Ordinateur qui Lag

Bonjour à tous !

Je suis chez des amis ou leurs ordianateurs lag, j'ai défragmenté, fait nettoyage de disque et j'ai réparé les erreurs du DD.

Mais toujours ces lag qui perssitent, alors j'ai pensé a un virus !
Si vous pourriez me répondre au plus vite. Merci

Voila le scan HiJackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:55:38, on 26/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\vVX3000.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/adve [...] &x_dp_id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

--
End of file - 4565 bytes

Répondre

Inscrivez-vous ou connectez-vous pour masquer ceci.

Bonsoir,

Pas d'infection visible.

Désinstalle via Ajout/Suppression de Programmes (si présents) :

Avast!

Télécharge et exécute : http://www.avast.com/eng/avast-uninstall-utility.html

Télécharge Ccleaner sur ton Bureau.

Clique sur "download the latest version"
Installe-le en laissant seulement les options suivantes cochées :

- Ajouter un raccourci sur le Bureau
- Contrôler automatiquement les mises à jour de CCleaner

Lance le Nettoyage
Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

Aide : Comment utiliser CCleaner.

***************

Télécharge AntiVir sur ton Bureau.

Double clique sur l'exécutable téléchargé pour lancer l'installation.
A la fin de l'installation, clique sur Finish.
Ouvre Antivir, assure-toi qu’il soit bien à jour !
Dans l'onglet Local Protection, choisis Scanner.
Active la recherche de rootkits via le + de rootkit search, puis dans manual selection, coche tout (tes partitions de disque dur).
Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur.
Poste moi le rapport généré : Pour cela, clique sur l'onglet Overview, puis choisis Reports, tu trouveras son rapport..

Note : Pour une éradication des menaces plus efficace, lance le scan en mode sans échec.

Pourquoi changer ? Avast vs Antivir.

Aide : Comment installer et utiliser AntiVir.

------------------------------ >> Centre de Formation Helpers <<
Répondre à XmichouX

Bonjour,

1) Alors voici le rapport de CCleaner :

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\SonyCDMAComms.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\EricDAMPSFoneBookComms.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\EricFoneBookComms.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\NokiaGFoneBookDriver.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\NokiaHFoneBookDriver.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\NokiaTDMAComms.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\NullFoneBookComms.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\SmartLynxFoneBookComms.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\07_07FoneBookComms.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\SamCDMAFoneBookDriver.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\CDMA1FoneBookDriver.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\TEMP\\_ISTMP0.DIR\\Drivers\\MitsubishiTDMAComms.dll"=dword:00000001

[HKEY_CLASSES_ROOT\.aa]

[HKEY_CLASSES_ROOT\OWS Collaboration Objects]

[HKEY_CLASSES_ROOT\SysmonLogManager.Snapin]

[HKEY_CLASSES_ROOT\WMPCD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adh]
"Progid"="adhfile"
"Application"="C:\\Program Files\\Audible\\Bin\\adhelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bak]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bak\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mo3]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mo3\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.part]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.part\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pps]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pps\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sav]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sav\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\OpenWithList]

[HKEY_CLASSES_ROOT\acrobat\DefaultIcon]

[HKEY_CLASSES_ROOT\ADCS]

[HKEY_CLASSES_ROOT\ADCS\CLSID]

[HKEY_CLASSES_ROOT\AOL Instant Messenger.ConfigFile\shell\open]

[HKEY_CLASSES_ROOT\AOL Instant Messenger.ConfigFile\shell\open\command]

[HKEY_CLASSES_ROOT\Connection Manager Profile\DefaultIcon]

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open]

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open\command]

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...]

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...\command]

[HKEY_CLASSES_ROOT\DirectAnimation.PathControl]

[HKEY_CLASSES_ROOT\DirectAnimation.PathControl\CLSID]

[HKEY_CLASSES_ROOT\DirectAnimation.Sequence]

[HKEY_CLASSES_ROOT\DirectAnimation.Sequence\CLSID]

[HKEY_CLASSES_ROOT\DirectAnimation.SequencerControl]

[HKEY_CLASSES_ROOT\DirectAnimation.SequencerControl\CLSID]

[HKEY_CLASSES_ROOT\DirectAnimation.SpriteControl]

[HKEY_CLASSES_ROOT\DirectAnimation.SpriteControl\CLSID]

[HKEY_CLASSES_ROOT\DirectAnimation.StructuredGraphicsControl]

[HKEY_CLASSES_ROOT\DirectAnimation.StructuredGraphicsControl\CLSID]

[HKEY_CLASSES_ROOT\msbackupfile\DefaultIcon]

[HKEY_CLASSES_ROOT\msbackupfile\shell\Open]

[HKEY_CLASSES_ROOT\msbackupfile\shell\Open\Command]

[HKEY_CLASSES_ROOT\zapfile\DefaultIcon]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Control]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\InprocServer32]
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\MiscStatus]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\MiscStatus\1]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\ProgID]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\ToolboxBitmap32]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\TypeLib]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Version]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\VersionIndependentProgID]

[HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}]

[HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\InprocServer32]
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\LocalServer32]
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\ProgID]

[HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\Version]

[HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\VersionIndependentProgID]

[HKEY_CLASSES_ROOT\CLSID\{15CD8E06-CE75-4DE4-A9E3-B81E61BF8634}]

[HKEY_CLASSES_ROOT\CLSID\{15CD8E06-CE75-4DE4-A9E3-B81E61BF8634}\InprocServer32]
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{15CD8E06-CE75-4DE4-A9E3-B81E61BF8634}\ProgID]

[HKEY_CLASSES_ROOT\CLSID\{15CD8E06-CE75-4DE4-A9E3-B81E61BF8634}\Typelib]

[HKEY_CLASSES_ROOT\CLSID\{15CD8E06-CE75-4DE4-A9E3-B81E61BF8634}\Version]

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}]

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\InprocServer32]
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\ProgID]

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\TypeLib]

[HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\VersionIndependentProgID]

[HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}]
"AppID"="{8C9C3BC1-AFBF-402F-841D-1C9AC27719F6}"

[HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\Control]

[HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\InprocServer32]
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\MiscStatus]

[HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\MiscStatus\1]

[HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\ProgID]

[HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\ToolboxBitmap32]

[HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\TypeLib]

[HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\Version]

[HKEY_CLASSES_ROOT\CLSID\{BE265956-6F5F-4790-9CAB-EDFAC64362EF}\VersionIndependentProgID]

[HKEY_CLASSES_ROOT\CLSID\{F69ADEAD-271E-4084-A184-A66604A59DBD}]

[HKEY_CLASSES_ROOT\CLSID\{F69ADEAD-271E-4084-A184-A66604A59DBD}\InprocServer32]
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{F69ADEAD-271E-4084-A184-A66604A59DBD}\ProgID]

[HKEY_CLASSES_ROOT\CLSID\{F69ADEAD-271E-4084-A184-A66604A59DBD}\Typelib]

[HKEY_CLASSES_ROOT\CLSID\{F69ADEAD-271E-4084-A184-A66604A59DBD}\Version]

[HKEY_CLASSES_ROOT\Applications\moviemk.exe]

[HKEY_CLASSES_ROOT\Applications\moviemk.exe\shell]
"FriendlyCache"="Movie Maker"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe]
"Path"="C:\\WINDOWS\\system32"
"CmstpExtensionDll"="C:\\WINDOWS\\system32\\cmcfg32.dll"
"CMInternalVersion"="1.2"
"CmNative"=dword:00000001
"ProfilesUpgraded"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\YourApp.exe]
"Path"="C:\\Program Files\\Wireless 802.11g Monitor"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Help]
"nmplace.hlp"="C:\\Program Files\\Microsoft Office\\Office\\1036\\"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\HTML Help]
"msjro.chm"="C:\\Program Files\\Fichiers communs\\System\\Ado\\"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\HTML Help]
"dao360.chm"="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\DAO\\"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\HTML Help]
"jetsql40.chm"="C:\\Program Files\\Microsoft Office\\Office\\1036\\"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\HTML Help]
"jetdef40.chm"="C:\\Program Files\\Microsoft Office\\Office\\1036\\"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\HTML Help]
"artgalry.chm"="C:\\Program Files\\Microsoft Office\\Office\\1036\\"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AIM]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,10,a1,00,00,00,00,00,8c,b9,4c,\
0f,dc,74,c0,01,06,00,00,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,49,00,4d,00,5c,\
00,61,00,69,00,6d,00,2e,00,65,00,78,00,65,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\CANONBJ_Deinstall_CNMCP75.DLL]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,b0,70,01,00,00,00,00,ff,ff,ff,\
ff,ff,ff,ff,ff,02,00,00,00,43,00,3a,00,5c,00,44,00,6f,00,63,00,75,00,6d,00,\
65,00,6e,00,74,00,73,00,20,00,61,00,6e,00,64,00,20,00,53,00,65,00,74,00,74,\
00,69,00,6e,00,67,00,73,00,5c,00,41,00,6c,00,6c,00,20,00,55,00,73,00,65,00,\
72,00,73,00,2e,00,57,00,49,00,4e,00,44,00,4f,00,57,00,53,00,5c,00,41,00,70,\
00,70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,00,20,00,44,00,61,00,\
74,00,61,00,5c,00,43,00,61,00,6e,00,6f,00,6e,00,42,00,4a,00,5c,00,49,00,4a,\
00,50,00,72,00,69,00,6e,00,74,00,65,00,72,00,5c,00,43,00,4e,00,4d,00,57,00,\
49,00,4e,00,44,00,4f,00,57,00,53,00,5c,00,43,00,61,00,6e,00,6f,00,6e,00,20,\
00,69,00,50,00,31,00,36,00,30,00,30,00,20,00,49,00,6e,00,73,00,74,00,61,00,\
6c,00,6c,00,65,00,72,00,5c,00,49,00,6e,00,73,00,74,00,32,00,5c,00,43,00,6e,\
00,6d,00,76,00,73,00,61,00,2e,00,65,00,78,00,65,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_CURRENT_USER\Software\Alcatel]

[HKEY_CURRENT_USER\Software\America Online]

[HKEY_CURRENT_USER\Software\VB and VBA Program Settings]

[HKEY_LOCAL_MACHINE\Software\ItsLabel]

[HKEY_LOCAL_MACHINE\Software\Paragon]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AIM]
"Order"=hex:08,00,00,00,02,00,00,00,80,01,00,00,01,00,00,00,03,00,00,00,6a,\
00,00,00,00,00,00,00,5c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,4a,00,\
32,00,6e,02,00,00,22,2a,13,86,20,00,41,49,4d,2e,6c,6e,6b,00,26,00,03,00,04,\
00,ef,be,22,2a,13,86,7e,38,f9,93,14,00,00,00,41,00,49,00,4d,00,2e,00,6c,00,\
6e,00,6b,00,00,00,16,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,16,00,00,00,00,\
00,00,00,00,00,94,00,00,00,01,00,00,00,86,00,00,00,41,75,67,4d,02,00,00,00,\
01,00,00,00,74,00,32,00,e5,02,00,00,22,2a,13,86,20,00,44,53,49,4e,53,54,7e,\
31,2e,4c,4e,4b,00,00,4a,00,03,00,04,00,ef,be,22,2a,13,86,7e,38,f9,93,14,00,\
00,00,44,00,e9,00,73,00,69,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,61,00,74,\
00,69,00,6f,00,6e,00,20,00,64,00,27,00,41,00,49,00,4d,00,2e,00,6c,00,6e,00,\
6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
00,00,00,76,00,00,00,02,00,00,00,68,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
00,00,56,00,32,00,72,02,00,00,22,2a,13,86,20,00,4c,69,63,65,6e,63,65,2e,6c,\
6e,6b,00,2e,00,03,00,04,00,ef,be,22,2a,13,86,7e,38,f9,93,14,00,00,00,4c,00,\
69,00,63,00,65,00,6e,00,63,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1a,00,0e,\
00,00,00,0a,00,ef,be,00,00,00,00,1a,00,00,00,00,00,00,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AudibleManager]
"Order"=hex:08,00,00,00,02,00,00,00,30,03,00,00,01,00,00,00,04,00,00,00,9a,\
00,00,00,00,00,00,00,8c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,7a,00,\
32,00,87,06,00,00,26,38,30,73,20,00,41,55,44,49,42,4c,7e,31,2e,4c,4e,4b,00,\
00,50,00,03,00,04,00,ef,be,26,38,30,73,46,38,d4,7b,14,00,00,00,41,00,75,00,\
64,00,69,00,62,00,6c,00,65,00,20,00,44,00,6f,00,77,00,6e,00,6c,00,6f,00,61,\
00,64,00,20,00,4d,00,61,00,6e,00,61,00,67,00,65,00,72,00,2e,00,6c,00,6e,00,\
6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,01,00,00,00,1c,00,00,00,00,00,00,\
00,00,00,86,00,00,00,01,00,00,00,78,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
00,00,66,00,32,00,52,06,00,00,26,38,35,73,20,00,41,55,44,49,42,4c,7e,32,2e,\
4c,4e,4b,00,00,3c,00,03,00,04,00,ef,be,26,38,e4,6c,46,38,d4,7b,14,00,00,00,\
41,00,75,00,64,00,69,00,62,00,6c,00,65,00,4d,00,61,00,6e,00,61,00,67,00,65,\
00,72,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,01,00,\
00,00,1c,00,00,00,00,00,00,00,00,00,a0,00,00,00,02,00,00,00,92,00,00,00,41,\
75,67,4d,02,00,00,00,01,00,00,00,80,00,32,00,68,06,00,00,26,38,35,73,20,00,\
44,53,49,4e,53,54,7e,31,2e,4c,4e,4b,00,00,56,00,03,00,04,00,ef,be,26,38,e4,\
6c,46,38,d4,7b,14,00,00,00,44,00,e9,00,73,00,69,00,6e,00,73,00,74,00,61,00,\
6c,00,6c,00,65,00,7a,00,20,00,41,00,75,00,64,00,69,00,62,00,6c,00,65,00,4d,\
00,61,00,6e,00,61,00,67,00,65,00,72,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,\
0e,00,00,00,0a,00,ef,be,01,00,00,00,1c,00,00,00,00,00,00,00,00,00,64,01,00,\
00,03,00,00,00,56,01,00,00,41,75,67,4d,02,00,00,00,02,00,00,00,9a,00,32,00,\
92,06,00,00,26,38,33,73,20,00,54,4c,43,48,41,52,7e,31,2e,4c,4e,4b,00,00,70,\
00,03,00,04,00,ef,be,26,38,ce,6c,46,38,d4,7b,14,00,00,00,54,00,e9,00,6c,00,\
e9,00,63,00,68,00,61,00,72,00,67,00,65,00,7a,00,20,00,67,00,72,00,61,00,74,\
00,75,00,69,00,74,00,65,00,6d,00,65,00,6e,00,74,00,20,00,32,00,20,00,74,00,\
69,00,74,00,72,00,65,00,73,00,20,00,61,00,75,00,64,00,69,00,6f,00,73,00,2e,\
00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,\
00,00,a8,00,32,00,92,06,00,00,26,38,33,73,20,00,54,4c,43,48,41,52,7e,31,2e,\
4c,4e,4b,00,00,70,00,03,00,04,00,ef,be,26,38,ce,6c,46,38,d4,7b,14,00,00,00,\
54,00,e9,00,6c,00,e9,00,63,00,68,00,61,00,72,00,67,00,65,00,7a,00,20,00,67,\
00,72,00,61,00,74,00,75,00,69,00,74,00,65,00,6d,00,65,00,6e,00,74,00,20,00,\
32,00,20,00,74,00,69,00,74,00,72,00,65,00,73,00,20,00,61,00,75,00,64,00,69,\
00,6f,00,73,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,00,00,ef,be,\
01,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,01,00,00,00,1c,00,00,00,00,00,00,\
00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\avast! Antivirus]
"Order"=hex:08,00,00,00,02,00,00,00,8c,01,00,00,01,00,00,00,03,00,00,00,6e,\
00,00,00,00,00,00,00,60,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,4e,00,\
32,00,5b,07,00,00,90,38,b1,64,20,00,41,69,64,65,2e,6c,6e,6b,00,00,28,00,03,\
00,04,00,ef,be,90,38,b1,64,90,38,b1,64,14,00,00,00,41,00,69,00,64,00,65,00,\
2e,00,6c,00,6e,00,6b,00,00,00,18,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,18,\
00,00,00,00,00,00,00,00,00,8a,00,00,00,01,00,00,00,7c,00,00,00,41,75,67,4d,\
02,00,00,00,01,00,00,00,6a,00,32,00,b9,06,00,00,90,38,b1,64,20,00,41,56,41,\
53,54,21,7e,31,2e,4c,4e,4b,00,00,40,00,03,00,04,00,ef,be,90,38,b1,64,90,38,\
b1,64,14,00,00,00,61,00,76,00,61,00,73,00,74,00,21,00,20,00,41,00,6e,00,74,\
00,69,00,76,00,69,00,72,00,75,00,73,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,\
0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,88,00,00,\
00,02,00,00,00,7a,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,68,00,32,00,\
57,00,00,00,90,38,b1,64,20,00,53,49,54,45,57,45,7e,31,2e,55,52,4c,00,00,3e,\
00,03,00,04,00,ef,be,90,38,b1,64,90,38,b1,64,14,00,00,00,53,00,69,00,74,00,\
65,00,20,00,57,00,65,00,62,00,20,00,61,00,76,00,61,00,73,00,74,00,21,00,2e,\
00,75,00,72,00,6c,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,\
00,00,00,00,00,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Canon iP1600]
"Order"=hex:08,00,00,00,02,00,00,00,08,01,00,00,01,00,00,00,02,00,00,00,82,\
00,00,00,00,00,00,00,74,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,62,00,\
32,00,ff,03,00,00,ea,34,b3,70,20,00,44,53,49,4e,53,54,7e,31,2e,4c,4e,4b,00,\
00,38,00,03,00,04,00,ef,be,ea,34,b3,70,7e,38,fb,93,14,00,00,00,44,00,e9,00,\
73,00,69,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,65,00,72,00,2e,00,6c,00,6e,\
00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,\
00,00,00,00,7a,00,00,00,01,00,00,00,6c,00,00,00,41,75,67,4d,02,00,00,00,01,\
00,00,00,5a,00,32,00,24,06,00,00,ea,34,b3,70,20,00,4c,69,73,65,7a,6d,6f,69,\
2e,6c,6e,6b,00,00,30,00,03,00,04,00,ef,be,ea,34,b3,70,7e,38,fb,93,14,00,00,\
00,4c,00,69,00,73,00,65,00,7a,00,6d,00,6f,00,69,00,2e,00,6c,00,6e,00,6b,00,\
00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,\
00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Dofus]
"Order"=hex:08,00,00,00,02,00,00,00,18,01,00,00,01,00,00,00,02,00,00,00,9c,\
00,00,00,01,00,00,00,8e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,7c,00,\
32,00,f3,01,00,00,d0,36,f9,76,20,00,44,53,49,4e,53,54,7e,31,2e,4c,4e,4b,00,\
00,52,00,03,00,04,00,ef,be,d0,36,f9,76,eb,36,36,5f,14,00,00,00,44,00,e9,00,\
73,00,69,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,65,00,72,00,20,00,44,00,6f,\
00,66,00,75,00,73,00,20,00,31,00,2e,00,31,00,38,00,2e,00,32,00,2e,00,6c,00,\
6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,\
00,00,00,00,00,70,00,00,00,00,00,00,00,62,00,00,00,41,75,67,4d,02,00,00,00,\
01,00,00,00,50,00,32,00,8a,02,00,00,d0,36,fa,76,20,00,44,6f,66,75,73,2e,6c,\
6e,6b,00,2a,00,03,00,04,00,ef,be,d0,36,fa,76,eb,36,2a,5a,14,00,00,00,44,00,\
6f,00,66,00,75,00,73,00,2e,00,6c,00,6e,00,6b,00,00,00,18,00,0e,00,00,00,0a,\
00,ef,be,00,00,00,00,18,00,00,00,00,00,00,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\EA Games]
"Order"=hex:08,00,00,00,02,00,00,00,b8,00,00,00,01,00,00,00,01,00,00,00,ac,\
00,00,00,00,00,00,00,9e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,8c,00,\
31,00,00,00,00,00,22,2a,54,89,10,00,48,41,52,52,59,50,7e,31,00,00,66,00,03,\
00,04,00,ef,be,22,2a,54,89,84,38,ec,69,14,00,00,00,48,00,61,00,72,00,72,00,\
79,00,20,00,50,00,6f,00,74,00,74,00,65,00,72,00,20,00,65,00,74,00,20,00,6c,\
00,61,00,20,00,43,00,68,00,61,00,6d,00,62,00,72,00,65,00,20,00,64,00,65,00,\
73,00,20,00,53,00,65,00,63,00,72,00,65,00,74,00,73,00,20,00,00,00,18,00,0e,\
00,00,00,0a,00,ef,be,00,00,00,00,18,00,00,00,00,00,00,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\EA Games\Harry Potter et la Chambre des Secrets ]
"Order"=hex:08,00,00,00,02,00,00,00,a4,02,00,00,01,00,00,00,04,00,00,00,94,\
00,00,00,00,00,00,00,86,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,74,00,\
32,00,6f,07,00,00,22,2a,54,89,20,00,41,53,53,49,53,54,7e,31,2e,4c,4e,4b,00,\
00,4a,00,03,00,04,00,ef,be,22,2a,54,89,7e,38,00,94,14,00,00,00,41,00,73,00,\
73,00,69,00,73,00,74,00,61,00,6e,00,63,00,65,00,20,00,74,00,65,00,63,00,68,\
00,6e,00,69,00,71,00,75,00,65,00,20,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,\
0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,d2,00,00,\
00,01,00,00,00,c4,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,b2,00,32,00,\
25,07,00,00,22,2a,54,89,20,00,44,53,49,4e,53,54,7e,31,2e,4c,4e,4b,00,00,88,\
00,03,00,04,00,ef,be,22,2a,54,89,7e,38,00,94,14,00,00,00,44,00,e9,00,73,00,\
69,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,65,00,72,00,20,00,48,00,61,00,72,\
00,72,00,79,00,20,00,50,00,6f,00,74,00,74,00,65,00,72,00,20,00,65,00,74,00,\
20,00,6c,00,61,00,20,00,43,00,68,00,61,00,6d,00,62,00,72,00,65,00,20,00,64,\
00,65,00,73,00,20,00,53,00,65,00,63,00,72,00,65,00,74,00,73,00,20,00,2e,00,\
6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,\
00,00,00,00,00,00,00,b8,00,00,00,02,00,00,00,aa,00,00,00,41,75,67,4d,02,00,\
00,00,01,00,00,00,98,00,32,00,33,07,00,00,22,2a,54,89,20,00,48,41,52,52,59,\
50,7e,31,2e,4c,4e,4b,00,00,6e,00,03,00,04,00,ef,be,22,2a,54,89,7e,38,00,94,\
14,00,00,00,48,00,61,00,72,00,72,00,79,00,20,00,50,00,6f,00,74,00,74,00,65,\
00,72,00,20,00,65,00,74,00,20,00,6c,00,61,00,20,00,43,00,68,00,61,00,6d,00,\
62,00,72,00,65,00,20,00,64,00,65,00,73,00,20,00,53,00,65,00,63,00,72,00,65,\
00,74,00,73,00,20,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,\
ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7a,00,00,00,03,00,00,00,6c,\
00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,00,32,00,ff,06,00,00,22,2a,\
54,89,20,00,4c,69,73,65,7a,4d,6f,69,2e,6c,6e,6b,00,00,30,00,03,00,04,00,ef,\
be,22,2a,54,89,7e,38,00,94,14,00,00,00,4c,00,69,00,73,00,65,00,7a,00,4d,00,\
6f,00,69,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,\
00,00,00,1c,00,00,00,00,00,00,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\EA Games\Harry Potter et la Chambre des Secrets ]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\EoRezo]
"Order"=hex:08,00,00,00,02,00,00,00,02,01,00,00,01,00,00,00,02,00,00,00,7a,\
00,00,00,00,00,00,00,6c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,00,\
32,00,16,06,00,00,7c,38,43,58,20,00,45,6f,45,6e,67,69,6e,65,2e,6c,6e,6b,00,\
00,30,00,03,00,04,00,ef,be,7c,38,43,58,84,38,73,6c,14,00,00,00,45,00,6f,00,\
45,00,6e,00,67,00,69,00,6e,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,\
00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7c,00,00,00,\
01,00,00,00,6e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5c,00,32,00,c7,\
01,00,00,7c,38,46,58,20,00,45,4f,57,45,41,54,7e,31,2e,4c,4e,4b,00,00,32,00,\
03,00,04,00,ef,be,7c,38,46,58,84,38,73,6c,14,00,00,00,45,00,6f,00,57,00,65,\
00,61,00,74,00,68,00,65,00,72,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,\
00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ItsLabel]
"Order"=hex:08,00,00,00,02,00,00,00,7c,00,00,00,01,00,00,00,01,00,00,00,70,\
00,00,00,00,00,00,00,62,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,50,00,\
32,00,c3,02,00,00,7c,38,47,58,20,00,49,74,73,54,56,2e,6c,6e,6b,00,2a,00,03,\
00,04,00,ef,be,7c,38,47,58,84,38,73,6c,14,00,00,00,49,00,74,00,73,00,54,00,\
56,00,2e,00,6c,00,6e,00,6b,00,00,00,18,00,0e,00,00,00,0a,00,ef,be,00,00,00,\
00,18,00,00,00,00,00,00,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Lavasoft Ad-Aware SE Personal]
"Order"=hex:08,00,00,00,02,00,00,00,d2,01,00,00,01,00,00,00,03,00,00,00,8e,\
00,00,00,00,00,00,00,80,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,6e,00,\
32,00,b3,06,00,00,22,2a,72,6b,20,00,41,44,2d,41,57,41,7e,32,2e,4c,4e,4b,00,\
00,44,00,03,00,04,00,ef,be,22,2a,72,6b,7e,38,01,94,14,00,00,00,41,00,64,00,\
2d,00,41,00,77,00,61,00,72,00,65,00,20,00,53,00,45,00,20,00,4d,00,61,00,6e,\
00,75,00,61,00,6c,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,\
ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,92,00,00,00,01,00,00,00,84,\
00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,72,00,32,00,55,03,00,00,22,2a,\
72,6b,20,00,41,44,2d,41,57,41,7e,31,2e,4c,4e,4b,00,00,48,00,03,00,04,00,ef,\
be,22,2a,72,6b,7e,38,01,94,14,00,00,00,41,00,64,00,2d,00,41,00,77,00,61,00,\
72,00,65,00,20,00,53,00,45,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,\
00,6c,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,\
00,00,1c,00,00,00,00,00,00,00,00,00,a6,00,00,00,02,00,00,00,98,00,00,00,41,\
75,67,4d,02,00,00,00,01,00,00,00,86,00,32,00,49,03,00,00,22,2a,72,6b,20,00,\
55,4e,49,4e,53,54,7e,31,2e,4c,4e,4b,00,00,5c,00,03,00,04,00,ef,be,22,2a,72,\
6b,7e,38,01,94,14,00,00,00,55,00,6e,00,69,00,6e,00,73,00,74,00,61,00,6c,00,\
6c,00,20,00,41,00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,20,00,53,00,45,\
00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,2e,00,6c,00,6e,00,\
6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Monte Cristo]
"Order"=hex:08,00,00,00,02,00,00,00,88,00,00,00,01,00,00,00,01,00,00,00,7c,\
00,00,00,00,00,00,00,6e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5c,00,\
31,00,00,00,00,00,22,2a,41,82,10,00,46,49,52,45,44,45,7e,31,00,00,36,00,03,\
00,04,00,ef,be,22,2a,41,82,84,38,ec,69,14,00,00,00,46,00,69,00,72,00,65,00,\
20,00,44,00,65,00,70,00,61,00,72,00,74,00,6d,00,65,00,6e,00,74,00,00,00,18,\
00,0e,00,00,00,0a,00,ef,be,00,00,00,00,18,00,00,00,00,00,00,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Monte Cristo\Fire Department]
"Order"=hex:08,00,00,00,02,00,00,00,c8,02,00,00,01,00,00,00,05,00,00,00,84,\
00,00,00,00,00,00,00,76,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,64,00,\
32,00,6d,02,00,00,22,2a,41,82,20,00,43,4f,4e,46,49,47,7e,31,2e,4c,4e,4b,00,\
00,3a,00,03,00,04,00,ef,be,22,2a,41,82,7e,38,02,94,14,00,00,00,43,00,6f,00,\
6e,00,66,00,69,00,67,00,75,00,72,00,61,00,74,00,69,00,6f,00,6e,00,2e,00,6c,\
00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,\
00,00,00,00,00,00,82,00,00,00,01,00,00,00,74,00,00,00,41,75,67,4d,02,00,00,\
00,01,00,00,00,62,00,32,00,ba,04,00,00,22,2a,41,82,20,00,44,53,49,4e,53,54,\
7e,31,2e,4c,4e,4b,00,00,38,00,03,00,04,00,ef,be,22,2a,41,82,7e,38,02,94,14,\
00,00,00,44,00,e9,00,73,00,69,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,65,00,\
72,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,\
00,1c,00,00,00,00,00,00,00,00,00,88,00,00,00,02,00,00,00,7a,00,00,00,41,75,\
67,4d,02,00,00,00,01,00,00,00,68,00,32,00,bb,02,00,00,22,2a,41,82,20,00,46,\
49,52,45,44,45,7e,31,2e,4c,4e,4b,00,00,3e,00,03,00,04,00,ef,be,22,2a,41,82,\
7e,38,02,94,14,00,00,00,46,00,69,00,72,00,65,00,20,00,44,00,65,00,70,00,61,\
00,72,00,74,00,6d,00,65,00,6e,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,\
0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,9a,00,00,\
00,03,00,00,00,8c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,7a,00,32,00,\
85,00,00,00,22,2a,41,82,20,00,53,49,54,45,57,45,7e,31,2e,55,52,4c,00,00,50,\
00,03,00,04,00,ef,be,22,2a,41,82,7e,38,02,94,14,00,00,00,53,00,69,00,74,00,\
65,00,20,00,57,00,65,00,62,00,20,00,46,00,69,00,72,00,65,00,20,00,44,00,65,\
00,70,00,61,00,72,00,74,00,6d,00,65,00,6e,00,74,00,2e,00,75,00,72,00,6c,00,\
00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,\
00,94,00,00,00,04,00,00,00,86,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,\
74,00,32,00,76,00,00,00,22,2a,41,82,20,00,53,49,54,45,57,45,7e,32,2e,55,52,\
4c,00,00,4a,00,03,00,04,00,ef,be,22,2a,41,82,7e,38,02,94,14,00,00,00,53,00,\
69,00,74,00,65,00,20,00,57,00,65,00,62,00,20,00,4d,00,6f,00,6e,00,74,00,65,\
00,20,00,43,00,72,00,69,00,73,00,74,00,6f,00,2e,00,75,00,72,00,6c,00,00,00,\
1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Monte Cristo\Fire Department]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"="avast! service GUI component"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Program Files\\Alwil Software\\Avast4\\setup\\avast.setup"="avast! antivirus Update"

---------------------------------------------------------------------------------------

2) Voici le rapport d'Antivire :

Avira AntiVir Personal
Report file date: dimanche 27 juillet 2008 15:02

Scanning for 1512830 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: Administrateur
Computer name: MP-F6443725A9A4

Version information:
BUILD.DAT : 8.1.0.326 16933 Bytes 11/07/2008 12:57:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.5.174 2027008 Bytes 25/07/2008 12:54:18
ANTIVIR3.VDF : 7.0.5.176 40960 Bytes 26/07/2008 12:54:19
Engineversion : 8.1.1.12
AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:50
AESCRIPT.DLL : 8.1.0.59 307579 Bytes 27/07/2008 12:54:44
AESCN.DLL : 8.1.0.23 119156 Bytes 27/07/2008 12:54:42
AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 08:46:50
AEPACK.DLL : 8.1.2.1 364917 Bytes 27/07/2008 12:54:40
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 27/07/2008 12:54:36
AEHEUR.DLL : 8.1.0.44 1343863 Bytes 27/07/2008 12:54:34
AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:50
AEGEN.DLL : 8.1.0.31 311669 Bytes 27/07/2008 12:54:25
AEEMU.DLL : 8.1.0.6 430451 Bytes 09/07/2008 08:46:50
AECORE.DLL : 8.1.1.7 172406 Bytes 27/07/2008 12:54:22
AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98561 Bytes 27/07/2008 12:54:20
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: dimanche 27 juillet 2008 15:02

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '44' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!

End of the scan: dimanche 27 juillet 2008 15:59
Used time: 56:51 Minute(s)

The scan has been done completely.

3341 Scanning directories
79454 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
79453 Files not concerned
699 Archives were scanned
1 Warnings
0 Notes

Merci de ton aide !

Répondre à Ichigoo

plop !!

Citation :

Dieu a créé la Terre par erreur

Toi tu as envoyé le rapport Ccleaner heu... par erreur

Le rapport AntiVir (-e) n'est pas complet !!

Message cité 1 fois

------------------------------ Merci d'ajouter [RESOLU] à votre premier post si le problème est réglé
Répondre à bob_

bob_ a écrit :

plop !!

Citation :

Dieu a créé la Terre par erreur

Toi tu as envoyé le rapport Ccleaner heu... par erreur

:lol:

J'ai bien regardé le rapport ne va pas plus loin que ça !
Je refait un scan ?

Répondre à Ichigoo

Poste un nouveau rapport HijackThis

------------------------------ >> Centre de Formation Helpers <<
Répondre à XmichouX

Bonjour,

Me revoila après quelque jours d'absence !
Dés que je peux retourner chez la personne, je te post un rapport HiJackThis
Mes excuses pour ne pas avoir donné de nouvelles.

Répondre à Ichigoo

Forum Sécurité - Virus : Ordinateur qui Lag

Attention