} T1 REG_DWORD 1226083151 (0x49148B4F)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{6317C625-DA29-42BA-9ADD-C0C897993031} T2 REG_DWORD 1204519934 (0x47CB83FE)
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{6317C625-DA29-42BA-9ADD-C0C897993031} T2 REG_DWORD 1226115551 (0x491509DF)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{6317C625-DA29-42BA-9ADD-C0C897993031} LeaseTerminatesTime REG_DWORD 1204530734 (0x47CBAE2E)
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{6317C625-DA29-42BA-9ADD-C0C897993031} LeaseTerminatesTime REG_DWORD 1226126351 (0x4915340F)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{6317C625-DA29-42BA-9ADD-C0C897993031} DhcpIPAddress REG_SZ 192.168.1.101
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{6317C625-DA29-42BA-9ADD-C0C897993031} DhcpIPAddress REG_SZ 192.168.1.100
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{6317C625-DA29-42BA-9ADD-C0C897993031} DhcpRetryTime REG_DWORD 43198 (0xA8BE)
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{6317C625-DA29-42BA-9ADD-C0C897993031} DhcpRetryTime REG_DWORD 43197 (0xA8BD)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{6317C625-DA29-42BA-9ADD-C0C897993031} DhcpNameServer REG_SZ 62.4.16.70 62.4.17.69
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{6317C625-DA29-42BA-9ADD-C0C897993031} DhcpNameServer REG_SZ 208.67.222.222 208.67.220.220
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\WmiApRpl\Performance Last Counter REG_DWORD 4848 (0x12F0)
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\WmiApRpl\Performance Last Counter REG_DWORD 4856 (0x12F8)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\WmiApRpl\Performance Last Help REG_DWORD 4849 (0x12F1)
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\WmiApRpl\Performance Last Help REG_DWORD 4857 (0x12F9)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\WmiApRpl\Performance Object List REG_SZ 4844 4844
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\WmiApRpl\Performance Object List REG_SZ 4844 4844 4850 4850
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\wuauserv Start REG_DWORD 4 (0x4)
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\wuauserv Start REG_DWORD 2 (0x2)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\{6317C625-DA29-42BA-9ADD-C0C897993031}\Paramet
0
Réponse 88 / 123
Sophie
6 juin 2008 à 12:00
J'ai fais tt ce ke tu ma dit j'espere que c bon :)
0
Réponse 89 / 123
Utilisateur anonyme
6 juin 2008 à 12:05
Re ,

alors ,

Reposte moi un rapport DSS ( juste le fichier main.txt )

Et dit moi ou en sont tes soucis.
a
+
0
Réponse 90 / 123
Sophie
6 juin 2008 à 12:16
Tu peu me reposter le dds stp jlai envoyer a la corbeille desoler :)
0
Réponse 91 / 123
Sophie
6 juin 2008 à 12:20
C bon je l'ai retrouvé voila le rapport


Deckard's System Scanner v20071014.68
Run by Propriétaire on 2008-11-07 11:12:59
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Propriétaire.exe) ----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:13:16, on 07/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\MAFWTray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\Trust\DS-4500X Wireless Laser Deskset\Mouse\mouse32a.exe
C:\Program Files\Trust\DS-4500X Wireless Laser Deskset\Keyboard\kbdap32a.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\HLWUXMAW\dss[1].exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Propriétaire.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MAFWTaskbarApp] C:\WINDOWS\system32\MAFWTray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [PKR Pal] "C:\Program Files\PKR\pkrpal.exe" -osboot
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\DS-4500X Wireless Laser Deskset\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files\Trust\DS-4500X Wireless Laser Deskset\Keyboard\kbdap32a.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: !SASWinLogon - C:\WINDOWS\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)
0
Réponse 92 / 123
Sophie
6 juin 2008 à 12:24
Jcrois po qu'il y ai encore des probleme je peu rentrer dans mon poste de travaille normalement et sur mes icone de bureau idem.

Internet marche impecable ne rame plus.


Par contre j'ai enlever kapersky et j'ai telecharger avast j'espere que c bon comme antivirus???

J'ai aussi spy bot si tu a autre chose a me conseiller de mieux????

Par contre maintenant j'ai un soucis avec msn je n'arrive plus a me connecter c les fichier host qui bloque mais quand je fais reparer ca marche pas non plus a tu une solution???


Merci pour ton aide :) :)
0
Réponse 93 / 123
Utilisateur anonyme
6 juin 2008 à 12:33
Re ,
Tu l'avais payé Kaspersky ?

Il reste encore une merde.

Désactive la restauration système.
Clic droit sur poste de travail > propriétés > onglet restauration système
Coche "désactiver la restauration système sur tous les lecteurs".
clic sur ok pour valider.

 Télécharge l'outil Flash_Disinfector de sUBs:
http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe

Enregistre Flash_Disinfector.exe sur ton bureau.
Double clique sur Flash_Disinfector.exe pour l'exécuter.
Quand le message : "Plug in yours flash drive & clic Ok to begin disinfection" apparaitra :
Connecte au pc, clé USB, DD externes, susceptibles d'avoir été infectés.
Puis clic sur Ok
Les icônes sur le bureau vont disparaitre jusqu'à l'apparition du message: [Done!!]
Appuies ensuite sur OK, pour faire réapparaitre le bureau.

Ensuite réactive ta restauration système
Clic droit sur « Poste de travail », puis sur « Propriétés »,
Vas sur l’onglet « Restauration système »
Tu décoches la case « Désactiver la restauration »
Termine par [Appliquer] [OK]

*******************************************************
Télécharger OAD (Outil d'Aide au Diagnostic) < http://sosvirus.changelog.fr/OAD.exe >
→ Enregistre-le sur ton bureau
→ Lancer 'OAD.exe' en faisant un double clique sur le fichier
→ Saisir la valeur recherchée -> ' AdobeR.exe ' ( fait un copier/coller )
→ Type de recherche : sélectionner l'option 6 puis valide [entrée]
→ OAD va maintenant rechercher le fichier.
→ Laisse-le travailler jusqu'à ce qu'il en ait terminé.
→ Suivant la taille des disques durs, cette recherche peut prendre plusieurs minutes.

------------- Patienter. --------------

→ Le rapport de recherche s'affichera automatiquement dès qu'il en aura terminé.
→ Faire un copier/coller de ce rapport dans ton prochain post.


(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note: Certains Antivirus peuvent émettre une alerte lors du téléchargement / utilisation > ignore


A+





0
Réponse 94 / 123
Sophie
6 juin 2008 à 12:43
07/11/2008 ---- 11:37:00,04

----------------------------------
§§§§§§ [AdobeR.exe ] §§§§§§
----------------------------------
[X] Registre

-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete


********************
[Registre]
********************


[HKEY_USERS\S-1-5-21-1060284298-57989841-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0df70462-5273-11dc-baa9-0019660ffbb4}\Shell\Auto\command]
@="AdobeR.exe e"

[HKEY_USERS\S-1-5-21-1060284298-57989841-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0df70463-5273-11dc-baa9-0019660ffbb4}\Shell\Auto\command]
@="AdobeR.exe e"

[HKEY_USERS\S-1-5-21-1060284298-57989841-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0df70463-5273-11dc-baa9-0019660ffbb4}\Shell\AutoRun\command]
@="C:\\WINDOWS\\system32\\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e"

[HKEY_USERS\S-1-5-21-1060284298-57989841-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ae157c5c-abdb-11dd-8e8b-0019660ffbb4}\Shell\Auto\command]
@="AdobeR.exe e"

[HKEY_USERS\S-1-5-21-1060284298-57989841-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ae157c5c-abdb-11dd-8e8b-0019660ffbb4}\Shell\AutoRun\command]
@="C:\\WINDOWS\\system32\\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e"

[HKEY_USERS\S-1-5-21-1060284298-57989841-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e217225b-d6fd-11dc-ba16-0019660ffbb4}\Shell\Auto\command]
@="AdobeR.exe e"

[HKEY_USERS\S-1-5-21-1060284298-57989841-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e217225b-d6fd-11dc-ba16-0019660ffbb4}\Shell\AutoRun\command]
@="C:\\WINDOWS\\system32\\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e"

*******************
[Fichier]
*******************



*********************
[Même date]
*********************

Aucun fichier créé à la même date détecté


Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------


Voila le rapport :)


Et non j'ai pas acheter kapersky :)
0
Réponse 95 / 123
Utilisateur anonyme
6 juin 2008 à 12:53
Re ,
OK.

Recommence le fix.reg avec :

REGEDIT 4

[HKEY_USERS\S-1-5-21-1060284298-57989841-725345543-1003\Software\Microsoft\Windows\Current­Version\Explorer\MountPoints2\{0df70462-5273-11dc-baa9-0019660ffbb4}\Shell\Auto\command]
@=""
[HKEY_USERS\S-1-5-21-1060284298-57989841-725345543-1003\Software\Microsoft\Windows\Current­Version\Explorer\MountPoints2\{0df70463-5273-11dc-baa9-0019660ffbb4}\Shell\AutoRun\command­]
@=""
[HKEY_USERS\S-1-5-21-1060284298-57989841-725345543-1003\Software\Microsoft\Windows\Current­Version\Explorer\MountPoints2\{e217225b-d6fd-11dc-ba16-0019660ffbb4}\Shell\Auto\command]
@=""
[HKEY_USERS\S-1-5-21-1060284298-57989841-725345543-1003\Software\Microsoft\Windows\Current­Version\Explorer\MountPoints2\{e217225b-d6fd-11dc-ba16-0019660ffbb4}\Shell\AutoRun\command­]
@=""
[HKEY_USERS\S-1-5-21-1060284298-57989841-725345543-1003\Software\Microsoft\Windows\Current­Version\Explorer\MountPoints2\{ae157c5c-abdb-11dd-8e8b-0019660ffbb4}\Shell\Auto\command]
@=""
[HKEY_USERS\S-1-5-21-1060284298-57989841-725345543-1003\Software\Microsoft\Windows\Current­Version\Explorer\MountPoints2\{ae157c5c-abdb-11dd-8e8b-0019660ffbb4}\Shell\AutoRun\command­]
@=""





****************************************************

→ Télécharge clean : http://www.malekal.com/download/clean.zip

→ Dézippe-le ( clique droit , extraire tout)

→ Lance clean.cmd ( ou clean ), Choisi l'option 1 et poste moi le rapport.

(- Où est le rapport clean ? : « Poste de travail » / double clic sur disque « C / » double-clic sur « rapport_clean.txt » et « copier/coller le contenu » sur le forum. )

Note : Tu auras peut-être un message qui t'invitera a uploader un fichier , fait-le dès que tu pourras.


Tutorial : http://bibou0007.com/outils-specifiques-f78/tuto-clean-t1007.htm

****************************************************

A++

0
Réponse 96 / 123
Sophie
6 juin 2008 à 13:09
-->- Recherche:

C:\Combofix: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HJT.exe\HijackThis.lnk: trouvé !
C:\Documents and Settings\Propriétaire\Bureau\Dss.exe: trouvé !
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Propriétaire\Bureau\reason4\Msnfix.zip: trouvé !
C:\Documents and Settings\Propriétaire\Bureau\reason4\MsnFix: trouvé !
C:\Documents and Settings\Propriétaire\Bureau\reason4\MSNFix\MsnFix: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HJT.exe\HijackThis.lnk: supprimé !
C:\Documents and Settings\Propriétaire\Bureau\Dss.exe: supprimé !
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Propriétaire\Bureau\reason4\Msnfix.zip: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Combofix: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\Propriétaire\Bureau\reason4\MsnFix: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
0
Réponse 97 / 123
Utilisateur anonyme
6 juin 2008 à 13:10
????
0
Réponse 98 / 123
Sophie
6 juin 2008 à 13:11
Desoler celui d'avant sa doit pas etre le bon


voila le bon :)

07/11/2008 a 12:01:43,46

*** Recherche des fichiers dans C:
C:\autorun.inf FOUND

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32

*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\DivX\Google\Firefox\ffinstaller.exe" FOUND
"C:\Program Files\Multi_Media_France\" FOUND
"C:\Program Files\Multi_Media\" FOUND
0
Réponse 99 / 123
Utilisateur anonyme
6 juin 2008 à 13:12
Re , c'est mieux là ;))

→ Redémarre en MSE

Autre tutorials pour MSE:

https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php
http://www.coupdepoucepc.com/modules/news/article.php?storyid=253

→ Re-lance clean -> Choisis l'option 2

---Clean va travailler.---

→ Un rapport Va etre généré , poste le moi ;)

( Le rapport est aussi sauvegardé dans C:\Rapport_clean.txt )

********************************************

Ultime vérification :

Va sur ce site , /!\ Internet Explorer obligatoire /!\ , Clique sur ' J'accepte ' , Installe les ActiveX si necessaire ,et vérifie si ils sont bien configurés Clique sur ' installer ' puis ' click here to scan '( ou : cliquez ici pour scanner ).
Et poste moi le rapport. ( qui se trouve ici -> C:\windows\bdoscan8\scanres.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Tutorial : http://pageperso.aol.fr/loraline60/bitdefender_scan.htm


a+
0
Réponse 100 / 123
Sophie
6 juin 2008 à 13:26
Re, voila le rapport


Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 07/11/2008 a 12:14:26,06

Microsoft Windows XP [version 5.1.2600]

*** Suppression des fichiers dans C:
tentative de suppression de C:\autorun.inf
Impossible de supprimer C:\autorun.inf

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32

*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\DivX\Google\Firefox\ffinstaller.exe"
tentative de suppression de "C:\Program Files\Multi_Media_France\"
tentative de suppression de "C:\Program Files\Multi_Media\"

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
0