Sujet Précédent Sujet Suivant

Problème de fenêtres intempestives

Résolu/Fermé
thotamine Messages postés 9 Date d'inscription mercredi 4 avril 2007 Statut Membre Dernière intervention 14 avril 2007 - 4 avril 2007 à 20:18
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 - 5 juin 2007 à 18:31
Bonsoir, j'ai un problème de fenêtres intempestives d'internet explorer.
Je ne suis pas une pro et j'ai essayé de faire mon possible : le nettoyage de mon pc n'a pas suffit (ad-aware, spybot, avast, ccleaner...)
Voici ci-joint mon rapport hijackthis :
J'espère que vous pourrez m'aider et n'oubliez pas, suis très "limitée" : novice
Logfile of HijackThis v1.99.1
Scan saved at 19:35:20, on 04/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\AOL\1140724911\ee\AOLSoftware.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
c:\program files\fichiers communs\aol\1140724911\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe
c:\program files\fichiers communs\aol\1140724911\ee\aolsoftware.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Documents and Settings\Admin\Bureau\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: <bKills></bKills> BHO Kills
O1 - Hosts: <rKills></rKills> Registry Run Kills
O1 - Hosts: <fKills></fKills> File Kills
O1 - Hosts: '------------------------------------------------------
O1 - Hosts: <hKills>xxxxxxxxxxxxxxxxx
O1 - Hosts: xxxxxxxxxxxxxxxxx
O1 - Hosts: xxxxxxxxxxxxxxxxx</hKills> 'Host Kills
O1 - Hosts: '------------------------------------------------------
O1 - Hosts: <hAdds OFF>999.999.99.9 www.poopstinks.com
O1 - Hosts: 999.888.99.9 www.suredoes.com
O1 - Hosts: 67.15.57.172 auto.search.msn.com #NETVISION
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1140724911\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office10\OSA.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O15 - Trusted Zone: http://toolbar.imageshack.us
O16 - DPF: {201B9B37-848F-40BD-90EA-7B8F0AA89D6A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1071_em_XP.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {33331111-1111-1111-1111-611111193423} -
O16 - DPF: {33331111-1111-1111-1111-611111193429} -
O16 - DPF: {33331111-1111-1111-1111-615111193427} -
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {CT id=e codeBase=http://www.www2.p0rt2.com/files/epl29bf2.cab classid=clsid:33331111-1111-1111-1111-615111193427} -
O16 - DPF: {CT id=e codeBase=http://www.www2.p0rt2.com/files/epl49bf2.cab classid=clsid:33331111-1111-1111-1111-615111193427} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{1DA883B3-95E8-4D25-BFDD-FDCF0BFF98EB}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{1DA883B3-95E8-4D25-BFDD-FDCF0BFF98EB}: NameServer = 205.188.146.145
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

merci de votre comprehension

47 réponses

Précédent
Réponse 21 / 47
yooy
2 juin 2007 à 17:49
merci beaucoup je fais ceci au plus vite !!!!
0
Réponse 22 / 47
yooy
2 juin 2007 à 17:54
Logfile of HijackThis v1.99.1
Scan saved at 17:52:50, on 02/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\e-Carte Bleue\CL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [eCarteBleue-CLEO] "C:\Program Files\e-Carte Bleue\CL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe" /dontopenmycards
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [hpfsched] C:\WINDOWS\hpfsched.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: https://www.orpi.com/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{02EE8895-8F1F-4692-A0BB-35465579E640}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{02EE8895-8F1F-4692-A0BB-35465579E640}: NameServer = 192.168.0.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
0
Réponse 23 / 47
yooy
2 juin 2007 à 17:58
j' ai justefait un copier/coller, je nai rien fait d'autre de peur de faire une erreur ( ex: je n'ai fixer aucun objet )
0
Réponse 24 / 47
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
2 juin 2007 à 18:22
ok,

*
o Prendre connaissance du contenu du lien suivant: http://www.f-secure.com/products/license-terms/eult_fra.pdf
o Vous avez donc pris connaissance et accepté les conditions d'utilisations du programme blacklight qui est inclus dans le dossier compressé navilog1.zip que vous allez télécharger.
o Faire un clic droit sur ce lien : http://perso.orange.fr/il.mafioso/Navifix/Navilog1.zip
o Enregistrez la cible (du lien) sous... et enregistrez-le sur le bureau.
o Faire un clic droit sur navilog1.zip et choisir "tout extraire"
o Double-cliquez sur navilog1.bat
o Arriver au menu principal, choisir l'option 1 et valider.
o Patientez jusqu'au message : Analyse Termine le ...
o Le rapport sera en outre sauvegardé à la racine du disque (fixnavi.txt), poste le stp !

++

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 47
yooy
2 juin 2007 à 18:56
ok pas de problèmes
0
Réponse 26 / 47
yooy
2 juin 2007 à 18:58
je ferais sa pendant la mi-temps du match se soir ou avant si je peux.
0
Réponse 27 / 47
yooy
2 juin 2007 à 22:18
Search Navipromo version 2.0.2 commencé le 02/06/2007 à 21:51:33,29

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 17.05.2007 a 23h00 by IL-MAFIOSO

Executé en mode normal

*** Recherche Programmes installes ***




*** Recherche dossiers dans C:\WINDOWS ***




*** Recherche dossiers dans C:\Program Files ***




*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




*** Recherche dossiers dans C:\Documents and Settings\utilisateur\Application Data ***



*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en

Fichier(s) caché(s) dans C:\WINDOWS\system32 :

c:\WINDOWS\system32\dvwbjjtak.dat
C:\windows\system32\dvwbjjtak.exe
c:\WINDOWS\system32\dvwbjjtak_nav.dat
c:\WINDOWS\system32\dvwbjjtak_navps.dat

Processus caché(s) dans C:\WINDOWS\system32 :

C:\windows\system32\dvwbjjtak.exe


*** Recherche fichiers ***


C:\WINDOWS\system32\nvs2.inf trouvé !


*** Recherche cles registre ***


Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]



Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]



Recherche Clé Magic Control

HKEY_CURRENT_USER\Software\Lanconfig trouvé !


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:


2)Recherche Heuristique :
*
C:\WINDOWS\system32\dvwbjjtak.dat trouvé !
**
C:\WINDOWS\system32\dvwbjjtak.dat trouvé !
***
****
C:\WINDOWS\system32\dvwbjjtak_navps.dat trouvé !
*****
******
*******
********
C:\WINDOWS\system32\dvwbjjtak.exe trouvé !


*** Analyse Terminé le 02/06/2007 à 22:14:52,76 ***
0
Réponse 28 / 47
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
2 juin 2007 à 23:17
ok,

o Double-cliquer sur navilog1.bat
o Arriver au menu principal, choisir l'option 2 et valider.
o Indiquer le mode de nettoyage "automatique"
o Répondre aux questions éventuelles, le bureau disparaîtra, c'est normal !
o Patienter jusqu'au message : Nettoyage Termine le ...
o Sauvegarder le rapport de manière à le retrouver, puis fermer le blocnote, le bureau réapparaîtra
o Redémarrer en mode normal, le rapport sera en outre sauvegardé à la racine du disque (cleannavi.txt), poste le stp

ensuite, fais ceci :

virus methode preliminaire de desinfection version fr

++

0
Réponse 29 / 47
yooy
3 juin 2007 à 12:25
Clean Navipromo version 2.0.2 commencé le 03/06/2007 à 12:09:46,23

Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 17.05.2007 a 23h00 by IL-MAFIOSO

Mode suppression automatique avec prise en charge résultats Blacklight


*** Creation backups fichiers trouvés par Blacklight ***

Copie vers "C:\Program Files\navilog1\Backupnavi"


*** Suppression des fichiers trouvés avec Blacklight ***

c:\WINDOWS\system32\dvwbjjtak.dat supprimé !
C:\windows\system32\dvwbjjtak.exe supprimé !
c:\WINDOWS\system32\dvwbjjtak_nav.dat supprimé !
c:\WINDOWS\system32\dvwbjjtak_navps.dat supprimé !

** 2ème passage **

C:\WINDOWS\system32\dvwbjjtak.exe absent !
C:\WINDOWS\system32\dvwbjjtak.dat absent !
C:\WINDOWS\system32\dvwbjjtak_nav.dat absent !
C:\WINDOWS\system32\dvwbjjtak_navps.dat absent !
C:\WINDOWS\system32\dvwbjjtak_navup.dat absent !
C:\WINDOWS\system32\dvwbjjtak_navtmp.dat absent !
C:\WINDOWS\system32\dvwbjjtak_m2s.xml absent !


C:\WINDOWS\prefetch\dvwbjjtak*.pf trouvé !
Copie C:\WINDOWS\prefetch\dvwbjjtak*.pf réalise avec succes !
C:\WINDOWS\prefetch\dvwbjjtak*.pf supprimé !

*** Suppression dossiers dans C:\WINDOWS ***


*** Suppression dossiers dans C:\Program Files ***


*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***


*** Suppression dossiers dans C:\Documents and Settings\utilisateur\Application Data ***



*** Suppression fichiers ***

C:\WINDOWS\system32\nvs2.inf supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\utilisateur\Local Settings\Temp effectué !


*** Sauvegarde du registre vers dossier Backupnavi***


sauvegarde du registre réalise avec succes !


*** Nettoyage registre ***


Nettoyage registre Ok

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:


2)Recherche et Suppression Heuristique :

*
**
***
****
*****
******
*******
********

3)Contrôle présence clés Rootkit dans le registre :

Aucune autre clés présente dans le registre !

*** Nettoyage termine le 03/06/2007 à 12:13:17,26 ***
0
Réponse 30 / 47
yooy
3 juin 2007 à 12:28
ensuite, fais ceci :

virus methode preliminaire de desinfection version fr



je ferais ceci surment mercredi
0
Réponse 31 / 47
yooy
3 juin 2007 à 12:40
j'ai fait ce qui été demander avec ccleaner donc j'ai fait l'anayse et j'ai lancer le nettoyage ensuite j'ai rechercher puis reparer toute les erreur jusqu'à ce qu'il n'y en est plus ( je les fait 2 fois et au bout de la 3eme il n'y avait plus d'erreur voici les 2 rapports d'erreur
0
Réponse 32 / 47
yooy
3 juin 2007 à 12:42
Windows Registry Editor Version 5.00


[HKEY_CLASSES_ROOT\.dip]
@="dipFile"


[HKEY_CLASSES_ROOT\.FRA]
@="AcroExch.Lang"


[HKEY_CLASSES_ROOT\.ifo]
@="WinDVD.playback"


[HKEY_CLASSES_ROOT\.ima]
@="IncrediContent"


[HKEY_CLASSES_ROOT\.imk]


[HKEY_CLASSES_ROOT\.nia]
@="NikonCapture.ImageAdjustment"


[HKEY_CLASSES_ROOT\.nid]
@="Nikon.IPTC Data"


[HKEY_CLASSES_ROOT\.niv]
@="Pacman_2005"


[HKEY_CLASSES_ROOT\.ppi]
@="ppifile"


[HKEY_CLASSES_ROOT\.prc]
@="prc_auto_file"


[HKEY_CLASSES_ROOT\.pt]
@="ptfile"


[HKEY_CLASSES_ROOT\PlayData]
@=""


[HKEY_CLASSES_ROOT\SysmonLogManager.Snapin]


[HKEY_CLASSES_ROOT\WMPCD]


[HKEY_CLASSES_ROOT\{]


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.1]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.1\OpenWithList]
"a"="My Pictures And Sounds.exe"
"MRUList"="a"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\OpenWithProgids]
"RealPlayer.3GPP2.10"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.awb]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.awb\OpenWithProgids]
"RealPlayer.AMR_WB.10"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dgr]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dgr\OpenWithList]
"a"="viewer.exe"
"MRUList"="ab"
"b"="FaxTool.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dgr\OpenWithProgids]
"Viewer"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.don]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.don\OpenWithList]
"a"="WebTarot.exe"
"MRUList"="a"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.drm]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.drm\OpenWithList]
"a"="msnmsgr.exe"
"MRUList"="a"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.imf]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.imf\OpenWithList]
"a"="ImpCnt.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.imf\OpenWithProgids]
"IncrediContent"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.imn]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.imn\OpenWithList]
"a"="ImpCnt.exe"
"MRUList"="ba"
"b"="iexplore.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.imn\OpenWithProgids]
"IncrediContent"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\OpenWithProgids]
"RealPlayer.M4A.6"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mez]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp1]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp1\OpenWithProgids]
"RealPlayer.MP1.6"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpga]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpga\OpenWithProgids]
"RealPlayer.MPGA.6"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ofc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ofc\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PBP]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PBP\OpenWithList]
"a"="msnmsgr.exe"
"MRUList"="a"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.php]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.php\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pls]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pls\OpenWithList]
"a"="mmjblaunch.exe"
"MRUList"="ba"
"b"="iexplore.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pls\OpenWithProgids]
"RealPlayer.PLSPL.6"=hex(0):
"MMJB.PLS"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ra]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ra\OpenWithProgids]
"RealPlayer.RA.6"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ram]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ram\OpenWithList]
"a"="iexplore.exe"
"MRUList"="ab"
"b"="RealPlay.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ram\OpenWithProgids]
"RealPlayer.RAM.6"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rax]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rax\OpenWithProgids]
"RealPlayer.RAX.6"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rf]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgi]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgp]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgs]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgs\OpenWithList]


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rjs]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rjt]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rm]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rm\OpenWithProgids]
"RealPlayer.RM.6"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmj]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmj\OpenWithProgids]
"RealJukebox.RMJ.1"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmm]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmm\OpenWithProgids]
"RealPlayer.RAM.6"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmp]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmp\OpenWithProgids]
"RealJukebox.RMP.1"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rms]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rms\OpenWithProgids]
"RealPlayer.RMS.6"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmvb]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmvb\OpenWithProgids]
"RealPlayer.RMVB.6"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmx]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmx\OpenWithProgids]
"RealJukebox.RMX.1"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rnx]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rp]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rpl]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rpl\OpenWithProgids]
"RealPlayer.RPL.6"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsml]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsml\OpenWithProgids]
"RealPlayer.RSML.6"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rt]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rv]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rv\OpenWithProgids]
"RealPlayer.RV.6"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rvx]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rvx\OpenWithProgids]
"RealPlayer.RVX.6"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sav]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sav\OpenWithList]
"a"="1stTarot.exe"
"MRUList"="a"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdp]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smi]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smi\OpenWithProgids]
"RealPlayer.SMIL.6"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\OpenWithProgids]
"RealPlayer.SMIL.6"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ssm]
"Application"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ssm\OpenWithProgids]
"SSM"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent]
"Application"="bittorrent.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent\OpenWithList]
"a"="bittorrent.exe"
"MRUList"="ba"
"b"="iexplore.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent\OpenWithProgids]
"bittorrent"=hex(0):


[HKEY_CLASSES_ROOT\AU_ISC]
@="AU ISC Server Application"

[HKEY_CLASSES_ROOT\AU_ISC\CLSID]
@="{499C2688-85A5-41B5-B8A7-DCC8DCF797B4}"

[HKEY_CLASSES_ROOT\AU_ISC\CurVer]
@="AU_ISC.1"


[HKEY_CLASSES_ROOT\AU_ISC.1]
@="AU ISC Server Application"

[HKEY_CLASSES_ROOT\AU_ISC.1\CLSID]
@="{499C2688-85A5-41B5-B8A7-DCC8DCF797B4}"


[HKEY_CLASSES_ROOT\BackWeb.Client-7288971]
@="BackWeb Client"

[HKEY_CLASSES_ROOT\BackWeb.Client-7288971\CLSID]
@="{034E43C2-36FC-4BDE-97C5-25E6FC4444B6}"


[HKEY_CLASSES_ROOT\BackWeb.Client.ScriptHelper-7288971]
@="BW Client ScriptHelper Class"

[HKEY_CLASSES_ROOT\BackWeb.Client.ScriptHelper-7288971\CLSID]
@="{CAEF9D56-0816-4984-BE91-B1B2ED801BE5}"


[HKEY_CLASSES_ROOT\BackWeb.FileAccess-7288971]
@="BackWeb Client Files Access"

[HKEY_CLASSES_ROOT\BackWeb.FileAccess-7288971\CLSID]
@="{BB7CDE7C-5FB0-46E5-A3F4-EF118FACE08B}"


[HKEY_CLASSES_ROOT\BackWeb.FileAccessViaDir-7288971]
@="BackWeb Client Files Access Via Directory"

[HKEY_CLASSES_ROOT\BackWeb.FileAccessViaDir-7288971\CLSID]
@="{CF6067D7-D10C-4767-B04C-148E6EBB1574}"


[HKEY_CLASSES_ROOT\BackWeb.FileReplication-7288971]
@="BackWeb File Replicator"

[HKEY_CLASSES_ROOT\BackWeb.FileReplication-7288971\CLSID]
@="{2A426D47-51C3-4A79-B064-95FD87DAB5D1}"


[HKEY_CLASSES_ROOT\BackWeb.FileReplicationCleanup-7288971]
@="BackWeb File Replication Cleanup"

[HKEY_CLASSES_ROOT\BackWeb.FileReplicationCleanup-7288971\CLSID]
@="{1FD8D838-74A9-4DF8-936F-0D87ED49AD3C}"


[HKEY_CLASSES_ROOT\bwpfile\shell\open]

[HKEY_CLASSES_ROOT\bwpfile\shell\open\command]
@="C:\\Program Files\\Kodak\\Kodak Software Updater\\7288971\\6.3.2.62-7288971L\\Program\\PrvCnt.exe \"%1\""


[HKEY_CLASSES_ROOT\CDDBControl.CDDBControl2]
@="CDDBControl2 Class"

[HKEY_CLASSES_ROOT\CDDBControl.CDDBControl2\CLSID]
@="{69E9B473-22E6-471D-8683-84BD1E4BECE1}"


[HKEY_CLASSES_ROOT\CDDBControl.CDDBControl2.1]
@="CDDBControl2 Class"

[HKEY_CLASSES_ROOT\CDDBControl.CDDBControl2.1\CLSID]
@="{69E9B473-22E6-471D-8683-84BD1E4BECE1}"


[HKEY_CLASSES_ROOT\CMAudioProperty]
@="CMAudio WDM Property Component"

[HKEY_CLASSES_ROOT\CMAudioProperty\CLSID]
@="{201FEC6C-E94E-450c-8ECB-5297957441A6}"

[HKEY_CLASSES_ROOT\CMAudioProperty\CurVer]
@="CMAudioPropertyCOM.7"


[HKEY_CLASSES_ROOT\CMAudioProperty.7]
@="CMAudio WDM Property Component"

[HKEY_CLASSES_ROOT\CMAudioProperty.7\CLSID]
@="{201FEC6C-E94E-450c-8ECB-5297957441A6}"


[HKEY_CLASSES_ROOT\DirectAnimation.PathControl]
@="Microsoft DirectAnimation Path"

[HKEY_CLASSES_ROOT\DirectAnimation.PathControl\CLSID]
@="{D7A7D7C3-D47F-11D0-89D3-00A0C90833E6}"


[HKEY_CLASSES_ROOT\DirectAnimation.Sequence]
@="Microsoft DirectAnimation Sequence"

[HKEY_CLASSES_ROOT\DirectAnimation.Sequence\CLSID]
@="{4F241DB1-EE9F-11D0-9824-006097C99E51}"


[HKEY_CLASSES_ROOT\DirectAnimation.SequencerControl]
@="Microsoft DirectAnimation Sequencer"

[HKEY_CLASSES_ROOT\DirectAnimation.SequencerControl\CLSID]
@="{B0A6BAE2-AAF0-11D0-A152-00A0C908DB96}"


[HKEY_CLASSES_ROOT\DirectAnimation.SpriteControl]
@="Microsoft DirectAnimation Sprite"

[HKEY_CLASSES_ROOT\DirectAnimation.SpriteControl\CLSID]
@="{FD179533-D86E-11D0-89D6-00A0C90833E6}"


[HKEY_CLASSES_ROOT\DirectAnimation.StructuredGraphicsControl]
@="Microsoft DirectAnimation Structured Graphics"

[HKEY_CLASSES_ROOT\DirectAnimation.StructuredGraphicsControl\CLSID]
@="{369303C2-D7AC-11D0-89D5-00A0C90833E6}"


[HKEY_CLASSES_ROOT\IgfxExt.CUIExternal]

[HKEY_CLASSES_ROOT\IgfxExt.CUIExternal\CLSID]
@="{7160A13D-73DA-4CEA-95B9-37356478588A}"

[HKEY_CLASSES_ROOT\IgfxExt.CUIExternal\CurVer]
@="IgfxExt.CUIExternal.1"


[HKEY_CLASSES_ROOT\IgfxExt.CUIExternal.1]

[HKEY_CLASSES_ROOT\IgfxExt.CUIExternal.1\CLSID]
@="{7160A13D-73DA-4CEA-95B9-37356478588A}"


[HKEY_CLASSES_ROOT\Keyhole.KHFeature]
@="KHFeature Class"

[HKEY_CLASSES_ROOT\Keyhole.KHFeature\CLSID]
@="{B153D707-447A-4538-913E-6146B3FDEE02}"


[HKEY_CLASSES_ROOT\Keyhole.KHFeature.1]
@="KHFeature Class"

[HKEY_CLASSES_ROOT\Keyhole.KHFeature.1\CLSID]
@="{B153D707-447A-4538-913E-6146B3FDEE02}"


[HKEY_CLASSES_ROOT\Keyhole.KHViewExtents]
@="KHViewExtents Class"

[HKEY_CLASSES_ROOT\Keyhole.KHViewExtents\CLSID]
@="{63E6BE14-A742-4EEA-8AF3-0EC39F10F850}"


[HKEY_CLASSES_ROOT\Keyhole.KHViewExtents.1]
@="KHViewExtents Class"

[HKEY_CLASSES_ROOT\Keyhole.KHViewExtents.1\CLSID]
@="{63E6BE14-A742-4EEA-8AF3-0EC39F10F850}"


[HKEY_CLASSES_ROOT\Kodak.ActiveUpdateTargetingManager.1]
@="Kodak ActiveUpdateTargetingManager Class"

[HKEY_CLASSES_ROOT\Kodak.ActiveUpdateTargetingManager.1\CLSID]
@="{8DBFE843-D7DF-4cfc-B62C-05A6899139E2}"


[HKEY_CLASSES_ROOT\MPS.MediaCollection]
@="MediaCollection Object"

[HKEY_CLASSES_ROOT\MPS.MediaCollection\CLSID]
@="{D2D7C995-532D-492f-93A9-220034F5DACE}"


[HKEY_CLASSES_ROOT\MPS.MediaCollection.1]
@="MediaCollection Object"

[HKEY_CLASSES_ROOT\MPS.MediaCollection.1\CLSID]
@="{D2D7C995-532D-492f-93A9-220034F5DACE}"


[HKEY_CLASSES_ROOT\OpPrintServer2]
@="OpPrintServer2"

[HKEY_CLASSES_ROOT\OpPrintServer2\CLSID]
@="{629CACAE-B028-11D2-BA9E-00A024BF101B}"


[HKEY_CLASSES_ROOT\PhotoRecord.Album]
@="Album PhotoRecord"

[HKEY_CLASSES_ROOT\PhotoRecord.Album\CLSID]
@="{FEDCFFC1-BEC4-11D1-93B9-0060979C8AB8}"


[HKEY_CLASSES_ROOT\PhotoRecord.PRIndexSupplyPhotos]
@="PhotoRecord.PRIndexSupplyPhotos"

[HKEY_CLASSES_ROOT\PhotoRecord.PRIndexSupplyPhotos\CLSID]
@="{860F3E90-4E7A-11D5-886A-00105A5B9D8F}"


[HKEY_CLASSES_ROOT\PhotoRecord.PRNewPhoto]
@="PhotoRecord.PRNewPhoto"

[HKEY_CLASSES_ROOT\PhotoRecord.PRNewPhoto\CLSID]
@="{6F367ED8-67E4-11D2-A24A-0060979C8AB8}"


[HKEY_CLASSES_ROOT\PhotoRecord.PRSupplyPhotos]
@="PhotoRecord.PRSupplyPhotos"

[HKEY_CLASSES_ROOT\PhotoRecord.PRSupplyPhotos\CLSID]
@="{6F367EDB-67E4-11D2-A24A-0060979C8AB8}"


[HKEY_CLASSES_ROOT\PhotoRecord.PRSupplyPhotosV2]
@="PhotoRecord.PRSupplyPhotosV2"

[HKEY_CLASSES_ROOT\PhotoRecord.PRSupplyPhotosV2\CLSID]
@="{16974310-631D-11D7-B000-0050DACF11B0}"


[HKEY_CLASSES_ROOT\RXResult.RXResultFilter]
@="RXResultFilter Class"

[HKEY_CLASSES_ROOT\RXResult.RXResultFilter\CLSID]
@="{2AB289AE-4B90-4281-B2AE-1F4BB034B647}"


[HKEY_CLASSES_ROOT\RXResult.RXResultFilter.1]
@="RXResultFilter Class"

[HKEY_CLASSES_ROOT\RXResult.RXResultFilter.1\CLSID]
@="{2AB289AE-4B90-4281-B2AE-1F4BB034B647}"


[HKEY_CLASSES_ROOT\Shareaza.AVIPreviewer.1]
@="Partial AVI Preview Filter for Shareaza"

[HKEY_CLASSES_ROOT\Shareaza.AVIPreviewer.1\CLSID]
@="{394011F0-6D5C-42a3-96C6-24B9AD6B010C}"


[HKEY_CLASSES_ROOT\Shareaza.AVIThumb.1]
@="AVIThumb ImageService"

[HKEY_CLASSES_ROOT\Shareaza.AVIThumb.1\CLSID]
@="{4956C5F5-D9A8-4CBB-8994-F53CF55CFDF5}"


[HKEY_CLASSES_ROOT\Shareaza.JPEGReader.1]
@="JPEGReader ImageService"

[HKEY_CLASSES_ROOT\Shareaza.JPEGReader.1\CLSID]
@="{5E6309F2-9971-4683-9445-F548E81BEC07}"


[HKEY_CLASSES_ROOT\Shareaza.MP3Previewer.1]
@="Partial MP3 Preview Filter for Shareaza"

[HKEY_CLASSES_ROOT\Shareaza.MP3Previewer.1\CLSID]
@="{BF00DBCC-90A2-4f46-8171-7D4F929D035F}"


[HKEY_CLASSES_ROOT\Shareaza.MPEGPreviewer.1]
@="Partial MPEG-1 Preview Filter for Shareaza"

[HKEY_CLASSES_ROOT\Shareaza.MPEGPreviewer.1\CLSID]
@="{9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646}"


[HKEY_CLASSES_ROOT\Shareaza.PNGReader.1]
@="PNGReader ImageService"

[HKEY_CLASSES_ROOT\Shareaza.PNGReader.1\CLSID]
@="{D427C22F-23FB-4E51-A8B8-70F2036ED3BA}"


[HKEY_CLASSES_ROOT\Shareaza.SimpleScope.1]
@="SimpleScopes Audio Visualisation for Shareaza"

[HKEY_CLASSES_ROOT\Shareaza.SimpleScope.1\CLSID]
@="{591A5CFF-3172-4020-A067-238542DDE9C2}"


[HKEY_CLASSES_ROOT\Shareaza.SoniqueVis.1]
@="Sonique Visualisation Wrapper"

[HKEY_CLASSES_ROOT\Shareaza.SoniqueVis.1\CLSID]
@="{D07E630D-A850-4f11-AD29-3D3848B67EFE}"


[HKEY_CLASSES_ROOT\Shareaza.VideoThumb.1]
@="Generic Video Thumbnailer Plugin"

[HKEY_CLASSES_ROOT\Shareaza.VideoThumb.1\CLSID]
@="{17BF74FD-69AF-4BD5-A982-EA6DE6F3449C}"


[HKEY_CLASSES_ROOT\Shareaza.WMPVis.1]
@="Windows Media Player Visualisation Wrapper"

[HKEY_CLASSES_ROOT\Shareaza.WMPVis.1\CLSID]
@="{C3B7B25C-6B8B-481A-BC48-59F9A6F7B69A}"


[HKEY_CLASSES_ROOT\CLSID\{F2091BB4-9A72-4FB8-8453-B90B604E0588}]
@="AdsCleanerServer Object"

[HKEY_CLASSES_ROOT\CLSID\{F2091BB4-9A72-4FB8-8453-B90B604E0588}\LocalServer32]
@="C:\\PROGRA~1\\SOFTIN~1\\ADSCLE~1\\ADSCLE~1.EXE"

[HKEY_CLASSES_ROOT\CLSID\{F2091BB4-9A72-4FB8-8453-B90B604E0588}\ProgID]
@="AdsCleaner.AdsCleanerServer"

[HKEY_CLASSES_ROOT\CLSID\{F2091BB4-9A72-4FB8-8453-B90B604E0588}\TypeLib]
@="{09638E39-F5CB-4163-BF93-CD43CD87F0D3}"

[HKEY_CLASSES_ROOT\CLSID\{F2091BB4-9A72-4FB8-8453-B90B604E0588}\Version]
@="1.0"


[HKEY_CLASSES_ROOT\Applications\bittorrent.exe\shell\open]

[HKEY_CLASSES_ROOT\Applications\bittorrent.exe\shell\open\command]
@="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" \"%1\""


[HKEY_CLASSES_ROOT\Applications\DAMES_~1.EXE\shell\open]

[HKEY_CLASSES_ROOT\Applications\DAMES_~1.EXE\shell\open\command]
@="C:\\DOCUME~1\\UTILIS~1\\LOCALS~1\\TEMPOR~1\\Content.IE5\\G3XJAMZD\\DAMES_~1.EXE \"%1\""


[HKEY_CLASSES_ROOT\Applications\DAMES_~1.EXE\shell\print]

[HKEY_CLASSES_ROOT\Applications\DAMES_~1.EXE\shell\print\command]
@="C:\\DOCUME~1\\UTILIS~1\\LOCALS~1\\TEMPOR~1\\Content.IE5\\G3XJAMZD\\DAMES_~1.EXE /p \"%1\""


[HKEY_CLASSES_ROOT\Applications\DAMES_~1.EXE\shell\printto]

[HKEY_CLASSES_ROOT\Applications\DAMES_~1.EXE\shell\printto\command]
@="C:\\DOCUME~1\\UTILIS~1\\LOCALS~1\\TEMPOR~1\\Content.IE5\\G3XJAMZD\\DAMES_~1.EXE /pt \"%1\" \"%2\" \"%3\" \"%4\""


[HKEY_CLASSES_ROOT\Applications\ImLc.exe\shell\open]
@=""

[HKEY_CLASSES_ROOT\Applications\ImLc.exe\shell\open\command]
@="C:\\PROGRA~1\\INCRED~1\\bin\\ImLc.exe \"%1\""


[HKEY_CLASSES_ROOT\Applications\ImpCnt.exe\shell\open]
@=""

[HKEY_CLASSES_ROOT\Applications\ImpCnt.exe\shell\open\command]
@="C:\\PROGRA~1\\INCRED~1\\bin\\ImpCnt.exe /tmp /locate /depend \"%1\""


[HKEY_CLASSES_ROOT\Applications\mmjblaunch.exe\shell\Open]

[HKEY_CLASSES_ROOT\Applications\mmjblaunch.exe\shell\Open\command]
@="\"C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\mmjblaunch.exe\" \"%1\""


[HKEY_CLASSES_ROOT\Applications\mmjblaunch.exe\shell\Play]

[HKEY_CLASSES_ROOT\Applications\mmjblaunch.exe\shell\Play\command]
@="\"C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\mmjblaunch.exe\" \"%1\""


[HKEY_CLASSES_ROOT\Applications\RealPlay.exe\shell\open]

[HKEY_CLASSES_ROOT\Applications\RealPlay.exe\shell\open\command]
@="\"C:\\Program Files\\Real\\RealPlayer\\realplay.exe\" \"%1\""


[HKEY_CLASSES_ROOT\Applications\ti.exe\shell\Install]

[HKEY_CLASSES_ROOT\Applications\ti.exe\shell\Install\Command]
@="\"C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\ti.exe\" \"%1\""


[HKEY_CLASSES_ROOT\Applications\ti.exe\shell\Open]

[HKEY_CLASSES_ROOT\Applications\ti.exe\shell\Open\command]
@="\"C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\ti.exe\" \"%1\""


[HKEY_CLASSES_ROOT\Applications\viewer.exe\shell\Open]

[HKEY_CLASSES_ROOT\Applications\viewer.exe\shell\Open\Command]
@="\"C:\\Program Files\\FaxTools\\viewer.exe\" %1"


[HKEY_CLASSES_ROOT\Applications\WinDVD.exe\shell\open]
@=""

[HKEY_CLASSES_ROOT\Applications\WinDVD.exe\shell\open\command]
@="\"C:\\Mes téléchargements\\WinDVD.exe\" %1"


[HKEY_CLASSES_ROOT\Applications\WinDVD.exe\shell\play]
@="&Play in WinDVD"

[HKEY_CLASSES_ROOT\Applications\WinDVD.exe\shell\play\command]
@="\"C:\\Mes téléchargements\\WinDVD.exe\" %1"


[HKEY_CLASSES_ROOT\Applications\winzip32.exe\shell\open]
@="Ouvrir avec &WinZip"

[HKEY_CLASSES_ROOT\Applications\winzip32.exe\shell\open\command]
@="C:\\PROGRA~1\\WINZIP\\winzip32.exe \"%1\""


[HKEY_CLASSES_ROOT\Applications\winzip32.exe\shell\print]

[HKEY_CLASSES_ROOT\Applications\winzip32.exe\shell\print\command]
@="C:\\PROGRA~1\\WINZIP\\winzip32.exe /print /ni \"%1\""


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe]
@="C:\\Program Files\\Hijackthis Version Française\\hijackthis.exe"
"Path"="C:\\Program Files\\Hijackthis Version Française"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Outils Microsoft Office\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Comparisonics\\FSPalette\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Comparisonics\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\CameraWindow\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\baby\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\baby\\Clipart\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\baby\\textframes\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\beach\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\beach\\clipart\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\birthday\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\birthday\\Clipart\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\children\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\children\\textframes\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\christmas\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\christmas\\clipart\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\christmas\\textframes\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\classic\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\classic\\textframes\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\clipart\\birds\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\clipart\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\clipart\\events\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\clipart\\flowers\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\clipart\\pets\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\clipart\\sport\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\clipart\\stickers\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\crests\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\floral\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\frames\\border\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\frames\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\frames\\sketch\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\frames\\tacks\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\frames\\tacks\\text\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\frames\\wood\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\fun\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\fun\\clipart\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\fun\\textframes\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\glorious\\Backgrounds\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\glorious\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\glorious\\Particles\\Baby_fun\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\glorious\\Particles\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\glorious\\Particles\\bears\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\glorious\\Particles\\birthyday_modern\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\glorious\\Particles\\blurs\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\glorious\\Particles\\bubbles\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\glorious\\Particles\\bugs\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\glorious\\Particles\\christmas\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\glorious\\Particles\\clouds\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\glorious\\Particles\\discs\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\glorious\\Particles\\leafs\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\glorious\\Particles\\weddings\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\halloween\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\halloween\\clipart\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\halloween\\textframe\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\lines\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\maple\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\mask\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\modern\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\Nippon1\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\Nippon1\\clipart\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\Nippon1\\text_frames\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\Nippon2\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\Nippon2\\clipart\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\Nippon2\\text_frames\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\numbers\\bold\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\numbers\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\numbers\\classic\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\numbers\\modern\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\numbers\\stencil\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\Nursery1\\clipart\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\Nursery1\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\Nursery1\\frames\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\Nursery1\\text frames\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\Nursery2\\clipart\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\Nursery2\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\Nursery2\\frames\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\Nursery2\\text frames\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\oriental\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\paper\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\rocks\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\romance\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\simple\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\simple\\tacks & pins\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\textframes\\explosion\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\textframes\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\textframes\\float\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\textframes\\float2\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\textframes\\flourish\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\textframes\\flourish2\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\textframes\\note\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\textframes\\plaque\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\textframes\\scroll\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\textframes\\speech\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\textframes\\thought\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\textures\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\themes\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\themes\\icons\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\travel\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\travel\\clipart\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\travel\\textframes\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\web_teasers\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\wedding\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\wedding\\clipart\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\wood\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Canon\\PhotoRecord\\art\\wood\\text\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\WINDOWS\\PCHEALTH\\ERRORREP\\QHEADLES\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\WINDOWS\\PCHEALTH\\ERRORREP\\QSIGNOFF\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\WINDOWS\\winsxs\\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_0de56c07\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis]
"DisplayName"="HijackThis 1.99.1"
"UninstallString"="C:\\Program Files\\Hijackthis Version Française\\HijackThis.exe /uninstall"
"DisplayIcon"="C:\\Program Files\\Hijackthis Version Française\\HijackThis.exe"
"DisplayVersion"="1.99.1"
"Publisher"="Soeperman Enterprises Ltd."
"URLInfoAbout"="http://ww11.spywareinfo.com/~merijn/"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AltnetDM]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,60,78,00,00,00,00,00,00,01,e8,\
ef,45,14,c6,01,00,00,00,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,6c,00,74,00,6e,\
00,65,00,74,00,5c,00,44,00,6f,00,77,00,6e,00,6c,00,6f,00,61,00,64,00,20,00,\
4d,00,61,00,6e,00,61,00,67,00,65,00,72,00,5c,00,61,00,73,00,6d,00,65,00,6e,\
00,64,00,2e,00,65,00,78,00,65,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ieupdate]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,38,fd,19,\
66,52,55,c4,01,08,00,00,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,49,00,6e,00,74,00,65,\
00,72,00,6e,00,65,00,74,00,20,00,45,00,78,00,70,00,6c,00,6f,00,72,00,65,00,\
72,00,5c,00,49,00,45,00,58,00,50,00,4c,00,4f,00,52,00,45,00,2e,00,45,00,58,\
00,45,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iNetFormFiller Trial]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,e0,4e,00,00,00,00,00,8e,01,c4,\
58,f2,97,c7,01,00,00,00,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,69,00,4e,00,65,00,74,\
00,46,00,6f,00,72,00,6d,00,46,00,69,00,6c,00,6c,00,65,00,72,00,20,00,54,00,\
72,00,69,00,61,00,6c,00,5c,00,69,00,4e,00,65,00,74,00,46,00,6f,00,72,00,6d,\
00,46,00,69,00,6c,00,6c,00,65,00,72,00,2e,00,65,00,78,00,65,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\INSTAFINK]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,c0,09,00,00,00,00,00,32,52,5e,\
f1,45,14,c6,01,00,00,00,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,49,00,4e,00,53,00,54,\
00,41,00,46,00,49,00,4e,00,4b,00,5c,00,49,00,6e,00,73,00,74,00,61,00,46,00,\
69,00,6e,00,64,00,65,00,72,00,4b,00,5f,00,69,00,6e,00,73,00,74,00,2e,00,65,\
00,78,00,65,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB810243]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB817778]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB820291]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB821253]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,0
0
Réponse 33 / 47
yooy
3 juin 2007 à 12:43
Windows Registry Editor Version 5.00


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FRA]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FRA\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FRA\OpenWithProgids]
"AcroExch.Lang"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.prc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.prc\OpenWithList]
"a"="AcroRd32.exe"
"MRUList"="cba"
"b"="wmplayer.exe"
"c"="iexplore.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.prc\OpenWithProgids]
"prc_auto_file"=hex(0):


[HKEY_CLASSES_ROOT\AdsCleaner.AdsCleanerServer]
@="AdsCleanerServer Object"

[HKEY_CLASSES_ROOT\AdsCleaner.AdsCleanerServer\Clsid]
@="{F2091BB4-9A72-4FB8-8453-B90B604E0588}"


[HKEY_CLASSES_ROOT\Applications\bittorrent.exe]

[HKEY_CLASSES_ROOT\Applications\bittorrent.exe\shell]
@="open"


[HKEY_CLASSES_ROOT\Applications\DAMES_~1.EXE]

[HKEY_CLASSES_ROOT\Applications\DAMES_~1.EXE\shell]


[HKEY_CLASSES_ROOT\Applications\ImLc.exe]

[HKEY_CLASSES_ROOT\Applications\ImLc.exe\shell]
@="open"


[HKEY_CLASSES_ROOT\Applications\ImpCnt.exe]

[HKEY_CLASSES_ROOT\Applications\ImpCnt.exe\shell]


[HKEY_CLASSES_ROOT\Applications\mmjblaunch.exe]

[HKEY_CLASSES_ROOT\Applications\mmjblaunch.exe\shell]
@="Play"


[HKEY_CLASSES_ROOT\Applications\RealPlay.exe]
@=""

[HKEY_CLASSES_ROOT\Applications\RealPlay.exe\DefaultIcon]
@="C:\\Program Files\\Real\\RealPlayer\\realplay.exe,0"

[HKEY_CLASSES_ROOT\Applications\RealPlay.exe\shell]

[HKEY_CLASSES_ROOT\Applications\RealPlay.exe\SupportedTypes]
@=""
".mp3"=""
".m3u"=""
".cda"=""
".wav"=""
".mpg"=""
".mpeg"=""
".mpv"=""
".mps"=""
".m2v"=""
".m1v"=""
".mpe"=""
".mpa"=""
".avi"=""
".mp4"=""
".m4e"=""
".rt"=""
".rnx"=""
".rmp"=""
".rms"=""
".rjs"=""
".ra"=""
".rax"=""
".rm"=""
".rmvb"=""
".rp"=""
".ram"=""
".rmm"=""
".rsml"=""
".rv"=""
".rvx"=""
".rmj"=""
".rjt"=""
".rmx"=""
".wma"=""
".wmv"=""
".wax"=""
".asx"=""
".asf"=""
".wm"=""
".wmx"=""
".wvx"=""
".mov"=""
".qt"=""
".aac"=""
".m4a"=""
".m4p"=""
".mp2"=""
".mp1"=""
".mpga"=""
".pls"=""
".xpl"=""
".smi"=""
".smil"=""
".ssm"=""
".sdp"=""
".au"=""
".aif"=""
".aiff"=""
".mid"=""
".midi"=""
".rmi"=""
".acp"=""
".lmsff"=""
".lqt"=""
".lavs"=""
".lar"=""
".la1"=""
".rpl"=""
".3gp"=""
".amr"=""
".awb"=""
".3g2"=""
".rpm"=""


[HKEY_CLASSES_ROOT\Applications\ti.exe]

[HKEY_CLASSES_ROOT\Applications\ti.exe\shell]
@="Install"


[HKEY_CLASSES_ROOT\Applications\viewer.exe]

[HKEY_CLASSES_ROOT\Applications\viewer.exe\shell]


[HKEY_CLASSES_ROOT\Applications\WinDVD.exe]

[HKEY_CLASSES_ROOT\Applications\WinDVD.exe\shell]
@="play"


[HKEY_CLASSES_ROOT\Applications\winzip32.exe]

[HKEY_CLASSES_ROOT\Applications\winzip32.exe\shell]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\HijackThis]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,f0,0d,00,00,00,00,00,a8,13,19,\
02,2e,a5,c7,01,00,00,00,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,48,00,69,00,6a,00,61,\
00,63,00,6b,00,74,00,68,00,69,00,73,00,20,00,56,00,65,00,72,00,73,00,69,00,\
6f,00,6e,00,20,00,46,00,72,00,61,00,6e,00,e7,00,61,00,69,00,73,00,65,00,5c,\
00,56,00,45,00,52,00,53,00,49,00,4f,00,4e,00,20,00,54,00,52,00,41,00,44,00,\
55,00,49,00,54,00,45,00,20,00,4f,00,52,00,49,00,47,00,49,00,4e,00,41,00,4c,\
00,45,00,2e,00,45,00,58,00,45,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000
0
Réponse 34 / 47
yooy
3 juin 2007 à 12:46
je fais la suite des manipulations au plus vite !!
0
Réponse 35 / 47
yooy
3 juin 2007 à 12:59
en ce moment je fais l'analyse avec AVG-ANTISPYWARE je poste le rapport tout de suite après
0
Réponse 36 / 47
yooy
3 juin 2007 à 13:49
voici le rapport AVG anti-spyware ( j'ai tout supprimé )

AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 13:47:35 03/06/2007

+ Résultat de l'analyse:



C:\Documents and Settings\utilisateur\Cookies\utilisateur@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\utilisateur\Cookies\utilisateur@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\utilisateur\Cookies\utilisateur@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\utilisateur\Cookies\utilisateur@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\utilisateur\Cookies\utilisateur@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\utilisateur\Cookies\utilisateur@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\utilisateur\Cookies\utilisateur@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\utilisateur\Cookies\utilisateur@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.


Fin du rapport
0
Réponse 37 / 47
yooy
3 juin 2007 à 15:03
voila le rapport bitdefender

BitDefender Online Scanner - Real Time Virus Report



Generated at: Sun, Jun 03, 2007 - 15:02:29


--------------------------------------------------------------------------------





Scan Info



Scanned Files
175990

Infected Files
0








Virus Detected



No virus found.











--------------------------------------------------------------------------------



This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.
0
Réponse 38 / 47
yooy
3 juin 2007 à 15:06
voila un dernier rapport hijack pour finir

Logfile of HijackThis v1.99.1
Scan saved at 15:05:22, on 03/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\e-Carte Bleue\CL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\cisvc.exe
C:\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [eCarteBleue-CLEO] "C:\Program Files\e-Carte Bleue\CL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe" /dontopenmycards
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [hpfsched] C:\WINDOWS\hpfsched.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: https://www.orpi.com/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{02EE8895-8F1F-4692-A0BB-35465579E640}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{02EE8895-8F1F-4692-A0BB-35465579E640}: NameServer = 192.168.0.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
0
Réponse 39 / 47
yooy
3 juin 2007 à 15:06
mon probleme est-il résolut ?
0
Réponse 40 / 47
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
3 juin 2007 à 15:27
ok, à toi de me le dire :)

où en sont tes soucis ???

++
0

Discussions similaires

Problème de clavier, des fenêtre s'ouvrent !!
Lyon691D -
tanteelise -

5 réponses
Conhost.exe
ThaBestGamer -
bazfile -

3 réponses
Afficher deux fenêtres côte à côte
ptitchinoise -
pistouri -

11 réponses
Mon ordinateur ouvre des pages du bureau tout seul
Tanguy -
Tanguy -

9 réponses