Sujet Précédent Sujet Suivant

Memoire phys. utilisée à 91%+plantages répété

Kalsya Messages postés 314 Statut Membre -  
Kalsya Messages postés 314 Statut Membre -
Bonjour,
Franchement là j'ai jamais autant eu besoin d'aide. Mon ordi arrête pas de se planter. j'ai des tonnes de processus qui me bouffent ma memoire physique et déjà j'ai pas suffisamment de mémoire. je sais pas quoi désactiver et quoi garder. Déja j'ai beaucoup de programmes (101) dont je ne connais meme pas l'utilité de certains. mais je ne crois pas que ces programmes puissent utiliser autant de memoire. je crois etre infecté mais je ne sais pas comment faire pour en etre sur. j'ai avira antivir et il me detecte rien. Spybot non plus de meme que malware bytes anti malwares. lorsque je fait un scan en ligne avec panda, je trouve 6 cookies latents (tjrs les meme) que j'arrive pas non plus à supprimer depuis près de 3 mois. Hijackthis ne me donne rien. j'ai deja suivi tout le tutorial de malekal morte sur la desinfection des pc (meme si c'est pour les XP et que j'ai Vista). La j'ai epuisé toute mes sources. je sais plus quoi faire et j'ai absolumment besoin d'aide. Pliiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiizzzzzzzzzzzzzzzzzzzzzzzzzzzzzz HELP!!!!!

38 réponses

Précédent
  • 1
  • 2
Réponse 21 / 38
Kalsya Messages postés 314 Statut Membre
 
bon j'ai presque reussi à tt copier coller par bribes sauf une partie concernant les 2 films presents sur une de mes cles sa devait etre sa le probleme parce que j'arrive pas à poster ça
0
Réponse 22 / 38
Kalsya Messages postés 314 Statut Membre
 
[30/04/2009 21:10|--a------|757144196] - G:\L.Etrange.Histoire.de.Benjamin.Button.FRENCH
0
Réponse 23 / 38
Kalsya Messages postés 314 Statut Membre
 
.MD.Xvid-PaGlop
0
Réponse 24 / 38
Kalsya Messages postés 314 Statut Membre
 
[05/05/2009 05:47|--a------|732829696] - G:\les chimpanzes de l'espace-french-xvid.avi.avi
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 38
Kalsya Messages postés 314 Statut Membre
 
excuse moi pour les bribes j'ai trouvé en tout cas où était le probleme. C'était le nom d'un site P2P enfin je crois que c'est comme ça qu'on les appelle
0
Réponse 26 / 38
Ced_King Messages postés 3519 Date d'inscription   Statut Contributeur Dernière intervention   572
 
Tu es encore infecté :

Telecharge et installe ccleaner : https://filehippo.com/download_ccleaner/
- Durant l'installation, n'installe pas la barre d'outils yahoo et decoche la case " ajouter l'option des mises à jour"

- Une fois installé, fermes toutes les applications en cours et lance ccleaner
- clic >> option >> avancé et decoches " effacer les fichiers etc... plus vieux que 48h
- Selectionne " nettoyeur " >> clic sur Analyse puis nettoyage, puis referme le programme...

---------------------------

Telecharges Combofix et enregistres le sur ton bureau

http://download.bleepingcomputer.com/sUBs/ComboFix.exe -

/!\ Desactives ton antivirus et la garde de ton antispyware ( si tu en as un) /!\

- Deconnectes toi et fermes toutes les applications en cours
- cliques droit ( executer en tant qu'admin.)sur Combofix.exe >> un message apparait > réponds " oui "
- ( Il est conseillé d'installer la console de recuperations)
- Selectionnes la langue et presse la touche 1 ( yes) pour lancer le scan

/!\ Ne touche ni à la souris, ni au clavier durant le scan, cela pourrait figer l'ordi /!\

- A la fin du scan, Combofix aura besoin de redemarrer pour finir la desinfection, laisses le faire
- Une fois terminé, un rapport s'affiche, poste son contenu que tu peux aussi trouver à c:\combofix.txt
-----------------------------
0
Réponse 27 / 38
Kalsya Messages postés 314 Statut Membre
 
ccleaner je l'ai deja et j'ai nettoyé vers midi l'ordinateur. je le nettoie souvent d'ailleurs. mais au fait j'aimerais bien savoir comment tu fait pour dechiffrer toutes ces données???
0
Réponse 28 / 38
Kalsya Messages postés 314 Statut Membre
 
merci baladur c'est noté
0
Réponse 29 / 38
Kalsya Messages postés 314 Statut Membre
 
Salut Ced King; dsl de t'avoir planté hier mais depuis l'analyse je n'arrive plus à me connecter. je ne sais pas si c'est l'analyse qui a perturbé certains parametres ou si c'est un probleme avec le modem mais en tout cas avec ou sans fil je n'arrive plus à me connecter. je vais essayer de modifier mes parametres sinon je vais appeler mon fournisseur mais en tout cas si t'a des suggestions, elles sont les bienvenues parce que j'ai besoin du net pour travailler. Merci
0
Réponse 30 / 38
Kalsya Messages postés 314 Statut Membre
 
résolu, c'est la passerelle par defaut qui avait été supprimé. donc c'est ok j te poste le rapport tout de suite j'espere que t'es la
0
Réponse 31 / 38
Kalsya Messages postés 314 Statut Membre
 
ComboFix 09-05-05.05 - Administrateur 06/05/2009 20:20:28.1 - NTFSx86
Microsoft® Windows Vista™ Professionnel 6.0.6001.1.1252.33.1036.18.1015.369 [GMT 0:00]
Lancé depuis: C:\Users\Administrateur\Desktop\ComboFix.exe
FW: ZoneAlarm Firewall *enabled*
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-04-06 au 2009-05-06 ))))))))))))))))))))))))))))))))))))
.

2009-05-06 18:48:50 . 2009-05-06 19:14:37 0 d-----w C:\UsbFix
2009-05-06 17:45:56 . 2009-05-06 17:47:01 0 d-----w C:\Program Files\trend micro
2009-05-06 17:45:49 . 2009-05-06 17:47:13 0 d-----w C:\rsit
2009-05-06 11:46:42 . 2001-10-28 17:42:30 116224 ----a-w C:\Windows\system32\pdfcmnnt.dll
2009-05-06 11:46:40 . 1998-07-13 02:08:36 141312 ----a-w C:\Windows\system32\MSCMCFR.DLL
2009-05-06 11:46:40 . 1998-07-13 02:08:36 59904 ----a-w C:\Windows\system32\MSCC2FR.DLL
2009-05-06 11:46:39 . 1998-07-06 01:00:00 23552 ----a-w C:\Windows\system32\MSMPIDE.DLL
2009-05-02 22:59:13 . 2009-05-05 13:34:42 0 d-----w C:\Users\Administrateur\AppData\Roaming\Autodesk
2009-05-02 22:59:13 . 2009-05-05 13:34:42 0 d-----w C:\ProgramData\Autodesk
2009-05-02 22:59:13 . 2009-05-05 13:34:42 0 d-----w C:\Users\All Users\Autodesk
2009-05-02 22:59:13 . 2009-05-02 23:08:08 0 d-----w C:\Program Files\AutoCAD 2008
2009-05-02 22:56:07 . 2009-05-02 23:08:47 0 d-----w C:\Program Files\Common Files\Autodesk Shared
2009-05-02 22:56:07 . 2009-05-02 22:56:07 0 d-----w C:\Program Files\Autodesk
2009-05-02 22:56:07 . 2009-05-02 22:59:13 0 d-----w C:\Users\Administrateur\AppData\Local\Autodesk
2009-05-01 18:30:36 . 2009-05-01 18:30:36 3366912 ----a-w C:\Windows\system32\GPhotos.scr
2009-05-01 12:50:59 . 2009-03-08 11:32:38 66560 ----a-w C:\Windows\system32\wextract.exe
2009-05-01 03:21:05 . 2009-03-24 16:08:22 55640 ----a-w C:\Windows\system32\drivers\avgntflt.sys
2009-05-01 03:20:52 . 2009-05-01 03:20:52 0 d-----w C:\Program Files\Avira
2009-04-15 20:43:14 . 2009-03-03 04:39:32 551424 ----a-w C:\Windows\system32\rpcss.dll
2009-04-15 20:43:14 . 2009-03-03 04:46:01 3599328 ----a-w C:\Windows\system32\ntkrnlpa.exe
2009-04-15 20:43:13 . 2009-03-03 04:46:01 3547632 ----a-w C:\Windows\system32\ntoskrnl.exe
2009-04-15 20:43:12 . 2009-03-03 03:04:59 666624 ----a-w C:\Windows\system32\printfilterpipelinesvc.exe
2009-04-15 20:43:11 . 2009-03-03 04:39:22 26112 ----a-w C:\Windows\system32\printfilterpipelineprxy.dll
2009-04-15 20:43:11 . 2009-03-03 04:39:36 183296 ----a-w C:\Windows\system32\sdohlp.dll
2009-04-15 20:43:11 . 2009-03-03 04:37:11 98304 ----a-w C:\Windows\system32\iasrecst.dll
2009-04-15 20:43:11 . 2009-03-03 04:37:11 44032 ----a-w C:\Windows\system32\iasdatastore.dll
2009-04-15 20:43:10 . 2009-03-03 04:37:11 54784 ----a-w C:\Windows\system32\iasads.dll
2009-04-15 20:43:10 . 2009-03-03 02:38:13 17408 ----a-w C:\Windows\system32\iashost.exe
2009-04-15 20:33:54 . 2008-12-06 04:42:11 376832 ----a-w C:\Windows\system32\winhttp.dll
2009-04-15 20:33:45 . 2008-06-06 03:27:05 562176 ----a-w C:\Windows\system32\msdtcprx.dll
2009-04-15 20:33:45 . 2008-06-06 03:27:13 38912 ----a-w C:\Windows\system32\xolehlp.dll
2009-04-15 20:20:47 . 2009-02-13 08:49:09 1255936 ----a-w C:\Windows\system32\lsasrv.dll
2009-04-15 20:20:45 . 2009-02-13 08:49:10 72704 ----a-w C:\Windows\system32\secur32.dll
2009-04-15 20:20:45 . 2009-03-17 03:38:46 13824 ----a-w C:\Windows\system32\apilogen.dll
2009-04-15 20:20:45 . 2009-03-17 03:38:44 24064 ----a-w C:\Windows\system32\amxread.dll
2009-04-13 13:20:30 . 2009-05-01 03:20:52 0 d-----w C:\ProgramData\Avira
2009-04-13 13:20:30 . 2009-05-01 03:20:52 0 d-----w C:\Users\All Users\Avira
2009-04-13 11:21:10 . 2009-04-13 11:36:37 0 d-----w C:\Users\Administrateur\AppData\Roaming\uTorrent
2009-04-10 20:59:33 . 2008-06-19 16:24:30 28544 ----a-w C:\Windows\system32\drivers\pavboot.sys
2009-04-09 19:09:21 . 2009-04-09 19:09:52 0 d-----w C:\Users\Administrateur\AppData\Roaming\vlc
2009-04-09 08:10:17 . 2008-04-17 12:12:54 107368 ----a-w C:\Windows\system32\GEARAspi.dll
2009-04-09 08:10:17 . 2009-03-19 16:32:48 23400 ----a-w C:\Windows\system32\drivers\GEARAspiWDM.sys
2009-04-09 08:08:41 . 2009-04-09 08:10:15 0 d-----w C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-09 08:08:41 . 2009-04-09 08:10:15 0 d-----w C:\Users\All Users\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-07 20:32:46 . 2009-04-07 20:32:46 0 d-----w C:\Program Files\DsNET Corp

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-06 20:31:39 . 2008-12-23 15:04:39 352615 ---ha-w C:\Windows\system32\drivers\vsconfig.xml
2009-05-06 20:29:30 . 2006-11-09 19:30:07 5780 ----a-w C:\Windows\bthservsdp.dat
2009-05-06 18:42:24 . 2006-11-02 15:47:07 769738 ----a-w C:\Windows\system32\perfh00C.dat
2009-05-06 18:42:24 . 2006-11-02 15:47:07 161628 ----a-w C:\Windows\system32\perfc00C.dat
2009-05-06 15:31:37 . 2008-09-12 18:22:28 0 d-----w C:\Program Files\Common Files\Apple
2009-05-06 12:21:12 . 2009-03-14 07:56:08 0 d-----w C:\Program Files\Common Files\Adobe
2009-05-06 11:51:21 . 2009-03-04 19:33:19 0 d-----w C:\Program Files\PDFCreator
2009-05-06 09:11:16 . 2008-10-29 19:13:25 0 d-----w C:\Program Files\Google
2009-05-02 23:21:46 . 2008-07-17 19:52:21 169576 ----a-w C:\Users\Administrateur\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-01 13:20:46 . 2008-07-01 09:45:30 0 d-----w C:\Program Files\Microsoft Works
2009-04-17 06:57:04 . 2006-11-02 11:18:33 0 d-----w C:\Program Files\Windows Mail
2009-04-14 10:57:15 . 2008-07-21 15:51:08 1356 ----a-w C:\Users\Administrateur\AppData\Local\d3d9caps.dat
2009-04-13 19:40:09 . 2009-04-14 07:24:41 2621440 ----a-w C:\Windows\Internet Logs\xDB6325.tmp
2009-04-10 20:59:21 . 2008-12-20 23:55:49 0 d-----w C:\Program Files\Panda Security
2009-04-09 07:26:25 . 2008-11-08 17:25:14 410984 ----a-w C:\Windows\system32\deploytk.dll
2009-04-09 01:37:30 . 2009-03-07 20:51:11 0 d-----w C:\Program Files\Malwarebytes' Anti-Malware
2009-04-07 23:29:34 . 2007-12-11 08:38:40 0 d-----w C:\Program Files\Common Files\InstallShield
2009-04-06 15:32:54 . 2009-03-07 20:51:15 38496 ----a-w C:\Windows\system32\drivers\mbamswissarmy.sys
2009-04-06 15:32:46 . 2009-03-07 20:51:18 15504 ----a-w C:\Windows\system32\drivers\mbam.sys
2009-04-02 18:11:35 . 2009-04-02 18:12:51 1788928 ----a-w C:\Windows\Internet Logs\xDB63B1.tmp
2009-03-31 15:21:37 . 2009-03-30 19:46:00 0 d-----w C:\Program Files\FrostWire
2009-03-31 14:35:04 . 2009-04-24 14:28:40 17160 ----a-w C:\Windows\Help\OEM\scripts\HC_TotalCareAdvisorUpdate.exe
2009-03-31 13:17:50 . 2009-03-31 13:24:16 1783296 ----a-w C:\Windows\Internet Logs\xDB71B5.tmp
2009-03-30 16:30:24 . 2009-04-24 14:28:39 17160 ----a-w C:\Windows\Help\OEM\scripts\HC_DanzkaDubraBIOSUpdate.exe
2009-03-29 19:06:59 . 2009-03-08 11:55:04 0 d-----w C:\Program Files\KeyScrambler
2009-03-28 13:08:13 . 2009-03-28 13:08:13 0 d-----w C:\Program Files\SuperCopier2
2009-03-21 21:28:35 . 2009-03-21 21:28:35 8192 --sha-w C:\Windows\o2cLicStore.bin
2009-03-21 20:19:49 . 2006-11-02 10:25:05 51200 ----a-w C:\Windows\inf\infpub.dat
2009-03-21 20:19:49 . 2006-11-02 10:25:05 143360 ----a-w C:\Windows\inf\infstrng.dat
2009-03-21 20:19:38 . 2006-11-02 10:25:05 86016 ----a-w C:\Windows\inf\infstor.dat
2009-03-21 20:15:50 . 2009-03-21 20:15:50 0 d-----w C:\Program Files\WIBUKEY
2009-03-21 20:15:50 . 2009-03-21 20:15:50 0 d-----w C:\Program Files\WIBU-SYSTEMS
2009-03-21 20:00:52 . 2009-03-21 20:00:52 0 d-----w C:\Program Files\Graphisoft
2009-03-21 14:22:06 . 2009-03-21 14:22:06 0 d-----w C:\Program Files\LSI SoftModem
2009-03-15 20:00:03 . 2009-03-15 19:59:57 2571052 ----a-w C:\Windows\Internet Logs\tvDebug.zip
2009-03-14 18:03:09 . 2008-07-27 11:05:18 0 d-----w C:\Program Files\Spybot - Search & Destroy
2009-03-14 07:42:06 . 2008-08-13 17:29:20 0 d-----w C:\Program Files\DivX
2009-03-14 07:33:32 . 2009-03-14 07:33:03 0 d-----w C:\Program Files\Common Files\DivX Shared
2009-03-10 00:46:37 . 2009-03-10 00:46:37 189032 ---ha-w C:\Windows\system32\mlfcache.dat
2009-03-08 11:34:57 . 2009-05-01 12:50:39 914944 ----a-w C:\Windows\system32\wininet.dll
2009-03-08 11:34:28 . 2009-05-01 12:51:02 43008 ----a-w C:\Windows\system32\licmgr10.dll
2009-03-08 11:33:38 . 2009-05-01 12:51:06 18944 ----a-w C:\Windows\system32\corpol.dll
2009-03-08 11:33:17 . 2009-05-01 12:50:42 109056 ----a-w C:\Windows\system32\iesysprep.dll
2009-03-08 11:33:16 . 2009-05-01 12:50:42 109568 ----a-w C:\Windows\system32\PDMSetup.exe
2009-03-08 11:33:15 . 2009-05-01 12:50:42 107520 ----a-w C:\Windows\system32\RegisterIEPKEYs.exe
2009-03-08 11:33:15 . 2009-05-01 12:50:42 107008 ----a-w C:\Windows\system32\SetIEInstalledDate.exe
2009-03-08 11:33:15 . 2009-05-01 12:50:42 103936 ----a-w C:\Windows\system32\SetDepNx.exe
2009-03-08 11:33:15 . 2009-05-01 12:50:41 132608 ----a-w C:\Windows\system32\ieUnatt.exe
2009-03-08 11:33:04 . 2009-05-01 12:50:55 420352 ----a-w C:\Windows\system32\vbscript.dll
2009-03-08 11:32:54 . 2009-05-01 12:51:07 72704 ----a-w C:\Windows\system32\admparse.dll
2009-03-08 11:32:49 . 2009-05-01 12:51:00 71680 ----a-w C:\Windows\system32\iesetup.dll
2009-03-08 11:32:32 . 2009-05-01 12:50:43 169472 ----a-w C:\Windows\system32\iexpress.exe
2009-03-08 11:31:37 . 2009-05-01 12:51:05 34816 ----a-w C:\Windows\system32\imgutil.dll
2009-03-08 11:31:17 . 2009-05-01 12:51:07 48128 ----a-w C:\Windows\system32\mshtmler.dll
2009-03-08 11:31:00 . 2009-05-01 12:50:43 45568 ----a-w C:\Windows\system32\mshta.exe
2009-03-08 11:22:37 . 2009-05-01 12:51:06 156160 ----a-w C:\Windows\system32\msls31.dll
2009-03-07 22:08:27 . 2007-12-11 08:53:24 0 d-----w C:\Program Files\Roxio
2009-03-06 17:12:52 . 2009-02-20 18:44:40 21256 ----a-w C:\Windows\Help\OEM\scripts\HPScript.exe
2009-03-05 23:59:00 . 2009-03-05 23:59:00 36864 ----a-w C:\Windows\system32\drivers\usbaapl.sys
2009-03-05 23:59:00 . 2009-03-05 23:59:00 1900544 ----a-w C:\Windows\system32\usbaaplrc.dll
2009-03-05 12:29:24 . 2009-04-08 00:58:22 16648 ----a-w C:\Windows\Help\OEM\scripts\HC_ProtectSmartPatch.exe
2009-03-04 19:34:18 . 2009-03-04 19:34:18 102 ----a-w C:\Users\Administrateur\AppData\Local\fusioncache.dat
2009-02-13 20:37:55 . 2009-02-13 20:39:41 707584 ----a-w C:\Windows\Internet Logs\xDBFF64.tmp
2009-02-13 20:37:55 . 2009-02-13 20:39:41 1571328 ----a-w C:\Windows\Internet Logs\xDB20.tmp
2009-02-09 03:10:34 . 2009-03-11 16:54:45 2033152 ----a-w C:\Windows\system32\win32k.sys
2009-02-06 18:52:40 . 2009-02-06 18:52:40 49504 ----a-w C:\Windows\system32\sirenacm.dll
2008-10-03 17:37:29 . 2006-11-02 12:50:56 174 --sha-w C:\Program Files\desktop.ini
2009-01-27 01:34:38 . 2009-01-27 01:34:38 1044480 ----a-w C:\Program Files\mozilla firefox\plugins\libdivx.dll
2009-01-27 01:34:38 . 2009-01-27 01:34:38 200704 ----a-w C:\Program Files\mozilla firefox\plugins\ssldivx.dll
2008-11-11 19:48:51 . 2008-11-11 19:48:51 22 --sha-w C:\Windows\SMINST\HPCD.sys
1996-03-15 18:15:52 . 2008-11-22 13:40:19 33552 --sha-w C:\Windows\System32\MSJINT32.DLL
1996-04-11 17:34:12 . 1996-04-11 17:34:12 965904 --sha-w C:\Windows\System32\MSJT3032.DLL
1996-03-15 18:47:32 . 2008-11-22 13:40:19 98356 --sha-w C:\Windows\System32\MSJTER32.DLL
1995-09-24 12:02:52 . 2008-11-22 13:40:19 243472 --sha-w C:\Windows\System32\VBAR2232.DLL
2007-12-11 16:38:54 . 2007-12-11 16:37:18 8192 --sha-w C:\Windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 07:33:30 1233920]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 12:26:52 484904]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2007-08-30 10:50:42 205480]
"SuperCopier2.exe"="C:\Program Files\SuperCopier2\SuperCopier2.exe" [2006-07-07 16:45:00 1052672]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 07:33:39 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 01:05:00 1045800]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-11-06 14:34:02 177456]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 11:44:34 31072]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-09-24 14:44:54 141848]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-09-24 14:44:40 154136]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2007-09-24 14:44:50 129560]
"PTHOSTTR"="C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 14:52:36 145184]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2007-02-21 13:14:24 1183744]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 15:05:04 959976]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-10-03 15:15:40 480560]
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 13:08:47 209153]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ST Recovery Launcher"="C:\Windows\SMINST\launcher.exe" [2007-06-06 13:34:00 44168]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 12:26:52 484904]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664]
Serveur r‚seau.lnk - C:\Program Files\WIBUKEY\Server\WkSvMgr.exe [2009-3-21 3768320]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\disallowrun]
"1"= cmd.exe
"2"= mmc.exe
"3"= rstrui.exe
"4"= regedit.exe
"5"= regedt32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2007-06-08 08:04:30 49152 ----a-r C:\Windows\System32\DeviceNP.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"filehippo.com"="C:\Program Files\filehippo.com\UpdateChecker.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{348750B9-9A27-434D-85D0-9713C14AA765}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{A5AAC41D-FF71-404F-9939-8D74C269A338}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{3580AF51-8853-42B9-8723-B7A44C416A1A}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{363A340D-A2E6-46D7-8B88-C80E23E135DA}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{A51EB43E-59BF-4B66-B672-4D5B9AE7719A}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{DF599D66-D1BB-444E-AC3D-959C948BE067}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{C89E4DE9-7DB5-4F17-BB32-1AD8E1EE840A}"= UDP:C:\Windows\Temp\~osBD66.tmp\ossproxy.exe:ossproxy.exe
"{A0561296-49FA-46D2-B1D4-D747A3C20CDF}"= TCP:C:\Windows\Temp\~osBD66.tmp\ossproxy.exe:ossproxy.exe
"{567CD376-EF57-4594-8B75-4916428C741A}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{98D663F9-0814-4EE3-84C1-28D03DE12BA3}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{800E4206-22CC-4A69-A016-DE1AA794888D}"= UDP:C:\Program Files\FrostWire\FrostWire.exe:FrostWire
"{61E86432-7092-48A7-93D3-50F166AAC315}"= TCP:C:\Program Files\FrostWire\FrostWire.exe:FrostWire
"{12ABADA0-4435-448D-AB20-9320E11EDEEC}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{44952865-ED7F-434D-AB30-20CD5DF9C039}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{57F473E2-BAE5-4CB9-AC9E-52C5599FBD62}"= UDP:C:\Program Files\FrostWire\FrostWire.exe:FrostWire
"{CC9235BC-3F4D-4D95-A10C-C6EDF93E95A7}"= TCP:C:\Program Files\FrostWire\FrostWire.exe:FrostWire

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)

R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [05/02/2009 13:16:01 64160]
R0 pavboot;pavboot;C:\Windows\System32\drivers\pavboot.sys [10/04/2009 20:59:33 28544]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files\Avira\AntiVir Desktop\sched.exe [01/05/2009 03:21:05 108289]
R2 BcmSqlStartupSvc;Service de démarrage SQL Server pour le Gestionnaire de contacts professionnels;C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [16/01/2008 08:46:24 30312]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [22/08/2008 15:40:34 1153368]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;C:\Windows\System32\TUProgSt.exe [26/12/2008 20:21:22 603904]
R3 KeyScrambler;KeyScrambler;C:\Windows\System32\drivers\keyscrambler.sys [08/03/2009 11:55:05 114024]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;C:\Windows\System32\drivers\NETw5v32.sys [17/11/2008 15:40:22 3668480]
S2 gupdate1c99b1dae71d9c9;Google Update Service (gupdate1c99b1dae71d9c9);C:\Program Files\Google\Update\GoogleUpdate.exe [02/03/2009 09:59:31 133104]
S3 DAMDrv;DAMDrv;C:\Windows\System32\drivers\DAMDrv.sys [11/12/2007 09:05:26 30008]
S3 FLCDLOCK;Verrouillage des périphériques / Audition HP ProtectTools;C:\Windows\System32\flcdlock.exe [08/06/2007 08:06:42 172131]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [24/11/2008 22:31:10 29263712]
S3 ST330;ST330;C:\Windows\System32\drivers\st330.sys [16/07/2008 21:03:35 30464]
S3 STBUS;STBUS;C:\Windows\System32\drivers\stbus.sys [16/07/2008 21:03:35 12672]
S3 STETH;SpeedTouch Ethernet Adapter NT Driver;C:\Windows\System32\drivers\steth.sys [16/07/2008 21:03:35 40320]
S3 stppp;Speedtouch PPP Adapter Adapter;C:\Windows\System32\drivers\stppp.sys [16/07/2008 21:03:36 32000]
S3 VirtDisk;XSS Virtual Disk Driver;C:\Windows\SMINST\virtdisk.sys [11/12/2007 09:03:18 57344]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - mchInjDrv

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Tâches planifiées'

2009-05-06 C:\Windows\Tasks\GoogleUpdateTaskMachine.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-02 09:59:31 . 2009-03-02 09:59:08]

2009-05-01 C:\Windows\Tasks\Maintenance en 1 clic.job
- C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 15:04:34 . 2008-12-12 15:04:34]

2009-05-06 C:\Windows\Tasks\User_Feed_Synchronization-{89537D0B-C7C9-479E-8195-57F6A44B4B50}.job
- C:\Windows\system32\msfeedssync.exe [2009-05-01 12:50:59 . 2009-03-08 11:31:52]

2009-05-06 C:\Windows\Tasks\User_Feed_Synchronization-{F85B743B-FEC6-409F-8367-14FEEBB3F294}.job
- C:\Windows\system32\msfeedssync.exe [2009-05-01 12:50:59 . 2009-03-08 11:31:52]

2009-05-06 C:\Windows\Tasks\User_Feed_Synchronization-{FFB1F37D-F178-4D5E-92DE-48380A45961A}.job
- C:\Windows\system32\msfeedssync.exe [2009-05-01 12:50:59 . 2009-03-08 11:31:52]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-E09FXLRD_68023861 - C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE

.
------- Examen supplémentaire -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: {B823FF05-D956-452C-A56B-4E25081429A6} = 213.154.95.126,213.154.64.13
TCP: {C4123C40-1BF5-4CF5-AA87-5ACA0C372349} = 213.154.64.13,213.154.95.126
FF - ProfilePath - C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\8wg0v4hu.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - component: C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\8wg0v4hu.default\extensions\isadmin@vdtsoftware.ffext\components\isadmin.dll
FF - component: C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\8wg0v4hu.default\extensions\keyscrambler@qfx.software.corporation\components\KeyScramblerIE.dll
FF - plugin: C:\Program Files\Google\Google Earth Plugin\npgeplugin.dll
FF - plugin: C:\Program Files\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: C:\Program Files\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

---- PARAMETRES FIREFOX ----
.
0
Réponse 32 / 38
Ced_King Messages postés 3519 Date d'inscription   Statut Contributeur Dernière intervention   572
 
Salut,

- Tu n'a pas desinstallé l'antivirus et le pare-feu de Norton, il ne te faut qu'un seul pare-feu et un seul antivirus, sinon risque de conflits et bugs, telecharges l'utilitaire de symantec pour les desinstaller correctement :

http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924

*Tu n'as pas non plus besoin d'avoir autant d'Antispyware, gardes en un associé à Malwarebytes, cela te suffira largement...

--> lis ceci : https://forum.malekal.com/viewtopic.php?f=45&t=4650

-------------------------------

- Le rapport Combofix n'est pas complet !!!

* Clique sur Démarrer puis Exécuter. Tapes combofix /u dans la zone de saisie puis OK.
- ( il y a un espace entre combofix et /u)

* Relances USBFix et executes l'option5 ( desinstallation)

- Si tu navigues avec les droits administrateurs, alors je t'invite à lire ceci
http://www.malekal.com/gestion_utilisateur_windows.html
---------------------------
Fais un scan en ligne ici https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr (Avec Internet Explorer)

- En bas à droite, clique sur Démarrer Online-scanner

- Dans la nouvelle fenêtre qui s'affiche, clique sur J'accepte

- Accepte les Contrôles ActiveX

- Choisis Poste de travail pour le scan.

- Celui-ci terminé, sauvegarde (Choisis fichier texte) et poste le rapport

- Pour t'aider à utiliser le scan en ligne :
https://www.malekal.com/scan-antivirus-ligne-nod32/#mozTocId291566

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte-toi sur le site de Kaspersky pour retenter le scan en ligne.

0
Réponse 33 / 38
Kalsya Messages postés 314 Statut Membre
 
bon j'ai refais une analyse parce je crois bien qu'il y avais un probleme lors de la premier analyse. voici le rapport

ComboFix 09-05-08.03 - Administrateur 09/05/2009 7:04.2 - NTFSx86
Microsoft® Windows Vista™ Professionnel 6.0.6001.1.1252.33.1036.18.1015.302 [GMT 0:00]
Lancé depuis: c:\users\Administrateur\Desktop\ComboFix.exe
FW: ZoneAlarm Firewall *enabled*
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-04-09 au 2009-05-09 ))))))))))))))))))))))))))))))))))))
.

2009-05-09 01:20 . 2009-05-09 01:20 -------- d-----w c:\progra~2\NortonInstaller
2009-05-09 01:20 . 2009-05-09 01:20 -------- d-----w c:\users\All Users\NortonInstaller
2009-05-06 18:48 . 2009-05-09 02:08 -------- d-----w C:\UsbFix
2009-05-06 11:46 . 2001-10-28 17:42 116224 ----a-w c:\windows\system32\pdfcmnnt.dll
2009-05-06 11:46 . 1998-07-13 02:08 141312 ----a-w c:\windows\system32\MSCMCFR.DLL
2009-05-06 11:46 . 1998-07-13 02:08 59904 ----a-w c:\windows\system32\MSCC2FR.DLL
2009-05-06 11:46 . 1998-07-06 01:00 23552 ----a-w c:\windows\system32\MSMPIDE.DLL
2009-05-02 22:59 . 2009-05-05 13:34 -------- d-----w c:\users\Administrateur\AppData\Roaming\Autodesk
2009-05-02 22:59 . 2009-05-05 13:34 -------- d-----w c:\users\ADMINI~1\AppData\Roaming\Autodesk
2009-05-02 22:59 . 2009-05-05 13:34 -------- d-----w c:\progra~2\Autodesk
2009-05-02 22:59 . 2009-05-05 13:34 -------- d-----w c:\users\All Users\Autodesk
2009-05-02 22:59 . 2009-05-02 23:08 -------- d-----w c:\program files\AutoCAD 2008
2009-05-02 22:56 . 2009-05-02 23:08 -------- d-----w c:\program files\Common Files\Autodesk Shared
2009-05-02 22:56 . 2009-05-02 22:56 -------- d-----w c:\program files\Autodesk
2009-05-02 22:56 . 2009-05-02 22:59 -------- d-----w c:\users\Administrateur\AppData\Local\Autodesk
2009-05-02 22:56 . 2009-05-02 22:59 -------- d-----w c:\users\ADMINI~1\AppData\Local\Autodesk
2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w c:\windows\system32\GPhotos.scr
2009-05-01 12:50 . 2009-03-08 11:32 66560 ----a-w c:\windows\system32\wextract.exe
2009-05-01 03:21 . 2009-03-24 16:08 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys
2009-05-01 03:20 . 2009-05-01 03:20 -------- d-----w c:\program files\Avira
2009-04-15 20:43 . 2009-03-03 04:39 551424 ----a-w c:\windows\system32\rpcss.dll
2009-04-15 20:43 . 2009-03-03 04:46 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-04-15 20:43 . 2009-03-03 04:46 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-04-15 20:43 . 2009-03-03 03:04 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-04-15 20:43 . 2009-03-03 04:39 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-04-15 20:43 . 2009-03-03 04:39 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-04-15 20:43 . 2009-03-03 04:37 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-04-15 20:43 . 2009-03-03 04:37 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-04-15 20:43 . 2009-03-03 04:37 54784 ----a-w c:\windows\system32\iasads.dll
2009-04-15 20:43 . 2009-03-03 02:38 17408 ----a-w c:\windows\system32\iashost.exe
2009-04-15 20:33 . 2008-12-06 04:42 376832 ----a-w c:\windows\system32\winhttp.dll
2009-04-15 20:33 . 2008-06-06 03:27 562176 ----a-w c:\windows\system32\msdtcprx.dll
2009-04-15 20:33 . 2008-06-06 03:27 38912 ----a-w c:\windows\system32\xolehlp.dll
2009-04-15 20:20 . 2009-02-13 08:49 1255936 ----a-w c:\windows\system32\lsasrv.dll
2009-04-15 20:20 . 2009-02-13 08:49 72704 ----a-w c:\windows\system32\secur32.dll
2009-04-15 20:20 . 2009-03-17 03:38 13824 ----a-w c:\windows\system32\apilogen.dll
2009-04-15 20:20 . 2009-03-17 03:38 24064 ----a-w c:\windows\system32\amxread.dll
2009-04-13 13:20 . 2009-05-01 03:20 -------- d-----w c:\progra~2\Avira
2009-04-13 13:20 . 2009-05-01 03:20 -------- d-----w c:\users\All Users\Avira
2009-04-10 20:59 . 2008-06-19 16:24 28544 ----a-w c:\windows\system32\drivers\pavboot.sys
2009-04-09 19:09 . 2009-05-08 08:25 -------- d-----w c:\users\Administrateur\AppData\Roaming\vlc
2009-04-09 19:09 . 2009-05-08 08:25 -------- d-----w c:\users\ADMINI~1\AppData\Roaming\vlc
2009-04-09 08:10 . 2008-04-17 12:12 107368 ----a-w c:\windows\system32\GEARAspi.dll
2009-04-09 08:10 . 2009-03-19 16:32 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-04-09 08:08 . 2009-04-09 08:10 -------- d-----w c:\progra~2\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-09 08:08 . 2009-04-09 08:10 -------- d-----w c:\users\All Users\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-09 02:54 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstor.dat
2009-05-09 02:54 . 2006-11-02 10:25 51200 ----a-w c:\windows\inf\infpub.dat
2009-05-09 02:54 . 2006-11-02 10:25 143360 ----a-w c:\windows\inf\infstrng.dat
2009-05-09 01:32 . 2008-12-23 15:04 352615 ---ha-w c:\windows\system32\drivers\vsconfig.xml
2009-05-09 01:30 . 2006-11-09 19:30 6604 ----a-w c:\windows\bthservsdp.dat
2009-05-08 17:14 . 2006-11-02 15:47 769738 ----a-w c:\windows\system32\perfh00C.dat
2009-05-08 17:14 . 2006-11-02 15:47 161628 ----a-w c:\windows\system32\perfc00C.dat
2009-05-06 12:21 . 2009-03-14 07:56 -------- d-----w c:\program files\Common Files\Adobe
2009-05-06 11:51 . 2009-03-04 19:33 -------- d-----w c:\program files\PDFCreator
2009-05-06 09:11 . 2008-10-29 19:13 -------- d-----w c:\program files\Google
2009-05-02 23:21 . 2008-07-17 19:52 169576 ----a-w c:\users\Administrateur\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-02 23:21 . 2008-07-17 19:52 169576 ----a-w c:\users\ADMINI~1\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-01 13:20 . 2008-07-01 09:45 -------- d-----w c:\program files\Microsoft Works
2009-04-17 06:57 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-04-14 10:57 . 2008-07-21 15:51 1356 ----a-w c:\users\Administrateur\AppData\Local\d3d9caps.dat
2009-04-14 10:57 . 2008-07-21 15:51 1356 ----a-w c:\users\ADMINI~1\AppData\Local\d3d9caps.dat
2009-04-13 19:40 . 2009-04-14 07:24 2621440 ----a-w c:\windows\Internet Logs\xDB6325.tmp
2009-04-10 20:59 . 2008-12-20 23:55 -------- d-----w c:\program files\Panda Security
2009-04-09 07:26 . 2008-11-08 17:25 410984 ----a-w c:\windows\system32\deploytk.dll
2009-04-09 01:37 . 2009-03-07 20:51 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-07 23:29 . 2007-12-11 08:38 -------- d-----w c:\program files\Common Files\InstallShield
2009-04-07 20:32 . 2009-04-07 20:32 -------- d-----w c:\program files\DsNET Corp
2009-04-06 15:32 . 2009-03-07 20:51 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 15:32 . 2009-03-07 20:51 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-02 18:11 . 2009-04-02 18:12 1788928 ----a-w c:\windows\Internet Logs\xDB63B1.tmp
2009-03-31 15:21 . 2009-03-30 19:46 -------- d-----w c:\program files\FrostWire
2009-03-31 14:35 . 2009-04-24 14:28 17160 ----a-w c:\windows\Help\OEM\scripts\HC_TotalCareAdvisorUpdate.exe
2009-03-31 13:17 . 2009-03-31 13:24 1783296 ----a-w c:\windows\Internet Logs\xDB71B5.tmp
2009-03-30 16:30 . 2009-04-24 14:28 17160 ----a-w c:\windows\Help\OEM\scripts\HC_DanzkaDubraBIOSUpdate.exe
2009-03-29 19:06 . 2009-03-08 11:55 -------- d-----w c:\program files\KeyScrambler
2009-03-28 13:08 . 2009-03-28 13:08 -------- d-----w c:\program files\SuperCopier2
2009-03-21 21:28 . 2009-03-21 21:28 8192 --sha-w c:\windows\o2cLicStore.bin
2009-03-21 20:15 . 2009-03-21 20:15 -------- d-----w c:\program files\WIBUKEY
2009-03-21 20:15 . 2009-03-21 20:15 -------- d-----w c:\program files\WIBU-SYSTEMS
2009-03-21 20:00 . 2009-03-21 20:00 -------- d-----w c:\program files\Graphisoft
2009-03-21 14:22 . 2009-03-21 14:22 -------- d-----w c:\program files\LSI SoftModem
2009-03-15 20:00 . 2009-03-15 19:59 2571052 ----a-w c:\windows\Internet Logs\tvDebug.zip
2009-03-14 18:03 . 2008-07-27 11:05 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-14 07:42 . 2008-08-13 17:29 -------- d-----w c:\program files\DivX
2009-03-14 07:33 . 2009-03-14 07:33 -------- d-----w c:\program files\Common Files\DivX Shared
2009-03-10 00:46 . 2009-03-10 00:46 189032 ---ha-w c:\windows\system32\mlfcache.dat
2009-03-08 11:34 . 2009-05-01 12:50 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 11:34 . 2009-05-01 12:51 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 11:33 . 2009-05-01 12:51 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 11:33 . 2009-05-01 12:50 109056 ----a-w c:\windows\system32\iesysprep.dll
2009-03-08 11:33 . 2009-05-01 12:50 109568 ----a-w c:\windows\system32\PDMSetup.exe
2009-03-08 11:33 . 2009-05-01 12:50 107520 ----a-w c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 11:33 . 2009-05-01 12:50 107008 ----a-w c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 11:33 . 2009-05-01 12:50 103936 ----a-w c:\windows\system32\SetDepNx.exe
2009-03-08 11:33 . 2009-05-01 12:50 132608 ----a-w c:\windows\system32\ieUnatt.exe
2009-03-08 11:33 . 2009-05-01 12:50 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 11:32 . 2009-05-01 12:51 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 11:32 . 2009-05-01 12:51 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 11:32 . 2009-05-01 12:50 169472 ----a-w c:\windows\system32\iexpress.exe
2009-03-08 11:31 . 2009-05-01 12:51 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 11:31 . 2009-05-01 12:51 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 11:31 . 2009-05-01 12:50 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 11:22 . 2009-05-01 12:51 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-06 17:12 . 2009-02-20 18:44 21256 ----a-w c:\windows\Help\OEM\scripts\HPScript.exe
2009-03-05 12:29 . 2009-04-08 00:58 16648 ----a-w c:\windows\Help\OEM\scripts\HC_ProtectSmartPatch.exe
2009-03-04 19:34 . 2009-03-04 19:34 102 ----a-w c:\users\Administrateur\AppData\Local\fusioncache.dat
2009-03-04 19:34 . 2009-03-04 19:34 102 ----a-w c:\users\ADMINI~1\AppData\Local\fusioncache.dat
2009-02-13 20:37 . 2009-02-13 20:39 707584 ----a-w c:\windows\Internet Logs\xDBFF64.tmp
2009-02-13 20:37 . 2009-02-13 20:39 1571328 ----a-w c:\windows\Internet Logs\xDB20.tmp
2009-02-09 03:10 . 2009-03-11 16:54 2033152 ----a-w c:\windows\system32\win32k.sys
2008-10-03 17:37 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini
2009-01-27 01:34 . 2009-01-27 01:34 1044480 ----a-w c:\program files\mozilla firefox\plugins\libdivx.dll
2009-01-27 01:34 . 2009-01-27 01:34 200704 ----a-w c:\program files\mozilla firefox\plugins\ssldivx.dll
2008-11-11 19:48 . 2008-11-11 19:48 22 --sha-w c:\windows\SMINST\HPCD.sys
1996-03-15 18:15 . 2008-11-22 13:40 33552 --sha-w c:\windows\System32\MSJINT32.DLL
1996-04-11 17:34 . 1996-04-11 17:34 965904 --sha-w c:\windows\System32\MSJT3032.DLL
1996-03-15 18:47 . 2008-11-22 13:40 98356 --sha-w c:\windows\System32\MSJTER32.DLL
1995-09-24 12:02 . 2008-11-22 13:40 243472 --sha-w c:\windows\System32\VBAR2232.DLL
2007-12-11 16:38 . 2007-12-11 16:37 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2007-08-30 205480]
"SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2006-07-07 1052672]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-11-06 177456]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-24 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-24 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-24 129560]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-02-21 1183744]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 959976]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-10-03 480560]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ST Recovery Launcher"="c:\windows\SMINST\launcher.exe" [2007-06-06 44168]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]

c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664]
Serveur r‚seau.lnk - c:\program files\WIBUKEY\Server\WkSvMgr.exe [2009-3-21 3768320]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\disallowrun]
"1"= cmd.exe
"2"= mmc.exe
"3"= rstrui.exe
"4"= regedit.exe
"5"= regedt32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2007-06-08 08:04 49152 ----a-r c:\windows\System32\DeviceNP.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"filehippo.com"="c:\program files\filehippo.com\UpdateChecker.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Health Check Scheduler"=c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{348750B9-9A27-434D-85D0-9713C14AA765}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{A5AAC41D-FF71-404F-9939-8D74C269A338}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{3580AF51-8853-42B9-8723-B7A44C416A1A}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{363A340D-A2E6-46D7-8B88-C80E23E135DA}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{A51EB43E-59BF-4B66-B672-4D5B9AE7719A}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{DF599D66-D1BB-444E-AC3D-959C948BE067}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{C89E4DE9-7DB5-4F17-BB32-1AD8E1EE840A}"= UDP:c:\windows\Temp\~osBD66.tmp\ossproxy.exe:ossproxy.exe
"{A0561296-49FA-46D2-B1D4-D747A3C20CDF}"= TCP:c:\windows\Temp\~osBD66.tmp\ossproxy.exe:ossproxy.exe
"{800E4206-22CC-4A69-A016-DE1AA794888D}"= UDP:c:\program files\FrostWire\FrostWire.exe:FrostWire
"{61E86432-7092-48A7-93D3-50F166AAC315}"= TCP:c:\program files\FrostWire\FrostWire.exe:FrostWire
"{57F473E2-BAE5-4CB9-AC9E-52C5599FBD62}"= UDP:c:\program files\FrostWire\FrostWire.exe:FrostWire
"{CC9235BC-3F4D-4D95-A10C-C6EDF93E95A7}"= TCP:c:\program files\FrostWire\FrostWire.exe:FrostWire
"{4C4CC8B3-4BD7-4C10-9B52-CC684037E05B}"= c:\program files\Skype\Phone\Skype.exe:Skype

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [05/02/2009 13:16 64160]
R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [10/04/2009 20:59 28544]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [01/05/2009 03:21 108289]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [22/08/2008 15:40 1153368]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [26/12/2008 20:21 603904]
R3 BcmSqlStartupSvc;Service de démarrage SQL Server pour le Gestionnaire de contacts professionnels;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [16/01/2008 08:46 30312]
R3 KeyScrambler;KeyScrambler;c:\windows\System32\drivers\keyscrambler.sys [08/03/2009 11:55 114024]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [17/11/2008 15:40 3668480]
S2 gupdate1c99b1dae71d9c9;Google Update Service (gupdate1c99b1dae71d9c9);c:\program files\Google\Update\GoogleUpdate.exe [02/03/2009 09:59 133104]
S3 DAMDrv;DAMDrv;c:\windows\System32\drivers\DAMDrv.sys [11/12/2007 09:05 30008]
S3 FLCDLOCK;Verrouillage des périphériques / Audition HP ProtectTools;c:\windows\System32\flcdlock.exe [08/06/2007 08:06 172131]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [24/11/2008 22:31 29263712]
S3 ST330;ST330;c:\windows\System32\drivers\st330.sys [16/07/2008 21:03 30464]
S3 STBUS;STBUS;c:\windows\System32\drivers\stbus.sys [16/07/2008 21:03 12672]
S3 STETH;SpeedTouch Ethernet Adapter NT Driver;c:\windows\System32\drivers\steth.sys [16/07/2008 21:03 40320]
S3 stppp;Speedtouch PPP Adapter Adapter;c:\windows\System32\drivers\stppp.sys [16/07/2008 21:03 32000]
S3 VirtDisk;XSS Virtual Disk Driver;c:\windows\SMINST\virtdisk.sys [11/12/2007 09:03 57344]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - BCMSQLSTARTUPSVC
*NewlyCreated* - CSCSERVICE
*NewlyCreated* - DOT3SVC
*NewlyCreated* - DPS
*NewlyCreated* - EAPHOST
*NewlyCreated* - EMDMGMT
*NewlyCreated* - FAX
*NewlyCreated* - HPQWMIEX
*NewlyCreated* - IDSVC
*NewlyCreated* - IPHLPSVC
*NewlyCreated* - NAPAGENT
*NewlyCreated* - P2PIMSVC
*NewlyCreated* - P2PSVC
*NewlyCreated* - PNRPAUTOREG
*NewlyCreated* - PNRPSVC
*NewlyCreated* - QWAVE
*NewlyCreated* - SHAREDACCESS
*NewlyCreated* - SNMPTRAP
*NewlyCreated* - TABLETINPUTSERVICE
*NewlyCreated* - TBS
*NewlyCreated* - WCNCSVC
*NewlyCreated* - WDISYSTEMHOST
*NewlyCreated* - WEBCLIENT
*NewlyCreated* - WERCPLSUPPORT
*NewlyCreated* - WLANSVC
*NewlyCreated* - WMPNETWORKSVC
*NewlyCreated* - WPDBUSENUM
*NewlyCreated* - WUDFSVC
*Deregistered* - mchInjDrv

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: {B823FF05-D956-452C-A56B-4E25081429A6} = 213.154.95.126,213.154.64.13
TCP: {C4123C40-1BF5-4CF5-AA87-5ACA0C372349} = 213.154.64.13,213.154.95.126
FF - ProfilePath - c:\users\ADMINI~1\AppData\Roaming\Mozilla\Firefox\Profiles\8wg0v4hu.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\8wg0v4hu.default\extensions\isadmin@vdtsoftware.ffext\components\isadmin.dll
FF - component: c:\users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\8wg0v4hu.default\extensions\keyscrambler@qfx.software.corporation\components\KeyScramblerIE.dll
FF - plugin: c:\program files\Google\Google Earth Plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- PARAMETRES FIREFOX ----
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-09 07:11
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

[0] 0x136AB45B

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\c:\users\ADMINI~1\AppData\Local\Temp\mc21.tmp"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\st330service]
"ImagePath"="C:\Program Files/Thomson SpeedTouch/ST330/service/st330service.exe -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3a,b6,4c,54,7c,2a,ad,44,9a,04,79,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3a,b6,4c,54,7c,2a,ad,44,9a,04,79,\

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.avi"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.CDA"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\vlc.exe"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M3U"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.MHT"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.MHT"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\vlc.exe"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.URL"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAV"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMV"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-2363400070-3150726595-4112293614-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000099

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000099

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{2805e90c-341c-495d-8d89-0c1a790bfd7c}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:06001422
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{3f19cd0b-6290-488d-a6f1-4f7424dd9889}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0c0002a5
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{4570ec98-2a4b-49b3-9e3c-52b86fa35bad}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:15000e50
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{5432fd42-f911-4885-b983-702b2559c332}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:11001641
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{576a3367-c5af-4dda-81ca-c1effa473ca3}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:17000e50
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{653b8f6d-771a-4cbc-a7a6-10522b8af5eb}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:09001e37
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{87f0b968-6b7d-482e-8aac-a8442391e012}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:11001f3c
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{a3758454-6ae2-4afd-be1e-3fb8ffaf7c71}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0d001a4b
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{b4ef9d03-6778-401d-b4c5-f488c023888a}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:16020054
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{b823ff05-d956-452c-a56b-4e25081429a6}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0e001f3c
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{c3951997-51dd-4f0a-b47c-c22054a7ee06}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0a000000
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{c4123c40-1bf5-4cf5-aa87-5aca0c372349}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0b001f29
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{f8b9ab0c-f9e8-47f4-ba0b-9ddcc01bffb2}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:07001422
"Dhcpv6State"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(5580)
c:\program files\SuperCopier2\SC2Hook.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
Heure de fin: 2009-05-09 7:16
ComboFix-quarantined-files.txt 2009-05-09 07:16

Avant-CF: 77 487 157 248 octets libres
Après-CF: 74 310 385 664 octets libres

630 --- E O F --- 2009-05-08 13:35
0
Réponse 34 / 38
Kalsya Messages postés 314 Statut Membre
 
# en ce qui concerne norton, je ne l'ai jamais installé mais bon j'ai fais ce que tu m'as dit.

# je n'ai pas non plus plusieurs antispywares. je n'ai que spybot. lmalwarebytes ne me sert qu'à analyser il a pas de resident. mais par contre j'ai remarqué que sur le centre de securité à la place de spybot, il ya antivir desktop et ça j'aimerais bien comprendre

# bon pour les droits d'administrateur, j'ais installé privbar et droppmyrights je crois qu'ils sont suffisants sauf que j'ais des problemes pour l'utiliser et je peux pas le desinstaller non plus. peut tu m'aider?

#et pour kaspersky, il n'est pas encore compatible avec vista
0
Réponse 35 / 38
Ced_King Messages postés 3519 Date d'inscription   Statut Contributeur Dernière intervention   572
 
Salut,

pour kaspersky, il n'est pas encore compatible avec vista

--->Et si, il faut desactiver le controle des comptes utilisateur, (UAC) !

Tutoriel en image

--> il faut cliquer/droit et executer en tant qu'administrateur

---> Le scan Kaspersky online fonctionne avec Internet Explorer .

* Potasses ce tuto : Tutoriel Kaspersky Online avec I-E

- Note : le scan Kaspersky online fonctionne aussi avec Firefox :

Tutoriel Kaspersky online avec Firefox
0
Réponse 36 / 38
Kalsya Messages postés 314 Statut Membre
 
d'accord pour kaspersky je vais le faire mais pour les antivir desktop et dropmyrights?
0
Réponse 37 / 38
Kalsya Messages postés 314 Statut Membre
 
j'ai aussi remarqué que windows explorer n'arrete plus de se planter depuis que j'ai commencé cette desinfection
0
Réponse 38 / 38
Kalsya Messages postés 314 Statut Membre
 
le service sbsd (...) n'existe plus
0
Kalsya Messages postés 314 Statut Membre
 
j'ai fait une anakyse complete du systeme avec kaspersky. il a rien trouvé. Héhooooooooo t'es la??????
0

Discussions similaires

Arnaque Autoluxe91
Brightnes -
Anais -

23 réponses
Comment vider la memoire RAM de ma TV LG?
Ozoori -
MPMP10 -

15 réponses
L'adresse mémoire ne peut pas être 'Read' ou 'Written'
baissaoui -
baissaoui -

0 réponse
Lampe de poche ne fonctionne plus
Margot -
Merci -

25 réponses
grille de points pour belote
portos54 -
antoine.let -

7 réponses