RESULTAT DU SCAN AVAST 4.8 HOME
Résolu/Fermé
vero63
Messages postés
7
Date d'inscription
dimanche 6 avril 2008
Statut
Membre
Dernière intervention
10 avril 2008
-
6 avril 2008 à 23:13
vero63 Messages postés 7 Date d'inscription dimanche 6 avril 2008 Statut Membre Dernière intervention 10 avril 2008 - 10 avril 2008 à 09:42
vero63 Messages postés 7 Date d'inscription dimanche 6 avril 2008 Statut Membre Dernière intervention 10 avril 2008 - 10 avril 2008 à 09:42
A voir également:
- RESULTAT DU SCAN AVAST 4.8 HOME
- Scan manga ✓ - Forum Réseaux sociaux
- Resultat loto 5/90 ✓ - Forum Excel
- Router scan - Forum Logiciels
- Genius scan - Télécharger - Organisation
- Dri avast software - Forum Consommation & Internet
4 réponses
vero63
Messages postés
7
Date d'inscription
dimanche 6 avril 2008
Statut
Membre
Dernière intervention
10 avril 2008
1
8 avril 2008 à 01:10
8 avril 2008 à 01:10
Bonjour,
Je viens de regarder ta réponse, je pense que je vais mettre zone alarm en pare feu, mais je voudrais savoir si je peux mettre spyware terminator à la place de AVG car tout simplement c'est 1 logiciel gratuit. Si c'est oui peux tu m'indiquer la marche à suivre
Merci bcq de ton aide
Je viens de regarder ta réponse, je pense que je vais mettre zone alarm en pare feu, mais je voudrais savoir si je peux mettre spyware terminator à la place de AVG car tout simplement c'est 1 logiciel gratuit. Si c'est oui peux tu m'indiquer la marche à suivre
Merci bcq de ton aide
Utilisateur anonyme
7 avril 2008 à 00:25
7 avril 2008 à 00:25
Bonsoir,
Commence par poster un rapport HijackThis stp,
>Télécharge HiJackThis : https://www.commentcamarche.net/telecharger/securite/11747-hijackthis/
- Lance Hijackthis, sélectionne < do a system scan and save a logfile >
- Enregistre le rapport sur ton bureau.
Et envoie stp, par collier/coller, ton log Hijackthis sur le forum,
;)
A+
Commence par poster un rapport HijackThis stp,
>Télécharge HiJackThis : https://www.commentcamarche.net/telecharger/securite/11747-hijackthis/
- Lance Hijackthis, sélectionne < do a system scan and save a logfile >
- Enregistre le rapport sur ton bureau.
Et envoie stp, par collier/coller, ton log Hijackthis sur le forum,
;)
A+
vero63
Messages postés
7
Date d'inscription
dimanche 6 avril 2008
Statut
Membre
Dernière intervention
10 avril 2008
1
7 avril 2008 à 10:28
7 avril 2008 à 10:28
Bonjour,
Merci de me venir en aide, comme tu me l'as demandé je t'envoie le rapport de HIJACKTHIS 2.02
Tu pourrais me dire c'est quoi ce que tu m'a fais télécharger, je suis vraiment nul en informatique et en anglais merci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:22:17, on 07/04/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\FTRTSVC.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\WINDOWS\system32\drivers\KodakCCS.exe
D:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
D:\WINDOWS\System32\ScsiAccess.EXE
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\WINDOWS\System32\WgaTray.exe
D:\Documents and Settings\vero\Mes documents\jarriges\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww17.ads.eorezo.com/cgi-bin/advert/getads.cgi?x_format=redirect&x_dp_id=9
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww17.ads.eorezo.com/cgi-bin/advert/getads.cgi?x_format=redirect&x_dp_id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - D:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - D:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] D:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [updateMgr] D:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O4 - Global Startup: KODAK Software Updater.lnk = D:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = D:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .mpeg: D:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - D:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - D:\WINDOWS\System32\ImapiRox.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - D:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: ScsiAccess - Unknown owner - D:\WINDOWS\System32\ScsiAccess.EXE
Merci de me venir en aide, comme tu me l'as demandé je t'envoie le rapport de HIJACKTHIS 2.02
Tu pourrais me dire c'est quoi ce que tu m'a fais télécharger, je suis vraiment nul en informatique et en anglais merci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:22:17, on 07/04/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\FTRTSVC.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\WINDOWS\system32\drivers\KodakCCS.exe
D:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
D:\WINDOWS\System32\ScsiAccess.EXE
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\WINDOWS\System32\WgaTray.exe
D:\Documents and Settings\vero\Mes documents\jarriges\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww17.ads.eorezo.com/cgi-bin/advert/getads.cgi?x_format=redirect&x_dp_id=9
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww17.ads.eorezo.com/cgi-bin/advert/getads.cgi?x_format=redirect&x_dp_id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - D:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - D:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] D:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [updateMgr] D:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O4 - Global Startup: KODAK Software Updater.lnk = D:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = D:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .mpeg: D:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - D:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - D:\WINDOWS\System32\ImapiRox.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - D:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: ScsiAccess - Unknown owner - D:\WINDOWS\System32\ScsiAccess.EXE
Utilisateur anonyme
7 avril 2008 à 18:06
7 avril 2008 à 18:06
Salut Véro,
Bon tu es encore au SP1, on installera en fin de désinfection les mises à jour...
Alors,
> Bon il te faut un pare feu :
- Je te conseille Kerio : http://www.commentcamarche.net/telecharger/telecharger 206 kerio . Si problème, tuto : https://kerio.probb.fr/
- Si tu as des difficultés avec les configuration de Kerio, alors installe Zone Alarme : /telecharger/telecharger-157-zonealarm, en cas de problème : http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/zonealarm-tutorial-sujet_169658_1.htm
- Installe le nouveau pare-feu, puis désactive le pare-feu windows.
Ensuite,
On va faire un gros nettoyage si tu veux bien :
> Les logiciels suivants (AVG et Ccleaner) te seront utiles par la suite - ils sont à conserver...
> Télécharge et installe sur ton PC AVG anti-spyware (si tu as déjà les programmes alors fais juste les mises à jour) : 218 avg anti spyware, fais les mises à jour puis ferme le programme.
> Télécharge et installe Ccleaner : http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner, fais les mises à jour puis ferme le programme.
Si besoin est tu trouveras des Tutoriaux ici :
https://kerio.probb.fr/t242-tuto-ccleaner-v-2 , https://www.malekal.com/tutoriel-ccleaner/ et [http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner
> Télécharge Clean : http://www.malekal.com/download/clean.zip (différent de Ccleaner),
> Télécharge SDFix sur ton bureau
- Double clique sur l'archive SDFix qui à été créé sur le Bureau et installe le programme (l'installation va créer un dossier (à la racine du disque dur par défaut) nommé SDFix). Ferme ensuite le programme.
> Commence par faire un copier/coller de ce poste (c'est manip.) : (conseillé)
Ouvre un nouveau fichier Bloc notes (clique sur "Démarrer" => "Programmes" =>"Accessoires" => "Bloc notes"),
puis fait un copier/coller de tout le contenu de la fenêtre de ce poste dans le fichier texte.
Sauvegarde le sur le bureau, tu pourras alors y avoir accès même déconnecté ou en mode sans échec.
> Démarre en mode sans échec : (image). Si problème : tuto ici
> Lance AVG,
- Clique sur le menu Analyse (de la barre d'outils). Clique après sur l'onglet Paramètres, puis <Dans Comment réagir?> clique sur <Actions recommandées> et choisi <Supprimer>.
- Vérifie que toutes les cases sont cochées dans <Comment faire l'analyse ?> et dans <Programmes potentiellement dangereux> et vérifie que le bouton-radio <Générer un rapport après chaque analyse> soit aussi coché.
- Vas dans l'onglet 'Analyse', puis clique <Analyse complète du système>.
Remarque : Une fois l'analyse terminée, il faut faire un clique droit sur un fichier infecté et demander à "AVG Anti-Spyware 7.5" de le supprimer.
Puis clique sur "Appliquer toutes les actions" afin de tout supprimer automatiquement.
- Clique sur "Enregistrer le rapport" puis enregistre le sur ton bureau.
- Fais un copier/coller du rapport généré dans ton prochain poste.
> Lance Ccleaner,
- Choisi l’onglet "Options" puis clique sur "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures" (tout doit être supprimé).
- Dans l'onglet "Nettoyeur" clique sur "Analyse".
- Une fois l'analyse terminée, clique sur "Lancer le Nettoyage".
- Dans l'onglet "registre" => Recherches des erreurs => Réparer les erreurs sélectionnées => enregistre une sauvegarde => corriger toutes erreurs sélectionnées => ok => fermer.
N.B : Si Ccleaner te propose d'enregistrer une sauvegarde, reponds oui et enregistre sous 'Bureau'
Recommence jusqu’à ce qu’il ne trouve plus rien (cela varie en général entre 1 et 4 fois).
> Pour Clean (encore en mode sans échec) :
- Double-clic sur clean.cmd
- Une fenêtre va apparaître, choisis l'option 2, suis les consignes et poste le rapport clean (Le rapport clean se trouve ici : C:\rapport_clean.txt)
NB : Si besoin, clean : http://mickael.barroux.free.fr/securite/clean.php
> Pour SDFix (toujours en mode sans échec) :
- Vas dans c:/SDFix et double-clique sur RunThis.bat
- Appuie sur < Y > puis < Entrée >....Le nettoyage commence....patience...
- Le programme va te demander de relancer le PC, frappe une touche...
- Le nettoyage se termine...un rapport apparait...
-Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse
> Relance ton PC en mode normal
> Relance Hijackthis :
Puis sélectionne < do a system scan and save a logfile >,
Et envoie moi, par collier/coller, ton log Hijackthis stp,
Bon courage,
:)
NB : N'oublie pas de poster TOUS les rapports stp (AVG, Clean (différent de Ccleaner), SDFix puis HiJAckT).
A+
Bon tu es encore au SP1, on installera en fin de désinfection les mises à jour...
Alors,
> Bon il te faut un pare feu :
- Je te conseille Kerio : http://www.commentcamarche.net/telecharger/telecharger 206 kerio . Si problème, tuto : https://kerio.probb.fr/
- Si tu as des difficultés avec les configuration de Kerio, alors installe Zone Alarme : /telecharger/telecharger-157-zonealarm, en cas de problème : http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/zonealarm-tutorial-sujet_169658_1.htm
- Installe le nouveau pare-feu, puis désactive le pare-feu windows.
Ensuite,
On va faire un gros nettoyage si tu veux bien :
> Les logiciels suivants (AVG et Ccleaner) te seront utiles par la suite - ils sont à conserver...
> Télécharge et installe sur ton PC AVG anti-spyware (si tu as déjà les programmes alors fais juste les mises à jour) : 218 avg anti spyware, fais les mises à jour puis ferme le programme.
> Télécharge et installe Ccleaner : http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner, fais les mises à jour puis ferme le programme.
Si besoin est tu trouveras des Tutoriaux ici :
https://kerio.probb.fr/t242-tuto-ccleaner-v-2 , https://www.malekal.com/tutoriel-ccleaner/ et [http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner
> Télécharge Clean : http://www.malekal.com/download/clean.zip (différent de Ccleaner),
> Télécharge SDFix sur ton bureau
- Double clique sur l'archive SDFix qui à été créé sur le Bureau et installe le programme (l'installation va créer un dossier (à la racine du disque dur par défaut) nommé SDFix). Ferme ensuite le programme.
> Commence par faire un copier/coller de ce poste (c'est manip.) : (conseillé)
Ouvre un nouveau fichier Bloc notes (clique sur "Démarrer" => "Programmes" =>"Accessoires" => "Bloc notes"),
puis fait un copier/coller de tout le contenu de la fenêtre de ce poste dans le fichier texte.
Sauvegarde le sur le bureau, tu pourras alors y avoir accès même déconnecté ou en mode sans échec.
> Démarre en mode sans échec : (image). Si problème : tuto ici
> Lance AVG,
- Clique sur le menu Analyse (de la barre d'outils). Clique après sur l'onglet Paramètres, puis <Dans Comment réagir?> clique sur <Actions recommandées> et choisi <Supprimer>.
- Vérifie que toutes les cases sont cochées dans <Comment faire l'analyse ?> et dans <Programmes potentiellement dangereux> et vérifie que le bouton-radio <Générer un rapport après chaque analyse> soit aussi coché.
- Vas dans l'onglet 'Analyse', puis clique <Analyse complète du système>.
Remarque : Une fois l'analyse terminée, il faut faire un clique droit sur un fichier infecté et demander à "AVG Anti-Spyware 7.5" de le supprimer.
Puis clique sur "Appliquer toutes les actions" afin de tout supprimer automatiquement.
- Clique sur "Enregistrer le rapport" puis enregistre le sur ton bureau.
- Fais un copier/coller du rapport généré dans ton prochain poste.
> Lance Ccleaner,
- Choisi l’onglet "Options" puis clique sur "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures" (tout doit être supprimé).
- Dans l'onglet "Nettoyeur" clique sur "Analyse".
- Une fois l'analyse terminée, clique sur "Lancer le Nettoyage".
- Dans l'onglet "registre" => Recherches des erreurs => Réparer les erreurs sélectionnées => enregistre une sauvegarde => corriger toutes erreurs sélectionnées => ok => fermer.
N.B : Si Ccleaner te propose d'enregistrer une sauvegarde, reponds oui et enregistre sous 'Bureau'
Recommence jusqu’à ce qu’il ne trouve plus rien (cela varie en général entre 1 et 4 fois).
> Pour Clean (encore en mode sans échec) :
- Double-clic sur clean.cmd
- Une fenêtre va apparaître, choisis l'option 2, suis les consignes et poste le rapport clean (Le rapport clean se trouve ici : C:\rapport_clean.txt)
NB : Si besoin, clean : http://mickael.barroux.free.fr/securite/clean.php
> Pour SDFix (toujours en mode sans échec) :
- Vas dans c:/SDFix et double-clique sur RunThis.bat
- Appuie sur < Y > puis < Entrée >....Le nettoyage commence....patience...
- Le programme va te demander de relancer le PC, frappe une touche...
- Le nettoyage se termine...un rapport apparait...
-Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse
> Relance ton PC en mode normal
> Relance Hijackthis :
Puis sélectionne < do a system scan and save a logfile >,
Et envoie moi, par collier/coller, ton log Hijackthis stp,
Bon courage,
:)
NB : N'oublie pas de poster TOUS les rapports stp (AVG, Clean (différent de Ccleaner), SDFix puis HiJAckT).
A+
Utilisateur anonyme
9 avril 2008 à 21:55
9 avril 2008 à 21:55
Bonsoir,
Heuu...
je ne comprends rien à tes rapports....
Ils sont à faire en mode sans échec surtout pour SDFix.
Je ne vois pas AVG, ni Clean et le SDFix est bizarre (tu l'as fais en MSE ?)
A la place (ou encore mieux aussi) de AVG fait ceci stp :
http://www.commentcamarche.net/forum/affich 5809093 resultat du scan avast 4 8 home#5
Voilà.
J'attends tes rapports parce que là on stagne. Poste les en plusieurs fois stp parce qu'ils sont si long qu'il manque la fin (tronquée). Termine par SDFix aussi.
Aller bon courage.
:)
Heuu...
je ne comprends rien à tes rapports....
Ils sont à faire en mode sans échec surtout pour SDFix.
Je ne vois pas AVG, ni Clean et le SDFix est bizarre (tu l'as fais en MSE ?)
A la place (ou encore mieux aussi) de AVG fait ceci stp :
http://www.commentcamarche.net/forum/affich 5809093 resultat du scan avast 4 8 home#5
Voilà.
J'attends tes rapports parce que là on stagne. Poste les en plusieurs fois stp parce qu'ils sont si long qu'il manque la fin (tronquée). Termine par SDFix aussi.
Aller bon courage.
:)
vero63
Messages postés
7
Date d'inscription
dimanche 6 avril 2008
Statut
Membre
Dernière intervention
10 avril 2008
1
10 avril 2008 à 09:42
10 avril 2008 à 09:42
Bonjour
Laisse tomber je réinstalle tout l ordi avec 1 informaticien
merci bcq pour ton aide, j'ai refait un scant avast aujourd'hui il ne trouve plus de virus
Merci bcq et bonne continuation
Laisse tomber je réinstalle tout l ordi avec 1 informaticien
merci bcq pour ton aide, j'ai refait un scant avast aujourd'hui il ne trouve plus de virus
Merci bcq et bonne continuation
8 avril 2008 à 01:13
tu peux le mettre mais c'est pas une star.....
Tu pourras tout simplement supprimer AVG après...
Mais bon voici un autre programme encore mieux que AVG et termimachin...(gratos en plus !)
> Télécharge MalwareByte's Anti-Malware : http://www.malwarebytes.org/mbam/program/mbam-setup.exe
- Installe le programme puis lance le stp.
NB : S'il te manque COMCTL32.OCX alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/
- Fais les mises à jour (clique sur "Mises à jour" puis "Recherche de mises à jour")
- Démarre en mode sans échec (image). Si problème : tuto ici
- Lance le MalwareByte's Anti-Malware puis clique sur "Executer un examen complet" puis "Rechercher" et sélectionne tous tes disques durs => le scan débute....patiente...
- A la fin clique sur clique "supprimer" (Si des éléments très difficiles à supprimer, un message te demandera de rédémarrer : clique sur "Oui" alors)
- Un rapport va être généré : sauvegarde le et poste le sur forum stp.
A+
8 avril 2008 à 01:31
Désolé je n'avais pas vu qu'on pouvait utiliser AVG pdt 30 jours gratuit
Donc je vais me mettre au boulot et je te tiens au courant dans la semaine
Merci
8 avril 2008 à 01:46
très bien.
A+
9 avril 2008 à 21:28
J'ai fait le gros nettoyage, tu trouveras tous les rapports. Donne moi des nouvelles pour la suite ....
catchme 0.3.1351.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-09 20:26:19
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.Windows.Forms.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.Windows.Forms.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\mscorlib.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\mscoree.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.Drawing.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.EnterpriseServices.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.JScript.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.Vsa.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.Drawing.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscoree.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.EnterpriseServices.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.JScript.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.Vsa.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscorlib.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\System32\\ZoneLabs\\isafeif.dll"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\System32\\ZoneLabs\\vetredir.dll"=dword:00000001
[HKEY_CLASSES_ROOT\.wan]
[HKEY_CLASSES_ROOT\OISbmpfile]
@=""
[HKEY_CLASSES_ROOT\OISemffile]
@=""
[HKEY_CLASSES_ROOT\OISgiffile]
@=""
[HKEY_CLASSES_ROOT\OISjpegfile]
@=""
[HKEY_CLASSES_ROOT\OISpngfile]
@=""
[HKEY_CLASSES_ROOT\OIStiffile]
@=""
[HKEY_CLASSES_ROOT\OISwmffile]
@=""
[HKEY_CLASSES_ROOT\SysmonLogManager.Snapin]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.000\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.002]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.002\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.4%202000%2001]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.4%202000%2001\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.809]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.809\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.813]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.813\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.845]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.845\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABK]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABK\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BCM]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BCM\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.class]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.class\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cnt]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cnt\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.d]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.d\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fmp]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fmp\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.frd]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.frd\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FTS]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FTS\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.GID]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.GID\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hsc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hsc\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.info]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.info\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mb]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mb\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrg]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrg\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pf]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pf\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PV__]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PV__\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tmp]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tmp\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zdx]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zdx\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\OpenWithList]
[HKEY_CLASSES_ROOT\3DBelote.Document\DefaultIcon]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~1\\Belote3D.exe,1"
[HKEY_CLASSES_ROOT\3DBelote.Document\shell\open]
[HKEY_CLASSES_ROOT\3DBelote.Document\shell\open\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~1\\Belote3D.exe \"%1\""
[HKEY_CLASSES_ROOT\3DBelote.Document\shell\print]
[HKEY_CLASSES_ROOT\3DBelote.Document\shell\print\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~1\\Belote3D.exe /p \"%1\""
[HKEY_CLASSES_ROOT\3DBelote.Document\shell\printto]
[HKEY_CLASSES_ROOT\3DBelote.Document\shell\printto\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~1\\Belote3D.exe /pt \"%1\" \"%2\" \"%3\" \"%4\""
[HKEY_CLASSES_ROOT\3DTarotSC.Document\DefaultIcon]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~2\\3DTARO~1.EXE,1"
[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\open]
[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\open\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~2\\3DTARO~1.EXE \"%1\""
[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\print]
[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\print\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~2\\3DTARO~1.EXE /p \"%1\""
[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\printto]
[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\printto\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~2\\3DTARO~1.EXE /pt \"%1\" \"%2\" \"%3\" \"%4\""
[HKEY_CLASSES_ROOT\AcroExch.Document\shell\Open]
[HKEY_CLASSES_ROOT\AcroExch.Document\shell\Open\Command]
@="\"D:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AcroRd32.exe\" \"%1\""
[HKEY_CLASSES_ROOT\ADCS]
@="Conteneur de classe Annuaire"
[HKEY_CLASSES_ROOT\ADCS\CLSID]
@="{89E30300-764D-11d0-B282-00A0C90F56FC}"
[HKEY_CLASSES_ROOT\Belote365i.Document\DefaultIcon]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~2\\BELOTE~1.EXE,1"
[HKEY_CLASSES_ROOT\Belote365i.Document\shell\open]
[HKEY_CLASSES_ROOT\Belote365i.Document\shell\open\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~2\\BELOTE~1.EXE \"%1\""
[HKEY_CLASSES_ROOT\Belote365i.Document\shell\print]
[HKEY_CLASSES_ROOT\Belote365i.Document\shell\print\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~2\\BELOTE~1.EXE /p \"%1\""
[HKEY_CLASSES_ROOT\Belote365i.Document\shell\printto]
[HKEY_CLASSES_ROOT\Belote365i.Document\shell\printto\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~2\\BELOTE~1.EXE /pt \"%1\" \"%2\" \"%3\" \"%4\""
[HKEY_CLASSES_ROOT\bwpfile\shell\open]
[HKEY_CLASSES_ROOT\bwpfile\shell\open\command]
@="D:\\Program Files\\Kodak\\Kodak Software Updater\\7288971\\6.1.4.37-7288971L\\Program\\PrvCnt.exe \"%1\""
[HKEY_CLASSES_ROOT\Connection Manager Profile\DefaultIcon]
@="D:\\WINDOWS\\System32\\CMMGR32.EXE,1"
[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open]
[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open\command]
@="D:\\WINDOWS\\System32\\CMMGR32.EXE \"%1\""
[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...]
[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...\command]
@="D:\\WINDOWS\\System32\\CMMGR32.EXE /settings \"%1\""
[HKEY_CLASSES_ROOT\dcsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,11"
[HKEY_CLASSES_ROOT\ecsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,10"
[HKEY_CLASSES_ROOT\fcsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,12"
[HKEY_CLASSES_ROOT\FoxitReader.Document\DefaultIcon]
@="D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE,1"
[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\open]
[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\open\command]
@="\"D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE\" \"%1\""
[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\print]
[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\print\command]
@="\"D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE\" /p \"%1\" "
[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\printto]
[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\printto\command]
@="\"D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE\" /t \"%1\" \"%2\" \"%3\" \"%4\" "
[HKEY_CLASSES_ROOT\ncsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,14"
[HKEY_CLASSES_ROOT\Tarot365i.Document\DefaultIcon]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~1\\Tarot365.exe,1"
[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\open]
[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\open\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~1\\Tarot365.exe \"%1\""
[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\print]
[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\print\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~1\\Tarot365.exe /p \"%1\""
[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\printto]
[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\printto\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~1\\Tarot365.exe /pt \"%1\" \"%2\" \"%3\" \"%4\""
[HKEY_CLASSES_ROOT\tcsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,13"
[HKEY_CLASSES_ROOT\urn:content-classes:catalog\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,15"
[HKEY_CLASSES_ROOT\urn:content-classes:catalog-settings\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12471"
[HKEY_CLASSES_ROOT\urn:content-classes:contentclassdef\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-13101"
[HKEY_CLASSES_ROOT\urn:content-classes:exchange55startaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12451"
[HKEY_CLASSES_ROOT\urn:content-classes:exchangestartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12451"
[HKEY_CLASSES_ROOT\urn:content-classes:filestartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12453"
[HKEY_CLASSES_ROOT\urn:content-classes:management\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,20"
[HKEY_CLASSES_ROOT\urn:content-classes:notesstartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12456"
[HKEY_CLASSES_ROOT\urn:content-classes:remoteworkspacestartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12454"
[HKEY_CLASSES_ROOT\urn:content-classes:webstartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12450"
[HKEY_CLASSES_ROOT\urn:content-classes:wizard/addcontentclass\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-13100"
[HKEY_CLASSES_ROOT\urn:content-classes:wizard/addsearchcontentlocation\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12461"
[HKEY_CLASSES_ROOT\urn:content-classes:workspace-settings\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12472"
[HKEY_CLASSES_ROOT\urn:content-classes:workspaceconfiguration\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12476"
[HKEY_CLASSES_ROOT\urn:content-classes:workspacestartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12454"
[HKEY_CLASSES_ROOT\WBEMComConnection]
@="WBEM Connection"
[HKEY_CLASSES_ROOT\WBEMComConnection\CLSID]
@="SOFTWARE\\CLASSES\\WBEMComConnection"
[HKEY_CLASSES_ROOT\WBEMComLocator]
@="WBEM Locator"
[HKEY_CLASSES_ROOT\WBEMComLocator\CLSID]
@="SOFTWARE\\CLASSES\\WBEMComLocator"
[HKEY_CLASSES_ROOT\wcsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,9"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}]
@="PDF Document"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\AuxUserType]
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\AuxUserType\2]
@="PDF"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\AuxUserType\3]
@="Foxit Reader"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\DefaultExtension]
@=".pdf, PDF Files(*.pdf)"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\DefaultIcon]
@="D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE,1"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\DocObject]
@="0"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\InprocHandler32]
@="ole32.dll"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Insertable]
@=""
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\LocalServer32]
@="D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\MiscStatus]
@="32"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Printable]
@=""
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\ProgID]
@="FoxitReader.Document"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Verb]
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Verb\0]
@="&Edit,0,2"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Verb\1]
@="&Open,0,2"
[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}]
@="EoBho Class"
[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\InprocServer32]
@="D:\\Program Files\\EoRezo\\EoAdv\\EoRezoBHO.dll"
"ThreadingModel"="Apartment"
[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\ProgID]
@="EoRezoBHO.EoBho.1"
[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\Programmable]
[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\TypeLib]
@="{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}"
[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\VersionIndependentProgID]
@="EoRezoBHO.EoBho"
[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}]
@="CmdLineContextMenu Class"
[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\InprocServer32]
@="D:\\DOCUME~1\\vero\\LOCALS~1\\Temp\\CMDLIN~1.DLL"
"ThreadingModel"="Apartment"
[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\ProgID]
@="CmdLineExt.CmdLineContextMenu.1"
[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\TypeLib]
@="{9869EFA6-18E9-11D3-A837-00104B9E30B5}"
[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\VersionIndependentProgID]
@="CmdLineExt.CmdLineContextMenu"
[HKEY_CLASSES_ROOT\CLSID\{C523F39F-9C83-11D3-9094-00104BD0D535}]
[HKEY_CLASSES_ROOT\CLSID\{C523F39F-9C83-11D3-9094-00104BD0D535}\LocalServer32]
@="D:\\Program Files\\Adobe\\Acrobat 6.0\\Reader\\plug_ins\\Accessibility.api"
[HKEY_CLASSES_ROOT\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@="FlashBroker"
"LocalizedString"="@D:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil9e.exe,-101"
[HKEY_CLASSES_ROOT\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
[HKEY_CLASSES_ROOT\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="D:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil9e.exe"
[HKEY_CLASSES_ROOT\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}]
@="PTLID.VXZ"
[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\Implemented Categories]
[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}]
[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\LocalServer32]
@="D:\\WINDOWS\\OptRemove.exe"
[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\ProgID]
@="PTLID.VXZ"
[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\Programmable]
[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\TypeLib]
@="{5D35BC06-2E9A-424C-B322-B94CD5C3F86C}"
[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\VERSION]
@="1.0"
[HKEY_CLASSES_ROOT\Applications\moviemk.exe]
[HKEY_CLASSES_ROOT\Applications\moviemk.exe\shell]
"FriendlyCache"="Movie Maker"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe]
@="D:\\WINDOWS\\System32\\cmmgr32.exe"
"Path"="D:\\WINDOWS\\System32"
"CmstpExtensionDll"="D:\\WINDOWS\\System32\\cmcfg32.dll"
"CMInternalVersion"="1.2"
"CmNative"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\DesignPro]
"Path"="D:\\Program Files\\DesignPro\\"
@="D:\\Program Files\\DesignPro\\DesignPro"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\Easy-WebPrint]
"Path"="D:\\Program Files\\Canon\\Easy-WebPrint"
@="D:\\Program Files\\Canon\\Easy-WebPrint\\Easy-WebPrint"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\optproxy.exe]
"Path"="D:\\Program Files\\Controle Parental"
@="D:\\Program Files\\Controle Parental\\optproxy.exe"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\udfrinst.exe]
@="D:\\Program Files\\Adaptec\\Easy CD Creator 5\\DirectCD\\udfrinst.exe"
"Path"="D:\\Program Files\\Adaptec\\Easy CD Creator 5\\DirectCD\\"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\YourApp.exe]
@="D:\\Program Files\\Micro Application\\24 Jeux de Cartes\\YourApp.exe"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Kodak\\Kodak EasyShare\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Kodak\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\KODAK\\Mise à jour logicielle KODAK\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\vero\\Menu Démarrer\\Programmes\\KODAK\\Logiciel de connexion de l'appareil photo\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\vero\\Menu Démarrer\\Programmes\\KODAK\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\vero\\Application Data\\Microsoft\\Installer\\{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Roxio Easy CD Creator 5\\Applications\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Roxio Easy CD Creator 5\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\EspaceWanadoo.exe]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,00,9a,03,00,00,00,00,c4,a4,fb,\
53,f3,75,c8,01,1d,00,00,00,44,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,57,00,61,00,6e,00,61,\
00,64,00,6f,00,6f,00,5c,00,57,00,61,00,74,00,63,00,68,00,2e,00,65,00,78,00,\
65,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB839643]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MediaMix]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\oeupdate]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,d2,b7,4a,\
2c,55,59,c5,01,04,00,00,00,44,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,4f,00,75,00,74,00,6c,\
00,6f,00,6f,00,6b,00,20,00,45,00,78,00,70,00,72,00,65,00,73,00,73,00,5c,00,\
6d,00,73,00,69,00,6d,00,6e,00,2e,00,65,00,78,00,65,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{AC76BA86-7AD7-1036-7B44-A00000000001}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,00,d8,48,03,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{AC76BA86-7AD7-1036-7B44-A70900000002}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,00,60,cb,04,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000
[HKEY_CURRENT_USER\Software\Samsung]
[HKEY_LOCAL_MACHINE\Software\ItsLabel]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="D:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_9"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Adobe]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Adobe\Adobe Download Manager]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Adobe\Adobe Download Manager]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ArcSoft PhotoStudio 5.5]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Avery DesignPro]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG 7.5]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG Free Edition]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon PIXMA MP130,110 Manual]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon Utilities]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon Utilities\Easy-PhotoPrint]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon Utilities\Easy-PhotoPrint]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Compaq IJ650]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Contrôle Parental]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Jeux]
"Order"=hex:08,00,00,00,02,00,00,00,16,08,00,00,01,00,00,00,0c,00,00,00,ca,\
00,00,00,fb,ff,ff,ff,bc,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,aa,00,\
32,00,91,03,00,00,7b,31,52,7c,20,00,41,54,4f,55,54,50,7e,31,2e,4c,4e,4b,00,\
00,80,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,4e,00,41,00,74,00,\
6f,00,75,00,74,00,20,00,50,00,69,00,71,00,75,00,65,00,20,00,73,00,75,00,72,\
00,20,00,49,00,6e,00,74,00,65,00,72,00,6e,00,65,00,74,00,2e,00,6c,00,6e,00,\
6b,00,00,00,40,44,3a,5c,50,52,4f,47,52,41,7e,31,5c,4d,53,4e,47,41,4d,7e,31,\
5c,57,69,6e,64,6f,77,73,5c,73,68,76,6c,72,65,73,2e,64,6c,6c,2c,2d,31,32,31,\
32,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,\
00,c8,00,00,00,fb,ff,ff,ff,ba,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,\
a8,00,32,00,91,03,00,00,7b,31,52,7c,20,00,42,41,43,4b,47,41,7e,31,2e,4c,4e,\
4b,00,00,7e,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,4c,00,42,00,\
61,00,63,00,6b,00,67,00,61,00,6d,00,6d,00,6f,00,6e,00,20,00,73,00,75,00,72,\
00,20,00,49,00,6e,00,74,00,65,00,72,00,6e,00,65,00,74,00,2e,00,6c,00,6e,00,\
6b,00,00,00,40,44,3a,5c,50,52,4f,47,52,41,7e,31,5c,4d,53,4e,47,41,4d,7e,31,\
5c,57,69,6e,64,6f,77,73,5c,62,63,6b,67,72,65,73,2e,64,6c,6c,2c,2d,31,32,31,\
32,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,\
00,ac,00,00,00,fb,ff,ff,ff,9e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,\
8c,00,32,00,f0,05,00,00,88,31,bb,75,20,00,44,41,4d,45,44,45,7e,31,2e,4c,4e,\
4b,00,00,62,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,38,00,44,00,\
61,00,6d,00,65,00,20,00,64,00,65,00,20,00,50,00,69,00,71,00,75,00,65,00,2e,\
00,6c,00,6e,00,6b,00,00,00,40,44,3a,5c,57,49,4e,44,4f,57,53,5c,73,79,73,74,\
65,6d,33,32,5c,6d,73,68,65,61,72,74,73,2e,65,78,65,2c,2d,34,31,33,00,00,1c,\
00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,8c,00,\
00,00,fb,ff,ff,ff,7e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,6c,00,32,\
00,f0,05,00,00,cd,34,f5,4a,20,00,44,41,4d,45,44,45,7e,33,2e,4c,4e,4b,00,00,\
42,00,03,00,04,00,ef,be,cd,34,f5,4a,cd,34,f5,4a,14,00,00,00,44,00,61,00,6d,\
00,65,00,20,00,64,00,65,00,20,00,50,00,69,00,71,00,75,00,65,00,20,00,28,00,\
32,00,29,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,\
00,00,00,1c,00,00,00,00,00,00,00,00,00,ce,00,00,00,fb,ff,ff,ff,c0,00,00,00,\
41,75,67,4d,02,00,00,00,01,00,00,00,ae,00,32,00,91,03,00,00,7b,31,52,7c,20,\
00,44,41,4d,45,44,45,7e,32,2e,4c,4e,4b,00,00,84,00,03,00,04,00,ef,be,7b,31,\
73,79,93,34,80,3e,14,00,52,00,44,00,61,00,6d,00,65,00,20,00,64,00,65,00,20,\
00,70,00,69,00,71,00,75,00,65,00,20,00,73,00,75,00,72,00,20,00,49,00,6e,00,\
74,00,65,00,72,00,6e,00,65,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,40,44,3a,\
5c,50,52,4f,47,52,41,7e,31,5c,4d,53,4e,47,41,4d,7e,31,5c,57,69,6e,64,6f,77,\
73,5c,68,72,74,7a,72,65,73,2e,64,6c,6c,2c,2d,31,32,31,32,00,1c,00,0e,00,00,\
00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,8e,00,00,00,fb,ff,\
ff,ff,80,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,6e,00,32,00,eb,05,00,\
00,88,31,bb,75,20,00,44,4d,49,4e,45,55,7e,31,2e,4c,4e,4b,00,00,44,00,03,00,\
04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,2e,00,44,00,e9,00,6d,00,69,00,6e,\
00,65,00,75,00,72,00,2e,00,6c,00,6e,00,6b,00,00,00,40,73,68,65,6c,6c,33,32,\
2e,64,6c,6c,2c,2d,32,32,30,34,35,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,\
00,1c,00,00,00,00,00,00,00,00,00,8e,00,00,00,fb,ff,ff,ff,80,00,00,00,41,75,\
67,4d,02,00,00,00,01,00,00,00,6e,00,32,00,f2,05,00,00,88,31,bb,75,20,00,46,\
72,65,65,63,65,6c,6c,2e,6c,6e,6b,00,00,44,00,03,00,04,00,ef,be,7b,31,73,79,\
93,34,80,3e,14,00,2e,00,46,00,72,00,65,00,65,00,63,00,65,00,6c,00,6c,00,2e,\
00,6c,00,6e,00,6b,00,00,00,40,73,68,65,6c,6c,33,32,2e,64,6c,6c,2c,2d,32,32,\
30,33,30,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
00,00,00,cc,00,00,00,fb,ff,ff,ff,be,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
00,00,ac,00,32,00,91,03,00,00,7b,31,52,7c,20,00,4a,45,55,44,45,44,7e,31,2e,\
4c,4e,4b,00,00,82,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,50,00,\
4a,00,65,00,75,00,20,00,64,00,65,00,20,00,64,00,61,00,6d,00,65,00,73,00,20,\
00,73,00,75,00,72,00,20,00,49,00,6e,00,74,00,65,00,72,00,6e,00,65,00,74,00,\
2e,00,6c,00,6e,00,6b,00,00,00,40,44,3a,5c,50,52,4f,47,52,41,7e,31,5c,4d,53,\
4e,47,41,4d,7e,31,5c,57,69,6e,64,6f,77,73,5c,63,68,6b,72,72,65,73,2e,64,6c,\
6c,2c,2d,31,32,31,32,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,\
00,00,00,00,00,00,00,8a,00,00,00,fb,ff,ff,ff,7c,00,00,00,41,75,67,4d,02,00,\
00,00,01,00,00,00,6a,00,32,00,75,03,00,00,7b,31,73,79,20,00,50,69,6e,62,61,\
6c,6c,2e,6c,6e,6b,00,42,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,\
2c,00,50,00,69,00,6e,00,62,00,61,00,6c,00,6c,00,2e,00,6c,00,6e,00,6b,00,00,\
00,40,73,68,65,6c,6c,33,32,2e,64,6c,6c,2c,2d,32,32,30,35,37,00,1a,00,0e,00,\
00,00,0a,00,ef,be,00,00,00,00,1a,00,00,00,00,00,00,00,00,00,c2,00,00,00,fb,\
ff,ff,ff,b4,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,a2,00,32,00,91,03,\
00,00,7b,31,52,7c,20,00,52,45,56,45,52,53,7e,31,2e,4c,4e,4b,00,00,78,00,03,\
00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,46,00,52,00,65,00,76,00,65,00,\
72,00,73,00,69,00,20,00,73,00,75,00,72,00,20,00,49,00,6e,00,74,00,65,00,72,\
00,6e,00,65,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,40,44,3a,5c,50,52,4f,47,\
52,41,7e,31,5c,4d,53,4e,47,41,4d,7e,31,5c,57,69,6e,64,6f,77,73,5c,72,76,73,\
65,72,65,73,2e,64,6c,6c,2c,2d,31,32,31,32,00,1c,00,0e,00,00,00,0a,00,ef,be,\
00,00,00,00,1c,00,00,00,00,00,00,00,00,00,90,00,00,00,fb,ff,ff,ff,82,00,00,\
00,41,75,67,4d,02,00,00,00,01,00,00,00,70,00,32,00,d3,05,00,00,7e,31,f9,4b,\
20,00,53,4f,4c,49,54,41,7e,31,2e,4c,4e,4b,00,00,46,00,03,00,04,00,ef,be,7b,\
31,73,79,93,34,80,3e,14,00,30,00,53,00,6f,00,6c,00,69,00,74,00,61,00,69,00,\
72,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,40,73,68,65,6c,6c,33,32,2e,64,6c,\
6c,2c,2d,32,32,30,36,30,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,\
00,00,00,00,00,00,00,00,ae,00,00,00,fb,ff,ff,ff,a0,00,00,00,41,75,67,4d,02,\
00,00,00,01,00,00,00,8e,00,32,00,de,05,00,00,88,31,bb,75,20,00,53,50,49,44,\
45,52,7e,31,2e,4c,4e,4b,00,00,64,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,\
3e,14,00,3e,00,53,00,70,00,69,00,64,00,65,00,72,00,20,00,53,00,6f,00,6c,00,\
69,00,74,00,61,00,69,00,72,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,40,44,3a,\
5c,57,49,4e,44,4f,57,53,5c,73,79,73,74,65,6d,33,32,5c,73,70,69,64,65,72,2e,\
65,78,65,2c,2d,35,36,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,\
00,00,00,00,00,00,00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\KODAK]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\MediaMix]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Micro Application]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Micro Application\24 Jeux de Cartes]
"Order"=hex:08,00,00,00,02,00,00,00,1c,07,00,00,01,00,00,00,0e,00,00,00,7e,\
00,00,00,fb,ff,ff,ff,70,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5e,00,\
32,00,91,06,00,00,30,34,b3,50,20,00,37,46,41,4d,49,4c,7e,31,2e,4c,4e,4b,00,\
00,34,00,03,00,04,00,ef,be,30,34,b3,50,30,34,b3,50,14,00,00,00,37,00,20,00,\
46,00,61,00,6d,00,69,00,6c,00,6c,00,65,00,73,00,2e,00,6c,00,6e,00,6b,00,00,\
00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,\
7a,00,00,00,fb,ff,ff,ff,6c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,\
00,32,00,83,06,00,00,30,34,b3,50,20,00,42,61,63,63,61,72,61,74,2e,6c,6e,6b,\
00,00,30,00,03,00,04,00,ef,be,30,34,b3,50,30,34,b3,50,14,00,00,00,42,00,61,\
00,63,00,63,00,61,00,72,00,61,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,\
0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7a,00,00,\
00,fb,ff,ff,ff,6c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,00,32,00,\
d7,06,00,00,30,34,b3,50,20,00,47,49,4e,52,41,4d,7e,31,2e,4c,4e,4b,00,00,30,\
00,03,00,04,00,ef,be,30,34,b3,50,30,34,b3,50,14,00,00,00,47,00,69,00,6e,00,\
20,00,52,00,61,00,6d,00,69,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,\
00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,86,00,00,00,fb,ff,\
ff,ff,78,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,66,00,32,00,29,07,00,\
00,30,34,47,4f,20,00,48,55,49,54,41,4d,7e,31,2e,4c,4e,4b,00,00,3c,00,03,00,\
04,00,ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,48,00,75,00,69,00,74,00,20,\
00,41,00,6d,00,e9,00,72,00,69,00,63,00,61,00,69,00,6e,00,2e,00,6c,00,6e,00,\
6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
00,00,00,84,00,00,00,fb,ff,ff,ff,76,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
00,00,64,00,32,00,35,07,00,00,30,34,47,4f,20,00,4a,45,55,44,45,42,7e,31,2e,\
4c,4e,4b,00,00,3a,00,03,00,04,00,ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,\
4a,00,65,00,75,00,20,00,64,00,65,00,20,00,42,00,65,00,6c,00,6f,00,74,00,65,\
00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,\
1c,00,00,00,00,00,00,00,00,00,8a,00,00,00,fb,ff,ff,ff,7c,00,00,00,41,75,67,\
4d,02,00,00,00,01,00,00,00,6a,00,32,00,43,07,00,00,30,34,47,4f,20,00,4a,45,\
55,44,45,42,7e,32,2e,4c,4e,4b,00,00,40,00,03,00,04,00,ef,be,30,34,47,4f,30,\
34,47,4f,14,00,00,00,4a,00,65,00,75,00,20,00,64,00,65,00,20,00,42,00,65,00,\
6c,00,6f,00,74,00,65,00,20,00,33,00,44,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,\
00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,82,00,\
00,00,fb,ff,ff,ff,74,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,62,00,32,\
00,1f,07,00,00,30,34,47,4f,20,00,4a,45,55,44,45,54,7e,31,2e,4c,4e,4b,00,00,\
38,00,03,00,04,00,ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,4a,00,65,00,75,\
00,20,00,64,00,65,00,20,00,54,00,61,00,72,00,6f,00,74,00,2e,00,6c,00,6e,00,\
6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
00,00,00,88,00,00,00,fb,ff,ff,ff,7a,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
00,00,68,00,32,00,3f,07,00,00,30,34,47,4f,20,00,4a,45,55,44,45,54,7e,32,2e,\
4c,4e,4b,00,00,3e,00,03,00,04,00,ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,\
4a,00,65,00,75,00,20,00,64,00,65,00,20,00,54,00,61,00,72,00,6f,00,74,00,20,\
00,33,00,44,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,\
00,00,00,00,1c,00,00,00,00,00,00,00,00,00,80,00,00,00,fb,ff,ff,ff,72,00,00,\
00,41,75,67,4d,02,00,00,00,01,00,00,00,60,00,32,00,15,07,00,00,30,34,47,4f,\
20,00,4c,41,43,52,41,50,7e,31,2e,4c,4e,4b,00,00,36,00,03,00,04,00,ef,be,30,\
34,47,4f,30,34,47,4f,14,00,00,00,4c,00,61,00,20,00,43,00,72,00,61,00,70,00,\
65,00,74,00,74,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,\
00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7a,00,00,00,fb,ff,ff,ff,\
6c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,00,32,00,e5,06,00,00,30,\
34,47,4f,20,00,4c,45,42,41,52,42,7e,31,2e,4c,4e,4b,00,00,30,00,03,00,04,00,\
ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,4c,00,65,00,20,00,42,00,61,00,72,\
00,62,00,75,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,\
00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7e,00,00,00,fb,ff,ff,ff,70,00,00,\
00,41,75,67,4d,02,00,00,00,01,00,00,00,5e,00,32,00,13,07,00,00,30,34,47,4f,\
20,00,4e,41,49,4e,4a,41,7e,31,2e,4c,4e,4b,00,00,34,00,03,00,04,00,ef,be,30,\
34,47,4f,30,34,47,4f,14,00,00,00,4e,00,61,00,69,00,6e,00,20,00,4a,00,61,00,\
75,00,6e,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,\
be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,aa,00,00,00,fb,ff,ff,ff,9c,00,\
00,00,41,75,67,4d,02,00,00,00,01,00,00,00,8a,00,32,00,c9,07,00,00,30,34,47,\
4f,20,00,50,41,54,49,45,4e,7e,31,2e,4c,4e,4b,00,00,60,00,03,00,04,00,ef,be,\
30,34,47,4f,30,34,47,4f,14,00,00,00,50,00,61,00,74,00,69,00,65,00,6e,00,63,\
00,65,00,73,00,20,00,26,00,20,00,52,00,e9,00,75,00,73,00,73,00,69,00,74,00,\
65,00,73,00,20,00,65,00,74,00,20,00,4e,00,69,00,76,00,65,00,61,00,75,00,78,\
00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,\
1c,00,00,00,00,00,00,00,00,00,6e,00,00,00,fb,ff,ff,ff,60,00,00,00,41,75,67,\
4d,02,00,00,00,01,00,00,00,4e,00,32,00,bb,06,00,00,30,34,47,4f,20,00,52,61,\
6d,69,2e,6c,6e,6b,00,00,28,00,03,00,04,00,ef,be,30,34,47,4f,30,34,47,4f,14,\
00,00,00,52,00,61,00,6d,00,69,00,2e,00,6c,00,6e,00,6b,00,00,00,18,00,0e,00,\
00,00,0a,00,ef,be,00,00,00,00,18,00,00,00,00,00,00,00,00,00,70,00,00,00,fb,\
ff,ff,ff,62,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,50,00,32,00,c9,06,\
00,00,30,34,47,4f,20,00,57,68,69,73,74,2e,6c,6e,6b,00,2a,00,03,00,04,00,ef,\
be,30,34,47,4f,30,34,47,4f,14,00,00,00,57,00,68,00,69,00,73,00,74,00,2e,00,\
6c,00,6e,00,6b,00,00,00,18,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,18,00,00,\
00,00,00,00,00,00,00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Micro Application\24 Jeux de Cartes]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\PrintMe Internet Printing]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Revolution Software]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Roxio Easy CD Creator 5]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Roxio Easy CD Creator 5\Applications]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Roxio Easy CD Creator 5\Applications]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Samsung PC Studio 3]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\THQ]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Wanadoo]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Win Novation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Win Novation\Belote Plus]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Win Novation\Belote Plus]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"D:\\Documents and Settings\\vero\\Mes documents\\jarriges\\WLinstaller.exe"="Fichier exécutable du programme d'installation client Windows Live"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"D:\\Documents and Settings\\vero\\Mes documents\\jarriges\\aswclnr.tmp"="Virus/Worm Cleaner Application"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"D:\\DOCUME~1\\vero\\LOCALS~1\\Temp\\GLB4.tmp"="ZoneAlarm-3301-French"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\urn:content-classes:contentclassdef]
[HKEY_CLASSES_ROOT\urn:content-classes:wizard/addcontentclass]
[HKEY_CLASSES_ROOT\3DBelote.Document]
@="3DBelote Document"
[HKEY_CLASSES_ROOT\3DBelote.Document\shell]
[HKEY_CLASSES_ROOT\3DTarotSC.Document]
@="3DTarotSC Document"
[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell]
[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess]
@="AcroAccess Class"
[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess\CLSID]
@="{C523F39F-9C83-11D3-9094-00104BD0D535}"
[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess\CurVer]
@="AcroAccess.AcroAccess.1"
[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess.1]
@="AcroAccess Class"
[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess.1\CLSID]
@="{C523F39F-9C83-11D3-9094-00104BD0D535}"
[HKEY_CLASSES_ROOT\AcroExch.Document]
[HKEY_CLASSES_ROOT\AcroExch.Document\Shell]
[HKEY_CLASSES_ROOT\Belote365i.Document]
@="Belote365i Document"
[HKEY_CLASSES_ROOT\Belote365i.Document\shell]
[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu]
@="CmdLineContextMenu Class"
[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu\CLSID]
@="{9869EFB4-18E9-11D3-A837-00104B9E30B5}"
[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu\CurVer]
@="CmdLineExt.CmdLineContextMenu.1"
[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu.1]
@="CmdLineContextMenu Class"
[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu.1\CLSID]
@="{9869EFB4-18E9-11D3-A837-00104B9E30B5}"
[HKEY_CLASSES_ROOT\Connection Manager Profile]
@="Connection Manager Profile"
[HKEY_CLASSES_ROOT\Connection Manager Profile\shell]
[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho]
@="EoBho Class"
[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho\CLSID]
@="{64F56FC1-1272-44CD-BA6E-39723696E350}"
[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho\CurVer]
@="EoRezoBHO.EoBho.1"
[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1]
@="EoBho Class"
[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1\CLSID]
@="{64F56FC1-1272-44CD-BA6E-39723696E350}"
[HKEY_CLASSES_ROOT\PTLID.VXZ]
@="PTLID.VXZ"
[HKEY_CLASSES_ROOT\PTLID.VXZ\CLSID]
"CLSID"=hex:4b,69,74,57,6f,6f,2d,39,2d,62,37,36,32,2d,34,65,37,34,2d,61,37,\
38,64,2d,30,32,38,64,38,30,38,35,30,65,61,35
@="{E491197C-905B-41AF-8D9B-C58564218173}"
[HKEY_CLASSES_ROOT\Tarot365i.Document]
@="Tarot365i Document"
[HKEY_CLASSES_ROOT\Tarot365i.Document\shell]
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 09/04/2008 a 20:10:29,85
Micro
9 avril 2008 à 21:29
J'ai fait le gros nettoyage, tu trouveras tous les rapports. Donne moi des nouvelles pour la suite ....
catchme 0.3.1351.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-09 20:26:19
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.Windows.Forms.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.Windows.Forms.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\mscorlib.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\mscoree.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.Drawing.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.EnterpriseServices.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.JScript.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.Vsa.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.Drawing.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscoree.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.EnterpriseServices.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.JScript.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.Vsa.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscorlib.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb"=dword:00001000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\System32\\ZoneLabs\\isafeif.dll"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\System32\\ZoneLabs\\vetredir.dll"=dword:00000001
[HKEY_CLASSES_ROOT\.wan]
[HKEY_CLASSES_ROOT\OISbmpfile]
@=""
[HKEY_CLASSES_ROOT\OISemffile]
@=""
[HKEY_CLASSES_ROOT\OISgiffile]
@=""
[HKEY_CLASSES_ROOT\OISjpegfile]
@=""
[HKEY_CLASSES_ROOT\OISpngfile]
@=""
[HKEY_CLASSES_ROOT\OIStiffile]
@=""
[HKEY_CLASSES_ROOT\OISwmffile]
@=""
[HKEY_CLASSES_ROOT\SysmonLogManager.Snapin]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.000\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.002]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.002\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.4%202000%2001]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.4%202000%2001\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.809]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.809\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.813]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.813\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.845]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.845\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABK]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABK\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BCM]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BCM\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.class]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.class\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cnt]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cnt\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.d]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.d\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fmp]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fmp\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.frd]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.frd\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FTS]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FTS\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.GID]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.GID\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hsc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hsc\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.info]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.info\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mb]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mb\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrg]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrg\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pf]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pf\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PV__]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PV__\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tmp]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tmp\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zdx]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zdx\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\OpenWithList]
[HKEY_CLASSES_ROOT\3DBelote.Document\DefaultIcon]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~1\\Belote3D.exe,1"
[HKEY_CLASSES_ROOT\3DBelote.Document\shell\open]
[HKEY_CLASSES_ROOT\3DBelote.Document\shell\open\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~1\\Belote3D.exe \"%1\""
[HKEY_CLASSES_ROOT\3DBelote.Document\shell\print]
[HKEY_CLASSES_ROOT\3DBelote.Document\shell\print\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~1\\Belote3D.exe /p \"%1\""
[HKEY_CLASSES_ROOT\3DBelote.Document\shell\printto]
[HKEY_CLASSES_ROOT\3DBelote.Document\shell\printto\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~1\\Belote3D.exe /pt \"%1\" \"%2\" \"%3\" \"%4\""
[HKEY_CLASSES_ROOT\3DTarotSC.Document\DefaultIcon]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~2\\3DTARO~1.EXE,1"
[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\open]
[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\open\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~2\\3DTARO~1.EXE \"%1\""
[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\print]
[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\print\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~2\\3DTARO~1.EXE /p \"%1\""
[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\printto]
[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\printto\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~2\\3DTARO~1.EXE /pt \"%1\" \"%2\" \"%3\" \"%4\""
[HKEY_CLASSES_ROOT\AcroExch.Document\shell\Open]
[HKEY_CLASSES_ROOT\AcroExch.Document\shell\Open\Command]
@="\"D:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AcroRd32.exe\" \"%1\""
[HKEY_CLASSES_ROOT\ADCS]
@="Conteneur de classe Annuaire"
[HKEY_CLASSES_ROOT\ADCS\CLSID]
@="{89E30300-764D-11d0-B282-00A0C90F56FC}"
[HKEY_CLASSES_ROOT\Belote365i.Document\DefaultIcon]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~2\\BELOTE~1.EXE,1"
[HKEY_CLASSES_ROOT\Belote365i.Document\shell\open]
[HKEY_CLASSES_ROOT\Belote365i.Document\shell\open\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~2\\BELOTE~1.EXE \"%1\""
[HKEY_CLASSES_ROOT\Belote365i.Document\shell\print]
[HKEY_CLASSES_ROOT\Belote365i.Document\shell\print\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~2\\BELOTE~1.EXE /p \"%1\""
[HKEY_CLASSES_ROOT\Belote365i.Document\shell\printto]
[HKEY_CLASSES_ROOT\Belote365i.Document\shell\printto\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~2\\BELOTE~1.EXE /pt \"%1\" \"%2\" \"%3\" \"%4\""
[HKEY_CLASSES_ROOT\bwpfile\shell\open]
[HKEY_CLASSES_ROOT\bwpfile\shell\open\command]
@="D:\\Program Files\\Kodak\\Kodak Software Updater\\7288971\\6.1.4.37-7288971L\\Program\\PrvCnt.exe \"%1\""
[HKEY_CLASSES_ROOT\Connection Manager Profile\DefaultIcon]
@="D:\\WINDOWS\\System32\\CMMGR32.EXE,1"
[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open]
[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open\command]
@="D:\\WINDOWS\\System32\\CMMGR32.EXE \"%1\""
[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...]
[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...\command]
@="D:\\WINDOWS\\System32\\CMMGR32.EXE /settings \"%1\""
[HKEY_CLASSES_ROOT\dcsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,11"
[HKEY_CLASSES_ROOT\ecsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,10"
[HKEY_CLASSES_ROOT\fcsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,12"
[HKEY_CLASSES_ROOT\FoxitReader.Document\DefaultIcon]
@="D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE,1"
[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\open]
[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\open\command]
@="\"D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE\" \"%1\""
[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\print]
[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\print\command]
@="\"D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE\" /p \"%1\" "
[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\printto]
[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\printto\command]
@="\"D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE\" /t \"%1\" \"%2\" \"%3\" \"%4\" "
[HKEY_CLASSES_ROOT\ncsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,14"
[HKEY_CLASSES_ROOT\Tarot365i.Document\DefaultIcon]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~1\\Tarot365.exe,1"
[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\open]
[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\open\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~1\\Tarot365.exe \"%1\""
[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\print]
[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\print\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~1\\Tarot365.exe /p \"%1\""
[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\printto]
[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\printto\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~1\\Tarot365.exe /pt \"%1\" \"%2\" \"%3\" \"%4\""
[HKEY_CLASSES_ROOT\tcsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,13"
[HKEY_CLASSES_ROOT\urn:content-classes:catalog\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,15"
[HKEY_CLASSES_ROOT\urn:content-classes:catalog-settings\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12471"
[HKEY_CLASSES_ROOT\urn:content-classes:contentclassdef\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-13101"
[HKEY_CLASSES_ROOT\urn:content-classes:exchange55startaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12451"
[HKEY_CLASSES_ROOT\urn:content-classes:exchangestartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12451"
[HKEY_CLASSES_ROOT\urn:content-classes:filestartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12453"
[HKEY_CLASSES_ROOT\urn:content-classes:management\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,20"
[HKEY_CLASSES_ROOT\urn:content-classes:notesstartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12456"
[HKEY_CLASSES_ROOT\urn:content-classes:remoteworkspacestartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12454"
[HKEY_CLASSES_ROOT\urn:content-classes:webstartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12450"
[HKEY_CLASSES_ROOT\urn:content-classes:wizard/addcontentclass\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-13100"
[HKEY_CLASSES_ROOT\urn:content-classes:wizard/addsearchcontentlocation\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12461"
[HKEY_CLASSES_ROOT\urn:content-classes:workspace-settings\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12472"
[HKEY_CLASSES_ROOT\urn:content-classes:workspaceconfiguration\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12476"
[HKEY_CLASSES_ROOT\urn:content-classes:workspacestartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12454"
[HKEY_CLASSES_ROOT\WBEMComConnection]
@="WBEM Connection"
[HKEY_CLASSES_ROOT\WBEMComConnection\CLSID]
@="SOFTWARE\\CLASSES\\WBEMComConnection"
[HKEY_CLASSES_ROOT\WBEMComLocator]
@="WBEM Locator"
[HKEY_CLASSES_ROOT\WBEMComLocator\CLSID]
@="SOFTWARE\\CLASSES\\WBEMComLocator"
[HKEY_CLASSES_ROOT\wcsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,9"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}]
@="PDF Document"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\AuxUserType]
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\AuxUserType\2]
@="PDF"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\AuxUserType\3]
@="Foxit Reader"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\DefaultExtension]
@=".pdf, PDF Files(*.pdf)"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\DefaultIcon]
@="D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE,1"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\DocObject]
@="0"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\InprocHandler32]
@="ole32.dll"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Insertable]
@=""
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\LocalServer32]
@="D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\MiscStatus]
@="32"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Printable]
@=""
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\ProgID]
@="FoxitReader.Document"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Verb]
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Verb\0]
@="&Edit,0,2"
[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Verb\1]
@="&Open,0,2"
[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}]
@="EoBho Class"
[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\InprocServer32]
@="D:\\Program Files\\EoRezo\\EoAdv\\EoRezoBHO.dll"
"ThreadingModel"="Apartment"
[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\ProgID]
@="EoRezoBHO.EoBho.1"
[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\Programmable]
[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\TypeLib]
@="{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}"
[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\VersionIndependentProgID]
@="EoRezoBHO.EoBho"
[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}]
@="CmdLineContextMenu Class"
[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\InprocServer32]
@="D:\\DOCUME~1\\vero\\LOCALS~1\\Temp\\CMDLIN~1.DLL"
"ThreadingModel"="Apartment"
[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\ProgID]
@="CmdLineExt.CmdLineContextMenu.1"
[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\TypeLib]
@="{9869EFA6-18E9-11D3-A837-00104B9E30B5}"
[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\VersionIndependentProgID]
@="CmdLineExt.CmdLineContextMenu"
[HKEY_CLASSES_ROOT\CLSID\{C523F39F-9C83-11D3-9094-00104BD0D535}]
[HKEY_CLASSES_ROOT\CLSID\{C523F39F-9C83-11D3-9094-00104BD0D535}\LocalServer32]
@="D:\\Program Files\\Adobe\\Acrobat 6.0\\Reader\\plug_ins\\Accessibility.api"
[HKEY_CLASSES_ROOT\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@="FlashBroker"
"LocalizedString"="@D:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil9e.exe,-101"
[HKEY_CLASSES_ROOT\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
[HKEY_CLASSES_ROOT\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="D:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil9e.exe"
[HKEY_CLASSES_ROOT\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}]
@="PTLID.VXZ"
[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\Implemented Categories]
[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}]
[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\LocalServer32]
@="D:\\WINDOWS\\OptRemove.exe"
[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\ProgID]
@="PTLID.VXZ"
[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\Programmable]
[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\TypeLib]
@="{5D35BC06-2E9A-424C-B322-B94CD5C3F86C}"
[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\VERSION]
@="1.0"
[HKEY_CLASSES_ROOT\Applications\moviemk.exe]
[HKEY_CLASSES_ROOT\Applications\moviemk.exe\shell]
"FriendlyCache"="Movie Maker"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe]
@="D:\\WINDOWS\\System32\\cmmgr32.exe"
"Path"="D:\\WINDOWS\\System32"
"CmstpExtensionDll"="D:\\WINDOWS\\System32\\cmcfg32.dll"
"CMInternalVersion"="1.2"
"CmNative"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\DesignPro]
"Path"="D:\\Program Files\\DesignPro\\"
@="D:\\Program Files\\DesignPro\\DesignPro"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\Easy-WebPrint]
"Path"="D:\\Program Files\\Canon\\Easy-WebPrint"
@="D:\\Program Files\\Canon\\Easy-WebPrint\\Easy-WebPrint"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\optproxy.exe]
"Path"="D:\\Program Files\\Controle Parental"
@="D:\\Program Files\\Controle Parental\\optproxy.exe"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\udfrinst.exe]
@="D:\\Program Files\\Adaptec\\Easy CD Creator 5\\DirectCD\\udfrinst.exe"
"Path"="D:\\Program Files\\Adaptec\\Easy CD Creator 5\\DirectCD\\"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\YourApp.exe]
@="D:\\Program Files\\Micro Application\\24 Jeux de Cartes\\YourApp.exe"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Kodak\\Kodak EasyShare\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Kodak\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\KODAK\\Mise à jour logicielle KODAK\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\vero\\Menu Démarrer\\Programmes\\KODAK\\Logiciel de connexion de l'appareil photo\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\vero\\Menu Démarrer\\Programmes\\KODAK\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\vero\\Application Data\\Microsoft\\Installer\\{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Roxio Easy CD Creator 5\\Applications\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Roxio Easy CD Creator 5\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\EspaceWanadoo.exe]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,00,9a,03,00,00,00,00,c4,a4,fb,\
53,f3,75,c8,01,1d,00,00,00,44,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,57,00,61,00,6e,00,61,\
00,64,00,6f,00,6f,00,5c,00,57,00,61,00,74,00,63,00,68,00,2e,00,65,00,78,00,\
65,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB839643]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MediaMix]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\oeupdate]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,d2,b7,4a,\
2c,55,59,c5,01,04,00,00,00,44,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,4f,00,75,00,74,00,6c,\
00,6f,00,6f,00,6b,00,20,00,45,00,78,00,70,00,72,00,65,00,73,00,73,00,5c,00,\
6d,00,73,00,69,00,6d,00,6e,00,2e,00,65,00,78,00,65,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{AC76BA86-7AD7-1036-7B44-A00000000001}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,00,d8,48,03,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{AC76BA86-7AD7-1036-7B44-A70900000002}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,00,60,cb,04,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000
[HKEY_CURRENT_USER\Software\Samsung]
[HKEY_LOCAL_MACHINE\Software\ItsLabel]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="D:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_9"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Adobe]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Adobe\Adobe Download Manager]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Adobe\Adobe Download Manager]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ArcSoft PhotoStudio 5.5]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Avery DesignPro]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG 7.5]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG Free Edition]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon PIXMA MP130,110 Manual]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon Utilities]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon Utilities\Easy-PhotoPrint]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon Utilities\Easy-PhotoPrint]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Compaq IJ650]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Contrôle Parental]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Jeux]
"Order"=hex:08,00,00,00,02,00,00,00,16,08,00,00,01,00,00,00,0c,00,00,00,ca,\
00,00,00,fb,ff,ff,ff,bc,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,aa,00,\
32,00,91,03,00,00,7b,31,52,7c,20,00,41,54,4f,55,54,50,7e,31,2e,4c,4e,4b,00,\
00,80,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,4e,00,41,00,74,00,\
6f,00,75,00,74,00,20,00,50,00,69,00,71,00,75,00,65,00,20,00,73,00,75,00,72,\
00,20,00,49,00,6e,00,74,00,65,00,72,00,6e,00,65,00,74,00,2e,00,6c,00,6e,00,\
6b,00,00,00,40,44,3a,5c,50,52,4f,47,52,41,7e,31,5c,4d,53,4e,47,41,4d,7e,31,\
5c,57,69,6e,64,6f,77,73,5c,73,68,76,6c,72,65,73,2e,64,6c,6c,2c,2d,31,32,31,\
32,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,\
00,c8,00,00,00,fb,ff,ff,ff,ba,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,\
a8,00,32,00,91,03,00,00,7b,31,52,7c,20,00,42,41,43,4b,47,41,7e,31,2e,4c,4e,\
4b,00,00,7e,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,4c,00,42,00,\
61,00,63,00,6b,00,67,00,61,00,6d,00,6d,00,6f,00,6e,00,20,00,73,00,75,00,72,\
00,20,00,49,00,6e,00,74,00,65,00,72,00,6e,00,65,00,74,00,2e,00,6c,00,6e,00,\
6b,00,00,00,40,44,3a,5c,50,52,4f,47,52,41,7e,31,5c,4d,53,4e,47,41,4d,7e,31,\
5c,57,69,6e,64,6f,77,73,5c,62,63,6b,67,72,65,73,2e,64,6c,6c,2c,2d,31,32,31,\
32,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,\
00,ac,00,00,00,fb,ff,ff,ff,9e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,\
8c,00,32,00,f0,05,00,00,88,31,bb,75,20,00,44,41,4d,45,44,45,7e,31,2e,4c,4e,\
4b,00,00,62,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,38,00,44,00,\
61,00,6d,00,65,00,20,00,64,00,65,00,20,00,50,00,69,00,71,00,75,00,65,00,2e,\
00,6c,00,6e,00,6b,00,00,00,40,44,3a,5c,57,49,4e,44,4f,57,53,5c,73,79,73,74,\
65,6d,33,32,5c,6d,73,68,65,61,72,74,73,2e,65,78,65,2c,2d,34,31,33,00,00,1c,\
00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,8c,00,\
00,00,fb,ff,ff,ff,7e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,6c,00,32,\
00,f0,05,00,00,cd,34,f5,4a,20,00,44,41,4d,45,44,45,7e,33,2e,4c,4e,4b,00,00,\
42,00,03,00,04,00,ef,be,cd,34,f5,4a,cd,34,f5,4a,14,00,00,00,44,00,61,00,6d,\
00,65,00,20,00,64,00,65,00,20,00,50,00,69,00,71,00,75,00,65,00,20,00,28,00,\
32,00,29,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,\
00,00,00,1c,00,00,00,00,00,00,00,00,00,ce,00,00,00,fb,ff,ff,ff,c0,00,00,00,\
41,75,67,4d,02,00,00,00,01,00,00,00,ae,00,32,00,91,03,00,00,7b,31,52,7c,20,\
00,44,41,4d,45,44,45,7e,32,2e,4c,4e,4b,00,00,84,00,03,00,04,00,ef,be,7b,31,\
73,79,93,34,80,3e,14,00,52,00,44,00,61,00,6d,00,65,00,20,00,64,00,65,00,20,\
00,70,00,69,00,71,00,75,00,65,00,20,00,73,00,75,00,72,00,20,00,49,00,6e,00,\
74,00,65,00,72,00,6e,00,65,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,40,44,3a,\
5c,50,52,4f,47,52,41,7e,31,5c,4d,53,4e,47,41,4d,7e,31,5c,57,69,6e,64,6f,77,\
73,5c,68,72,74,7a,72,65,73,2e,64,6c,6c,2c,2d,31,32,31,32,00,1c,00,0e,00,00,\
00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,8e,00,00,00,fb,ff,\
ff,ff,80,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,6e,00,32,00,eb,05,00,\
00,88,31,bb,75,20,00,44,4d,49,4e,45,55,7e,31,2e,4c,4e,4b,00,00,44,00,03,00,\
04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,2e,00,44,00,e9,00,6d,00,69,00,6e,\
00,65,00,75,00,72,00,2e,00,6c,00,6e,00,6b,00,00,00,40,73,68,65,6c,6c,33,32,\
2e,64,6c,6c,2c,2d,32,32,30,34,35,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,\
00,1c,00,00,00,00,00,00,00,00,00,8e,00,00,00,fb,ff,ff,ff,80,00,00,00,41,75,\
67,4d,02,00,00,00,01,00,00,00,6e,00,32,00,f2,05,00,00,88,31,bb,75,20,00,46,\
72,65,65,63,65,6c,6c,2e,6c,6e,6b,00,00,44,00,03,00,04,00,ef,be,7b,31,73,79,\
93,34,80,3e,14,00,2e,00,46,00,72,00,65,00,65,00,63,00,65,00,6c,00,6c,00,2e,\
00,6c,00,6e,00,6b,00,00,00,40,73,68,65,6c,6c,33,32,2e,64,6c,6c,2c,2d,32,32,\
30,33,30,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
00,00,00,cc,00,00,00,fb,ff,ff,ff,be,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
00,00,ac,00,32,00,91,03,00,00,7b,31,52,7c,20,00,4a,45,55,44,45,44,7e,31,2e,\
4c,4e,4b,00,00,82,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,50,00,\
4a,00,65,00,75,00,20,00,64,00,65,00,20,00,64,00,61,00,6d,00,65,00,73,00,20,\
00,73,00,75,00,72,00,20,00,49,00,6e,00,74,00,65,00,72,00,6e,00,65,00,74,00,\
2e,00,6c,00,6e,00,6b,00,00,00,40,44,3a,5c,50,52,4f,47,52,41,7e,31,5c,4d,53,\
4e,47,41,4d,7e,31,5c,57,69,6e,64,6f,77,73,5c,63,68,6b,72,72,65,73,2e,64,6c,\
6c,2c,2d,31,32,31,32,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,\
00,00,00,00,00,00,00,8a,00,00,00,fb,ff,ff,ff,7c,00,00,00,41,75,67,4d,02,00,\
00,00,01,00,00,00,6a,00,32,00,75,03,00,00,7b,31,73,79,20,00,50,69,6e,62,61,\
6c,6c,2e,6c,6e,6b,00,42,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,\
2c,00,50,00,69,00,6e,00,62,00,61,00,6c,00,6c,00,2e,00,6c,00,6e,00,6b,00,00,\
00,40,73,68,65,6c,6c,33,32,2e,64,6c,6c,2c,2d,32,32,30,35,37,00,1a,00,0e,00,\
00,00,0a,00,ef,be,00,00,00,00,1a,00,00,00,00,00,00,00,00,00,c2,00,00,00,fb,\
ff,ff,ff,b4,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,a2,00,32,00,91,03,\
00,00,7b,31,52,7c,20,00,52,45,56,45,52,53,7e,31,2e,4c,4e,4b,00,00,78,00,03,\
00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,46,00,52,00,65,00,76,00,65,00,\
72,00,73,00,69,00,20,00,73,00,75,00,72,00,20,00,49,00,6e,00,74,00,65,00,72,\
00,6e,00,65,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,40,44,3a,5c,50,52,4f,47,\
52,41,7e,31,5c,4d,53,4e,47,41,4d,7e,31,5c,57,69,6e,64,6f,77,73,5c,72,76,73,\
65,72,65,73,2e,64,6c,6c,2c,2d,31,32,31,32,00,1c,00,0e,00,00,00,0a,00,ef,be,\
00,00,00,00,1c,00,00,00,00,00,00,00,00,00,90,00,00,00,fb,ff,ff,ff,82,00,00,\
00,41,75,67,4d,02,00,00,00,01,00,00,00,70,00,32,00,d3,05,00,00,7e,31,f9,4b,\
20,00,53,4f,4c,49,54,41,7e,31,2e,4c,4e,4b,00,00,46,00,03,00,04,00,ef,be,7b,\
31,73,79,93,34,80,3e,14,00,30,00,53,00,6f,00,6c,00,69,00,74,00,61,00,69,00,\
72,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,40,73,68,65,6c,6c,33,32,2e,64,6c,\
6c,2c,2d,32,32,30,36,30,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,\
00,00,00,00,00,00,00,00,ae,00,00,00,fb,ff,ff,ff,a0,00,00,00,41,75,67,4d,02,\
00,00,00,01,00,00,00,8e,00,32,00,de,05,00,00,88,31,bb,75,20,00,53,50,49,44,\
45,52,7e,31,2e,4c,4e,4b,00,00,64,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,\
3e,14,00,3e,00,53,00,70,00,69,00,64,00,65,00,72,00,20,00,53,00,6f,00,6c,00,\
69,00,74,00,61,00,69,00,72,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,40,44,3a,\
5c,57,49,4e,44,4f,57,53,5c,73,79,73,74,65,6d,33,32,5c,73,70,69,64,65,72,2e,\
65,78,65,2c,2d,35,36,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,\
00,00,00,00,00,00,00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\KODAK]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\MediaMix]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Micro Application]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Micro Application\24 Jeux de Cartes]
"Order"=hex:08,00,00,00,02,00,00,00,1c,07,00,00,01,00,00,00,0e,00,00,00,7e,\
00,00,00,fb,ff,ff,ff,70,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5e,00,\
32,00,91,06,00,00,30,34,b3,50,20,00,37,46,41,4d,49,4c,7e,31,2e,4c,4e,4b,00,\
00,34,00,03,00,04,00,ef,be,30,34,b3,50,30,34,b3,50,14,00,00,00,37,00,20,00,\
46,00,61,00,6d,00,69,00,6c,00,6c,00,65,00,73,00,2e,00,6c,00,6e,00,6b,00,00,\
00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,\
7a,00,00,00,fb,ff,ff,ff,6c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,\
00,32,00,83,06,00,00,30,34,b3,50,20,00,42,61,63,63,61,72,61,74,2e,6c,6e,6b,\
00,00,30,00,03,00,04,00,ef,be,30,34,b3,50,30,34,b3,50,14,00,00,00,42,00,61,\
00,63,00,63,00,61,00,72,00,61,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,\
0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7a,00,00,\
00,fb,ff,ff,ff,6c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,00,32,00,\
d7,06,00,00,30,34,b3,50,20,00,47,49,4e,52,41,4d,7e,31,2e,4c,4e,4b,00,00,30,\
00,03,00,04,00,ef,be,30,34,b3,50,30,34,b3,50,14,00,00,00,47,00,69,00,6e,00,\
20,00,52,00,61,00,6d,00,69,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,\
00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,86,00,00,00,fb,ff,\
ff,ff,78,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,66,00,32,00,29,07,00,\
00,30,34,47,4f,20,00,48,55,49,54,41,4d,7e,31,2e,4c,4e,4b,00,00,3c,00,03,00,\
04,00,ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,48,00,75,00,69,00,74,00,20,\
00,41,00,6d,00,e9,00,72,00,69,00,63,00,61,00,69,00,6e,00,2e,00,6c,00,6e,00,\
6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
00,00,00,84,00,00,00,fb,ff,ff,ff,76,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
00,00,64,00,32,00,35,07,00,00,30,34,47,4f,20,00,4a,45,55,44,45,42,7e,31,2e,\
4c,4e,4b,00,00,3a,00,03,00,04,00,ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,\
4a,00,65,00,75,00,20,00,64,00,65,00,20,00,42,00,65,00,6c,00,6f,00,74,00,65,\
00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,\
1c,00,00,00,00,00,00,00,00,00,8a,00,00,00,fb,ff,ff,ff,7c,00,00,00,41,75,67,\
4d,02,00,00,00,01,00,00,00,6a,00,32,00,43,07,00,00,30,34,47,4f,20,00,4a,45,\
55,44,45,42,7e,32,2e,4c,4e,4b,00,00,40,00,03,00,04,00,ef,be,30,34,47,4f,30,\
34,47,4f,14,00,00,00,4a,00,65,00,75,00,20,00,64,00,65,00,20,00,42,00,65,00,\
6c,00,6f,00,74,00,65,00,20,00,33,00,44,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,\
00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,82,00,\
00,00,fb,ff,ff,ff,74,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,62,00,32,\
00,1f,07,00,00,30,34,47,4f,20,00,4a,45,55,44,45,54,7e,31,2e,4c,4e,4b,00,00,\
38,00,03,00,04,00,ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,4a,00,65,00,75,\
00,20,00,64,00,65,00,20,00,54,00,61,00,72,00,6f,00,74,00,2e,00,6c,00,6e,00,\
6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
00,00,00,88,00,00,00,fb,ff,ff,ff,7a,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
00,00,68,00,32,00,3f,07,00,00,30,34,47,4f,20,00,4a,45,55,44,45,54,7e,32,2e,\
4c,4e,4b,00,00,3e,00,03,00,04,00,ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,\
4a,00,65,00,75,00,20,00,64,00,65,00,20,00,54,00,61,00,72,00,6f,00,74,00,20,\
00,33,00,44,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,\
00,00,00,00,1c,00,00,00,00,00,00,00,00,00,80,00,00,00,fb,ff,ff,ff,72,00,00,\
00,41,75,67,4d,02,00,00,00,01,00,00,00,60,00,32,00,15,07,00,00,30,34,47,4f,\
20,00,4c,41,43,52,41,50,7e,31,2e,4c,4e,4b,00,00,36,00,03,00,04,00,ef,be,30,\
34,47,4f,30,34,47,4f,14,00,00,00,4c,00,61,00,20,00,43,00,72,00,61,00,70,00,\
65,00,74,00,74,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,\
00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7a,00,00,00,fb,ff,ff,ff,\
6c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,00,32,00,e5,06,00,00,30,\
34,47,4f,20,00,4c,45,42,41,52,42,7e,31,2e,4c,4e,4b,00,00,30,00,03,00,04,00,\
ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,4c,00,65,00,20,00,42,00,61,00,72,\
00,62,00,75,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,\
00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7e,00,00,00,fb,ff,ff,ff,70,00,00,\
00,41,75,67,4d,02,00,00,00,01,00,00,00,5e,00,32,00,13,07,00,00,30,34,47,4f,\
20,00,4e,41,49,4e,4a,41,7e,31,2e,4c,4e,4b,00,00,34,00,03,00,04,00,ef,be,30,\
34,47,4f,30,34,47,4f,14,00,00,00,4e,00,61,00,69,00,6e,00,20,00,4a,00,61,00,\
75,00,6e,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,\
be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,aa,00,00,00,fb,ff,ff,ff,9c,00,\
00,00,41,75,67,4d,02,00,00,00,01,00,00,00,8a,00,32,00,c9,07,00,00,30,34,47,\
4f,20,00,50,41,54,49,45,4e,7e,31,2e,4c,4e,4b,00,00,60,00,03,00,04,00,ef,be,\
30,34,47,4f,30,34,47,4f,14,00,00,00,50,00,61,00,74,00,69,00,65,00,6e,00,63,\
00,65,00,73,00,20,00,26,00,20,00,52,00,e9,00,75,00,73,00,73,00,69,00,74,00,\
65,00,73,00,20,00,65,00,74,00,20,00,4e,00,69,00,76,00,65,00,61,00,75,00,78,\
00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,\
1c,00,00,00,00,00,00,00,00,00,6e,00,00,00,fb,ff,ff,ff,60,00,00,00,41,75,67,\
4d,02,00,00,00,01,00,00,00,4e,00,32,00,bb,06,00,00,30,34,47,4f,20,00,52,61,\
6d,69,2e,6c,6e,6b,00,00,28,00,03,00,04,00,ef,be,30,34,47,4f,30,34,47,4f,14,\
00,00,00,52,00,61,00,6d,00,69,00,2e,00,6c,00,6e,00,6b,00,00,00,18,00,0e,00,\
00,00,0a,00,ef,be,00,00,00,00,18,00,00,00,00,00,00,00,00,00,70,00,00,00,fb,\
ff,ff,ff,62,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,50,00,32,00,c9,06,\
00,00,30,34,47,4f,20,00,57,68,69,73,74,2e,6c,6e,6b,00,2a,00,03,00,04,00,ef,\
be,30,34,47,4f,30,34,47,4f,14,00,00,00,57,00,68,00,69,00,73,00,74,00,2e,00,\
6c,00,6e,00,6b,00,00,00,18,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,18,00,00,\
00,00,00,00,00,00,00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Micro Application\24 Jeux de Cartes]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\PrintMe Internet Printing]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Revolution Software]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Roxio Easy CD Creator 5]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Roxio Easy CD Creator 5\Applications]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Roxio Easy CD Creator 5\Applications]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Samsung PC Studio 3]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\THQ]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Wanadoo]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Win Novation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Win Novation\Belote Plus]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Win Novation\Belote Plus]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"D:\\Documents and Settings\\vero\\Mes documents\\jarriges\\WLinstaller.exe"="Fichier exécutable du programme d'installation client Windows Live"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"D:\\Documents and Settings\\vero\\Mes documents\\jarriges\\aswclnr.tmp"="Virus/Worm Cleaner Application"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"D:\\DOCUME~1\\vero\\LOCALS~1\\Temp\\GLB4.tmp"="ZoneAlarm-3301-French"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\urn:content-classes:contentclassdef]
[HKEY_CLASSES_ROOT\urn:content-classes:wizard/addcontentclass]
[HKEY_CLASSES_ROOT\3DBelote.Document]
@="3DBelote Document"
[HKEY_CLASSES_ROOT\3DBelote.Document\shell]
[HKEY_CLASSES_ROOT\3DTarotSC.Document]
@="3DTarotSC Document"
[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell]
[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess]
@="AcroAccess Class"
[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess\CLSID]
@="{C523F39F-9C83-11D3-9094-00104BD0D535}"
[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess\CurVer]
@="AcroAccess.AcroAccess.1"
[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess.1]
@="AcroAccess Class"
[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess.1\CLSID]
@="{C523F39F-9C83-11D3-9094-00104BD0D535}"
[HKEY_CLASSES_ROOT\AcroExch.Document]
[HKEY_CLASSES_ROOT\AcroExch.Document\Shell]
[HKEY_CLASSES_ROOT\Belote365i.Document]
@="Belote365i Document"
[HKEY_CLASSES_ROOT\Belote365i.Document\shell]
[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu]
@="CmdLineContextMenu Class"
[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu\CLSID]
@="{9869EFB4-18E9-11D3-A837-00104B9E30B5}"
[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu\CurVer]
@="CmdLineExt.CmdLineContextMenu.1"
[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu.1]
@="CmdLineContextMenu Class"
[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu.1\CLSID]
@="{9869EFB4-18E9-11D3-A837-00104B9E30B5}"
[HKEY_CLASSES_ROOT\Connection Manager Profile]
@="Connection Manager Profile"
[HKEY_CLASSES_ROOT\Connection Manager Profile\shell]
[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho]
@="EoBho Class"
[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho\CLSID]
@="{64F56FC1-1272-44CD-BA6E-39723696E350}"
[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho\CurVer]
@="EoRezoBHO.EoBho.1"
[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1]
@="EoBho Class"
[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1\CLSID]
@="{64F56FC1-1272-44CD-BA6E-39723696E350}"
[HKEY_CLASSES_ROOT\PTLID.VXZ]
@="PTLID.VXZ"
[HKEY_CLASSES_ROOT\PTLID.VXZ\CLSID]
"CLSID"=hex:4b,69,74,57,6f,6f,2d,39,2d,62,37,36,32,2d,34,65,37,34,2d,61,37,\
38,64,2d,30,32,38,64,38,30,38,35,30,65,61,35
@="{E491197C-905B-41AF-8D9B-C58564218173}"
[HKEY_CLASSES_ROOT\Tarot365i.Document]
@="Tarot365i Document"
[HKEY_CLASSES_ROOT\Tarot365i.Document\shell]
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 09/04/2008 a 20:10:29,85
Micro