Se connecter / S'enregistrer
Votre question

Ordinateur qui Lag

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
26 Juillet 2008 17:01:32

Bonjour à tous !

Je suis chez des amis ou leurs ordianateurs lag, j'ai défragmenté, fait nettoyage de disque et j'ai réparé les erreurs du DD.

Mais toujours ces lag qui perssitent, alors j'ai pensé a un virus !
Si vous pourriez me répondre au plus vite. Merci

Voila le scan HiJackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:55:38, on 26/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\vVX3000.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_forma...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

--
End of file - 4565 bytes

Autres pages sur : ordinateur lag

26 Juillet 2008 22:31:09

Bonsoir,

Pas d'infection visible.

Désinstalle via Ajout/Suppression de Programmes (si présents) :
  • Avast!

    Télécharge et exécute : http://www.avast.com/eng/avast-uninstall-utility.html

    Télécharge Ccleaner sur ton Bureau.

  • Clique sur "download the latest version"
  • Installe-le en laissant seulement les options suivantes cochées :
    - Ajouter un raccourci sur le Bureau
    - Contrôler automatiquement les mises à jour de CCleaner
  • Lance le Nettoyage
  • Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

    Aide : Comment utiliser CCleaner.

    ***************

    Télécharge AntiVir sur ton Bureau.

  • Double clique sur l'exécutable téléchargé pour lancer l'installation.
  • A la fin de l'installation, clique sur Finish.
  • Ouvre Antivir, assure-toi qu’il soit bien à jour !
  • Dans l'onglet Local Protection, choisis Scanner.
  • Active la recherche de rootkits via le + de rootkit search, puis dans manual selection, coche tout (tes partitions de disque dur).
  • Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur.
  • Poste moi le rapport généré : Pour cela, clique sur l'onglet Overview, puis choisis Reports, tu trouveras son rapport..

    Note : Pour une éradication des menaces plus efficace, lance le scan en mode sans échec.

    Pourquoi changer ? Avast vs Antivir.

    Aide : Comment installer et utiliser AntiVir.
    27 Juillet 2008 16:08:04

    Bonjour,

    1) Alors voici le rapport de CCleaner :

    Windows Registry Editor Version 5.00


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\SonyCDMAComms.dll"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\EricDAMPSFoneBookComms.dll"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\EricFoneBookComms.dll"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\NokiaGFoneBookDriver.dll"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\NokiaHFoneBookDriver.dll"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\NokiaTDMAComms.dll"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\NullFoneBookComms.dll"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\SmartLynxFoneBookComms.dll"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\07_07FoneBookComms.dll"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\SamCDMAFoneBookDriver.dll"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\CDMA1FoneBookDriver.dll"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\MitsubishiTDMAComms.dll"=dword:00000001

    [HKEY_CLASSES_ROOT\.aa]

    [HKEY_CLASSES_ROOT\OWS Collaboration Objects]

    [HKEY_CLASSES_ROOT\SysmonLogManager.Snapin]

    [HKEY_CLASSES_ROOT\WMPCD]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adh]
    "Progid"="adhfile"
    "Application"="C:\\Program Files\\Audible\\Bin\\adhelper.exe"

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr\OpenWithList]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bak]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bak\OpenWithList]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mo3]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mo3\OpenWithList]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.part]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.part\OpenWithList]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pps]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pps\OpenWithList]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\OpenWithList]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sav]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sav\OpenWithList]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\OpenWithList]

    [HKEY_CLASSES_ROOT\acrobat\DefaultIcon]

    [HKEY_CLASSES_ROOT\ADCS]

    [HKEY_CLASSES_ROOT\ADCS\CLSID]

    [HKEY_CLASSES_ROOT\AOL Instant Messenger.ConfigFile\shell\open]

    [HKEY_CLASSES_ROOT\AOL Instant Messenger.ConfigFile\shell\open\command]

    [HKEY_CLASSES_ROOT\Connection Manager Profile\DefaultIcon]

    [HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open]

    [HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open\command]

    [HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...]

    [HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...\command]

    [HKEY_CLASSES_ROOT\DirectAnimation.PathControl]

    [HKEY_CLASSES_ROOT\DirectAnimation.PathControl\CLSID]

    [HKEY_CLASSES_ROOT\DirectAnimation.Sequence]

    [HKEY_CLASSES_ROOT\DirectAnimation.Sequence\CLSID]

    [HKEY_CLASSES_ROOT\DirectAnimation.SequencerControl]

    [HKEY_CLASSES_ROOT\DirectAnimation.SequencerControl\CLSID]

    [HKEY_CLASSES_ROOT\DirectAnimation.SpriteControl]

    [HKEY_CLASSES_ROOT\DirectAnimation.SpriteControl\CLSID]

    [HKEY_CLASSES_ROOT\DirectAnimation.StructuredGraphicsControl]

    [HKEY_CLASSES_ROOT\DirectAnimation.StructuredGraphicsControl\CLSID]

    [HKEY_CLASSES_ROOT\msbackupfile\DefaultIcon]

    [HKEY_CLASSES_ROOT\msbackupfile\shell\Open]

    [HKEY_CLASSES_ROOT\msbackupfile\shell\Open\Command]

    [HKEY_CLASSES_ROOT\zapfile\DefaultIcon]

    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}]

    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Control]

    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories]

    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]

    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]

    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\InprocServer32]
    "ThreadingModel"="Apartment"

    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\MiscStatus]

    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\MiscStatus\1]

    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\ProgID]

    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\ToolboxBitmap32]

    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\TypeLib]

    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Version]

    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\VersionIndependentProgID]

    [HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}]

    [HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\InprocServer32]
    "ThreadingModel"="Apartment"

    [HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\LocalServer32]
    "ThreadingModel"="Apartment"

    [HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\ProgID]

    [HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\Programmable]

    [HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\Version]

    [HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\VersionIndependentProgID]

    [HKEY_CLASSES_ROOT\CLSID\{15CD8E06-CE75-4DE4-A9E3-B81E61BF8634}]

    [HKEY_CLASSES_ROOT\CLSID\{15CD8E06-CE75-4DE4-A9E3-B81E61BF8634}\InprocServer32]
    "ThreadingModel"="Apartment"

    [HKEY_CLASSES_ROOT\CLSID\{15CD8E06-CE75-4DE4-A9E3-B81E61BF8634}\ProgID]

    [HKEY_CLASSES_ROOT\CLSID\{15CD8E06-CE75-4DE4-A9E3-B81E61BF8634}\Typelib]

    [HKEY_CLASSES_ROOT\CLSID\{15CD8E06-CE75-4DE4-A9E3-B81E61BF8634}\Version]

    [HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}]

    [HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\InprocServer32]
    "ThreadingModel"="Apartment"

    [HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\ProgID]

    [HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\Programmable]

    [HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\TypeLib]

    [HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\VersionIndependentProgID]

    [HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}]
    "AppID"="{8C9C3BC1-AFBF-402F-841D-1C9AC27719F6}"

    [HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\Control]

    [HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\InprocServer32]
    "ThreadingModel"="Apartment"

    [HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\MiscStatus]

    [HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\MiscStatus\1]

    [HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\ProgID]

    [HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\Programmable]

    [HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\ToolboxBitmap32]

    [HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\TypeLib]

    [HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\Version]

    [HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\VersionIndependentProgID]

    [HKEY_CLASSES_ROOT\CLSID\{F69ADEAD-271E-4084-A184-A66604A59DBD}]

    [HKEY_CLASSES_ROOT\CLSID\{F69ADEAD-271E-4084-A184-A66604A59DBD}\InprocServer32]
    "ThreadingModel"="Apartment"

    [HKEY_CLASSES_ROOT\CLSID\{F69ADEAD-271E-4084-A184-A66604A59DBD}\ProgID]

    [HKEY_CLASSES_ROOT\CLSID\{F69ADEAD-271E-4084-A184-A66604A59DBD}\Typelib]

    [HKEY_CLASSES_ROOT\CLSID\{F69ADEAD-271E-4084-A184-A66604A59DBD}\Version]

    [HKEY_CLASSES_ROOT\Applications\moviemk.exe]

    [HKEY_CLASSES_ROOT\Applications\moviemk.exe\shell]
    "FriendlyCache"="Movie Maker"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe]
    "Path"="C:\\WINDOWS\\system32"
    "CmstpExtensionDll"="C:\\WINDOWS\\system32\\cmcfg32.dll"
    "CMInternalVersion"="1.2"
    "CmNative"=dword:00000001
    "ProfilesUpgraded"=dword:00000001

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\YourApp.exe]
    "Path"="C:\\Program Files\\Wireless 802.11g Monitor"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Help]
    "nmplace.hlp"="C:\\Program Files\\Microsoft Office\\Office\\1036\\"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\HTML Help]
    "msjro.chm"="C:\\Program Files\\Fichiers communs\\System\\Ado\\"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\HTML Help]
    "dao360.chm"="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\DAO\\"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\HTML Help]
    "jetsql40.chm"="C:\\Program Files\\Microsoft Office\\Office\\1036\\"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\HTML Help]
    "jetdef40.chm"="C:\\Program Files\\Microsoft Office\\Office\\1036\\"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\HTML Help]
    "artgalry.chm"="C:\\Program Files\\Microsoft Office\\Office\\1036\\"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AIM]
    "SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,10,a1,00,00,00,00,00,8c,b9,4c,\
    0f,dc,74,c0,01,06,00,00,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
    61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,49,00,4d,00,5c,\
    00,61,00,69,00,6d,00,2e,00,65,00,78,00,65,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00
    "Changed"=dword:00000000

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\CANONBJ_Deinstall_CNMCP75.DLL]
    "SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,b0,70,01,00,00,00,00,ff,ff,ff,\
    ff,ff,ff,ff,ff,02,00,00,00,43,00,3a,00,5c,00,44,00,6f,00,63,00,75,00,6d,00,\
    65,00,6e,00,74,00,73,00,20,00,61,00,6e,00,64,00,20,00,53,00,65,00,74,00,74,\
    00,69,00,6e,00,67,00,73,00,5c,00,41,00,6c,00,6c,00,20,00,55,00,73,00,65,00,\
    72,00,73,00,2e,00,57,00,49,00,4e,00,44,00,4f,00,57,00,53,00,5c,00,41,00,70,\
    00,70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,00,20,00,44,00,61,00,\
    74,00,61,00,5c,00,43,00,61,00,6e,00,6f,00,6e,00,42,00,4a,00,5c,00,49,00,4a,\
    00,50,00,72,00,69,00,6e,00,74,00,65,00,72,00,5c,00,43,00,4e,00,4d,00,57,00,\
    49,00,4e,00,44,00,4f,00,57,00,53,00,5c,00,43,00,61,00,6e,00,6f,00,6e,00,20,\
    00,69,00,50,00,31,00,36,00,30,00,30,00,20,00,49,00,6e,00,73,00,74,00,61,00,\
    6c,00,6c,00,65,00,72,00,5c,00,49,00,6e,00,73,00,74,00,32,00,5c,00,43,00,6e,\
    00,6d,00,76,00,73,00,61,00,2e,00,65,00,78,00,65,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
    00,00,00,00,00,00,00,00
    "Changed"=dword:00000000

    [HKEY_CURRENT_USER\Software\Alcatel]

    [HKEY_CURRENT_USER\Software\America Online]

    [HKEY_CURRENT_USER\Software\VB and VBA Program Settings]

    [HKEY_LOCAL_MACHINE\Software\ItsLabel]

    [HKEY_LOCAL_MACHINE\Software\Paragon]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AIM]
    "Order"=hex:08,00,00,00,02,00,00,00,80,01,00,00,01,00,00,00,03,00,00,00,6a,\
    00,00,00,00,00,00,00,5c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,4a,00,\
    32,00,6e,02,00,00,22,2a,13,86,20,00,41,49,4d,2e,6c,6e,6b,00,26,00,03,00,04,\
    00,ef,be,22,2a,13,86,7e,38,f9,93,14,00,00,00,41,00,49,00,4d,00,2e,00,6c,00,\
    6e,00,6b,00,00,00,16,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,16,00,00,00,00,\
    00,00,00,00,00,94,00,00,00,01,00,00,00,86,00,00,00,41,75,67,4d,02,00,00,00,\
    01,00,00,00,74,00,32,00,e5,02,00,00,22,2a,13,86,20,00,44,53,49,4e,53,54,7e,\
    31,2e,4c,4e,4b,00,00,4a,00,03,00,04,00,ef,be,22,2a,13,86,7e,38,f9,93,14,00,\
    00,00,44,00,e9,00,73,00,69,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,61,00,74,\
    00,69,00,6f,00,6e,00,20,00,64,00,27,00,41,00,49,00,4d,00,2e,00,6c,00,6e,00,\
    6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
    00,00,00,76,00,00,00,02,00,00,00,68,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
    00,00,56,00,32,00,72,02,00,00,22,2a,13,86,20,00,4c,69,63,65,6e,63,65,2e,6c,\
    6e,6b,00,2e,00,03,00,04,00,ef,be,22,2a,13,86,7e,38,f9,93,14,00,00,00,4c,00,\
    69,00,63,00,65,00,6e,00,63,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1a,00,0e,\
    00,00,00,0a,00,ef,be,00,00,00,00,1a,00,00,00,00,00,00,00,00,00

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AudibleManager]
    "Order"=hex:08,00,00,00,02,00,00,00,30,03,00,00,01,00,00,00,04,00,00,00,9a,\
    00,00,00,00,00,00,00,8c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,7a,00,\
    32,00,87,06,00,00,26,38,30,73,20,00,41,55,44,49,42,4c,7e,31,2e,4c,4e,4b,00,\
    00,50,00,03,00,04,00,ef,be,26,38,30,73,46,38,d4,7b,14,00,00,00,41,00,75,00,\
    64,00,69,00,62,00,6c,00,65,00,20,00,44,00,6f,00,77,00,6e,00,6c,00,6f,00,61,\
    00,64,00,20,00,4d,00,61,00,6e,00,61,00,67,00,65,00,72,00,2e,00,6c,00,6e,00,\
    6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,01,00,00,00,1c,00,00,00,00,00,00,\
    00,00,00,86,00,00,00,01,00,00,00,78,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
    00,00,66,00,32,00,52,06,00,00,26,38,35,73,20,00,41,55,44,49,42,4c,7e,32,2e,\
    4c,4e,4b,00,00,3c,00,03,00,04,00,ef,be,26,38,e4,6c,46,38,d4,7b,14,00,00,00,\
    41,00,75,00,64,00,69,00,62,00,6c,00,65,00,4d,00,61,00,6e,00,61,00,67,00,65,\
    00,72,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,01,00,\
    00,00,1c,00,00,00,00,00,00,00,00,00,a0,00,00,00,02,00,00,00,92,00,00,00,41,\
    75,67,4d,02,00,00,00,01,00,00,00,80,00,32,00,68,06,00,00,26,38,35,73,20,00,\
    44,53,49,4e,53,54,7e,31,2e,4c,4e,4b,00,00,56,00,03,00,04,00,ef,be,26,38,e4,\
    6c,46,38,d4,7b,14,00,00,00,44,00,e9,00,73,00,69,00,6e,00,73,00,74,00,61,00,\
    6c,00,6c,00,65,00,7a,00,20,00,41,00,75,00,64,00,69,00,62,00,6c,00,65,00,4d,\
    00,61,00,6e,00,61,00,67,00,65,00,72,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,\
    0e,00,00,00,0a,00,ef,be,01,00,00,00,1c,00,00,00,00,00,00,00,00,00,64,01,00,\
    00,03,00,00,00,56,01,00,00,41,75,67,4d,02,00,00,00,02,00,00,00,9a,00,32,00,\
    92,06,00,00,26,38,33,73,20,00,54,4c,43,48,41,52,7e,31,2e,4c,4e,4b,00,00,70,\
    00,03,00,04,00,ef,be,26,38,ce,6c,46,38,d4,7b,14,00,00,00,54,00,e9,00,6c,00,\
    e9,00,63,00,68,00,61,00,72,00,67,00,65,00,7a,00,20,00,67,00,72,00,61,00,74,\
    00,75,00,69,00,74,00,65,00,6d,00,65,00,6e,00,74,00,20,00,32,00,20,00,74,00,\
    69,00,74,00,72,00,65,00,73,00,20,00,61,00,75,00,64,00,69,00,6f,00,73,00,2e,\
    00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,\
    00,00,a8,00,32,00,92,06,00,00,26,38,33,73,20,00,54,4c,43,48,41,52,7e,31,2e,\
    4c,4e,4b,00,00,70,00,03,00,04,00,ef,be,26,38,ce,6c,46,38,d4,7b,14,00,00,00,\
    54,00,e9,00,6c,00,e9,00,63,00,68,00,61,00,72,00,67,00,65,00,7a,00,20,00,67,\
    00,72,00,61,00,74,00,75,00,69,00,74,00,65,00,6d,00,65,00,6e,00,74,00,20,00,\
    32,00,20,00,74,00,69,00,74,00,72,00,65,00,73,00,20,00,61,00,75,00,64,00,69,\
    00,6f,00,73,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,00,00,ef,be,\
    01,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,01,00,00,00,1c,00,00,00,00,00,00,\
    00,00,00

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\avast! Antivirus]
    "Order"=hex:08,00,00,00,02,00,00,00,8c,01,00,00,01,00,00,00,03,00,00,00,6e,\
    00,00,00,00,00,00,00,60,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,4e,00,\
    32,00,5b,07,00,00,90,38,b1,64,20,00,41,69,64,65,2e,6c,6e,6b,00,00,28,00,03,\
    00,04,00,ef,be,90,38,b1,64,90,38,b1,64,14,00,00,00,41,00,69,00,64,00,65,00,\
    2e,00,6c,00,6e,00,6b,00,00,00,18,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,18,\
    00,00,00,00,00,00,00,00,00,8a,00,00,00,01,00,00,00,7c,00,00,00,41,75,67,4d,\
    02,00,00,00,01,00,00,00,6a,00,32,00,b9,06,00,00,90,38,b1,64,20,00,41,56,41,\
    53,54,21,7e,31,2e,4c,4e,4b,00,00,40,00,03,00,04,00,ef,be,90,38,b1,64,90,38,\
    b1,64,14,00,00,00,61,00,76,00,61,00,73,00,74,00,21,00,20,00,41,00,6e,00,74,\
    00,69,00,76,00,69,00,72,00,75,00,73,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,\
    0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,88,00,00,\
    00,02,00,00,00,7a,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,68,00,32,00,\
    57,00,00,00,90,38,b1,64,20,00,53,49,54,45,57,45,7e,31,2e,55,52,4c,00,00,3e,\
    00,03,00,04,00,ef,be,90,38,b1,64,90,38,b1,64,14,00,00,00,53,00,69,00,74,00,\
    65,00,20,00,57,00,65,00,62,00,20,00,61,00,76,00,61,00,73,00,74,00,21,00,2e,\
    00,75,00,72,00,6c,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,\
    00,00,00,00,00,00,00,00

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon iP1600]
    "Order"=hex:08,00,00,00,02,00,00,00,08,01,00,00,01,00,00,00,02,00,00,00,82,\
    00,00,00,00,00,00,00,74,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,62,00,\
    32,00,ff,03,00,00,ea,34,b3,70,20,00,44,53,49,4e,53,54,7e,31,2e,4c,4e,4b,00,\
    00,38,00,03,00,04,00,ef,be,ea,34,b3,70,7e,38,fb,93,14,00,00,00,44,00,e9,00,\
    73,00,69,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,65,00,72,00,2e,00,6c,00,6e,\
    00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,\
    00,00,00,00,7a,00,00,00,01,00,00,00,6c,00,00,00,41,75,67,4d,02,00,00,00,01,\
    00,00,00,5a,00,32,00,24,06,00,00,ea,34,b3,70,20,00,4c,69,73,65,7a,6d,6f,69,\
    2e,6c,6e,6b,00,00,30,00,03,00,04,00,ef,be,ea,34,b3,70,7e,38,fb,93,14,00,00,\
    00,4c,00,69,00,73,00,65,00,7a,00,6d,00,6f,00,69,00,2e,00,6c,00,6e,00,6b,00,\
    00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,\
    00

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Dofus]
    "Order"=hex:08,00,00,00,02,00,00,00,18,01,00,00,01,00,00,00,02,00,00,00,9c,\
    00,00,00,01,00,00,00,8e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,7c,00,\
    32,00,f3,01,00,00,d0,36,f9,76,20,00,44,53,49,4e,53,54,7e,31,2e,4c,4e,4b,00,\
    00,52,00,03,00,04,00,ef,be,d0,36,f9,76,eb,36,36,5f,14,00,00,00,44,00,e9,00,\
    73,00,69,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,65,00,72,00,20,00,44,00,6f,\
    00,66,00,75,00,73,00,20,00,31,00,2e,00,31,00,38,00,2e,00,32,00,2e,00,6c,00,\
    6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,\
    00,00,00,00,00,70,00,00,00,00,00,00,00,62,00,00,00,41,75,67,4d,02,00,00,00,\
    01,00,00,00,50,00,32,00,8a,02,00,00,d0,36,fa,76,20,00,44,6f,66,75,73,2e,6c,\
    6e,6b,00,2a,00,03,00,04,00,ef,be,d0,36,fa,76,eb,36,2a,5a,14,00,00,00,44,00,\
    6f,00,66,00,75,00,73,00,2e,00,6c,00,6e,00,6b,00,00,00,18,00,0e,00,00,00,0a,\
    00,ef,be,00,00,00,00,18,00,00,00,00,00,00,00,00,00

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\EA Games]
    "Order"=hex:08,00,00,00,02,00,00,00,b8,00,00,00,01,00,00,00,01,00,00,00,ac,\
    00,00,00,00,00,00,00,9e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,8c,00,\
    31,00,00,00,00,00,22,2a,54,89,10,00,48,41,52,52,59,50,7e,31,00,00,66,00,03,\
    00,04,00,ef,be,22,2a,54,89,84,38,ec,69,14,00,00,00,48,00,61,00,72,00,72,00,\
    79,00,20,00,50,00,6f,00,74,00,74,00,65,00,72,00,20,00,65,00,74,00,20,00,6c,\
    00,61,00,20,00,43,00,68,00,61,00,6d,00,62,00,72,00,65,00,20,00,64,00,65,00,\
    73,00,20,00,53,00,65,00,63,00,72,00,65,00,74,00,73,00,20,00,00,00,18,00,0e,\
    00,00,00,0a,00,ef,be,00,00,00,00,18,00,00,00,00,00,00,00,00,00

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\EA Games\Harry Potter et la Chambre des Secrets ]
    "Order"=hex:08,00,00,00,02,00,00,00,a4,02,00,00,01,00,00,00,04,00,00,00,94,\
    00,00,00,00,00,00,00,86,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,74,00,\
    32,00,6f,07,00,00,22,2a,54,89,20,00,41,53,53,49,53,54,7e,31,2e,4c,4e,4b,00,\
    00,4a,00,03,00,04,00,ef,be,22,2a,54,89,7e,38,00,94,14,00,00,00,41,00,73,00,\
    73,00,69,00,73,00,74,00,61,00,6e,00,63,00,65,00,20,00,74,00,65,00,63,00,68,\
    00,6e,00,69,00,71,00,75,00,65,00,20,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,\
    0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,d2,00,00,\
    00,01,00,00,00,c4,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,b2,00,32,00,\
    25,07,00,00,22,2a,54,89,20,00,44,53,49,4e,53,54,7e,31,2e,4c,4e,4b,00,00,88,\
    00,03,00,04,00,ef,be,22,2a,54,89,7e,38,00,94,14,00,00,00,44,00,e9,00,73,00,\
    69,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,65,00,72,00,20,00,48,00,61,00,72,\
    00,72,00,79,00,20,00,50,00,6f,00,74,00,74,00,65,00,72,00,20,00,65,00,74,00,\
    20,00,6c,00,61,00,20,00,43,00,68,00,61,00,6d,00,62,00,72,00,65,00,20,00,64,\
    00,65,00,73,00,20,00,53,00,65,00,63,00,72,00,65,00,74,00,73,00,20,00,2e,00,\
    6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,\
    00,00,00,00,00,00,00,b8,00,00,00,02,00,00,00,aa,00,00,00,41,75,67,4d,02,00,\
    00,00,01,00,00,00,98,00,32,00,33,07,00,00,22,2a,54,89,20,00,48,41,52,52,59,\
    50,7e,31,2e,4c,4e,4b,00,00,6e,00,03,00,04,00,ef,be,22,2a,54,89,7e,38,00,94,\
    14,00,00,00,48,00,61,00,72,00,72,00,79,00,20,00,50,00,6f,00,74,00,74,00,65,\
    00,72,00,20,00,65,00,74,00,20,00,6c,00,61,00,20,00,43,00,68,00,61,00,6d,00,\
    62,00,72,00,65,00,20,00,64,00,65,00,73,00,20,00,53,00,65,00,63,00,72,00,65,\
    00,74,00,73,00,20,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,\
    ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7a,00,00,00,03,00,00,00,6c,\
    00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,00,32,00,ff,06,00,00,22,2a,\
    54,89,20,00,4c,69,73,65,7a,4d,6f,69,2e,6c,6e,6b,00,00,30,00,03,00,04,00,ef,\
    be,22,2a,54,89,7e,38,00,94,14,00,00,00,4c,00,69,00,73,00,65,00,7a,00,4d,00,\
    6f,00,69,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,\
    00,00,00,1c,00,00,00,00,00,00,00,00,00

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\EA Games\Harry Potter et la Chambre des Secrets ]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\EoRezo]
    "Order"=hex:08,00,00,00,02,00,00,00,02,01,00,00,01,00,00,00,02,00,00,00,7a,\
    00,00,00,00,00,00,00,6c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,00,\
    32,00,16,06,00,00,7c,38,43,58,20,00,45,6f,45,6e,67,69,6e,65,2e,6c,6e,6b,00,\
    00,30,00,03,00,04,00,ef,be,7c,38,43,58,84,38,73,6c,14,00,00,00,45,00,6f,00,\
    45,00,6e,00,67,00,69,00,6e,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,\
    00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7c,00,00,00,\
    01,00,00,00,6e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5c,00,32,00,c7,\
    01,00,00,7c,38,46,58,20,00,45,4f,57,45,41,54,7e,31,2e,4c,4e,4b,00,00,32,00,\
    03,00,04,00,ef,be,7c,38,46,58,84,38,73,6c,14,00,00,00,45,00,6f,00,57,00,65,\
    00,61,00,74,00,68,00,65,00,72,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,\
    00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ItsLabel]
    "Order"=hex:08,00,00,00,02,00,00,00,7c,00,00,00,01,00,00,00,01,00,00,00,70,\
    00,00,00,00,00,00,00,62,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,50,00,\
    32,00,c3,02,00,00,7c,38,47,58,20,00,49,74,73,54,56,2e,6c,6e,6b,00,2a,00,03,\
    00,04,00,ef,be,7c,38,47,58,84,38,73,6c,14,00,00,00,49,00,74,00,73,00,54,00,\
    56,00,2e,00,6c,00,6e,00,6b,00,00,00,18,00,0e,00,00,00,0a,00,ef,be,00,00,00,\
    00,18,00,00,00,00,00,00,00,00,00

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Lavasoft Ad-Aware SE Personal]
    "Order"=hex:08,00,00,00,02,00,00,00,d2,01,00,00,01,00,00,00,03,00,00,00,8e,\
    00,00,00,00,00,00,00,80,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,6e,00,\
    32,00,b3,06,00,00,22,2a,72,6b,20,00,41,44,2d,41,57,41,7e,32,2e,4c,4e,4b,00,\
    00,44,00,03,00,04,00,ef,be,22,2a,72,6b,7e,38,01,94,14,00,00,00,41,00,64,00,\
    2d,00,41,00,77,00,61,00,72,00,65,00,20,00,53,00,45,00,20,00,4d,00,61,00,6e,\
    00,75,00,61,00,6c,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,\
    ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,92,00,00,00,01,00,00,00,84,\
    00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,72,00,32,00,55,03,00,00,22,2a,\
    72,6b,20,00,41,44,2d,41,57,41,7e,31,2e,4c,4e,4b,00,00,48,00,03,00,04,00,ef,\
    be,22,2a,72,6b,7e,38,01,94,14,00,00,00,41,00,64,00,2d,00,41,00,77,00,61,00,\
    72,00,65,00,20,00,53,00,45,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,\
    00,6c,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,\
    00,00,1c,00,00,00,00,00,00,00,00,00,a6,00,00,00,02,00,00,00,98,00,00,00,41,\
    75,67,4d,02,00,00,00,01,00,00,00,86,00,32,00,49,03,00,00,22,2a,72,6b,20,00,\
    55,4e,49,4e,53,54,7e,31,2e,4c,4e,4b,00,00,5c,00,03,00,04,00,ef,be,22,2a,72,\
    6b,7e,38,01,94,14,00,00,00,55,00,6e,00,69,00,6e,00,73,00,74,00,61,00,6c,00,\
    6c,00,20,00,41,00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,20,00,53,00,45,\
    00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,2e,00,6c,00,6e,00,\
    6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
    00,00,00

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Monte Cristo]
    "Order"=hex:08,00,00,00,02,00,00,00,88,00,00,00,01,00,00,00,01,00,00,00,7c,\
    00,00,00,00,00,00,00,6e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5c,00,\
    31,00,00,00,00,00,22,2a,41,82,10,00,46,49,52,45,44,45,7e,31,00,00,36,00,03,\
    00,04,00,ef,be,22,2a,41,82,84,38,ec,69,14,00,00,00,46,00,69,00,72,00,65,00,\
    20,00,44,00,65,00,70,00,61,00,72,00,74,00,6d,00,65,00,6e,00,74,00,00,00,18,\
    00,0e,00,00,00,0a,00,ef,be,00,00,00,00,18,00,00,00,00,00,00,00,00,00

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Monte Cristo\Fire Department]
    "Order"=hex:08,00,00,00,02,00,00,00,c8,02,00,00,01,00,00,00,05,00,00,00,84,\
    00,00,00,00,00,00,00,76,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,64,00,\
    32,00,6d,02,00,00,22,2a,41,82,20,00,43,4f,4e,46,49,47,7e,31,2e,4c,4e,4b,00,\
    00,3a,00,03,00,04,00,ef,be,22,2a,41,82,7e,38,02,94,14,00,00,00,43,00,6f,00,\
    6e,00,66,00,69,00,67,00,75,00,72,00,61,00,74,00,69,00,6f,00,6e,00,2e,00,6c,\
    00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,\
    00,00,00,00,00,00,82,00,00,00,01,00,00,00,74,00,00,00,41,75,67,4d,02,00,00,\
    00,01,00,00,00,62,00,32,00,ba,04,00,00,22,2a,41,82,20,00,44,53,49,4e,53,54,\
    7e,31,2e,4c,4e,4b,00,00,38,00,03,00,04,00,ef,be,22,2a,41,82,7e,38,02,94,14,\
    00,00,00,44,00,e9,00,73,00,69,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,65,00,\
    72,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,\
    00,1c,00,00,00,00,00,00,00,00,00,88,00,00,00,02,00,00,00,7a,00,00,00,41,75,\
    67,4d,02,00,00,00,01,00,00,00,68,00,32,00,bb,02,00,00,22,2a,41,82,20,00,46,\
    49,52,45,44,45,7e,31,2e,4c,4e,4b,00,00,3e,00,03,00,04,00,ef,be,22,2a,41,82,\
    7e,38,02,94,14,00,00,00,46,00,69,00,72,00,65,00,20,00,44,00,65,00,70,00,61,\
    00,72,00,74,00,6d,00,65,00,6e,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,\
    0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,9a,00,00,\
    00,03,00,00,00,8c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,7a,00,32,00,\
    85,00,00,00,22,2a,41,82,20,00,53,49,54,45,57,45,7e,31,2e,55,52,4c,00,00,50,\
    00,03,00,04,00,ef,be,22,2a,41,82,7e,38,02,94,14,00,00,00,53,00,69,00,74,00,\
    65,00,20,00,57,00,65,00,62,00,20,00,46,00,69,00,72,00,65,00,20,00,44,00,65,\
    00,70,00,61,00,72,00,74,00,6d,00,65,00,6e,00,74,00,2e,00,75,00,72,00,6c,00,\
    00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,\
    00,94,00,00,00,04,00,00,00,86,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,\
    74,00,32,00,76,00,00,00,22,2a,41,82,20,00,53,49,54,45,57,45,7e,32,2e,55,52,\
    4c,00,00,4a,00,03,00,04,00,ef,be,22,2a,41,82,7e,38,02,94,14,00,00,00,53,00,\
    69,00,74,00,65,00,20,00,57,00,65,00,62,00,20,00,4d,00,6f,00,6e,00,74,00,65,\
    00,20,00,43,00,72,00,69,00,73,00,74,00,6f,00,2e,00,75,00,72,00,6c,00,00,00,\
    1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Monte Cristo\Fire Department]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
    "C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"="avast! service GUI component"

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
    "C:\\Program Files\\Alwil Software\\Avast4\\setup\\avast.setup"="avast! antivirus Update"


    ---------------------------------------------------------------------------------------



    2) Voici le rapport d'Antivire :


    Avira AntiVir Personal
    Report file date: dimanche 27 juillet 2008 15:02

    Scanning for 1512830 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Boot mode: Save mode
    Username: Administrateur
    Computer name: MP-F6443725A9A4

    Version information:
    BUILD.DAT : 8.1.0.326 16933 Bytes 11/07/2008 12:57:00
    AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
    AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
    LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
    LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
    ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
    ANTIVIR2.VDF : 7.0.5.174 2027008 Bytes 25/07/2008 12:54:18
    ANTIVIR3.VDF : 7.0.5.176 40960 Bytes 26/07/2008 12:54:19
    Engineversion : 8.1.1.12
    AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:50
    AESCRIPT.DLL : 8.1.0.59 307579 Bytes 27/07/2008 12:54:44
    AESCN.DLL : 8.1.0.23 119156 Bytes 27/07/2008 12:54:42
    AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 08:46:50
    AEPACK.DLL : 8.1.2.1 364917 Bytes 27/07/2008 12:54:40
    AEOFFICE.DLL : 8.1.0.21 192891 Bytes 27/07/2008 12:54:36
    AEHEUR.DLL : 8.1.0.44 1343863 Bytes 27/07/2008 12:54:34
    AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:50
    AEGEN.DLL : 8.1.0.31 311669 Bytes 27/07/2008 12:54:25
    AEEMU.DLL : 8.1.0.6 430451 Bytes 09/07/2008 08:46:50
    AECORE.DLL : 8.1.1.7 172406 Bytes 27/07/2008 12:54:22
    AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42
    AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
    AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
    AVREP.DLL : 8.0.0.2 98561 Bytes 27/07/2008 12:54:20
    AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
    AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
    SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
    RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
    RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

    Configuration settings for the scan:
    Jobname..........................: Manual Selection
    Configuration file...............: C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: dimanche 27 juillet 2008 15:02

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    11 processes with 11 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '44' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!


    End of the scan: dimanche 27 juillet 2008 15:59
    Used time: 56:51 Minute(s)

    The scan has been done completely.

    3341 Scanning directories
    79454 Files were scanned
    0 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    0 files were moved to quarantine
    0 files were renamed
    1 Files cannot be scanned
    79453 Files not concerned
    699 Archives were scanned
    1 Warnings
    0 Notes



    Merci de ton aide !
    Contenus similaires
    27 Juillet 2008 17:18:20

    plop !!

    Citation :
    Dieu a créé la Terre par erreur


    Toi tu as envoyé le rapport Ccleaner heu... par erreur :) 

    Le rapport AntiVir (-e) n'est pas complet !!





    28 Juillet 2008 21:36:46

    bob_ a dit :
    plop !!

    Citation :
    Dieu a créé la Terre par erreur


    Toi tu as envoyé le rapport Ccleaner heu... par erreur :) 


    :lol: 

    J'ai bien regardé le rapport ne va pas plus loin que ça !
    Je refait un scan ?
    28 Juillet 2008 22:01:31

    Poste un nouveau rapport HijackThis :) 
    15 Août 2008 13:20:57

    Bonjour,

    Me revoila après quelque jours d'absence !
    Dés que je peux retourner chez la personne, je te post un rapport HiJackThis
    Mes excuses pour ne pas avoir donné de nouvelles.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS