**** Run Keys ****
RUN: [RestoreIT!] “C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE” VBStart
RUN: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
RUN: [Look ‘n’ Stop] “C:\Program Files\Soft4Ever\looknstop\looknstop.exe” -auto
RUN: [avgnt] “C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe” /min
RUN: [!ewido] “C:\Program Files\ewido anti-spyware 4.0\ewido.exe” /minimized
RUN: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
RUN: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
**** Browser Helper Objects ****
BHO: [Adobe PDF Reader Link Helper] C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: [] C:\PROGRA~1\SPYBOT~1\SDHelper.dll
BHO: [SSVHelper Class] C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
**** IE Toolbars ****
**** IE Extensions ****
IEExt: []
IEExt: [Recherche]
IEExt: [Messenger] C:\Program Files\Messenger\msmsgs.exe
**** Hosts File Entries ****
HOSTS: 127.0.0.1 localhost
HOSTS: 64.233.167.99 google.com
HOSTS: 64.233.179.104 google.fr
HOSTS: 64.233.167.99 www.google.com
HOSTS: 64.233.179.104 www.google.fr
HOSTS: 127.0.0.1 000infocom
HOSTS: 127.0.0.1 003f741.netsolhost.com
HOSTS: 127.0.0.1 004dada.netsolhost.com
HOSTS: 127.0.0.1 005e3bc.netsolhost.com
HOSTS: 127.0.0.1 0190-dialer.com
HOSTS: 127.0.0.1 0190-dialers.co
---------------- J’AI COUPE LA LISTE CAR TROP LONGUE---------------
HOSTS: 127.0.0.1 www.zviframe.biz
HOSTS: 127.0.0.1 www.zwajcqwebsite.ourtoolbar.com
HOSTS: 127.0.0.1 www.zweitehb.ivwbox.de
HOSTS: 127.0.0.1 www.zwjate.ourtoolbar.com
HOSTS: 127.0.0.1 www.zydeco.imaginemedia.com
HOSTS: 127.0.0.1 www.zyxell9.clawz.com
HOSTS: 127.0.0.1 www.zzztech.com
**** IE Settings ****
IEBypass: <local>
Default Page: http://fr.yahoo.com
Default Search: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
**** IE Context Menu (Right click) ****
IEContext: [E&xporter vers Microsoft Excel]
IEContext: [Télécharger avec Free Download Manager] file://C:\Program Files\Free Download Manager\dllink.htm
IEContext: [Télécharger le site web avec Free Download Manager] file://C:\Program Files\Free Download Manager\dlpage.htm
IEContext: [Télécharger sélection avec Free Download Manager] file://C:\Program Files\Free Download Manager\dlselected.htm
IEContext: [Télécharger tout avec Free Download Manager] file://C:\Program Files\Free Download Manager\dlall.htm
**** Layered Service Providers ****
LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: RSVP UDP Service Provider
LSP: RSVP TCP Service Provider
LSP: MSAFD nwlnkipx [IPX]
LSP: MSAFD nwlnkspx [SPX]
LSP: MSAFD nwlnkspx [SPX] [Pseudo Stream]
LSP: MSAFD nwlnkspx [SPX II]
LSP: MSAFD nwlnkspx [SPX II] [Pseudo Stream]
LSP: MSAFD NetBIOS [\Device\NwlnkNb] SEQPACKET 6
LSP: MSAFD NetBIOS [\Device\NwlnkNb] DATAGRAM 6
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{D03D1766-C79E-4407-8E6F-E11E5CE5C9F0}] SEQPACKET 7
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{D03D1766-C79E-4407-8E6F-E11E5CE5C9F0}] DATAGRAM 7
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7AD0E289-BFD1-40ED-BC58-E9993C8362BD}] SEQPACKET 5
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7AD0E289-BFD1-40ED-BC58-E9993C8362BD}] DATAGRAM 5
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{762CDB6C-E3AA-48CE-9264-A9A454A83777}] SEQPACKET 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{762CDB6C-E3AA-48CE-9264-A9A454A83777}] DATAGRAM 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EE33262C-D769-4BD6-9041-FC9856171CE1}] SEQPACKET 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EE33262C-D769-4BD6-9041-FC9856171CE1}] DATAGRAM 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{14A36112-31FC-478F-9D69-8FB64CAEA1BC}] SEQPACKET 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{14A36112-31FC-478F-9D69-8FB64CAEA1BC}] DATAGRAM 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{74015512-FB42-421F-827D-8D65D0F1537E}] SEQPACKET 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{74015512-FB42-421F-827D-8D65D0F1537E}] DATAGRAM 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E09EEA86-7B5B-41A0-8691-79465D7D97A0}] SEQPACKET 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E09EEA86-7B5B-41A0-8691-79465D7D97A0}] DATAGRAM 4
**** Blocked Control Panel Items ****
BLOCKED: [ncpa.cpl] No
BLOCKED: [odbccp32.cpl] No
**** Downloaded Program Files ****
{0713E8D2-850A-101B-AFC0-4210102A8DA7} []
{15B782AF-55D8-11D1-B477-006097098764} []
{166B1BCA-3F9C-11CF-8075-444553540000} [http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab]
{17492023-C23A-453E-A040-C7C580BBF700} [http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab]
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} [http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,95/mcinsctl.cab]
{6414512B-B978-451D-A0D8-FCFDF33E833C} [http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,95/mcinsctl.cab]
{867E13F2-7F31-44FB-AC97-CD38E0DC46EF} [http://charon777.free.fr/plugins/hardwaredetection.cab]
{8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab]
{BCC0FF27-31D9-4614-A68E-C18E1ADA4389} [http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab]
{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} [http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab]
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab]
{D8089245-3211-40F6-819B-9E5E92CD61A2} [https://register3.valueactive.com/574/webolr/OCX/FlashAX.cab]
**** Windows Services ****
[Alerter] %SystemRoot%\system32\svchost.exe -k LocalService
[ALG] %SystemRoot%\System32\alg.exe
[AntiVirScheduler] C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
[AntiVirService] C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
[AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs
[aspnet_state] %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
[Ati HotKey Poller] %SystemRoot%\system32\Ati2evxx.exe
[ATI Smart] C:\WINDOWS\system32\ati2sgag.exe
[AudioSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[BITS] %SystemRoot%\system32\svchost.exe -k netsvcs
[Browser] %SystemRoot%\system32\svchost.exe -k netsvcs
[CiSvc] %SystemRoot%\system32\cisvc.exe
[ClipSrv] %SystemRoot%\system32\clipsrv.exe
[COMSysApp] C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
[CryptSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[DcomLaunch] %SystemRoot%\system32\svchost -k DcomLaunch
[Dhcp] %SystemRoot%\system32\svchost.exe -k netsvcs
[dmadmin] %SystemRoot%\System32\dmadmin.exe /com
[dmserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[Dnscache] %SystemRoot%\system32\svchost.exe -k NetworkService
[ERSvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[Eventlog] %SystemRoot%\system32\services.exe
[EventSystem] C:\WINDOWS\system32\svchost.exe -k netsvcs
[ewido anti-spyware 4.0 guard] C:\Program Files\ewido anti-spyware 4.0\guard.exe
[FastUserSwitchingCompatibility] %SystemRoot%\System32\svchost.exe -k netsvcs
[helpsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[HidServ] %SystemRoot%\System32\svchost.exe -k netsvcs
[HTTPFilter] %SystemRoot%\System32\svchost.exe -k HTTPFilter
[ImapiService] C:\WINDOWS\system32\imapi.exe
[lanmanserver] %SystemRoot%\system32\svchost.exe -k netsvcs
[lanmanworkstation] %SystemRoot%\system32\svchost.exe -k netsvcs
[LmHosts] %SystemRoot%\system32\svchost.exe -k LocalService
[Messenger] %SystemRoot%\system32\svchost.exe -k netsvcs
[mnmsrvc] C:\WINDOWS\system32\mnmsrvc.exe
[MSDTC] C:\WINDOWS\system32\msdtc.exe
[MSIServer] C:\WINDOWS\system32\msiexec.exe /V
[NetDDE] %SystemRoot%\system32\netdde.exe
[NetDDEdsdm] %SystemRoot%\system32\netdde.exe
[Netlogon] %SystemRoot%\system32\lsass.exe
[Netman] %SystemRoot%\System32\svchost.exe -k netsvcs
[Nla] %SystemRoot%\system32\svchost.exe -k netsvcs
[NtLmSsp] %SystemRoot%\system32\lsass.exe
[NtmsSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[ose] "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE"
[PlugPlay] %SystemRoot%\system32\services.exe
[Pml Driver HPZ12] C:\WINDOWS\system32\HPZipm12.exe
[PolicyAgent] %SystemRoot%\system32\lsass.exe
[prfldsvc] C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe
[ProtectedStorage] %SystemRoot%\system32\lsass.exe
[PsShutdownSvc] %SystemRoot%\System32\PSSDNSVC.EXE
[RasAuto] %SystemRoot%\system32\svchost.exe -k netsvcs
[RasMan] %SystemRoot%\system32\svchost.exe -k netsvcs
[RDSessMgr] C:\WINDOWS\system32\sessmgr.exe
[RemoteAccess] %SystemRoot%\system32\svchost.exe -k netsvcs
[RpcLocator] %SystemRoot%\system32\locator.exe
[RpcSs] %SystemRoot%\system32\svchost -k rpcss
[RSVP] %SystemRoot%\system32\rsvp.exe
[SamSs] %SystemRoot%\system32\lsass.exe
[SCardSvr] %SystemRoot%\System32\SCardSvr.exe
[Schedule] %SystemRoot%\System32\svchost.exe -k netsvcs
[seclogon] %SystemRoot%\System32\svchost.exe -k netsvcs
[SENS] %SystemRoot%\system32\svchost.exe -k netsvcs
[SharedAccess] %SystemRoot%\system32\svchost.exe -k netsvcs
[ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs
[Spooler] %SystemRoot%\system32\spoolsv.exe
[srservice] %SystemRoot%\system32\svchost.exe -k netsvcs
[SSDPSRV] %SystemRoot%\system32\svchost.exe -k LocalService
[stisvc] %SystemRoot%\system32\svchost.exe -k imgsvc
[SwPrv] C:\WINDOWS\system32\dllhost.exe /Processid:{3C2BD518-070C-4A94-B4C6-508B1EA8C123}
[SysmonLog] %SystemRoot%\system32\smlogsvc.exe
[TapiSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[TermService] %SystemRoot%\System32\svchost -k DComLaunch
[Themes] %SystemRoot%\System32\svchost.exe -k netsvcs
[TrkWks] %SystemRoot%\system32\svchost.exe -k netsvcs
[upnphost] %SystemRoot%\system32\svchost.exe -k LocalService
[UPS] %SystemRoot%\System32\ups.exe
[VSS] %SystemRoot%\System32\vssvc.exe
[W32Time] %SystemRoot%\System32\svchost.exe -k netsvcs
[WebClient] %SystemRoot%\system32\svchost.exe -k LocalService
[winmgmt] %systemroot%\system32\svchost.exe -k netsvcs
[WmcCds] c:\program files\windows media connect\mswmccds.exe
[WmcCdsLs] C:\Program Files\Windows Media Connect\mswmcls.exe
[WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs
[WmiApSrv] C:\WINDOWS\system32\wbem\wmiapsrv.exe
[wscsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[wuauserv] %systemroot%\system32\svchost.exe -k netsvcs
[WudfSvc] %SystemRoot%\system32\svchost.exe -k WudfServiceGroup
[WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs
[xmlprov] %SystemRoot%\System32\svchost.exe -k netsvcs
**** Custom IE Search Items ****
SEARCH: [SearchAssistant] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
SEARCH: [CustomizeSearch] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
**** Complete IE Options ****
IEOPT: [NoJITSetup]
IEOPT: [Show_ChannelBand] No
IEOPT: [Anchor Underline] yes
IEOPT: [Cache_Update_Frequency] Once_Per_Session
IEOPT: [Display Inline Images] yes
IEOPT: [Do404Search]
IEOPT: [Save_Session_History_On_Exit] no
IEOPT: [Show_FullURL] no
IEOPT: [Show_StatusBar] yes
IEOPT: [Show_ToolBar] yes
IEOPT: [Show_URLinStatusBar] yes
IEOPT: [Show_URLToolBar] yes
IEOPT: [Start Page] http://ogame.fr/
IEOPT: [Use_DlgBox_Colors] yes
IEOPT: [Search Page] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IEOPT: [Move System Caret] no
IEOPT: [Expand Alt Text] no
IEOPT: [Print_Background] no
IEOPT: [Enable_MyPics_Hoverbar] yes
IEOPT: [Show image placeholders]
IEOPT: [Enable AutoImageResize] yes
IEOPT: [Play_Animations] yes
IEOPT: [Play_Background_Sounds] yes
IEOPT: [Display Inline Videos] yes
IEOPT: [FavIntelliMenus] no
IEOPT: [Enable Browser Extensions] yes
IEOPT: [UseThemes]
IEOPT: [NoWebJITSetup]
IEOPT: [Friendly http errors] yes
IEOPT: [ShowGoButton] yes
IEOPT: [Page_Transitions]
IEOPT: [NotifyDownloadComplete] no
IEOPT: [NscSingleExpand]
IEOPT: [Force Offscreen Composition]
IEOPT: [AllowWindowReuse]
IEOPT: [SmoothScroll]
IEOPT: [AutoSearch]
IEOPT: [FullScreen] no
IEOPT: [Window_Placement] ,
IEOPT: [Check_Associations] no
IEOPT: [ShowedCheckBrowser] yes
IEOPT: [Use FormSuggest] yes
IEOPT: [FormSuggest Passwords] yes
IEOPT: [FormSuggest PW Ask] yes
IEOPT: [IEWatsonDisabled]
IEOPT: [AddToFavoritesExpanded]
IEOPT: [LastCheckedHi] OÆs
IEOPT: [NoUpdateCheck]
IEOPT: [Disable Script Debugger] yes
IEOPT: [DisableScriptDebuggerIE] yes
IEOPT: [Error Dlg Displayed On Every Error] no
IEOPT: [Default_Page_URL] http://fr.yahoo.com
IEOPT: [Default_Search_URL] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IEOPT: [Search Page] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IEOPT: [Enable_Disk_Cache] yes
IEOPT: [Cache_Percent_of_Disk]
IEOPT: [Delete_Temp_Files_On_Exit] yes
IEOPT: [Local Page] %SystemRoot%\system32\blank.htm
IEOPT: [Anchor_Visitation_Horizon]
IEOPT: [Use_Async_DNS] yes
IEOPT: [Placeholder_Width]
IEOPT: [Placeholder_Height]
IEOPT: [Start Page] http://fr.yahoo.com
IEOPT: [CompanyName] Microsoft Corporation
IEOPT: [Custom_Key] MICROSO
IEOPT: [Wizard_Version] 6.00.2800.1017
IEOPT: [FullScreen] no
IEOPT: [BrandBitmap]
IEOPT: [SmallBitmap]
IEOPT: [BigBitmap]
IEOPT: [Window Title] Microsoft Internet Explorer
IEOPT: [IEWatsonEnabled]
IEOPT: [IEWatsonDisabled]
IEOPT: [IEWatsonDisable]