Virus trés vicieux

Fermé

flo - 5 déc. 2009 à 12:46
flo - 5 déc. 2009 à 14:05

Bonjour,

J'ai un ou plusieurs virus que je n'arrive pas à enlever avec les outils "classiques" de désinfection:
TR/drop.agent.jp
TR/downloader.gen
TR/crypt.zpack.gen

J'ai passé antivir, spybot, malwarebytes en mode sans echec. Et Antispyware2.

Le virus m'empeche d'aller faire un scan en ligne.

Voici le log HJThis si ça peux vous aider: Merci de votre aide.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:05:35, on 04/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SWF Printer Agent] "C:\Program Files\SWF Printer Pro\swfpagent.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [AntiSpyWare2Guard] C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Identités - {45DB34C3-955C-11D3-ABEF-444553540000} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
O9 - Extra 'Tools' menuitem: Identités - {45DB34C3-955C-11D3-ABEF-444553540000} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
O9 - Extra button: Cartes - {45DB34C3-955C-11D3-ABEF-444553540001} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditPass.html
O9 - Extra 'Tools' menuitem: Cartes - {45DB34C3-955C-11D3-ABEF-444553540001} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditPass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Program Files\QlikView\QvProtocol\Qvp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL C:\Windows\system32\guard32.dll
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GGSCILLZPKPK - Sysinternals - www.sysinternals.com - C:\Users\Flo\AppData\Local\Temp\GGSCILLZPKPK.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxdxCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdxserv.exe
O23 - Service: lxdx_device - - C:\Windows\system32\lxdxcoms.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: YIHEQKTBVIRGLFS - Sysinternals - www.sysinternals.com - C:\Users\Flo\AppData\Local\Temp\YIHEQKTBVIRGLFS.exe

A voir également:

Virus trés vicieux
Youtu.be virus - Accueil - Guide virus
Svchost.exe virus - Guide
Faux message virus ordinateur - Accueil - Arnaque
Faux message virus iphone - Forum iPhone
Softonic virus ✓ - Forum Virus

1 réponse

Réponse 1 / 1

Narco!4 Messages postés 2385 Date d'inscription dimanche 25 janvier 2009 Statut Contributeur Dernière intervention 25 octobre 2012 467
5 déc. 2009 à 12:50

Bonjour,

télécharge GenProc http://www.genproc.com/GenProc.exe

double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre

flo
5 déc. 2009 à 13:13

Merci Narco
Voici le rapport:

Rapport GenProc 2.655 [1] - 05/12/2009 à 12:53:17
@ Windows VISTA Service Pack 2 - ASUSTeK Computer Inc. - Mode normal
@ Mozilla Firefox 3.0.15 (fr) [Navigateur par défaut]

GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :

Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt

~~~~ INFORMATION COMPLEMENTAIRE ~~~~

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-05 12:54:32
Windows 6.0.6002 Service Pack 2

detected NTDLL code modification:
ZwClose, ZwOpenFile

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002243be9599]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\002243be9599]
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\4]
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\4\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\4\Blocked]
"Num"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\5]
"Flags"=dword:00000020
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\5\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\5\Blocked]
"Num"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\6]
"Flags"=dword:00000010
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\6\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\6\Blocked]
"Num"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\7]
"Flags"=dword:00000040
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\7\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\7\Blocked]
"Num"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\8]
"Flags"=dword:00000080
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\8\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\8\Blocked]
"Num"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\9]
"Flags"=dword:00000100
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\9\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\265\Rules\9\Blocked]
"Num"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266]
"Flags"=dword:00000000
"TreatAs"=""
"Filename"="C:\Users\Flo\AppData\Local\Temp\IDC2.tmp\getPlusPlus_Adobe_reg.exe"
"DeviceName"="C:\Users\Flo\AppData\Local\Temp\IDC2.tmp\getPlusPlus_Adobe_reg.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Protections]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules]
"Num"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\0]
"Flags"=dword:00000002
"DefaultAction"=dword:00000004

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\0\Allowed]
"Num"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\0\Allowed\0]
"Flags"=dword:00000000
"Filename"="C:\Program Files\NOS\bin\getPlus_HelperSvc.exe"
"DeviceName"="C:\Program Files\NOS\bin\getPlus_HelperSvc.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\0\Allowed\1]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Mozilla Firefox\firefox.exe"
"DeviceName"="C:\Program Files\Mozilla Firefox\firefox.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\0\Allowed\2]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Adobe\Adobe InDesign CS3\InDesign.exe"
"DeviceName"="C:\Program Files\Adobe\Adobe InDesign CS3\InDesign.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\0\Allowed\3]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\AppData\Local\Temp\QZTEMP\Adobe CS4 Keygen & Activation\Adobe CS4 Master Collection Keygen.exe"
"DeviceName"="C:\Users\Flo\AppData\Local\Temp\QZTEMP\Adobe CS4 Keygen & Activation\Adobe CS4 Master Collection Keygen.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\0\Allowed\4]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe"
"DeviceName"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\0\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\1]
"Flags"=dword:00000004
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\1\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\1\Allowed\0]
"Flags"=dword:00000000
"Filename"="C:\Windows\system32\*"
"DeviceName"="C:\Windows\system32\*"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\1\Allowed\1]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Mozilla Firefox\firefox.exe"
"DeviceName"="C:\Program Files\Mozilla Firefox\firefox.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\1\Allowed\2]
"Flags"=dword:00000000
"Filename"="HKLM\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll"
"DeviceName"="HKLM\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\1\Allowed\3]
"Flags"=dword:00000000
"Filename"="HKLM\SYSTEM\ControlSet001\Services\avgntflt\Instances"
"DeviceName"="HKLM\SYSTEM\ControlSet001\Services\avgntflt\Instances"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\1\Allowed\4]
"Flags"=dword:00000000
"Filename"="HKLM\SYSTEM\ControlSet001\Services\avgntflt\Enum"
"DeviceName"="HKLM\SYSTEM\ControlSet001\Services\avgntflt\Enum"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\1\Allowed\5]
"Flags"=dword:00000000
"Filename"="HKLM\SYSTEM\ControlSet001\Services\avgntflt"
"DeviceName"="HKLM\SYSTEM\ControlSet001\Services\avgntflt"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\1\Allowed\6]
"Flags"=dword:00000000
"Filename"="HKLM\SYSTEM\ControlSet001\Services\wudfsvc\Start"
"DeviceName"="HKLM\SYSTEM\ControlSet001\Services\wudfsvc\Start"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\1\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\10]
"Flags"=dword:00010000
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\10\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\10\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\11]
"Flags"=dword:00000200
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\11\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\11\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\12]
"Flags"=dword:00200000
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\12\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\12\Allowed\0]
"Flags"=dword:00000000
"Filename"="C:\Windows\system32\*"
"DeviceName"="C:\Windows\system32\*"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\12\Allowed\1]
"Flags"=dword:00000000
"Filename"="*\SOFTWARE\Classes\CLSID*"
"DeviceName"="*\SOFTWARE\Classes\CLSID*"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\12\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\13]
"Flags"=dword:00000002
"DefaultAction"=dword:00000004

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\13\Allowed]
"Num"=dword:00000003

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\13\Allowed\0]
"Flags"=dword:00000000
"Filename"="C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe"
"DeviceName"="C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\13\Allowed\1]
"Flags"=dword:00000000
"Filename"="C:\ProgramData\NOS\Adobe_Downloads\install_flash_player_ax.exe"
"DeviceName"="C:\ProgramData\NOS\Adobe_Downloads\install_flash_player_ax.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\13\Allowed\2]
"Flags"=dword:00000000
"Filename"="C:\Windows\explorer.exe"
"DeviceName"="C:\Windows\explorer.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\13\Allowed\3]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exe"
"DeviceName"="C:\Users\Flo\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\13\Allowed\4]
"Flags"=dword:00000000
"Filename"="*\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\*"
"DeviceName"="*\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\*"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\13\Allowed\5]
"Flags"=dword:00000000
"Filename"="*\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\*"
"DeviceName"="*\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\*"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\13\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\14]
"Flags"=dword:00000008
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\14\Allowed]
"Num"=dword:00000002

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\14\Allowed\0]
"Flags"=dword:00000000
"Filename"="HKLM\SYSTEM\ControlSet???\Services\*"
"DeviceName"="HKLM\SYSTEM\ControlSet???\Services\*"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\14\Allowed\1]
"Flags"=dword:00000000
"Filename"="*\SOFTWARE\Classes\CLSID*"
"DeviceName"="*\SOFTWARE\Classes\CLSID*"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\14\Allowed\2]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Mozilla Firefox\firefox.exe"
"DeviceName"="C:\Program Files\Mozilla Firefox\firefox.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\14\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2]
"Flags"=dword:00000400
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\0]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Mozilla Firefox\firefox.exe"
"DeviceName"="C:\Program Files\Mozilla Firefox\firefox.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\1]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
"DeviceName"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\10]
"Flags"=dword:00000000
"Filename"="C:\Program Files\VideoLAN\VLC\vlc.exe"
"DeviceName"="C:\Program Files\VideoLAN\VLC\vlc.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\11]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Siber Systems\AI RoboForm\identities.exe"
"DeviceName"="C:\Program Files\Siber Systems\AI RoboForm\identities.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\12]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe"
"DeviceName"="C:\Users\Flo\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\13]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Java\jre6\bin\jp2launcher.exe"
"DeviceName"="C:\Program Files\Java\jre6\bin\jp2launcher.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\14]
"Flags"=dword:00000000
"Filename"="C:\Program Files\QuickZip4\QuickZip.exe"
"DeviceName"="C:\Program Files\QuickZip4\QuickZip.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\15]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE"
"DeviceName"="C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\16]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Adobe\Adobe InDesign CS3\InDesign.exe"
"DeviceName"="C:\Program Files\Adobe\Adobe InDesign CS3\InDesign.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\17]
"Flags"=dword:00000000
"Filename"="C:\Windows\explorer.exe"
"DeviceName"="C:\Windows\explorer.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\18]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\Vuze_Installer.exe"
"DeviceName"="C:\Users\Flo\Downloads\Vuze_Installer.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\19]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\0z6iymgu.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe"
"DeviceName"="C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\0z6iymgu.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\2]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"
"DeviceName"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\20]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\IZArc4b1.exe"
"DeviceName"="C:\Users\Flo\Downloads\IZArc4b1.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\21]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\ppt2flashstd_full25.exe"
"DeviceName"="C:\Users\Flo\Downloads\ppt2flashstd_full25.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\22]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\powerconverter.exe"
"DeviceName"="C:\Users\Flo\Downloads\powerconverter.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\23]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\powerconverter(2).exe"
"DeviceName"="C:\Users\Flo\Downloads\powerconverter(2).exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\24]
"Flags"=dword:00000000
"Filename"="C:\Program Files\IZArc\IZArc.exe"
"DeviceName"="C:\Program Files\IZArc\IZArc.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\25]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\pdfzilla.exe"
"DeviceName"="C:\Users\Flo\Downloads\pdfzilla.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\26]
"Flags"=dword:00000000
"Filename"="C:\Windows\System32\verclsid.exe"
"DeviceName"="C:\Windows\System32\verclsid.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\27]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\SWFPrinterPro.exe"
"DeviceName"="C:\Users\Flo\Downloads\SWFPrinterPro.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\28]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Adobe\Adobe Flash CS4\Players\FlashPlayer.exe"
"DeviceName"="C:\Program Files\Adobe\Adobe Flash CS4\Players\FlashPlayer.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\29]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\Serial.PDFZilla.1.0.7.45042.exe"
"DeviceName"="C:\Users\Flo\Downloads\Serial.PDFZilla.1.0.7.45042.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\3]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\AppData\Local\Mozilla\Firefox\Mozilla Firefox\updates\0\updater.exe"
"DeviceName"="C:\Users\Flo\AppData\Local\Mozilla\Firefox\Mozilla Firefox\updates\0\updater.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\30]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Vuze\Azureus.exe"
"DeviceName"="C:\Program Files\Vuze\Azureus.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\31]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\pdfzilla(2).exe"
"DeviceName"="C:\Users\Flo\Downloads\pdfzilla(2).exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\32]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe"
"DeviceName"="C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\33]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\mbam-setup.exe"
"DeviceName"="C:\Users\Flo\Downloads\mbam-setup.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\4]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe"
"DeviceName"="C:\Users\Flo\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\5]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\AppData\Local\Temp\FP_PL_PFS_INSTALLER-1.exe"
"DeviceName"="C:\Users\Flo\AppData\Local\Temp\FP_PL_PFS_INSTALLER-1.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\6]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\AppData\Local\Temp\FP_PL_PFS_INSTALLER-2.exe"
"DeviceName"="C:\Users\Flo\AppData\Local\Temp\FP_PL_PFS_INSTALLER-2.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\7]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Microsoft Office\Office12\WINWORD.EXE"
"DeviceName"="C:\Program Files\Microsoft Office\Office12\WINWORD.EXE"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\8]
"Flags"=dword:00000000
"Filename"="C:\Program Files\OpenOffice.org 3\program\swriter.exe"
"DeviceName"="C:\Program Files\OpenOffice.org 3\program\swriter.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Allowed\9]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe"
"DeviceName"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\2\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\3]
"Flags"=dword:00000800
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\3\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\3\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\4]
"Flags"=dword:00001000
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\4\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\4\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\5]
"Flags"=dword:00000020
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\5\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\5\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\6]
"Flags"=dword:00000010
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\6\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\6\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\7]
"Flags"=dword:00000040
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\7\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\7\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\8]
"Flags"=dword:00000080
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\8\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\8\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\9]
"Flags"=dword:00000100
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\9\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\266\Rules\9\Blocked]
"Num"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267]
"Flags"=dword:00000000
"TreatAs"=""
"Filename"="C:\Program Files\NOS\bin\getPlus_HelperSvc.exe"
"DeviceName"="C:\Program Files\NOS\bin\getPlus_HelperSvc.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Protections]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules]
"Num"=dword:0000000f

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\0]
"Flags"=dword:00000001
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\0\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\0\Allowed\0]
"Flags"=dword:00000000
"Filename"="*\SOFTWARE\Classes\CLSID*"
"DeviceName"="*\SOFTWARE\Classes\CLSID*"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\0\Allowed\1]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Mozilla Firefox\firefox.exe"
"DeviceName"="C:\Program Files\Mozilla Firefox\firefox.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\0\Allowed\2]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Adobe\Adobe InDesign CS3\InDesign.exe"
"DeviceName"="C:\Program Files\Adobe\Adobe InDesign CS3\InDesign.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\0\Allowed\3]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\AppData\Local\Temp\QZTEMP\Adobe CS4 Keygen & Activation\Adobe CS4 Master Collection Keygen.exe"
"DeviceName"="C:\Users\Flo\AppData\Local\Temp\QZTEMP\Adobe CS4 Keygen & Activation\Adobe CS4 Master Collection Keygen.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\0\Allowed\4]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe"
"DeviceName"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\0\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\1]
"Flags"=dword:00000004
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\1\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\1\Allowed\0]
"Flags"=dword:00000000
"Filename"="C:\Windows\system32\*"
"DeviceName"="C:\Windows\system32\*"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\1\Allowed\1]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Mozilla Firefox\firefox.exe"
"DeviceName"="C:\Program Files\Mozilla Firefox\firefox.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\1\Allowed\2]
"Flags"=dword:00000000
"Filename"="HKLM\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll"
"DeviceName"="HKLM\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\1\Allowed\3]
"Flags"=dword:00000000
"Filename"="HKLM\SYSTEM\ControlSet001\Services\avgntflt\Instances"
"DeviceName"="HKLM\SYSTEM\ControlSet001\Services\avgntflt\Instances"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\1\Allowed\4]
"Flags"=dword:00000000
"Filename"="HKLM\SYSTEM\ControlSet001\Services\avgntflt\Enum"
"DeviceName"="HKLM\SYSTEM\ControlSet001\Services\avgntflt\Enum"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\1\Allowed\5]
"Flags"=dword:00000000
"Filename"="HKLM\SYSTEM\ControlSet001\Services\avgntflt"
"DeviceName"="HKLM\SYSTEM\ControlSet001\Services\avgntflt"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\1\Allowed\6]
"Flags"=dword:00000000
"Filename"="HKLM\SYSTEM\ControlSet001\Services\wudfsvc\Start"
"DeviceName"="HKLM\SYSTEM\ControlSet001\Services\wudfsvc\Start"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\1\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\10]
"Flags"=dword:00010000
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\10\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\10\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\11]
"Flags"=dword:00000200
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\11\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\11\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\12]
"Flags"=dword:00200000
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\12\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\12\Allowed\0]
"Flags"=dword:00000000
"Filename"="C:\Windows\system32\*"
"DeviceName"="C:\Windows\system32\*"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\12\Allowed\1]
"Flags"=dword:00000000
"Filename"="*\SOFTWARE\Classes\CLSID*"
"DeviceName"="*\SOFTWARE\Classes\CLSID*"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\12\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\13]
"Flags"=dword:00000002
"DefaultAction"=dword:00000004

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\13\Allowed]
"Num"=dword:00000003

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\13\Allowed\0]
"Flags"=dword:00000000
"Filename"="C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe"
"DeviceName"="C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\13\Allowed\1]
"Flags"=dword:00000000
"Filename"="C:\ProgramData\NOS\Adobe_Downloads\install_flash_player_ax.exe"
"DeviceName"="C:\ProgramData\NOS\Adobe_Downloads\install_flash_player_ax.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\13\Allowed\2]
"Flags"=dword:00000000
"Filename"="C:\Windows\explorer.exe"
"DeviceName"="C:\Windows\explorer.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\13\Allowed\3]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exe"
"DeviceName"="C:\Users\Flo\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\13\Allowed\4]
"Flags"=dword:00000000
"Filename"="*\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\*"
"DeviceName"="*\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\*"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\13\Allowed\5]
"Flags"=dword:00000000
"Filename"="*\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\*"
"DeviceName"="*\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\*"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\13\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\14]
"Flags"=dword:00000008
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\14\Allowed]
"Num"=dword:00000002

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\14\Allowed\0]
"Flags"=dword:00000000
"Filename"="HKLM\SYSTEM\ControlSet???\Services\*"
"DeviceName"="HKLM\SYSTEM\ControlSet???\Services\*"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\14\Allowed\1]
"Flags"=dword:00000000
"Filename"="*\SOFTWARE\Classes\CLSID*"
"DeviceName"="*\SOFTWARE\Classes\CLSID*"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\14\Allowed\2]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Mozilla Firefox\firefox.exe"
"DeviceName"="C:\Program Files\Mozilla Firefox\firefox.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\14\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2]
"Flags"=dword:00000400
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\0]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Mozilla Firefox\firefox.exe"
"DeviceName"="C:\Program Files\Mozilla Firefox\firefox.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\1]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
"DeviceName"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\10]
"Flags"=dword:00000000
"Filename"="C:\Program Files\VideoLAN\VLC\vlc.exe"
"DeviceName"="C:\Program Files\VideoLAN\VLC\vlc.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\11]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Siber Systems\AI RoboForm\identities.exe"
"DeviceName"="C:\Program Files\Siber Systems\AI RoboForm\identities.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\12]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe"
"DeviceName"="C:\Users\Flo\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\13]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Java\jre6\bin\jp2launcher.exe"
"DeviceName"="C:\Program Files\Java\jre6\bin\jp2launcher.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\14]
"Flags"=dword:00000000
"Filename"="C:\Program Files\QuickZip4\QuickZip.exe"
"DeviceName"="C:\Program Files\QuickZip4\QuickZip.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\15]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE"
"DeviceName"="C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\16]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Adobe\Adobe InDesign CS3\InDesign.exe"
"DeviceName"="C:\Program Files\Adobe\Adobe InDesign CS3\InDesign.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\17]
"Flags"=dword:00000000
"Filename"="C:\Windows\explorer.exe"
"DeviceName"="C:\Windows\explorer.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\18]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\Vuze_Installer.exe"
"DeviceName"="C:\Users\Flo\Downloads\Vuze_Installer.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\19]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\0z6iymgu.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe"
"DeviceName"="C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\0z6iymgu.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\2]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"
"DeviceName"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\20]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\IZArc4b1.exe"
"DeviceName"="C:\Users\Flo\Downloads\IZArc4b1.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\21]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\ppt2flashstd_full25.exe"
"DeviceName"="C:\Users\Flo\Downloads\ppt2flashstd_full25.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\22]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\powerconverter.exe"
"DeviceName"="C:\Users\Flo\Downloads\powerconverter.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\23]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\powerconverter(2).exe"
"DeviceName"="C:\Users\Flo\Downloads\powerconverter(2).exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\24]
"Flags"=dword:00000000
"Filename"="C:\Program Files\IZArc\IZArc.exe"
"DeviceName"="C:\Program Files\IZArc\IZArc.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\25]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\pdfzilla.exe"
"DeviceName"="C:\Users\Flo\Downloads\pdfzilla.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\26]
"Flags"=dword:00000000
"Filename"="C:\Windows\System32\verclsid.exe"
"DeviceName"="C:\Windows\System32\verclsid.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\27]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\SWFPrinterPro.exe"
"DeviceName"="C:\Users\Flo\Downloads\SWFPrinterPro.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\28]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Adobe\Adobe Flash CS4\Players\FlashPlayer.exe"
"DeviceName"="C:\Program Files\Adobe\Adobe Flash CS4\Players\FlashPlayer.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\29]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\Serial.PDFZilla.1.0.7.45042.exe"
"DeviceName"="C:\Users\Flo\Downloads\Serial.PDFZilla.1.0.7.45042.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\3]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\AppData\Local\Mozilla\Firefox\Mozilla Firefox\updates\0\updater.exe"
"DeviceName"="C:\Users\Flo\AppData\Local\Mozilla\Firefox\Mozilla Firefox\updates\0\updater.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\30]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Vuze\Azureus.exe"
"DeviceName"="C:\Program Files\Vuze\Azureus.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\31]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\pdfzilla(2).exe"
"DeviceName"="C:\Users\Flo\Downloads\pdfzilla(2).exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\32]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe"
"DeviceName"="C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\33]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\Downloads\mbam-setup.exe"
"DeviceName"="C:\Users\Flo\Downloads\mbam-setup.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\4]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe"
"DeviceName"="C:\Users\Flo\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\5]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\AppData\Local\Temp\FP_PL_PFS_INSTALLER-1.exe"
"DeviceName"="C:\Users\Flo\AppData\Local\Temp\FP_PL_PFS_INSTALLER-1.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\6]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\AppData\Local\Temp\FP_PL_PFS_INSTALLER-2.exe"
"DeviceName"="C:\Users\Flo\AppData\Local\Temp\FP_PL_PFS_INSTALLER-2.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\7]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Microsoft Office\Office12\WINWORD.EXE"
"DeviceName"="C:\Program Files\Microsoft Office\Office12\WINWORD.EXE"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\8]
"Flags"=dword:00000000
"Filename"="C:\Program Files\OpenOffice.org 3\program\swriter.exe"
"DeviceName"="C:\Program Files\OpenOffice.org 3\program\swriter.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Allowed\9]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe"
"DeviceName"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\2\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\3]
"Flags"=dword:00000800
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\3\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\3\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\4]
"Flags"=dword:00001000
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\4\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\4\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\5]
"Flags"=dword:00000020
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\5\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\5\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\6]
"Flags"=dword:00000010
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\6\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\6\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\7]
"Flags"=dword:00000040
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\7\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\7\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\8]
"Flags"=dword:00000080
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\8\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\8\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\9]
"Flags"=dword:00000100
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\9\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\267\Rules\9\Blocked]
"Num"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\268]
"Flags"=dword:00000000
"TreatAs"=""
"Filename"="C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe"
"DeviceName"="C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\268\Protections]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\268\Rules]
"Num"=dword:0000000c

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\268\Rules\0]
"Flags"=dword:00000001
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\268\Rules\0\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\268\Rules\0\Allowed\0]
"Flags"=dword:00000000
"Filename"="*\SOFTWARE\Classes\CLSID*"
"DeviceName"="*\SOFTWARE\Classes\CLSID*"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\268\Rules\0\Allowed\1]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Mozilla Firefox\firefox.exe"
"DeviceName"="C:\Program Files\Mozilla Firefox\firefox.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\268\Rules\0\Allowed\2]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Adobe\Adobe InDesign CS3\InDesign.exe"
"DeviceName"="C:\Program Files\Adobe\Adobe InDesign CS3\InDesign.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\268\Rules\0\Allowed\3]
"Flags"=dword:00000000
"Filename"="C:\Users\Flo\AppData\Local\Temp\QZTEMP\Adobe CS4 Keygen & Activation\Adobe CS4 Master Collection Keygen.exe"
"DeviceName"="C:\Users\Flo\AppData\Local\Temp\QZTEMP\Adobe CS4 Keygen & Activation\Adobe CS4 Master Collection Keygen.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\268\Rules\0\Allowed\4]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe"
"DeviceName"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\268\Rules\0\Blocked]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\268\Rules\1]
"Flags"=dword:00000004
"DefaultAction"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\268\Rules\1\Allowed]
"Num"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\268\Rules\1\Allowed\0]
"Flags"=dword:00000000
"Filename"="C:\Windows\system32\*"
"DeviceName"="C:\Windows\system32\*"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\268\Rules\1\Allowed\1]
"Flags"=dword:00000000
"Filename"="C:\Program Files\Mozilla Firefox\firefox.exe"
"DeviceName"="C:\Program Files\Mozilla Firefox\firefox.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\268\Rules\1\Allowed\2]
"Flags"=dword:00000000
"Filename"="HKLM\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll"
"DeviceName"="HKLM\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\268\Rules\1\Allowed\3]
"Flags"=dword:00000000
"Filename"="HKLM\SYSTEM\ControlSet001\Services\avgntflt\Instances"
"DeviceName"=&q

flo
5 déc. 2009 à 14:05

Je ne peux faire le scan en ligne de eset. Il me dit: impossible de faire la mise à jour. Les parametres proxy sont ils configurés?

Discussions similaires

Est ce que le site tlauncher est dangereux ?

Softonic,est-ce un virus ?

4 virus en raison d’un porno ????

problême Opéra est ce un virus??

Virus MSN Tinyurl