Les Allergies
Alimentaires
Posez votre question Signaler

RESULTAT DU SCAN AVAST 4.8 HOME [Résolu]

vero63 7Messages postés 6 avril 2008Date d'inscription - Dernière réponse le 10 avril 2008 à 09:42
Bonjour,
J'ai installé AVAST 4.8 HOME EDITION, j'ai fait 1 scan de mon PC, j'ai des virus de tous genres mais le problème, je n'arrive pas à les mettre en quarantaine, ni les supprimés ...
Je vous joins le rapport de mon scan, je suis 1 peu perdue merci de me venir en aide en m'expliquant la marche à suivre pour supprimés ces virus de mon ordi. MERCI D'AVANCE
Rapport avast!
* Ce fichier est généré automatiquement
*
* Tâche utilisée 'Interface utilisateur simplifiée'
* Débuté le dimanche 6 avril 2008 19:55:20
* VPS : 080406-0, 06/04/2008
*
C:\Documents and Settings\VERONIQUE DORAT\Local Settings\Temp\wh_cc.exe\wbhshare.dll [L] Win32:Adware-gen [Adw] (0)
C:\Documents and Settings\VERONIQUE DORAT\Local Settings\Temp\wh_cc.exe\Webhdll.dll [L] Win32:Spyware-gen [Trj] (0)
C:\Documents and Settings\VERONIQUE DORAT\Local Settings\Temp\wh_cc.exe\WhAgent.exe [L] Win32:Spyware-gen [Trj] (0)
C:\Documents and Settings\VERONIQUE DORAT\Local Settings\Temp\wh_cc.exe\whiehlpr.dll [L] Win32:Spyware-gen [Trj] (0)
C:\Documents and Settings\VERONIQUE DORAT\Local Settings\Temp\wh_cc.exe\whieshm.dll [L] Win32:Adware-gen [Adw] (0)
C:\Documents and Settings\VERONIQUE DORAT\Local Settings\Temp\wh_cc.exe\whInstaller.exe [L] Win32:Adware-gen [Adw] (0)
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP295\A0057083.exe\wbhshare.dll [L] Win32:Adware-gen [Adw] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP295\A0057083.exe\Webhdll.dll [L] Win32:Spyware-gen [Trj] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP295\A0057083.exe\WhAgent.exe [L] Win32:Spyware-gen [Trj] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP295\A0057083.exe\whiehlpr.dll [L] Win32:Spyware-gen [Trj] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP295\A0057083.exe\whieshm.dll [L] Win32:Adware-gen [Adw] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP295\A0057083.exe\whInstaller.exe [L] Win32:Adware-gen [Adw] (0)
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP296\A0057277.exe\wbhshare.dll [L] Win32:Adware-gen [Adw] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP296\A0057277.exe\Webhdll.dll [L] Win32:Spyware-gen [Trj] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP296\A0057277.exe\WhAgent.exe [L] Win32:Spyware-gen [Trj] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP296\A0057277.exe\whiehlpr.dll [L] Win32:Spyware-gen [Trj] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP296\A0057277.exe\whieshm.dll [L] Win32:Adware-gen [Adw] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP296\A0057277.exe\whInstaller.exe [L] Win32:Adware-gen [Adw] (0)
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP296\A0057292.exe\wbhshare.dll [L] Win32:Adware-gen [Adw] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP296\A0057292.exe\Webhdll.dll [L] Win32:Spyware-gen [Trj] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP296\A0057292.exe\WhAgent.exe [L] Win32:Spyware-gen [Trj] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP296\A0057292.exe\whiehlpr.dll [L] Win32:Spyware-gen [Trj] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP296\A0057292.exe\whieshm.dll [L] Win32:Adware-gen [Adw] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP296\A0057292.exe\whInstaller.exe [L] Win32:Adware-gen [Adw] (0)
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP298\A0057608.exe\wbhshare.dll [L] Win32:Adware-gen [Adw] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP298\A0057608.exe\Webhdll.dll [L] Win32:Spyware-gen [Trj] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP298\A0057608.exe\WhAgent.exe [L] Win32:Spyware-gen [Trj] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP298\A0057608.exe\whiehlpr.dll [L] Win32:Spyware-gen [Trj] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP298\A0057608.exe\whieshm.dll [L] Win32:Adware-gen [Adw] (0)
C:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP298\A0057608.exe\whInstaller.exe [L] Win32:Adware-gen [Adw] (0)
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Les données de ce type ne sont pas prises en charge
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\Q24WRRMD\wuaueng[1].cab\wuaueng.dll [E] archive CAB corrompue. (42127)
D:\Program Files\Alwil Software\Avast4\DATA\moved\wbhshare.dll [L] Win32:Adware-gen [Adw] (0)
Fichier déplacé avec succès vers la zone de quarantaine...
D:\Program Files\Alwil Software\Avast4\DATA\moved\Webhdll.dll [L] Win32:Spyware-gen [Trj] (0)
Fichier déplacé avec succès vers la zone de quarantaine...
D:\Program Files\Alwil Software\Avast4\DATA\moved\WhAgent.exe [L] Win32:Spyware-gen [Trj] (0)
Fichier déplacé avec succès vers la zone de quarantaine...
D:\Program Files\Alwil Software\Avast4\DATA\moved\whiehlpr.dll [L] Win32:Spyware-gen [Trj] (0)
Fichier déplacé avec succès vers la zone de quarantaine...
D:\Program Files\Alwil Software\Avast4\DATA\moved\whieshm.dll [L] Win32:Adware-gen [Adw] (0)
Fichier déplacé avec succès vers la zone de quarantaine...
D:\Program Files\Alwil Software\Avast4\DATA\moved\whInstaller.exe [L] Win32:Adware-gen [Adw] (0)
Fichier déplacé avec succès vers la zone de quarantaine...
D:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP298\A0057609.dll [L] Win32:Adware-gen [Adw] (0)
Fichier déplacé avec succès vers la zone de quarantaine...
D:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP298\A0057610.dll [L] Win32:Spyware-gen [Trj] (0)
Fichier déplacé avec succès vers la zone de quarantaine...
D:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP298\A0057611.exe [L] Win32:Spyware-gen [Trj] (0)
Fichier déplacé avec succès vers la zone de quarantaine...
D:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP298\A0057612.dll [L] Win32:Spyware-gen [Trj] (0)
Fichier déplacé avec succès vers la zone de quarantaine...
D:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP298\A0057613.dll [L] Win32:Adware-gen [Adw] (0)
Fichier déplacé avec succès vers la zone de quarantaine...
D:\System Volume Information\_restore{F64C20AF-B7ED-4444-8044-BC92AF912048}\RP298\A0057614.exe [L] Win32:Adware-gen [Adw] (0)
Fichier déplacé avec succès vers la zone de quarantaine...
Fichiers infectés : 42
Total des fichiers : 326704
Total des dossiers : 3869
Taille totale : 15,3 GB
*
* Tâche arrêtée : dimanche 6 avril 2008 22:18:54
* Programme en exécution était 2 heure(s), 23 minute(s), 34 seconde(s)
*
Lire la suite 

RESULTAT DU SCAN AVAST 4.8 HOME »

Suggestions
Plus
11 réponses
Réponse
+0
moins plus
DllD 14758Messages postés 18 novembre 2007Date d'inscription 15 avril 2010Dernière intervention 7 avril 2008 à 00:25
Bonsoir,
Commence par poster un rapport HijackThis stp,
>Télécharge HiJackThis : http://www.commentcamarche.net/telecharger/telecharger-159-hijackthis
- Lance Hijackthis, sélectionne < do a system scan and save a logfile >
- Enregistre le rapport sur ton bureau.
Et envoie stp, par collier/coller, ton log Hijackthis sur le forum,

;)

A+

Ajouter un commentaire
vero63- 7 avril 2008 à 10:28
Bonjour,

Merci de me venir en aide, comme tu me l'as demandé je t'envoie le rapport de HIJACKTHIS 2.02
Tu pourrais me dire c'est quoi ce que tu m'a fais télécharger, je suis vraiment nul en informatique et en anglais merci

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:22:17, on 07/04/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\FTRTSVC.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\WINDOWS\system32\drivers\KodakCCS.exe
D:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
D:\WINDOWS\System32\ScsiAccess.EXE
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\WINDOWS\System32\WgaTray.exe
D:\Documents and Settings\vero\Mes documents\jarriges\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_format=redirect&x_dp_id=9
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_format=redirect&x_dp_id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - D:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - D:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] D:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [updateMgr] D:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O4 - Global Startup: KODAK Software Updater.lnk = D:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = D:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O12 - Plugin for .mpeg: D:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - D:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - D:\WINDOWS\System32\ImapiRox.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - D:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: ScsiAccess - Unknown owner - D:\WINDOWS\System32\ScsiAccess.EXE
Ajouter un commentaire
Réponse
+0
moins plus
DllD 14758Messages postés 18 novembre 2007Date d'inscription 15 avril 2010Dernière intervention 7 avril 2008 à 18:06
Salut Véro,
Bon tu es encore au SP1, on installera en fin de désinfection les mises à jour...

Alors,
> Bon il te faut un pare feu :
- Je te conseille Kerio : http://www.commentcamarche.net/telecharger/telecharger 206 kerio . Si problème, tuto : http://kerio.probb.fr/index.htm
- Si tu as des difficultés avec les configuration de Kerio, alors installe Zone Alarme : /telecharger/telecharger-157-zonealarm, en cas de problème : http://forum.telecharger.01net.com/...
- Installe le nouveau pare-feu, puis désactive le pare-feu windows.

Ensuite,
On va faire un gros nettoyage si tu veux bien :
> Les logiciels suivants (AVG et Ccleaner) te seront utiles par la suite - ils sont à conserver...

> Télécharge et installe sur ton PC AVG anti-spyware (si tu as déjà les programmes alors fais juste les mises à jour) : 218 avg anti spyware, fais les mises à jour puis ferme le programme.

> Télécharge et installe Ccleaner : http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner, fais les mises à jour puis ferme le programme.
Si besoin est tu trouveras des Tutoriaux ici :
http://kerio.probb.fr/... , http://www.malekal.com/tutorial_CCleaner.html et [http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner

> Télécharge Clean : http://www.malekal.com/download/clean.zip (différent de Ccleaner),

> Télécharge SDFix sur ton bureau
- Double clique sur l'archive SDFix qui à été créé sur le Bureau et installe le programme (l'installation va créer un dossier (à la racine du disque dur par défaut) nommé SDFix). Ferme ensuite le programme.

> Commence par faire un copier/coller de ce poste (c'est manip.) : (conseillé)
Ouvre un nouveau fichier Bloc notes (clique sur "Démarrer" => "Programmes" =>"Accessoires" => "Bloc notes"),
puis fait un copier/coller de tout le contenu de la fenêtre de ce poste dans le fichier texte.
Sauvegarde le sur le bureau, tu pourras alors y avoir accès même déconnecté ou en mode sans échec.

> Démarre en mode sans échec : (image). Si problème : tuto ici

> Lance AVG,
- Clique sur le menu Analyse (de la barre d'outils). Clique après sur l'onglet Paramètres, puis <Dans Comment réagir?> clique sur <Actions recommandées> et choisi <Supprimer>.
- Vérifie que toutes les cases sont cochées dans <Comment faire l'analyse ?> et dans <Programmes potentiellement dangereux> et vérifie que le bouton-radio <Générer un rapport après chaque analyse> soit aussi coché.
- Vas dans l'onglet 'Analyse', puis clique <Analyse complète du système>.
Remarque : Une fois l'analyse terminée, il faut faire un clique droit sur un fichier infecté et demander à "AVG Anti-Spyware 7.5" de le supprimer.
Puis clique sur "Appliquer toutes les actions" afin de tout supprimer automatiquement.
- Clique sur "Enregistrer le rapport" puis enregistre le sur ton bureau.
- Fais un copier/coller du rapport généré dans ton prochain poste.

> Lance Ccleaner,
- Choisi l’onglet "Options" puis clique sur "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures" (tout doit être supprimé).
- Dans l'onglet "Nettoyeur" clique sur "Analyse".
- Une fois l'analyse terminée, clique sur "Lancer le Nettoyage".
- Dans l'onglet "registre" => Recherches des erreurs => Réparer les erreurs sélectionnées => enregistre une sauvegarde => corriger toutes erreurs sélectionnées => ok => fermer.
N.B : Si Ccleaner te propose d'enregistrer une sauvegarde, reponds oui et enregistre sous 'Bureau'
Recommence jusqu’à ce qu’il ne trouve plus rien (cela varie en général entre 1 et 4 fois).

> Pour Clean (encore en mode sans échec) :
- Double-clic sur clean.cmd
- Une fenêtre va apparaître, choisis l'option 2, suis les consignes et poste le rapport clean (Le rapport clean se trouve ici : C:\rapport_clean.txt)
NB : Si besoin, clean : http://mickael.barroux.free.fr/securite/clean.php

> Pour SDFix (toujours en mode sans échec) :
- Vas dans c:/SDFix et double-clique sur RunThis.bat
- Appuie sur < Y > puis < Entrée >....Le nettoyage commence....patience...
- Le programme va te demander de relancer le PC, frappe une touche...
- Le nettoyage se termine...un rapport apparait...
-Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse

> Relance ton PC en mode normal

> Relance Hijackthis :
Puis sélectionne < do a system scan and save a logfile >,

Et envoie moi, par collier/coller, ton log Hijackthis stp,

Bon courage,

:)

NB : N'oublie pas de poster TOUS les rapports stp (AVG, Clean (différent de Ccleaner), SDFix puis HiJAckT).

A+

Ajouter un commentaire
Ajouter un commentaire
Réponse
+1
moins plus
vero63 7Messages postés 6 avril 2008Date d'inscription 8 avril 2008 à 01:10
Bonjour,

Je viens de regarder ta réponse, je pense que je vais mettre zone alarm en pare feu, mais je voudrais savoir si je peux mettre spyware terminator à la place de AVG car tout simplement c'est 1 logiciel gratuit. Si c'est oui peux tu m'indiquer la marche à suivre

Merci bcq de ton aide

 Ajouter un commentaire
Afficher les 5 commentaires
DllD- 8 avril 2008 à 01:46
Ok,
très bien.

A+
vero63- 9 avril 2008 à 21:28
Bonsoir,

J'ai fait le gros nettoyage, tu trouveras tous les rapports. Donne moi des nouvelles pour la suite ....

catchme 0.3.1351.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-09 20:26:19
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Windows Registry Editor Version 5.00


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.Windows.Forms.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.Windows.Forms.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\mscorlib.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\mscoree.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.Drawing.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.EnterpriseServices.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.JScript.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.Vsa.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.Drawing.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscoree.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.EnterpriseServices.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.JScript.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.Vsa.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscorlib.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\System32\\ZoneLabs\\isafeif.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\System32\\ZoneLabs\\vetredir.dll"=dword:00000001

[HKEY_CLASSES_ROOT\.wan]

[HKEY_CLASSES_ROOT\OISbmpfile]
@=""

[HKEY_CLASSES_ROOT\OISemffile]
@=""

[HKEY_CLASSES_ROOT\OISgiffile]
@=""

[HKEY_CLASSES_ROOT\OISjpegfile]
@=""

[HKEY_CLASSES_ROOT\OISpngfile]
@=""

[HKEY_CLASSES_ROOT\OIStiffile]
@=""

[HKEY_CLASSES_ROOT\OISwmffile]
@=""

[HKEY_CLASSES_ROOT\SysmonLogManager.Snapin]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.000\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.002]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.002\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.4%202000%2001]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.4%202000%2001\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.809]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.809\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.813]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.813\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.845]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.845\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABK]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABK\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BCM]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BCM\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.class]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.class\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cnt]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cnt\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.d]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.d\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fmp]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fmp\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.frd]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.frd\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FTS]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FTS\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.GID]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.GID\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hsc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hsc\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.info]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.info\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mb]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mb\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrg]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrg\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pf]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pf\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PV__]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PV__\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tmp]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tmp\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zdx]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zdx\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\OpenWithList]

[HKEY_CLASSES_ROOT\3DBelote.Document\DefaultIcon]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~1\\Belote3D.exe,1"

[HKEY_CLASSES_ROOT\3DBelote.Document\shell\open]

[HKEY_CLASSES_ROOT\3DBelote.Document\shell\open\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~1\\Belote3D.exe \"%1\""

[HKEY_CLASSES_ROOT\3DBelote.Document\shell\print]

[HKEY_CLASSES_ROOT\3DBelote.Document\shell\print\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~1\\Belote3D.exe /p \"%1\""

[HKEY_CLASSES_ROOT\3DBelote.Document\shell\printto]

[HKEY_CLASSES_ROOT\3DBelote.Document\shell\printto\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~1\\Belote3D.exe /pt \"%1\" \"%2\" \"%3\" \"%4\""

[HKEY_CLASSES_ROOT\3DTarotSC.Document\DefaultIcon]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~2\\3DTARO~1.EXE,1"

[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\open]

[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\open\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~2\\3DTARO~1.EXE \"%1\""

[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\print]

[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\print\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~2\\3DTARO~1.EXE /p \"%1\""

[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\printto]

[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\printto\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~2\\3DTARO~1.EXE /pt \"%1\" \"%2\" \"%3\" \"%4\""

[HKEY_CLASSES_ROOT\AcroExch.Document\shell\Open]

[HKEY_CLASSES_ROOT\AcroExch.Document\shell\Open\Command]
@="\"D:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AcroRd32.exe\" \"%1\""

[HKEY_CLASSES_ROOT\ADCS]
@="Conteneur de classe Annuaire"

[HKEY_CLASSES_ROOT\ADCS\CLSID]
@="{89E30300-764D-11d0-B282-00A0C90F56FC}"

[HKEY_CLASSES_ROOT\Belote365i.Document\DefaultIcon]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~2\\BELOTE~1.EXE,1"

[HKEY_CLASSES_ROOT\Belote365i.Document\shell\open]

[HKEY_CLASSES_ROOT\Belote365i.Document\shell\open\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~2\\BELOTE~1.EXE \"%1\""

[HKEY_CLASSES_ROOT\Belote365i.Document\shell\print]

[HKEY_CLASSES_ROOT\Belote365i.Document\shell\print\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~2\\BELOTE~1.EXE /p \"%1\""

[HKEY_CLASSES_ROOT\Belote365i.Document\shell\printto]

[HKEY_CLASSES_ROOT\Belote365i.Document\shell\printto\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~2\\BELOTE~1.EXE /pt \"%1\" \"%2\" \"%3\" \"%4\""

[HKEY_CLASSES_ROOT\bwpfile\shell\open]

[HKEY_CLASSES_ROOT\bwpfile\shell\open\command]
@="D:\\Program Files\\Kodak\\Kodak Software Updater\\7288971\\6.1.4.37-7288971L\\Program\\PrvCnt.exe \"%1\""

[HKEY_CLASSES_ROOT\Connection Manager Profile\DefaultIcon]
@="D:\\WINDOWS\\System32\\CMMGR32.EXE,1"

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open]

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open\command]
@="D:\\WINDOWS\\System32\\CMMGR32.EXE \"%1\""

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...]

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...\command]
@="D:\\WINDOWS\\System32\\CMMGR32.EXE /settings \"%1\""

[HKEY_CLASSES_ROOT\dcsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,11"

[HKEY_CLASSES_ROOT\ecsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,10"

[HKEY_CLASSES_ROOT\fcsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,12"

[HKEY_CLASSES_ROOT\FoxitReader.Document\DefaultIcon]
@="D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE,1"

[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\open]

[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\open\command]
@="\"D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE\" \"%1\""

[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\print]

[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\print\command]
@="\"D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE\" /p \"%1\" "

[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\printto]

[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\printto\command]
@="\"D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE\" /t \"%1\" \"%2\" \"%3\" \"%4\" "

[HKEY_CLASSES_ROOT\ncsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,14"

[HKEY_CLASSES_ROOT\Tarot365i.Document\DefaultIcon]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~1\\Tarot365.exe,1"

[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\open]

[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\open\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~1\\Tarot365.exe \"%1\""

[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\print]

[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\print\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~1\\Tarot365.exe /p \"%1\""

[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\printto]

[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\printto\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~1\\Tarot365.exe /pt \"%1\" \"%2\" \"%3\" \"%4\""

[HKEY_CLASSES_ROOT\tcsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,13"

[HKEY_CLASSES_ROOT\urn:content-classes:catalog\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,15"

[HKEY_CLASSES_ROOT\urn:content-classes:catalog-settings\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12471"

[HKEY_CLASSES_ROOT\urn:content-classes:contentclassdef\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-13101"

[HKEY_CLASSES_ROOT\urn:content-classes:exchange55startaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12451"

[HKEY_CLASSES_ROOT\urn:content-classes:exchangestartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12451"

[HKEY_CLASSES_ROOT\urn:content-classes:filestartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12453"

[HKEY_CLASSES_ROOT\urn:content-classes:management\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,20"

[HKEY_CLASSES_ROOT\urn:content-classes:notesstartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12456"

[HKEY_CLASSES_ROOT\urn:content-classes:remoteworkspacestartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12454"

[HKEY_CLASSES_ROOT\urn:content-classes:webstartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12450"

[HKEY_CLASSES_ROOT\urn:content-classes:wizard/addcontentclass\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-13100"

[HKEY_CLASSES_ROOT\urn:content-classes:wizard/addsearchcontentlocation\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12461"

[HKEY_CLASSES_ROOT\urn:content-classes:workspace-settings\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12472"

[HKEY_CLASSES_ROOT\urn:content-classes:workspaceconfiguration\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12476"

[HKEY_CLASSES_ROOT\urn:content-classes:workspacestartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12454"

[HKEY_CLASSES_ROOT\WBEMComConnection]
@="WBEM Connection"

[HKEY_CLASSES_ROOT\WBEMComConnection\CLSID]
@="SOFTWARE\\CLASSES\\WBEMComConnection"

[HKEY_CLASSES_ROOT\WBEMComLocator]
@="WBEM Locator"

[HKEY_CLASSES_ROOT\WBEMComLocator\CLSID]
@="SOFTWARE\\CLASSES\\WBEMComLocator"

[HKEY_CLASSES_ROOT\wcsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,9"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}]
@="PDF Document"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\AuxUserType]

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\AuxUserType\2]
@="PDF"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\AuxUserType\3]
@="Foxit Reader"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\DefaultExtension]
@=".pdf, PDF Files(*.pdf)"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\DefaultIcon]
@="D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE,1"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\DocObject]
@="0"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\InprocHandler32]
@="ole32.dll"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Insertable]
@=""

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\LocalServer32]
@="D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\MiscStatus]
@="32"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Printable]
@=""

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\ProgID]
@="FoxitReader.Document"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Verb]

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Verb\0]
@="&Edit,0,2"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Verb\1]
@="&Open,0,2"

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}]
@="EoBho Class"

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\InprocServer32]
@="D:\\Program Files\\EoRezo\\EoAdv\\EoRezoBHO.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\ProgID]
@="EoRezoBHO.EoBho.1"

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\TypeLib]
@="{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}"

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\VersionIndependentProgID]
@="EoRezoBHO.EoBho"

[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}]
@="CmdLineContextMenu Class"

[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\InprocServer32]
@="D:\\DOCUME~1\\vero\\LOCALS~1\\Temp\\CMDLIN~1.DLL"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\ProgID]
@="CmdLineExt.CmdLineContextMenu.1"

[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\TypeLib]
@="{9869EFA6-18E9-11D3-A837-00104B9E30B5}"

[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\VersionIndependentProgID]
@="CmdLineExt.CmdLineContextMenu"

[HKEY_CLASSES_ROOT\CLSID\{C523F39F-9C83-11D3-9094-00104BD0D535}]

[HKEY_CLASSES_ROOT\CLSID\{C523F39F-9C83-11D3-9094-00104BD0D535}\LocalServer32]
@="D:\\Program Files\\Adobe\\Acrobat 6.0\\Reader\\plug_ins\\Accessibility.api"

[HKEY_CLASSES_ROOT\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@="FlashBroker"
"LocalizedString"="@D:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil9e.exe,-101"

[HKEY_CLASSES_ROOT\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001

[HKEY_CLASSES_ROOT\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="D:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil9e.exe"

[HKEY_CLASSES_ROOT\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}]
@="PTLID.VXZ"

[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\Implemented Categories]

[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}]

[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\LocalServer32]
@="D:\\WINDOWS\\OptRemove.exe"

[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\ProgID]
@="PTLID.VXZ"

[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\TypeLib]
@="{5D35BC06-2E9A-424C-B322-B94CD5C3F86C}"

[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\VERSION]
@="1.0"

[HKEY_CLASSES_ROOT\Applications\moviemk.exe]

[HKEY_CLASSES_ROOT\Applications\moviemk.exe\shell]
"FriendlyCache"="Movie Maker"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe]
@="D:\\WINDOWS\\System32\\cmmgr32.exe"
"Path"="D:\\WINDOWS\\System32"
"CmstpExtensionDll"="D:\\WINDOWS\\System32\\cmcfg32.dll"
"CMInternalVersion"="1.2"
"CmNative"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\DesignPro]
"Path"="D:\\Program Files\\DesignPro\\"
@="D:\\Program Files\\DesignPro\\DesignPro"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\Easy-WebPrint]
"Path"="D:\\Program Files\\Canon\\Easy-WebPrint"
@="D:\\Program Files\\Canon\\Easy-WebPrint\\Easy-WebPrint"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\optproxy.exe]
"Path"="D:\\Program Files\\Controle Parental"
@="D:\\Program Files\\Controle Parental\\optproxy.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\udfrinst.exe]
@="D:\\Program Files\\Adaptec\\Easy CD Creator 5\\DirectCD\\udfrinst.exe"
"Path"="D:\\Program Files\\Adaptec\\Easy CD Creator 5\\DirectCD\\"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\YourApp.exe]
@="D:\\Program Files\\Micro Application\\24 Jeux de Cartes\\YourApp.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Kodak\\Kodak EasyShare\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Kodak\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\KODAK\\Mise à jour logicielle KODAK\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\vero\\Menu Démarrer\\Programmes\\KODAK\\Logiciel de connexion de l'appareil photo\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\vero\\Menu Démarrer\\Programmes\\KODAK\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\vero\\Application Data\\Microsoft\\Installer\\{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Roxio Easy CD Creator 5\\Applications\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Roxio Easy CD Creator 5\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\EspaceWanadoo.exe]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,00,9a,03,00,00,00,00,c4,a4,fb,\
53,f3,75,c8,01,1d,00,00,00,44,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,57,00,61,00,6e,00,61,\
00,64,00,6f,00,6f,00,5c,00,57,00,61,00,74,00,63,00,68,00,2e,00,65,00,78,00,\
65,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB839643]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MediaMix]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\oeupdate]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,d2,b7,4a,\
2c,55,59,c5,01,04,00,00,00,44,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,4f,00,75,00,74,00,6c,\
00,6f,00,6f,00,6b,00,20,00,45,00,78,00,70,00,72,00,65,00,73,00,73,00,5c,00,\
6d,00,73,00,69,00,6d,00,6e,00,2e,00,65,00,78,00,65,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{AC76BA86-7AD7-1036-7B44-A00000000001}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,00,d8,48,03,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{AC76BA86-7AD7-1036-7B44-A70900000002}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,00,60,cb,04,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_CURRENT_USER\Software\Samsung]

[HKEY_LOCAL_MACHINE\Software\ItsLabel]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="D:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_9"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Adobe]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Adobe\Adobe Download Manager]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Adobe\Adobe Download Manager]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ArcSoft PhotoStudio 5.5]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Avery DesignPro]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG 7.5]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG Free Edition]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon PIXMA MP130,110 Manual]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon Utilities]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon Utilities\Easy-PhotoPrint]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon Utilities\Easy-PhotoPrint]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Compaq IJ650]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Contrôle Parental]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Jeux]
"Order"=hex:08,00,00,00,02,00,00,00,16,08,00,00,01,00,00,00,0c,00,00,00,ca,\
00,00,00,fb,ff,ff,ff,bc,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,aa,00,\
32,00,91,03,00,00,7b,31,52,7c,20,00,41,54,4f,55,54,50,7e,31,2e,4c,4e,4b,00,\
00,80,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,4e,00,41,00,74,00,\
6f,00,75,00,74,00,20,00,50,00,69,00,71,00,75,00,65,00,20,00,73,00,75,00,72,\
00,20,00,49,00,6e,00,74,00,65,00,72,00,6e,00,65,00,74,00,2e,00,6c,00,6e,00,\
6b,00,00,00,40,44,3a,5c,50,52,4f,47,52,41,7e,31,5c,4d,53,4e,47,41,4d,7e,31,\
5c,57,69,6e,64,6f,77,73,5c,73,68,76,6c,72,65,73,2e,64,6c,6c,2c,2d,31,32,31,\
32,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,\
00,c8,00,00,00,fb,ff,ff,ff,ba,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,\
a8,00,32,00,91,03,00,00,7b,31,52,7c,20,00,42,41,43,4b,47,41,7e,31,2e,4c,4e,\
4b,00,00,7e,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,4c,00,42,00,\
61,00,63,00,6b,00,67,00,61,00,6d,00,6d,00,6f,00,6e,00,20,00,73,00,75,00,72,\
00,20,00,49,00,6e,00,74,00,65,00,72,00,6e,00,65,00,74,00,2e,00,6c,00,6e,00,\
6b,00,00,00,40,44,3a,5c,50,52,4f,47,52,41,7e,31,5c,4d,53,4e,47,41,4d,7e,31,\
5c,57,69,6e,64,6f,77,73,5c,62,63,6b,67,72,65,73,2e,64,6c,6c,2c,2d,31,32,31,\
32,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,\
00,ac,00,00,00,fb,ff,ff,ff,9e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,\
8c,00,32,00,f0,05,00,00,88,31,bb,75,20,00,44,41,4d,45,44,45,7e,31,2e,4c,4e,\
4b,00,00,62,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,38,00,44,00,\
61,00,6d,00,65,00,20,00,64,00,65,00,20,00,50,00,69,00,71,00,75,00,65,00,2e,\
00,6c,00,6e,00,6b,00,00,00,40,44,3a,5c,57,49,4e,44,4f,57,53,5c,73,79,73,74,\
65,6d,33,32,5c,6d,73,68,65,61,72,74,73,2e,65,78,65,2c,2d,34,31,33,00,00,1c,\
00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,8c,00,\
00,00,fb,ff,ff,ff,7e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,6c,00,32,\
00,f0,05,00,00,cd,34,f5,4a,20,00,44,41,4d,45,44,45,7e,33,2e,4c,4e,4b,00,00,\
42,00,03,00,04,00,ef,be,cd,34,f5,4a,cd,34,f5,4a,14,00,00,00,44,00,61,00,6d,\
00,65,00,20,00,64,00,65,00,20,00,50,00,69,00,71,00,75,00,65,00,20,00,28,00,\
32,00,29,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,\
00,00,00,1c,00,00,00,00,00,00,00,00,00,ce,00,00,00,fb,ff,ff,ff,c0,00,00,00,\
41,75,67,4d,02,00,00,00,01,00,00,00,ae,00,32,00,91,03,00,00,7b,31,52,7c,20,\
00,44,41,4d,45,44,45,7e,32,2e,4c,4e,4b,00,00,84,00,03,00,04,00,ef,be,7b,31,\
73,79,93,34,80,3e,14,00,52,00,44,00,61,00,6d,00,65,00,20,00,64,00,65,00,20,\
00,70,00,69,00,71,00,75,00,65,00,20,00,73,00,75,00,72,00,20,00,49,00,6e,00,\
74,00,65,00,72,00,6e,00,65,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,40,44,3a,\
5c,50,52,4f,47,52,41,7e,31,5c,4d,53,4e,47,41,4d,7e,31,5c,57,69,6e,64,6f,77,\
73,5c,68,72,74,7a,72,65,73,2e,64,6c,6c,2c,2d,31,32,31,32,00,1c,00,0e,00,00,\
00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,8e,00,00,00,fb,ff,\
ff,ff,80,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,6e,00,32,00,eb,05,00,\
00,88,31,bb,75,20,00,44,4d,49,4e,45,55,7e,31,2e,4c,4e,4b,00,00,44,00,03,00,\
04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,2e,00,44,00,e9,00,6d,00,69,00,6e,\
00,65,00,75,00,72,00,2e,00,6c,00,6e,00,6b,00,00,00,40,73,68,65,6c,6c,33,32,\
2e,64,6c,6c,2c,2d,32,32,30,34,35,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,\
00,1c,00,00,00,00,00,00,00,00,00,8e,00,00,00,fb,ff,ff,ff,80,00,00,00,41,75,\
67,4d,02,00,00,00,01,00,00,00,6e,00,32,00,f2,05,00,00,88,31,bb,75,20,00,46,\
72,65,65,63,65,6c,6c,2e,6c,6e,6b,00,00,44,00,03,00,04,00,ef,be,7b,31,73,79,\
93,34,80,3e,14,00,2e,00,46,00,72,00,65,00,65,00,63,00,65,00,6c,00,6c,00,2e,\
00,6c,00,6e,00,6b,00,00,00,40,73,68,65,6c,6c,33,32,2e,64,6c,6c,2c,2d,32,32,\
30,33,30,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
00,00,00,cc,00,00,00,fb,ff,ff,ff,be,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
00,00,ac,00,32,00,91,03,00,00,7b,31,52,7c,20,00,4a,45,55,44,45,44,7e,31,2e,\
4c,4e,4b,00,00,82,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,50,00,\
4a,00,65,00,75,00,20,00,64,00,65,00,20,00,64,00,61,00,6d,00,65,00,73,00,20,\
00,73,00,75,00,72,00,20,00,49,00,6e,00,74,00,65,00,72,00,6e,00,65,00,74,00,\
2e,00,6c,00,6e,00,6b,00,00,00,40,44,3a,5c,50,52,4f,47,52,41,7e,31,5c,4d,53,\
4e,47,41,4d,7e,31,5c,57,69,6e,64,6f,77,73,5c,63,68,6b,72,72,65,73,2e,64,6c,\
6c,2c,2d,31,32,31,32,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,\
00,00,00,00,00,00,00,8a,00,00,00,fb,ff,ff,ff,7c,00,00,00,41,75,67,4d,02,00,\
00,00,01,00,00,00,6a,00,32,00,75,03,00,00,7b,31,73,79,20,00,50,69,6e,62,61,\
6c,6c,2e,6c,6e,6b,00,42,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,\
2c,00,50,00,69,00,6e,00,62,00,61,00,6c,00,6c,00,2e,00,6c,00,6e,00,6b,00,00,\
00,40,73,68,65,6c,6c,33,32,2e,64,6c,6c,2c,2d,32,32,30,35,37,00,1a,00,0e,00,\
00,00,0a,00,ef,be,00,00,00,00,1a,00,00,00,00,00,00,00,00,00,c2,00,00,00,fb,\
ff,ff,ff,b4,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,a2,00,32,00,91,03,\
00,00,7b,31,52,7c,20,00,52,45,56,45,52,53,7e,31,2e,4c,4e,4b,00,00,78,00,03,\
00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,46,00,52,00,65,00,76,00,65,00,\
72,00,73,00,69,00,20,00,73,00,75,00,72,00,20,00,49,00,6e,00,74,00,65,00,72,\
00,6e,00,65,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,40,44,3a,5c,50,52,4f,47,\
52,41,7e,31,5c,4d,53,4e,47,41,4d,7e,31,5c,57,69,6e,64,6f,77,73,5c,72,76,73,\
65,72,65,73,2e,64,6c,6c,2c,2d,31,32,31,32,00,1c,00,0e,00,00,00,0a,00,ef,be,\
00,00,00,00,1c,00,00,00,00,00,00,00,00,00,90,00,00,00,fb,ff,ff,ff,82,00,00,\
00,41,75,67,4d,02,00,00,00,01,00,00,00,70,00,32,00,d3,05,00,00,7e,31,f9,4b,\
20,00,53,4f,4c,49,54,41,7e,31,2e,4c,4e,4b,00,00,46,00,03,00,04,00,ef,be,7b,\
31,73,79,93,34,80,3e,14,00,30,00,53,00,6f,00,6c,00,69,00,74,00,61,00,69,00,\
72,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,40,73,68,65,6c,6c,33,32,2e,64,6c,\
6c,2c,2d,32,32,30,36,30,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,\
00,00,00,00,00,00,00,00,ae,00,00,00,fb,ff,ff,ff,a0,00,00,00,41,75,67,4d,02,\
00,00,00,01,00,00,00,8e,00,32,00,de,05,00,00,88,31,bb,75,20,00,53,50,49,44,\
45,52,7e,31,2e,4c,4e,4b,00,00,64,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,\
3e,14,00,3e,00,53,00,70,00,69,00,64,00,65,00,72,00,20,00,53,00,6f,00,6c,00,\
69,00,74,00,61,00,69,00,72,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,40,44,3a,\
5c,57,49,4e,44,4f,57,53,5c,73,79,73,74,65,6d,33,32,5c,73,70,69,64,65,72,2e,\
65,78,65,2c,2d,35,36,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,\
00,00,00,00,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\KODAK]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\MediaMix]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Micro Application]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Micro Application\24 Jeux de Cartes]
"Order"=hex:08,00,00,00,02,00,00,00,1c,07,00,00,01,00,00,00,0e,00,00,00,7e,\
00,00,00,fb,ff,ff,ff,70,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5e,00,\
32,00,91,06,00,00,30,34,b3,50,20,00,37,46,41,4d,49,4c,7e,31,2e,4c,4e,4b,00,\
00,34,00,03,00,04,00,ef,be,30,34,b3,50,30,34,b3,50,14,00,00,00,37,00,20,00,\
46,00,61,00,6d,00,69,00,6c,00,6c,00,65,00,73,00,2e,00,6c,00,6e,00,6b,00,00,\
00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,\
7a,00,00,00,fb,ff,ff,ff,6c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,\
00,32,00,83,06,00,00,30,34,b3,50,20,00,42,61,63,63,61,72,61,74,2e,6c,6e,6b,\
00,00,30,00,03,00,04,00,ef,be,30,34,b3,50,30,34,b3,50,14,00,00,00,42,00,61,\
00,63,00,63,00,61,00,72,00,61,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,\
0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7a,00,00,\
00,fb,ff,ff,ff,6c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,00,32,00,\
d7,06,00,00,30,34,b3,50,20,00,47,49,4e,52,41,4d,7e,31,2e,4c,4e,4b,00,00,30,\
00,03,00,04,00,ef,be,30,34,b3,50,30,34,b3,50,14,00,00,00,47,00,69,00,6e,00,\
20,00,52,00,61,00,6d,00,69,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,\
00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,86,00,00,00,fb,ff,\
ff,ff,78,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,66,00,32,00,29,07,00,\
00,30,34,47,4f,20,00,48,55,49,54,41,4d,7e,31,2e,4c,4e,4b,00,00,3c,00,03,00,\
04,00,ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,48,00,75,00,69,00,74,00,20,\
00,41,00,6d,00,e9,00,72,00,69,00,63,00,61,00,69,00,6e,00,2e,00,6c,00,6e,00,\
6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
00,00,00,84,00,00,00,fb,ff,ff,ff,76,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
00,00,64,00,32,00,35,07,00,00,30,34,47,4f,20,00,4a,45,55,44,45,42,7e,31,2e,\
4c,4e,4b,00,00,3a,00,03,00,04,00,ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,\
4a,00,65,00,75,00,20,00,64,00,65,00,20,00,42,00,65,00,6c,00,6f,00,74,00,65,\
00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,\
1c,00,00,00,00,00,00,00,00,00,8a,00,00,00,fb,ff,ff,ff,7c,00,00,00,41,75,67,\
4d,02,00,00,00,01,00,00,00,6a,00,32,00,43,07,00,00,30,34,47,4f,20,00,4a,45,\
55,44,45,42,7e,32,2e,4c,4e,4b,00,00,40,00,03,00,04,00,ef,be,30,34,47,4f,30,\
34,47,4f,14,00,00,00,4a,00,65,00,75,00,20,00,64,00,65,00,20,00,42,00,65,00,\
6c,00,6f,00,74,00,65,00,20,00,33,00,44,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,\
00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,82,00,\
00,00,fb,ff,ff,ff,74,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,62,00,32,\
00,1f,07,00,00,30,34,47,4f,20,00,4a,45,55,44,45,54,7e,31,2e,4c,4e,4b,00,00,\
38,00,03,00,04,00,ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,4a,00,65,00,75,\
00,20,00,64,00,65,00,20,00,54,00,61,00,72,00,6f,00,74,00,2e,00,6c,00,6e,00,\
6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
00,00,00,88,00,00,00,fb,ff,ff,ff,7a,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
00,00,68,00,32,00,3f,07,00,00,30,34,47,4f,20,00,4a,45,55,44,45,54,7e,32,2e,\
4c,4e,4b,00,00,3e,00,03,00,04,00,ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,\
4a,00,65,00,75,00,20,00,64,00,65,00,20,00,54,00,61,00,72,00,6f,00,74,00,20,\
00,33,00,44,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,\
00,00,00,00,1c,00,00,00,00,00,00,00,00,00,80,00,00,00,fb,ff,ff,ff,72,00,00,\
00,41,75,67,4d,02,00,00,00,01,00,00,00,60,00,32,00,15,07,00,00,30,34,47,4f,\
20,00,4c,41,43,52,41,50,7e,31,2e,4c,4e,4b,00,00,36,00,03,00,04,00,ef,be,30,\
34,47,4f,30,34,47,4f,14,00,00,00,4c,00,61,00,20,00,43,00,72,00,61,00,70,00,\
65,00,74,00,74,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,\
00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7a,00,00,00,fb,ff,ff,ff,\
6c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,00,32,00,e5,06,00,00,30,\
34,47,4f,20,00,4c,45,42,41,52,42,7e,31,2e,4c,4e,4b,00,00,30,00,03,00,04,00,\
ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,4c,00,65,00,20,00,42,00,61,00,72,\
00,62,00,75,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,\
00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7e,00,00,00,fb,ff,ff,ff,70,00,00,\
00,41,75,67,4d,02,00,00,00,01,00,00,00,5e,00,32,00,13,07,00,00,30,34,47,4f,\
20,00,4e,41,49,4e,4a,41,7e,31,2e,4c,4e,4b,00,00,34,00,03,00,04,00,ef,be,30,\
34,47,4f,30,34,47,4f,14,00,00,00,4e,00,61,00,69,00,6e,00,20,00,4a,00,61,00,\
75,00,6e,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,\
be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,aa,00,00,00,fb,ff,ff,ff,9c,00,\
00,00,41,75,67,4d,02,00,00,00,01,00,00,00,8a,00,32,00,c9,07,00,00,30,34,47,\
4f,20,00,50,41,54,49,45,4e,7e,31,2e,4c,4e,4b,00,00,60,00,03,00,04,00,ef,be,\
30,34,47,4f,30,34,47,4f,14,00,00,00,50,00,61,00,74,00,69,00,65,00,6e,00,63,\
00,65,00,73,00,20,00,26,00,20,00,52,00,e9,00,75,00,73,00,73,00,69,00,74,00,\
65,00,73,00,20,00,65,00,74,00,20,00,4e,00,69,00,76,00,65,00,61,00,75,00,78,\
00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,\
1c,00,00,00,00,00,00,00,00,00,6e,00,00,00,fb,ff,ff,ff,60,00,00,00,41,75,67,\
4d,02,00,00,00,01,00,00,00,4e,00,32,00,bb,06,00,00,30,34,47,4f,20,00,52,61,\
6d,69,2e,6c,6e,6b,00,00,28,00,03,00,04,00,ef,be,30,34,47,4f,30,34,47,4f,14,\
00,00,00,52,00,61,00,6d,00,69,00,2e,00,6c,00,6e,00,6b,00,00,00,18,00,0e,00,\
00,00,0a,00,ef,be,00,00,00,00,18,00,00,00,00,00,00,00,00,00,70,00,00,00,fb,\
ff,ff,ff,62,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,50,00,32,00,c9,06,\
00,00,30,34,47,4f,20,00,57,68,69,73,74,2e,6c,6e,6b,00,2a,00,03,00,04,00,ef,\
be,30,34,47,4f,30,34,47,4f,14,00,00,00,57,00,68,00,69,00,73,00,74,00,2e,00,\
6c,00,6e,00,6b,00,00,00,18,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,18,00,00,\
00,00,00,00,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Micro Application\24 Jeux de Cartes]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\PrintMe Internet Printing]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Revolution Software]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Roxio Easy CD Creator 5]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Roxio Easy CD Creator 5\Applications]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Roxio Easy CD Creator 5\Applications]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Samsung PC Studio 3]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\THQ]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Wanadoo]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Win Novation]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Win Novation\Belote Plus]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Win Novation\Belote Plus]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"D:\\Documents and Settings\\vero\\Mes documents\\jarriges\\WLinstaller.exe"="Fichier exécutable du programme d'installation client Windows Live"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"D:\\Documents and Settings\\vero\\Mes documents\\jarriges\\aswclnr.tmp"="Virus/Worm Cleaner Application"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"D:\\DOCUME~1\\vero\\LOCALS~1\\Temp\\GLB4.tmp"="ZoneAlarm-3301-French"
Windows Registry Editor Version 5.00


[HKEY_CLASSES_ROOT\urn:content-classes:contentclassdef]

[HKEY_CLASSES_ROOT\urn:content-classes:wizard/addcontentclass]

[HKEY_CLASSES_ROOT\3DBelote.Document]
@="3DBelote Document"

[HKEY_CLASSES_ROOT\3DBelote.Document\shell]

[HKEY_CLASSES_ROOT\3DTarotSC.Document]
@="3DTarotSC Document"

[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell]

[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess]
@="AcroAccess Class"

[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess\CLSID]
@="{C523F39F-9C83-11D3-9094-00104BD0D535}"

[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess\CurVer]
@="AcroAccess.AcroAccess.1"

[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess.1]
@="AcroAccess Class"

[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess.1\CLSID]
@="{C523F39F-9C83-11D3-9094-00104BD0D535}"

[HKEY_CLASSES_ROOT\AcroExch.Document]

[HKEY_CLASSES_ROOT\AcroExch.Document\Shell]

[HKEY_CLASSES_ROOT\Belote365i.Document]
@="Belote365i Document"

[HKEY_CLASSES_ROOT\Belote365i.Document\shell]

[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu]
@="CmdLineContextMenu Class"

[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu\CLSID]
@="{9869EFB4-18E9-11D3-A837-00104B9E30B5}"

[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu\CurVer]
@="CmdLineExt.CmdLineContextMenu.1"

[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu.1]
@="CmdLineContextMenu Class"

[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu.1\CLSID]
@="{9869EFB4-18E9-11D3-A837-00104B9E30B5}"

[HKEY_CLASSES_ROOT\Connection Manager Profile]
@="Connection Manager Profile"

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell]

[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho]
@="EoBho Class"

[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho\CLSID]
@="{64F56FC1-1272-44CD-BA6E-39723696E350}"

[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho\CurVer]
@="EoRezoBHO.EoBho.1"

[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1]
@="EoBho Class"

[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1\CLSID]
@="{64F56FC1-1272-44CD-BA6E-39723696E350}"

[HKEY_CLASSES_ROOT\PTLID.VXZ]
@="PTLID.VXZ"

[HKEY_CLASSES_ROOT\PTLID.VXZ\CLSID]
"CLSID"=hex:4b,69,74,57,6f,6f,2d,39,2d,62,37,36,32,2d,34,65,37,34,2d,61,37,\
38,64,2d,30,32,38,64,38,30,38,35,30,65,61,35
@="{E491197C-905B-41AF-8D9B-C58564218173}"

[HKEY_CLASSES_ROOT\Tarot365i.Document]
@="Tarot365i Document"

[HKEY_CLASSES_ROOT\Tarot365i.Document\shell]
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 09/04/2008 a 20:10:29,85

Micro
vero63DllD - 9 avril 2008 à 21:29
Bonsoir,

J'ai fait le gros nettoyage, tu trouveras tous les rapports. Donne moi des nouvelles pour la suite ....

catchme 0.3.1351.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-09 20:26:19
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Windows Registry Editor Version 5.00


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.Windows.Forms.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.Windows.Forms.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\mscorlib.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\mscoree.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.Drawing.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.EnterpriseServices.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.JScript.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.Vsa.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.Drawing.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscoree.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.EnterpriseServices.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.JScript.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.Vsa.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscorlib.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\System32\\ZoneLabs\\isafeif.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"D:\\WINDOWS\\System32\\ZoneLabs\\vetredir.dll"=dword:00000001

[HKEY_CLASSES_ROOT\.wan]

[HKEY_CLASSES_ROOT\OISbmpfile]
@=""

[HKEY_CLASSES_ROOT\OISemffile]
@=""

[HKEY_CLASSES_ROOT\OISgiffile]
@=""

[HKEY_CLASSES_ROOT\OISjpegfile]
@=""

[HKEY_CLASSES_ROOT\OISpngfile]
@=""

[HKEY_CLASSES_ROOT\OIStiffile]
@=""

[HKEY_CLASSES_ROOT\OISwmffile]
@=""

[HKEY_CLASSES_ROOT\SysmonLogManager.Snapin]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.000\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.002]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.002\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.4%202000%2001]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.4%202000%2001\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.809]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.809\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.813]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.813\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.845]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.845\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABK]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABK\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BCM]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BCM\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.class]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.class\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cnt]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cnt\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.d]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.d\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fmp]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fmp\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.frd]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.frd\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FTS]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FTS\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.GID]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.GID\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hsc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hsc\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.info]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.info\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mb]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mb\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrg]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrg\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pf]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pf\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PV__]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PV__\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tmp]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tmp\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zdx]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zdx\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\OpenWithList]

[HKEY_CLASSES_ROOT\3DBelote.Document\DefaultIcon]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~1\\Belote3D.exe,1"

[HKEY_CLASSES_ROOT\3DBelote.Document\shell\open]

[HKEY_CLASSES_ROOT\3DBelote.Document\shell\open\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~1\\Belote3D.exe \"%1\""

[HKEY_CLASSES_ROOT\3DBelote.Document\shell\print]

[HKEY_CLASSES_ROOT\3DBelote.Document\shell\print\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~1\\Belote3D.exe /p \"%1\""

[HKEY_CLASSES_ROOT\3DBelote.Document\shell\printto]

[HKEY_CLASSES_ROOT\3DBelote.Document\shell\printto\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~1\\Belote3D.exe /pt \"%1\" \"%2\" \"%3\" \"%4\""

[HKEY_CLASSES_ROOT\3DTarotSC.Document\DefaultIcon]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~2\\3DTARO~1.EXE,1"

[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\open]

[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\open\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~2\\3DTARO~1.EXE \"%1\""

[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\print]

[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\print\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~2\\3DTARO~1.EXE /p \"%1\""

[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\printto]

[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell\printto\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~2\\3DTARO~1.EXE /pt \"%1\" \"%2\" \"%3\" \"%4\""

[HKEY_CLASSES_ROOT\AcroExch.Document\shell\Open]

[HKEY_CLASSES_ROOT\AcroExch.Document\shell\Open\Command]
@="\"D:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AcroRd32.exe\" \"%1\""

[HKEY_CLASSES_ROOT\ADCS]
@="Conteneur de classe Annuaire"

[HKEY_CLASSES_ROOT\ADCS\CLSID]
@="{89E30300-764D-11d0-B282-00A0C90F56FC}"

[HKEY_CLASSES_ROOT\Belote365i.Document\DefaultIcon]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~2\\BELOTE~1.EXE,1"

[HKEY_CLASSES_ROOT\Belote365i.Document\shell\open]

[HKEY_CLASSES_ROOT\Belote365i.Document\shell\open\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~2\\BELOTE~1.EXE \"%1\""

[HKEY_CLASSES_ROOT\Belote365i.Document\shell\print]

[HKEY_CLASSES_ROOT\Belote365i.Document\shell\print\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~2\\BELOTE~1.EXE /p \"%1\""

[HKEY_CLASSES_ROOT\Belote365i.Document\shell\printto]

[HKEY_CLASSES_ROOT\Belote365i.Document\shell\printto\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDEB~2\\BELOTE~1.EXE /pt \"%1\" \"%2\" \"%3\" \"%4\""

[HKEY_CLASSES_ROOT\bwpfile\shell\open]

[HKEY_CLASSES_ROOT\bwpfile\shell\open\command]
@="D:\\Program Files\\Kodak\\Kodak Software Updater\\7288971\\6.1.4.37-7288971L\\Program\\PrvCnt.exe \"%1\""

[HKEY_CLASSES_ROOT\Connection Manager Profile\DefaultIcon]
@="D:\\WINDOWS\\System32\\CMMGR32.EXE,1"

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open]

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open\command]
@="D:\\WINDOWS\\System32\\CMMGR32.EXE \"%1\""

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...]

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...\command]
@="D:\\WINDOWS\\System32\\CMMGR32.EXE /settings \"%1\""

[HKEY_CLASSES_ROOT\dcsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,11"

[HKEY_CLASSES_ROOT\ecsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,10"

[HKEY_CLASSES_ROOT\fcsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,12"

[HKEY_CLASSES_ROOT\FoxitReader.Document\DefaultIcon]
@="D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE,1"

[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\open]

[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\open\command]
@="\"D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE\" \"%1\""

[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\print]

[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\print\command]
@="\"D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE\" /p \"%1\" "

[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\printto]

[HKEY_CLASSES_ROOT\FoxitReader.Document\shell\printto\command]
@="\"D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE\" /t \"%1\" \"%2\" \"%3\" \"%4\" "

[HKEY_CLASSES_ROOT\ncsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,14"

[HKEY_CLASSES_ROOT\Tarot365i.Document\DefaultIcon]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~1\\Tarot365.exe,1"

[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\open]

[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\open\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~1\\Tarot365.exe \"%1\""

[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\print]

[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\print\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~1\\Tarot365.exe /p \"%1\""

[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\printto]

[HKEY_CLASSES_ROOT\Tarot365i.Document\shell\printto\command]
@="D:\\PROGRA~1\\MICROA~1\\24JEUX~1\\JEUDET~1\\Tarot365.exe /pt \"%1\" \"%2\" \"%3\" \"%4\""

[HKEY_CLASSES_ROOT\tcsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,13"

[HKEY_CLASSES_ROOT\urn:content-classes:catalog\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,15"

[HKEY_CLASSES_ROOT\urn:content-classes:catalog-settings\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12471"

[HKEY_CLASSES_ROOT\urn:content-classes:contentclassdef\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-13101"

[HKEY_CLASSES_ROOT\urn:content-classes:exchange55startaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12451"

[HKEY_CLASSES_ROOT\urn:content-classes:exchangestartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12451"

[HKEY_CLASSES_ROOT\urn:content-classes:filestartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12453"

[HKEY_CLASSES_ROOT\urn:content-classes:management\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,20"

[HKEY_CLASSES_ROOT\urn:content-classes:notesstartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12456"

[HKEY_CLASSES_ROOT\urn:content-classes:remoteworkspacestartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12454"

[HKEY_CLASSES_ROOT\urn:content-classes:webstartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12450"

[HKEY_CLASSES_ROOT\urn:content-classes:wizard/addcontentclass\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-13100"

[HKEY_CLASSES_ROOT\urn:content-classes:wizard/addsearchcontentlocation\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12461"

[HKEY_CLASSES_ROOT\urn:content-classes:workspace-settings\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12472"

[HKEY_CLASSES_ROOT\urn:content-classes:workspaceconfiguration\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12476"

[HKEY_CLASSES_ROOT\urn:content-classes:workspacestartaddress\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12454"

[HKEY_CLASSES_ROOT\WBEMComConnection]
@="WBEM Connection"

[HKEY_CLASSES_ROOT\WBEMComConnection\CLSID]
@="SOFTWARE\\CLASSES\\WBEMComConnection"

[HKEY_CLASSES_ROOT\WBEMComLocator]
@="WBEM Locator"

[HKEY_CLASSES_ROOT\WBEMComLocator\CLSID]
@="SOFTWARE\\CLASSES\\WBEMComLocator"

[HKEY_CLASSES_ROOT\wcsfile\DefaultIcon]
@="D:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,9"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}]
@="PDF Document"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\AuxUserType]

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\AuxUserType\2]
@="PDF"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\AuxUserType\3]
@="Foxit Reader"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\DefaultExtension]
@=".pdf, PDF Files(*.pdf)"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\DefaultIcon]
@="D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE,1"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\DocObject]
@="0"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\InprocHandler32]
@="ole32.dll"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Insertable]
@=""

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\LocalServer32]
@="D:\\DOCUME~1\\vero\\Bureau\\FOXITR~1\\FOXITR~1.EXE"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\MiscStatus]
@="32"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Printable]
@=""

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\ProgID]
@="FoxitReader.Document"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Verb]

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Verb\0]
@="&Edit,0,2"

[HKEY_CLASSES_ROOT\CLSID\{14E8BBD8-1D1C-4D56-A4DA-D20B75EB814E}\Verb\1]
@="&Open,0,2"

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}]
@="EoBho Class"

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\InprocServer32]
@="D:\\Program Files\\EoRezo\\EoAdv\\EoRezoBHO.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\ProgID]
@="EoRezoBHO.EoBho.1"

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\TypeLib]
@="{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}"

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\VersionIndependentProgID]
@="EoRezoBHO.EoBho"

[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}]
@="CmdLineContextMenu Class"

[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\InprocServer32]
@="D:\\DOCUME~1\\vero\\LOCALS~1\\Temp\\CMDLIN~1.DLL"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\ProgID]
@="CmdLineExt.CmdLineContextMenu.1"

[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\TypeLib]
@="{9869EFA6-18E9-11D3-A837-00104B9E30B5}"

[HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\VersionIndependentProgID]
@="CmdLineExt.CmdLineContextMenu"

[HKEY_CLASSES_ROOT\CLSID\{C523F39F-9C83-11D3-9094-00104BD0D535}]

[HKEY_CLASSES_ROOT\CLSID\{C523F39F-9C83-11D3-9094-00104BD0D535}\LocalServer32]
@="D:\\Program Files\\Adobe\\Acrobat 6.0\\Reader\\plug_ins\\Accessibility.api"

[HKEY_CLASSES_ROOT\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@="FlashBroker"
"LocalizedString"="@D:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil9e.exe,-101"

[HKEY_CLASSES_ROOT\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001

[HKEY_CLASSES_ROOT\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="D:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil9e.exe"

[HKEY_CLASSES_ROOT\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}]
@="PTLID.VXZ"

[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\Implemented Categories]

[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}]

[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\LocalServer32]
@="D:\\WINDOWS\\OptRemove.exe"

[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\ProgID]
@="PTLID.VXZ"

[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\TypeLib]
@="{5D35BC06-2E9A-424C-B322-B94CD5C3F86C}"

[HKEY_CLASSES_ROOT\CLSID\{E491197C-905B-41AF-8D9B-C58564218173}\VERSION]
@="1.0"

[HKEY_CLASSES_ROOT\Applications\moviemk.exe]

[HKEY_CLASSES_ROOT\Applications\moviemk.exe\shell]
"FriendlyCache"="Movie Maker"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe]
@="D:\\WINDOWS\\System32\\cmmgr32.exe"
"Path"="D:\\WINDOWS\\System32"
"CmstpExtensionDll"="D:\\WINDOWS\\System32\\cmcfg32.dll"
"CMInternalVersion"="1.2"
"CmNative"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\DesignPro]
"Path"="D:\\Program Files\\DesignPro\\"
@="D:\\Program Files\\DesignPro\\DesignPro"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\Easy-WebPrint]
"Path"="D:\\Program Files\\Canon\\Easy-WebPrint"
@="D:\\Program Files\\Canon\\Easy-WebPrint\\Easy-WebPrint"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\optproxy.exe]
"Path"="D:\\Program Files\\Controle Parental"
@="D:\\Program Files\\Controle Parental\\optproxy.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\udfrinst.exe]
@="D:\\Program Files\\Adaptec\\Easy CD Creator 5\\DirectCD\\udfrinst.exe"
"Path"="D:\\Program Files\\Adaptec\\Easy CD Creator 5\\DirectCD\\"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\YourApp.exe]
@="D:\\Program Files\\Micro Application\\24 Jeux de Cartes\\YourApp.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Kodak\\Kodak EasyShare\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Kodak\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\KODAK\\Mise à jour logicielle KODAK\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\vero\\Menu Démarrer\\Programmes\\KODAK\\Logiciel de connexion de l'appareil photo\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\vero\\Menu Démarrer\\Programmes\\KODAK\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\vero\\Application Data\\Microsoft\\Installer\\{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Roxio Easy CD Creator 5\\Applications\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"D:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Roxio Easy CD Creator 5\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\EspaceWanadoo.exe]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,00,9a,03,00,00,00,00,c4,a4,fb,\
53,f3,75,c8,01,1d,00,00,00,44,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,57,00,61,00,6e,00,61,\
00,64,00,6f,00,6f,00,5c,00,57,00,61,00,74,00,63,00,68,00,2e,00,65,00,78,00,\
65,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB839643]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MediaMix]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\oeupdate]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,d2,b7,4a,\
2c,55,59,c5,01,04,00,00,00,44,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,4f,00,75,00,74,00,6c,\
00,6f,00,6f,00,6b,00,20,00,45,00,78,00,70,00,72,00,65,00,73,00,73,00,5c,00,\
6d,00,73,00,69,00,6d,00,6e,00,2e,00,65,00,78,00,65,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{AC76BA86-7AD7-1036-7B44-A00000000001}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,00,d8,48,03,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{AC76BA86-7AD7-1036-7B44-A70900000002}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,00,60,cb,04,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_CURRENT_USER\Software\Samsung]

[HKEY_LOCAL_MACHINE\Software\ItsLabel]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="D:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_9"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Adobe]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Adobe\Adobe Download Manager]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Adobe\Adobe Download Manager]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ArcSoft PhotoStudio 5.5]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Avery DesignPro]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG 7.5]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG Free Edition]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon PIXMA MP130,110 Manual]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon Utilities]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon Utilities\Easy-PhotoPrint]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon Utilities\Easy-PhotoPrint]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Compaq IJ650]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Contrôle Parental]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Jeux]
"Order"=hex:08,00,00,00,02,00,00,00,16,08,00,00,01,00,00,00,0c,00,00,00,ca,\
00,00,00,fb,ff,ff,ff,bc,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,aa,00,\
32,00,91,03,00,00,7b,31,52,7c,20,00,41,54,4f,55,54,50,7e,31,2e,4c,4e,4b,00,\
00,80,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,4e,00,41,00,74,00,\
6f,00,75,00,74,00,20,00,50,00,69,00,71,00,75,00,65,00,20,00,73,00,75,00,72,\
00,20,00,49,00,6e,00,74,00,65,00,72,00,6e,00,65,00,74,00,2e,00,6c,00,6e,00,\
6b,00,00,00,40,44,3a,5c,50,52,4f,47,52,41,7e,31,5c,4d,53,4e,47,41,4d,7e,31,\
5c,57,69,6e,64,6f,77,73,5c,73,68,76,6c,72,65,73,2e,64,6c,6c,2c,2d,31,32,31,\
32,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,\
00,c8,00,00,00,fb,ff,ff,ff,ba,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,\
a8,00,32,00,91,03,00,00,7b,31,52,7c,20,00,42,41,43,4b,47,41,7e,31,2e,4c,4e,\
4b,00,00,7e,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,4c,00,42,00,\
61,00,63,00,6b,00,67,00,61,00,6d,00,6d,00,6f,00,6e,00,20,00,73,00,75,00,72,\
00,20,00,49,00,6e,00,74,00,65,00,72,00,6e,00,65,00,74,00,2e,00,6c,00,6e,00,\
6b,00,00,00,40,44,3a,5c,50,52,4f,47,52,41,7e,31,5c,4d,53,4e,47,41,4d,7e,31,\
5c,57,69,6e,64,6f,77,73,5c,62,63,6b,67,72,65,73,2e,64,6c,6c,2c,2d,31,32,31,\
32,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,\
00,ac,00,00,00,fb,ff,ff,ff,9e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,\
8c,00,32,00,f0,05,00,00,88,31,bb,75,20,00,44,41,4d,45,44,45,7e,31,2e,4c,4e,\
4b,00,00,62,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,38,00,44,00,\
61,00,6d,00,65,00,20,00,64,00,65,00,20,00,50,00,69,00,71,00,75,00,65,00,2e,\
00,6c,00,6e,00,6b,00,00,00,40,44,3a,5c,57,49,4e,44,4f,57,53,5c,73,79,73,74,\
65,6d,33,32,5c,6d,73,68,65,61,72,74,73,2e,65,78,65,2c,2d,34,31,33,00,00,1c,\
00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,8c,00,\
00,00,fb,ff,ff,ff,7e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,6c,00,32,\
00,f0,05,00,00,cd,34,f5,4a,20,00,44,41,4d,45,44,45,7e,33,2e,4c,4e,4b,00,00,\
42,00,03,00,04,00,ef,be,cd,34,f5,4a,cd,34,f5,4a,14,00,00,00,44,00,61,00,6d,\
00,65,00,20,00,64,00,65,00,20,00,50,00,69,00,71,00,75,00,65,00,20,00,28,00,\
32,00,29,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,\
00,00,00,1c,00,00,00,00,00,00,00,00,00,ce,00,00,00,fb,ff,ff,ff,c0,00,00,00,\
41,75,67,4d,02,00,00,00,01,00,00,00,ae,00,32,00,91,03,00,00,7b,31,52,7c,20,\
00,44,41,4d,45,44,45,7e,32,2e,4c,4e,4b,00,00,84,00,03,00,04,00,ef,be,7b,31,\
73,79,93,34,80,3e,14,00,52,00,44,00,61,00,6d,00,65,00,20,00,64,00,65,00,20,\
00,70,00,69,00,71,00,75,00,65,00,20,00,73,00,75,00,72,00,20,00,49,00,6e,00,\
74,00,65,00,72,00,6e,00,65,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,40,44,3a,\
5c,50,52,4f,47,52,41,7e,31,5c,4d,53,4e,47,41,4d,7e,31,5c,57,69,6e,64,6f,77,\
73,5c,68,72,74,7a,72,65,73,2e,64,6c,6c,2c,2d,31,32,31,32,00,1c,00,0e,00,00,\
00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,8e,00,00,00,fb,ff,\
ff,ff,80,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,6e,00,32,00,eb,05,00,\
00,88,31,bb,75,20,00,44,4d,49,4e,45,55,7e,31,2e,4c,4e,4b,00,00,44,00,03,00,\
04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,2e,00,44,00,e9,00,6d,00,69,00,6e,\
00,65,00,75,00,72,00,2e,00,6c,00,6e,00,6b,00,00,00,40,73,68,65,6c,6c,33,32,\
2e,64,6c,6c,2c,2d,32,32,30,34,35,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,\
00,1c,00,00,00,00,00,00,00,00,00,8e,00,00,00,fb,ff,ff,ff,80,00,00,00,41,75,\
67,4d,02,00,00,00,01,00,00,00,6e,00,32,00,f2,05,00,00,88,31,bb,75,20,00,46,\
72,65,65,63,65,6c,6c,2e,6c,6e,6b,00,00,44,00,03,00,04,00,ef,be,7b,31,73,79,\
93,34,80,3e,14,00,2e,00,46,00,72,00,65,00,65,00,63,00,65,00,6c,00,6c,00,2e,\
00,6c,00,6e,00,6b,00,00,00,40,73,68,65,6c,6c,33,32,2e,64,6c,6c,2c,2d,32,32,\
30,33,30,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
00,00,00,cc,00,00,00,fb,ff,ff,ff,be,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
00,00,ac,00,32,00,91,03,00,00,7b,31,52,7c,20,00,4a,45,55,44,45,44,7e,31,2e,\
4c,4e,4b,00,00,82,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,50,00,\
4a,00,65,00,75,00,20,00,64,00,65,00,20,00,64,00,61,00,6d,00,65,00,73,00,20,\
00,73,00,75,00,72,00,20,00,49,00,6e,00,74,00,65,00,72,00,6e,00,65,00,74,00,\
2e,00,6c,00,6e,00,6b,00,00,00,40,44,3a,5c,50,52,4f,47,52,41,7e,31,5c,4d,53,\
4e,47,41,4d,7e,31,5c,57,69,6e,64,6f,77,73,5c,63,68,6b,72,72,65,73,2e,64,6c,\
6c,2c,2d,31,32,31,32,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,\
00,00,00,00,00,00,00,8a,00,00,00,fb,ff,ff,ff,7c,00,00,00,41,75,67,4d,02,00,\
00,00,01,00,00,00,6a,00,32,00,75,03,00,00,7b,31,73,79,20,00,50,69,6e,62,61,\
6c,6c,2e,6c,6e,6b,00,42,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,\
2c,00,50,00,69,00,6e,00,62,00,61,00,6c,00,6c,00,2e,00,6c,00,6e,00,6b,00,00,\
00,40,73,68,65,6c,6c,33,32,2e,64,6c,6c,2c,2d,32,32,30,35,37,00,1a,00,0e,00,\
00,00,0a,00,ef,be,00,00,00,00,1a,00,00,00,00,00,00,00,00,00,c2,00,00,00,fb,\
ff,ff,ff,b4,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,a2,00,32,00,91,03,\
00,00,7b,31,52,7c,20,00,52,45,56,45,52,53,7e,31,2e,4c,4e,4b,00,00,78,00,03,\
00,04,00,ef,be,7b,31,73,79,93,34,80,3e,14,00,46,00,52,00,65,00,76,00,65,00,\
72,00,73,00,69,00,20,00,73,00,75,00,72,00,20,00,49,00,6e,00,74,00,65,00,72,\
00,6e,00,65,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,40,44,3a,5c,50,52,4f,47,\
52,41,7e,31,5c,4d,53,4e,47,41,4d,7e,31,5c,57,69,6e,64,6f,77,73,5c,72,76,73,\
65,72,65,73,2e,64,6c,6c,2c,2d,31,32,31,32,00,1c,00,0e,00,00,00,0a,00,ef,be,\
00,00,00,00,1c,00,00,00,00,00,00,00,00,00,90,00,00,00,fb,ff,ff,ff,82,00,00,\
00,41,75,67,4d,02,00,00,00,01,00,00,00,70,00,32,00,d3,05,00,00,7e,31,f9,4b,\
20,00,53,4f,4c,49,54,41,7e,31,2e,4c,4e,4b,00,00,46,00,03,00,04,00,ef,be,7b,\
31,73,79,93,34,80,3e,14,00,30,00,53,00,6f,00,6c,00,69,00,74,00,61,00,69,00,\
72,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,40,73,68,65,6c,6c,33,32,2e,64,6c,\
6c,2c,2d,32,32,30,36,30,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,\
00,00,00,00,00,00,00,00,ae,00,00,00,fb,ff,ff,ff,a0,00,00,00,41,75,67,4d,02,\
00,00,00,01,00,00,00,8e,00,32,00,de,05,00,00,88,31,bb,75,20,00,53,50,49,44,\
45,52,7e,31,2e,4c,4e,4b,00,00,64,00,03,00,04,00,ef,be,7b,31,73,79,93,34,80,\
3e,14,00,3e,00,53,00,70,00,69,00,64,00,65,00,72,00,20,00,53,00,6f,00,6c,00,\
69,00,74,00,61,00,69,00,72,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,40,44,3a,\
5c,57,49,4e,44,4f,57,53,5c,73,79,73,74,65,6d,33,32,5c,73,70,69,64,65,72,2e,\
65,78,65,2c,2d,35,36,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,\
00,00,00,00,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\KODAK]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\MediaMix]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Micro Application]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Micro Application\24 Jeux de Cartes]
"Order"=hex:08,00,00,00,02,00,00,00,1c,07,00,00,01,00,00,00,0e,00,00,00,7e,\
00,00,00,fb,ff,ff,ff,70,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5e,00,\
32,00,91,06,00,00,30,34,b3,50,20,00,37,46,41,4d,49,4c,7e,31,2e,4c,4e,4b,00,\
00,34,00,03,00,04,00,ef,be,30,34,b3,50,30,34,b3,50,14,00,00,00,37,00,20,00,\
46,00,61,00,6d,00,69,00,6c,00,6c,00,65,00,73,00,2e,00,6c,00,6e,00,6b,00,00,\
00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,\
7a,00,00,00,fb,ff,ff,ff,6c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,\
00,32,00,83,06,00,00,30,34,b3,50,20,00,42,61,63,63,61,72,61,74,2e,6c,6e,6b,\
00,00,30,00,03,00,04,00,ef,be,30,34,b3,50,30,34,b3,50,14,00,00,00,42,00,61,\
00,63,00,63,00,61,00,72,00,61,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,\
0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7a,00,00,\
00,fb,ff,ff,ff,6c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,00,32,00,\
d7,06,00,00,30,34,b3,50,20,00,47,49,4e,52,41,4d,7e,31,2e,4c,4e,4b,00,00,30,\
00,03,00,04,00,ef,be,30,34,b3,50,30,34,b3,50,14,00,00,00,47,00,69,00,6e,00,\
20,00,52,00,61,00,6d,00,69,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,\
00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,86,00,00,00,fb,ff,\
ff,ff,78,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,66,00,32,00,29,07,00,\
00,30,34,47,4f,20,00,48,55,49,54,41,4d,7e,31,2e,4c,4e,4b,00,00,3c,00,03,00,\
04,00,ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,48,00,75,00,69,00,74,00,20,\
00,41,00,6d,00,e9,00,72,00,69,00,63,00,61,00,69,00,6e,00,2e,00,6c,00,6e,00,\
6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
00,00,00,84,00,00,00,fb,ff,ff,ff,76,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
00,00,64,00,32,00,35,07,00,00,30,34,47,4f,20,00,4a,45,55,44,45,42,7e,31,2e,\
4c,4e,4b,00,00,3a,00,03,00,04,00,ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,\
4a,00,65,00,75,00,20,00,64,00,65,00,20,00,42,00,65,00,6c,00,6f,00,74,00,65,\
00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,\
1c,00,00,00,00,00,00,00,00,00,8a,00,00,00,fb,ff,ff,ff,7c,00,00,00,41,75,67,\
4d,02,00,00,00,01,00,00,00,6a,00,32,00,43,07,00,00,30,34,47,4f,20,00,4a,45,\
55,44,45,42,7e,32,2e,4c,4e,4b,00,00,40,00,03,00,04,00,ef,be,30,34,47,4f,30,\
34,47,4f,14,00,00,00,4a,00,65,00,75,00,20,00,64,00,65,00,20,00,42,00,65,00,\
6c,00,6f,00,74,00,65,00,20,00,33,00,44,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,\
00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,82,00,\
00,00,fb,ff,ff,ff,74,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,62,00,32,\
00,1f,07,00,00,30,34,47,4f,20,00,4a,45,55,44,45,54,7e,31,2e,4c,4e,4b,00,00,\
38,00,03,00,04,00,ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,4a,00,65,00,75,\
00,20,00,64,00,65,00,20,00,54,00,61,00,72,00,6f,00,74,00,2e,00,6c,00,6e,00,\
6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
00,00,00,88,00,00,00,fb,ff,ff,ff,7a,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
00,00,68,00,32,00,3f,07,00,00,30,34,47,4f,20,00,4a,45,55,44,45,54,7e,32,2e,\
4c,4e,4b,00,00,3e,00,03,00,04,00,ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,\
4a,00,65,00,75,00,20,00,64,00,65,00,20,00,54,00,61,00,72,00,6f,00,74,00,20,\
00,33,00,44,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,\
00,00,00,00,1c,00,00,00,00,00,00,00,00,00,80,00,00,00,fb,ff,ff,ff,72,00,00,\
00,41,75,67,4d,02,00,00,00,01,00,00,00,60,00,32,00,15,07,00,00,30,34,47,4f,\
20,00,4c,41,43,52,41,50,7e,31,2e,4c,4e,4b,00,00,36,00,03,00,04,00,ef,be,30,\
34,47,4f,30,34,47,4f,14,00,00,00,4c,00,61,00,20,00,43,00,72,00,61,00,70,00,\
65,00,74,00,74,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,\
00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7a,00,00,00,fb,ff,ff,ff,\
6c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,00,32,00,e5,06,00,00,30,\
34,47,4f,20,00,4c,45,42,41,52,42,7e,31,2e,4c,4e,4b,00,00,30,00,03,00,04,00,\
ef,be,30,34,47,4f,30,34,47,4f,14,00,00,00,4c,00,65,00,20,00,42,00,61,00,72,\
00,62,00,75,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,\
00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7e,00,00,00,fb,ff,ff,ff,70,00,00,\
00,41,75,67,4d,02,00,00,00,01,00,00,00,5e,00,32,00,13,07,00,00,30,34,47,4f,\
20,00,4e,41,49,4e,4a,41,7e,31,2e,4c,4e,4b,00,00,34,00,03,00,04,00,ef,be,30,\
34,47,4f,30,34,47,4f,14,00,00,00,4e,00,61,00,69,00,6e,00,20,00,4a,00,61,00,\
75,00,6e,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,\
be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,aa,00,00,00,fb,ff,ff,ff,9c,00,\
00,00,41,75,67,4d,02,00,00,00,01,00,00,00,8a,00,32,00,c9,07,00,00,30,34,47,\
4f,20,00,50,41,54,49,45,4e,7e,31,2e,4c,4e,4b,00,00,60,00,03,00,04,00,ef,be,\
30,34,47,4f,30,34,47,4f,14,00,00,00,50,00,61,00,74,00,69,00,65,00,6e,00,63,\
00,65,00,73,00,20,00,26,00,20,00,52,00,e9,00,75,00,73,00,73,00,69,00,74,00,\
65,00,73,00,20,00,65,00,74,00,20,00,4e,00,69,00,76,00,65,00,61,00,75,00,78,\
00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,\
1c,00,00,00,00,00,00,00,00,00,6e,00,00,00,fb,ff,ff,ff,60,00,00,00,41,75,67,\
4d,02,00,00,00,01,00,00,00,4e,00,32,00,bb,06,00,00,30,34,47,4f,20,00,52,61,\
6d,69,2e,6c,6e,6b,00,00,28,00,03,00,04,00,ef,be,30,34,47,4f,30,34,47,4f,14,\
00,00,00,52,00,61,00,6d,00,69,00,2e,00,6c,00,6e,00,6b,00,00,00,18,00,0e,00,\
00,00,0a,00,ef,be,00,00,00,00,18,00,00,00,00,00,00,00,00,00,70,00,00,00,fb,\
ff,ff,ff,62,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,50,00,32,00,c9,06,\
00,00,30,34,47,4f,20,00,57,68,69,73,74,2e,6c,6e,6b,00,2a,00,03,00,04,00,ef,\
be,30,34,47,4f,30,34,47,4f,14,00,00,00,57,00,68,00,69,00,73,00,74,00,2e,00,\
6c,00,6e,00,6b,00,00,00,18,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,18,00,00,\
00,00,00,00,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Micro Application\24 Jeux de Cartes]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\PrintMe Internet Printing]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Revolution Software]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Roxio Easy CD Creator 5]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Roxio Easy CD Creator 5\Applications]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Roxio Easy CD Creator 5\Applications]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Samsung PC Studio 3]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\THQ]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Wanadoo]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Win Novation]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Win Novation\Belote Plus]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Win Novation\Belote Plus]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"D:\\Documents and Settings\\vero\\Mes documents\\jarriges\\WLinstaller.exe"="Fichier exécutable du programme d'installation client Windows Live"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"D:\\Documents and Settings\\vero\\Mes documents\\jarriges\\aswclnr.tmp"="Virus/Worm Cleaner Application"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"D:\\DOCUME~1\\vero\\LOCALS~1\\Temp\\GLB4.tmp"="ZoneAlarm-3301-French"
Windows Registry Editor Version 5.00


[HKEY_CLASSES_ROOT\urn:content-classes:contentclassdef]

[HKEY_CLASSES_ROOT\urn:content-classes:wizard/addcontentclass]

[HKEY_CLASSES_ROOT\3DBelote.Document]
@="3DBelote Document"

[HKEY_CLASSES_ROOT\3DBelote.Document\shell]

[HKEY_CLASSES_ROOT\3DTarotSC.Document]
@="3DTarotSC Document"

[HKEY_CLASSES_ROOT\3DTarotSC.Document\shell]

[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess]
@="AcroAccess Class"

[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess\CLSID]
@="{C523F39F-9C83-11D3-9094-00104BD0D535}"

[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess\CurVer]
@="AcroAccess.AcroAccess.1"

[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess.1]
@="AcroAccess Class"

[HKEY_CLASSES_ROOT\AcroAccess.AcroAccess.1\CLSID]
@="{C523F39F-9C83-11D3-9094-00104BD0D535}"

[HKEY_CLASSES_ROOT\AcroExch.Document]

[HKEY_CLASSES_ROOT\AcroExch.Document\Shell]

[HKEY_CLASSES_ROOT\Belote365i.Document]
@="Belote365i Document"

[HKEY_CLASSES_ROOT\Belote365i.Document\shell]

[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu]
@="CmdLineContextMenu Class"

[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu\CLSID]
@="{9869EFB4-18E9-11D3-A837-00104B9E30B5}"

[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu\CurVer]
@="CmdLineExt.CmdLineContextMenu.1"

[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu.1]
@="CmdLineContextMenu Class"

[HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu.1\CLSID]
@="{9869EFB4-18E9-11D3-A837-00104B9E30B5}"

[HKEY_CLASSES_ROOT\Connection Manager Profile]
@="Connection Manager Profile"

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell]

[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho]
@="EoBho Class"

[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho\CLSID]
@="{64F56FC1-1272-44CD-BA6E-39723696E350}"

[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho\CurVer]
@="EoRezoBHO.EoBho.1"

[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1]
@="EoBho Class"

[HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1\CLSID]
@="{64F56FC1-1272-44CD-BA6E-39723696E350}"

[HKEY_CLASSES_ROOT\PTLID.VXZ]
@="PTLID.VXZ"

[HKEY_CLASSES_ROOT\PTLID.VXZ\CLSID]
"CLSID"=hex:4b,69,74,57,6f,6f,2d,39,2d,62,37,36,32,2d,34,65,37,34,2d,61,37,\
38,64,2d,30,32,38,64,38,30,38,35,30,65,61,35
@="{E491197C-905B-41AF-8D9B-C58564218173}"

[HKEY_CLASSES_ROOT\Tarot365i.Document]
@="Tarot365i Document"

[HKEY_CLASSES_ROOT\Tarot365i.Document\shell]
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 09/04/2008 a 20:10:29,85

Micro
Ajouter un commentaire
Réponse
+0
moins plus
DllD 14758Messages postés 18 novembre 2007Date d'inscription 15 avril 2010Dernière intervention 9 avril 2008 à 21:55
Bonsoir,
Heuu...
je ne comprends rien à tes rapports....
Ils sont à faire en mode sans échec surtout pour SDFix.

Je ne vois pas AVG, ni Clean et le SDFix est bizarre (tu l'as fais en MSE ?)

A la place (ou encore mieux aussi) de AVG fait ceci stp :
http://www.commentcamarche.net/forum/affich 5809093 resultat du scan avast 4 8 home#5

Voilà.

J'attends tes rapports parce que là on stagne. Poste les en plusieurs fois stp parce qu'ils sont si long qu'il manque la fin (tronquée). Termine par SDFix aussi.

Aller bon courage.

:)

Ajouter un commentaire
vero63- 10 avril 2008 à 09:42
Bonjour

Laisse tomber je réinstalle tout l ordi avec 1 informaticien
merci bcq pour ton aide, j'ai refait un scant avast aujourd'hui il ne trouve plus de virus
Merci bcq et bonne continuation
Ajouter un commentaire
Posez votre question
Ce document intitulé « RESULTAT DU SCAN AVAST 4.8 HOME » issu de CommentCaMarche (www.commentcamarche.net) est mis à disposition sous les termes de la licence Creative Commons. Vous pouvez copier, modifier des copies de cette page, dans les conditions fixées par la licence, tant que cette note apparaît clairement.
Dossier à la une
Passage au tout numérique : quel coût pour les particuliers ?