Supprimer dossier qui est verrouillé sur bure
Résolu
jisky
Messages postés
76
Statut
Membre
-
jisky Messages postés 76 Statut Membre -
jisky Messages postés 76 Statut Membre -
Bonjour,
j'aimerais supprimer un dossier qui est sur mon bureau et qui est verrouillé.merci il est impossible de le supprimer en mode sans echec car il n'apparait pas!
merci
j'aimerais supprimer un dossier qui est sur mon bureau et qui est verrouillé.merci il est impossible de le supprimer en mode sans echec car il n'apparait pas!
merci
A voir également:
- Supprimer dossier qui est verrouillé sur bure
- Supprimer rond bleu whatsapp - Guide
- Dossier appdata - Guide
- Impossible de supprimer un dossier - Guide
- Comment supprimer une page sur word - Guide
- Dossier verrouillé - Guide
13 réponses
slt tentez de le virer avec unlocker
rq
si c'est un fichier téléchargé par emule ... lancer emule et le virer depuis emule
si cela marche pas donner le lien exact du fichier , le nom et on le virera autrement
rq
si c'est un fichier téléchargé par emule ... lancer emule et le virer depuis emule
si cela marche pas donner le lien exact du fichier , le nom et on le virera autrement
ca a fonctionné apparement mais j'ai pas encore rallumer ma tour! je te tiens au courant!
par contre pourquoi unlocker fait apparaitre une icone "ebay" sur le bureau en l'installlant ET COMMENT VIRER ca proprement?
par contre pourquoi unlocker fait apparaitre une icone "ebay" sur le bureau en l'installlant ET COMMENT VIRER ca proprement?
slt lors de l'installtion d'un logiciel il faut toujours regarder si une barre de recherche ne demande pas a être installée en même temps
vire la via ton panneau de configuration
vire la via ton panneau de configuration
c'est bien ce que je craingné , le dossier est revenu apres redémarrage! peux tu m'aider a l'enlever?
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
Logfile of random's system information tool 1.06 (written by random/random)
Run by at 2010-03-03 12:39:46
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 134 GB (88%) free of 153 GB
Total RAM: 1023 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:39:58, on 03/03/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Benoit\Bureau\RSIT.exe
C:\Program Files\trend micro\HijackThis\Benoit.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-21-1482476501-725345543-682003330-1007\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'az')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O20 - AppInit_DLLs:
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
End of file - 4115 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GlaryInitialize.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-11 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-01-11 246504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FTweakFCleaner]
C:\Program Files\FCleaner\FCleaner.exe [2008-12-19 1636352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-06-21 172032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Benoit^Menu Démarrer^Programmes^Démarrage^is-2IC1G.lnk]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Benoit^Menu Démarrer^Programmes^Démarrage^PandaUSBVaccine.lnk]
C:\PROGRA~1\PANDAU~1\USBVAC~1.EXE [2009-09-23 1287176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=43010000
"NoDriveAutoRun"=67108863
"NoDrives"=0
"NoActiveDesktop"=00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveTypeAutoRun"=
"NoDriveAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\CC\avgemc.exe"="C:\Program Files\CC\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\CC\avgupd.exe"="C:\Program Files\CC\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\CC\avgnsx.exe"="C:\Program Files\CC\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\10Opera\opera.exe"="C:\Program Files\10Opera\opera.exe:*:Enabled:Opera Internet Browser"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2010-03-02 21:39:46 ----D---- C:\rsit
2010-02-22 16:42:46 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla Thunderbird
2010-02-21 20:03:08 ----A---- C:\TCleaner.txt
2010-02-16 12:39:18 ----A---- C:\PureRa.txt
2010-02-16 12:38:54 ----D---- C:\Documents and Settings\Benoit\Application Data\WIPE
2010-02-16 12:38:42 ----A---- C:\WINDOWS\sqlite3_engine.dll
2010-02-16 12:38:36 ----D---- C:\Program Files\Wipe
2010-02-16 12:38:36 ----A---- C:\WINDOWS\system32\taskkill.exe
2010-02-16 12:38:35 ----A---- C:\WINDOWS\system32\sqlite3_engine.dll
2010-02-16 12:38:35 ----A---- C:\WINDOWS\system32\dhSQLite.dll
2010-02-11 09:56:05 ----D---- C:\Program Files\Fichiers communs\Scanner
2010-02-11 09:56:01 ----D---- C:\Program Files\CA Yahoo! Anti-Spy
2010-02-09 20:28:16 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-02-09 20:23:05 ----A---- C:\WINDOWS\system32\javaws.exe
2010-02-09 20:23:05 ----A---- C:\WINDOWS\system32\javaw.exe
2010-02-09 20:23:05 ----A---- C:\WINDOWS\system32\java.exe
2010-02-06 03:06:08 ----A---- C:\Copie de ATF-Cleaner.exe
2010-02-06 01:23:24 ----D---- C:\Program Files\trend micro
======List of files/folders modified in the last 1 months======
2010-03-02 21:20:42 ----D---- C:\WINDOWS
2010-03-02 21:15:16 ----D---- C:\Program Files\Mozilla Firefox
2010-03-02 21:08:11 ----D---- C:\WINDOWS\Temp
2010-03-02 19:16:12 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-16 12:42:00 ----D---- C:\Documents and Settings\Benoit\Application Data\Macromedia
2010-02-16 12:41:56 ----D---- C:\WINDOWS\Prefetch
2010-02-16 12:38:57 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-16 12:38:52 ----D---- C:\WINDOWS\system32
2010-02-16 12:38:36 ----RD---- C:\Program Files
2010-02-16 11:59:25 ----HD---- C:\WINDOWS\inf
2010-02-13 01:12:31 ----D---- C:\WINDOWS\Debug
2010-02-11 10:11:00 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-11 10:10:57 ----D---- C:\WINDOWS\system32\drivers
2010-02-11 10:10:27 ----SHD---- C:\WINDOWS\Installer
2010-02-11 10:10:26 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-02-11 09:56:05 ----D---- C:\Program Files\Fichiers communs
2010-02-10 22:47:31 ----D---- C:\Documents and Settings\Benoit\Application Data\dvdcss
2010-02-10 20:33:36 ----D---- C:\Program Fil
2010-02-09 20:28:15 ----D---- C:\Program Files\Fichiers communs\Java
2010-02-09 20:23:00 ----D---- C:\Program Files\Java
2010-02-09 19:19:52 ----D---- C:\Documents and Settings\Benoit\Application Data\Help
2010-02-06 20:10:09 ----D---- C:\Documents and Settings\Benoit\Application Data\Apple Computer
2010-02-04 05:31:39 ----SHD---- C:\RECYCLER
2010-02-04 05:19:11 ----D---- C:\Documents and Settings
2010-02-04 04:52:29 ----A---- C:\WINDOWS\NeroDigital.ini
2010-02-04 04:15:22 ----D---- C:\WINDOWS\SoftwareDistribution
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 is-2IC1Gdrv;is-2IC1Gdrv; C:\WINDOWS\system32\DRIVERS\54929990.sys [2008-07-08 148496]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-01-27 28520]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-01-27 56816]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2009-07-17 43520]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2007-06-27 207488]
S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys []
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\8E.tmp []
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-12-22 1858144]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-01-27 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-01-27 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-17 153376]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by at 2010-03-03 12:39:46
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 134 GB (88%) free of 153 GB
Total RAM: 1023 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:39:58, on 03/03/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Benoit\Bureau\RSIT.exe
C:\Program Files\trend micro\HijackThis\Benoit.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-21-1482476501-725345543-682003330-1007\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'az')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O20 - AppInit_DLLs:
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
End of file - 4115 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GlaryInitialize.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-11 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-01-11 246504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FTweakFCleaner]
C:\Program Files\FCleaner\FCleaner.exe [2008-12-19 1636352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-06-21 172032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Benoit^Menu Démarrer^Programmes^Démarrage^is-2IC1G.lnk]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Benoit^Menu Démarrer^Programmes^Démarrage^PandaUSBVaccine.lnk]
C:\PROGRA~1\PANDAU~1\USBVAC~1.EXE [2009-09-23 1287176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=43010000
"NoDriveAutoRun"=67108863
"NoDrives"=0
"NoActiveDesktop"=00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveTypeAutoRun"=
"NoDriveAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\CC\avgemc.exe"="C:\Program Files\CC\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\CC\avgupd.exe"="C:\Program Files\CC\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\CC\avgnsx.exe"="C:\Program Files\CC\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\10Opera\opera.exe"="C:\Program Files\10Opera\opera.exe:*:Enabled:Opera Internet Browser"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2010-03-02 21:39:46 ----D---- C:\rsit
2010-02-22 16:42:46 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla Thunderbird
2010-02-21 20:03:08 ----A---- C:\TCleaner.txt
2010-02-16 12:39:18 ----A---- C:\PureRa.txt
2010-02-16 12:38:54 ----D---- C:\Documents and Settings\Benoit\Application Data\WIPE
2010-02-16 12:38:42 ----A---- C:\WINDOWS\sqlite3_engine.dll
2010-02-16 12:38:36 ----D---- C:\Program Files\Wipe
2010-02-16 12:38:36 ----A---- C:\WINDOWS\system32\taskkill.exe
2010-02-16 12:38:35 ----A---- C:\WINDOWS\system32\sqlite3_engine.dll
2010-02-16 12:38:35 ----A---- C:\WINDOWS\system32\dhSQLite.dll
2010-02-11 09:56:05 ----D---- C:\Program Files\Fichiers communs\Scanner
2010-02-11 09:56:01 ----D---- C:\Program Files\CA Yahoo! Anti-Spy
2010-02-09 20:28:16 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-02-09 20:23:05 ----A---- C:\WINDOWS\system32\javaws.exe
2010-02-09 20:23:05 ----A---- C:\WINDOWS\system32\javaw.exe
2010-02-09 20:23:05 ----A---- C:\WINDOWS\system32\java.exe
2010-02-06 03:06:08 ----A---- C:\Copie de ATF-Cleaner.exe
2010-02-06 01:23:24 ----D---- C:\Program Files\trend micro
======List of files/folders modified in the last 1 months======
2010-03-02 21:20:42 ----D---- C:\WINDOWS
2010-03-02 21:15:16 ----D---- C:\Program Files\Mozilla Firefox
2010-03-02 21:08:11 ----D---- C:\WINDOWS\Temp
2010-03-02 19:16:12 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-16 12:42:00 ----D---- C:\Documents and Settings\Benoit\Application Data\Macromedia
2010-02-16 12:41:56 ----D---- C:\WINDOWS\Prefetch
2010-02-16 12:38:57 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-16 12:38:52 ----D---- C:\WINDOWS\system32
2010-02-16 12:38:36 ----RD---- C:\Program Files
2010-02-16 11:59:25 ----HD---- C:\WINDOWS\inf
2010-02-13 01:12:31 ----D---- C:\WINDOWS\Debug
2010-02-11 10:11:00 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-11 10:10:57 ----D---- C:\WINDOWS\system32\drivers
2010-02-11 10:10:27 ----SHD---- C:\WINDOWS\Installer
2010-02-11 10:10:26 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-02-11 09:56:05 ----D---- C:\Program Files\Fichiers communs
2010-02-10 22:47:31 ----D---- C:\Documents and Settings\Benoit\Application Data\dvdcss
2010-02-10 20:33:36 ----D---- C:\Program Fil
2010-02-09 20:28:15 ----D---- C:\Program Files\Fichiers communs\Java
2010-02-09 20:23:00 ----D---- C:\Program Files\Java
2010-02-09 19:19:52 ----D---- C:\Documents and Settings\Benoit\Application Data\Help
2010-02-06 20:10:09 ----D---- C:\Documents and Settings\Benoit\Application Data\Apple Computer
2010-02-04 05:31:39 ----SHD---- C:\RECYCLER
2010-02-04 05:19:11 ----D---- C:\Documents and Settings
2010-02-04 04:52:29 ----A---- C:\WINDOWS\NeroDigital.ini
2010-02-04 04:15:22 ----D---- C:\WINDOWS\SoftwareDistribution
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 is-2IC1Gdrv;is-2IC1Gdrv; C:\WINDOWS\system32\DRIVERS\54929990.sys [2008-07-08 148496]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-01-27 28520]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-01-27 56816]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2009-07-17 43520]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2007-06-27 207488]
S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys []
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\8E.tmp []
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-12-22 1858144]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-01-27 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-01-27 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-17 153376]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
ComboFix 10-03-15.04 - Benoit 15/03/2010 23:34:26.3.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.687 [GMT 1:00]
Lancé depuis: c:\documents and settings\Benoit\Bureau\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_BOONTY_GAMES
((((((((((((((((((((((((((((( Fichiers créés du 2010-02-15 au 2010-03-15 ))))))))))))))))))))))))))))))))))))
.
2010-03-14 21:22 . 2008-04-13 18:46 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2010-03-14 21:22 . 2008-04-13 18:46 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2010-03-14 21:22 . 2008-04-13 18:39 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2010-03-14 21:22 . 2008-04-13 18:39 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2010-03-14 21:22 . 2008-04-13 18:46 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys
2010-03-14 21:22 . 2008-04-13 18:46 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2010-03-14 21:22 . 2008-04-13 18:46 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys
2010-03-14 21:22 . 2008-04-13 18:46 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2010-03-14 21:22 . 2008-04-13 18:46 85248 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys
2010-03-14 21:22 . 2008-04-13 18:46 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2010-03-14 21:22 . 2008-04-13 18:46 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys
2010-03-14 21:22 . 2008-04-13 18:46 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2010-03-14 21:21 . 2008-04-14 02:33 54784 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-03-14 21:21 . 2008-04-14 02:33 54784 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-03-14 21:21 . 2010-03-14 21:27 -------- d-----w- c:\program files\ManyCam 2.4
2010-03-14 20:00 . 2010-03-14 20:01 -------- d-----w- c:\program files\jv16 PowerTools
2010-03-14 00:12 . 2010-03-14 00:12 -------- d-----w- c:\documents and settings\az\Application Data\OnlineArmor
2010-03-13 23:49 . 2010-03-13 23:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo Downloader
2010-03-13 23:42 . 2010-03-13 23:42 -------- d-----w- c:\documents and settings\az\Local Settings\Application Data\ATI
2010-03-13 23:42 . 2010-03-13 23:42 -------- d-----w- c:\documents and settings\az\Application Data\ATI
2010-03-13 23:42 . 2010-03-14 21:44 -------- d-----w- c:\documents and settings\az\Local Settings\Application Data\ApplicationHistory
2010-03-13 23:42 . 2010-03-13 23:42 125 ----a-w- c:\documents and settings\az\Local Settings\Application Data\fusioncache.dat
2010-03-12 22:18 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-03-04 11:49 . 2010-03-04 11:49 -------- d-----w- c:\documents and settings\az\Application Data\LockHunter
2010-03-03 21:16 . 1999-01-20 04:01 210032 ----a-w- c:\windows\system32\DBCLIENT.DLL
2010-03-03 21:16 . 2010-03-03 21:16 -------- d-----w- c:\program files\Fichiers communs\Borland Shared
2010-03-03 21:15 . 2010-03-14 20:08 -------- d-----w- c:\program files\ZebHelpProcess
2010-03-03 21:12 . 2010-03-09 19:36 -------- d-----w- c:\program files\ZHPFix
2010-03-03 12:28 . 2010-03-04 05:23 -------- d-----w- c:\program files\Unlocker
2010-03-02 20:08 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-02 19:09 . 2010-03-02 19:09 -------- d-----w- c:\documents and settings\az\Local Settings\Application Data\Ahead
2010-02-22 15:43 . 2010-02-22 15:43 -------- d-----w- c:\documents and settings\az\Local Settings\Application Data\Thunderbird
2010-02-22 15:43 . 2010-02-22 15:43 -------- d-----w- c:\documents and settings\az\Application Data\Thunderbird
2010-02-17 09:01 . 2010-03-13 19:33 -------- d-----w- c:\documents and settings\az\Application Data\WIPE
2010-02-16 11:38 . 2010-03-14 21:20 -------- d-----w- c:\documents and settings\Benoit\Application Data\WIPE
2010-02-16 11:38 . 2007-06-18 16:57 219136 ----a-w- c:\windows\sqlite3_engine.dll
2010-02-16 11:38 . 2010-02-16 11:38 -------- d-----w- c:\program files\Wipe
2010-02-16 11:38 . 2008-04-14 02:12 76288 ----a-w- c:\windows\system32\taskkill.exe
2010-02-16 11:38 . 2007-06-22 01:08 139776 ----a-w- c:\windows\system32\dhSQLite.dll
2010-02-16 11:38 . 2007-06-18 16:57 219136 ----a-w- c:\windows\system32\sqlite3_engine.dll
2010-02-14 20:38 . 2010-03-06 11:20 -------- d-----w- c:\documents and settings\az\Application Data\dvdcss
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-15 22:45 . 2009-09-23 03:42 191303712 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-03-15 22:40 . 2009-09-23 03:42 2242340 --sha-w- c:\windows\system32\drivers\fidbox.idx
2010-03-14 21:36 . 2010-01-05 19:31 -------- d-----w- c:\program files\Panda USB Vaccine
2010-03-14 00:02 . 2004-08-05 12:00 595304 ----a-w- c:\windows\system32\perfh00C.dat
2010-03-14 00:02 . 2004-08-05 12:00 123306 ----a-w- c:\windows\system32\perfc00C.dat
2010-03-13 19:34 . 2009-07-29 10:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-03-04 06:15 . 2010-02-22 15:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Mozilla Thunderbird
2010-03-03 21:17 . 2010-02-06 00:23 -------- d-----w- c:\program files\trend micro
2010-03-02 20:41 . 2009-11-01 22:28 -------- d-----w- c:\documents and settings\Benoit\Application Data\dvdcss
2010-02-11 08:56 . 2010-02-11 08:56 -------- d-----w- c:\program files\CA Yahoo! Anti-Spy
2010-02-11 08:56 . 2010-02-11 08:56 -------- d-----w- c:\program files\Fichiers communs\Scanner
2010-02-09 19:34 . 2010-02-09 19:34 503808 ----a-w- c:\documents and settings\az\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-21aec659-n\msvcp71.dll
2010-02-09 19:34 . 2010-02-09 19:34 499712 ----a-w- c:\documents and settings\az\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-21aec659-n\jmc.dll
2010-02-09 19:34 . 2010-02-09 19:34 348160 ----a-w- c:\documents and settings\az\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-21aec659-n\msvcr71.dll
2010-02-09 19:34 . 2010-02-09 19:34 61440 ----a-w- c:\documents and settings\az\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7aea4576-n\decora-sse.dll
2010-02-09 19:34 . 2010-02-09 19:34 12800 ----a-w- c:\documents and settings\az\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7aea4576-n\decora-d3d.dll
2010-02-09 19:28 . 2009-07-17 14:32 -------- d-----w- c:\program files\Fichiers communs\Java
2010-02-09 19:23 . 2010-02-09 19:23 503808 ----a-w- c:\documents and settings\Benoit\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-54b5b4f3-n\msvcp71.dll
2010-02-09 19:23 . 2010-02-09 19:23 499712 ----a-w- c:\documents and settings\Benoit\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-54b5b4f3-n\jmc.dll
2010-02-09 19:23 . 2010-02-09 19:23 348160 ----a-w- c:\documents and settings\Benoit\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-54b5b4f3-n\msvcr71.dll
2010-02-09 19:23 . 2010-02-09 19:23 61440 ----a-w- c:\documents and settings\Benoit\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-62beb195-n\decora-sse.dll
2010-02-09 19:23 . 2010-02-09 19:23 12800 ----a-w- c:\documents and settings\Benoit\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-62beb195-n\decora-d3d.dll
2010-02-09 19:23 . 2009-09-10 12:59 -------- d-----w- c:\program files\Java
2010-02-06 20:17 . 2010-02-06 20:17 -------- d-----w- c:\documents and settings\az\Application Data\vlc
2010-02-06 19:10 . 2010-01-09 13:39 -------- d-----w- c:\documents and settings\Benoit\Application Data\Apple Computer
2010-02-06 02:05 . 2010-02-06 02:05 -------- d-----w- c:\documents and settings\az\Application Data\GlarySoft
2010-02-05 21:34 . 2010-02-05 21:34 -------- d-----w- c:\documents and settings\az\Application Data\Malwarebytes
2010-02-04 04:36 . 2010-02-04 04:36 -------- d-----w- c:\documents and settings\az\Application Data\Iomatic
2010-02-04 04:36 . 2010-02-04 04:36 68768 ----a-w- c:\documents and settings\az\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-04 03:09 . 2010-02-04 03:09 -------- d-----w- c:\documents and settings\Administrateur\Application Data\LockHunter
2010-01-31 20:18 . 2010-01-31 18:56 -------- d-----w- c:\program files\COMODO
2010-01-31 18:56 . 2010-01-31 18:56 -------- d-----w- c:\documents and settings\Benoit\Application Data\Comodo
2010-01-31 18:53 . 2010-01-31 18:53 -------- d-----w- c:\documents and settings\Benoit\Application Data\Iomatic
2010-01-27 19:17 . 2009-09-23 19:32 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-01-27 17:55 . 2010-01-27 17:55 -------- d-----w- c:\program files\Avira
2010-01-27 17:55 . 2010-01-27 17:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2010-01-20 18:07 . 2010-02-06 02:06 50688 ----a-w- C:\Copie de ATF-Cleaner.exe
2010-01-20 17:49 . 2009-12-22 18:20 -------- d-----w- c:\program files\a-squared Free
2010-01-19 18:24 . 2010-01-19 18:23 -------- d-----w- c:\program files\10Opera
2010-01-11 19:39 . 2010-02-22 15:42 98304 ----a-w- c:\documents and settings\All Users\Application Data\Mozilla Thunderbird\nssdbm3.dll
2010-01-11 19:39 . 2010-02-22 15:42 249856 ----a-w- c:\documents and settings\All Users\Application Data\Mozilla Thunderbird\freebl3.dll
2010-01-11 19:39 . 2010-02-22 15:42 155648 ----a-w- c:\documents and settings\All Users\Application Data\Mozilla Thunderbird\softokn3.dll
2010-01-08 22:40 . 2009-07-17 16:37 5115824 -c--a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-07 15:07 . 2009-07-17 16:36 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-07-17 16:36 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-05 20:50 . 2009-07-17 14:55 68768 ----a-w- c:\documents and settings\Benoit\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-05 20:22 . 2009-07-17 14:27 23704 -c--a-w- c:\windows\system32\emptyregdb.dat
2009-12-31 16:50 . 2004-08-05 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:07 . 2004-09-29 18:49 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-17 16:14 . 2009-07-17 15:10 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-17 07:41 . 2009-07-17 14:26 347648 ----a-w- c:\windows\system32\mspaint.exe
2009-11-29 18:53 . 2009-09-23 03:42 360480 --sha-w- c:\windows\system32\drivers\fidbox2.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-01-11 246504]
c:\documents and settings\Benoit\Menu D‚marrer\Programmes\D‚marrage\
PandaUSBVaccine.lnk - c:\program files\Panda USB Vaccine\USBVaccine.exe [2010-1-5 1287176]
[HKLM\~\startupfolder\C:^Documents and Settings^Benoit^Menu Démarrer^Programmes^Démarrage^is-2IC1G.lnk]
[HKLM\~\startupfolder\C:^Documents and Settings^Benoit^Menu Démarrer^Programmes^Démarrage^PandaUSBVaccine.lnk]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FTweakFCleaner
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2006-01-02 14:41 45056 ----a-w- c:\program files\ATI Technologies\ATI.ACE\CLI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 02:33 15360 ------w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2004-06-21 11:50 172032 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-10-28 19:21 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:34 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"MSConfig"=c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\10Opera\\opera.exe"=
R1 is-2IC1Gdrv;is-2IC1Gdrv;c:\windows\system32\drivers\54929990.sys [20/12/2009 19:05 148496]
R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [22/12/2009 19:20 1858144]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [27/01/2010 18:55 108289]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [14/01/2008 11:06 21632]
S0 DwProt;DrWeb Protection;c:\windows\system32\drivers\dwprot.sys --> c:\windows\system32\drivers\dwprot.sys [?]
.
Contenu du dossier 'Tâches planifiées'
2010-01-19 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2009-12-27 11:09]
.
.
------- Examen supplémentaire -------
.
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Benoit\Application Data\Mozilla\Firefox\Profiles\4hdtmv90.default\
FF - plugin: c:\program files\10Opera\program\plugins\npdsplay.dll
FF - plugin: c:\program files\10Opera\program\plugins\npwmsdrm.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
- - - - ORPHELINS SUPPRIMES - - - -
ShellExecuteHooks-{4F07DA45-8170-4859-9B5F-037EF2970034} - (no file)
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-15 23:43
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\10\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\13\Rules]
@DACL=(02 0000)
"Num"=dword:00000002
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\19\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\2\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\20\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\21\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\22\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\23\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\27\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\3\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\43\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\7\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\9\Rules]
@DACL=(02 0000)
"Num"=dword:00000003
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\1\Rules\12]
@DACL=(02 0000)
"Flags"=dword:00000010
"DefaultAction"=dword:00000004
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0]
@DACL=(02 0000)
"Flags"=dword:00000008
"DefaultAction"=dword:00000004
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\10]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\CurrentState"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\CurrentState"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\11]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\OriginalStateInfo"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\OriginalStateInfo"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\12]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\RestoredStateInfo"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\RestoredStateInfo"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\2]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\DeskHtmlMinorVersion"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\DeskHtmlMinorVersion"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\3]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\Settings"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\Settings"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\4]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\GeneralFlags"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\GeneralFlags"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\5]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Source"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Source"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\6]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\SubscribedURL"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\SubscribedURL"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\7]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\FriendlyName"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\FriendlyName"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\8]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Flags"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Flags"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\9]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Position"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Position"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\1]
@DACL=(02 0000)
"Flags"=dword:00000008
"DefaultAction"=dword:00000004
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\1\Allowed\1]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\explorer.exe"
"DeviceName"="c:\\WINDOWS\\explorer.exe"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\11\Allowed\0]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\explorer.exe"
"DeviceName"="c:\\WINDOWS\\explorer.exe"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\2]
@DACL=(02 0000)
"Flags"=dword:00010000
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\3]
@DACL=(02 0000)
"Flags"=dword:00000100
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\11\Rules\1]
@DACL=(02 0000)
"Flags"=dword:00000001
"DefaultAction"=dword:00000004
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\11\Rules\2]
@DACL=(02 0000)
"Flags"=dword:00000002
"DefaultAction"=dword:00000004
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\11\Rules\3]
@DACL=(02 0000)
"Flags"=dword:00000080
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\11\Rules\3\Allowed\2]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\system32\\msiexec.exe"
"DeviceName"="c:\\WINDOWS\\system32\\msiexec.exe"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\11\Rules\4]
@DACL=(02 0000)
"Flags"=dword:00000400
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\0\Allowed\10]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\CurrentState"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\CurrentState"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\0\Allowed\11]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\OriginalStateInfo"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\OriginalStateInfo"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\0\Allowed\12]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\RestoredStateInfo"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\RestoredStateInfo"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\0\Allowed\5]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Source"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Source"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\0\Allowed\6]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\SubscribedURL"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\SubscribedURL"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\0\Allowed\7]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\FriendlyName"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\FriendlyName"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\0\Allowed\8]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Flags"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Flags"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\0\Allowed\9]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Position"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Position"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\140\Rules\0\Allowed\1]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\system32\\notepad.exe"
"DeviceName"="c:\\WINDOWS\\system32\\notepad.exe"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\140\Rules\1]
@DACL=(02 0000)
"Flags"=dword:00000200
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\140\Rules\1\Allowed\2]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\Documents and Settings\\Benoit\\Menu Démarrer\\Programmes\\Démarrage\\*"
"DeviceName"="c:\\Documents and Settings\\Benoit\\Menu Démarrer\\Programmes\\Démarrage\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\140\Rules\2]
@DACL=(02 0000)
"Flags"=dword:00010000
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\15\Rules\0\Allowed\1]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKLM\\SOFTWARE\\Classes\\CLSID\\{0A4286EA-E355-44FB-8086-AF3DF7645BD9}\\ProgID\\"
"DeviceName"="HKLM\\SOFTWARE\\Classes\\CLSID\\{0A4286EA-E355-44FB-8086-AF3DF7645BD9}\\ProgID\\"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\15\Rules\2]
@DACL=(02 0000)
"Flags"=dword:00000002
"DefaultAction"=dword:00000004
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\15\Rules\3]
@DACL=(02 0000)
"Flags"=dword:00000080
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\15\Rules\3\Allowed\2]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\system32\\msiexec.exe"
"DeviceName"="c:\\WINDOWS\\system32\\msiexec.exe"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\15\Rules\4]
@DACL=(02 0000)
"Flags"=dword:00000400
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\16\Rules\0\Allowed\2]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKLM\\SOFTWARE\\Classes\\CLSID\\{9B5D0ACB-253F-30E4-95B8-38D48CF2F721}\\InprocServer32"
"DeviceName"="HKLM\\SOFTWARE\\Classes\\CLSID\\{9B5D0ACB-253F-30E4-95B8-38D48CF2F721}\\InprocServer32"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\16\Rules\0\Allowed\3]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKLM\\SOFTWARE\\Classes\\CLSID\\{9B5D0ACB-253F-30E4-95B8-38D48CF2F721}\\InprocServer32\\"
"DeviceName"="HKLM\\SOFTWARE\\Classes\\CLSID\\{9B5D0ACB-253F-30E4-95B8-38D48CF2F721}\\InprocServer32\\"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\16\Rules\0\Allowed\4]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\CLSID*"
"DeviceName"="*\\SOFTWARE\\Classes\\CLSID*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\161\Rules\13\Allowed\1]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\system32\\notepad.exe"
"DeviceName"="c:\\WINDOWS\\system32\\notepad.exe"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\168\Rules\1\Allowed\1]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\CLSID*"
"DeviceName"="*\\SOFTWARE\\Classes\\CLSID*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\169\Rules\1\Allowed\1]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\CLSID*"
"DeviceName"="*\\SOFTWARE\\Classes\\CLSID*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\169\Rules\2\Allowed\0]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\system32\\*"
"DeviceName"="c:\\WINDOWS\\system32\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Protections]
@DACL=(02 0000)
"Num"=dword:00000000
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules]
@DACL=(02 0000)
"Num"=dword:00000002
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\1]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\*"
"DeviceName"="*\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\10]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Search_URL"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Search_URL"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\11]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Local Page"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Local Page"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\12]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Search*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Search*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\13]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Start Page"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Start Page"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\14]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\*"
"DeviceName"="*\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\15]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Cache\\Special Paths\\Cookies\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Cache\\Special Paths\\Cookies\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\16]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Approved\\*"
"DeviceName"="*\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Approved\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\17]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\18]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\DefaultPrefix\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\DefaultPrefix\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\19]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\Prefixes\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\Prefixes\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\2]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\CLSID*"
"DeviceName"="*\\SOFTWARE\\Classes\\CLSID*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\20]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKLM\\SYSTEM\\ControlSet???\\Control\\Lsa\\*"
"DeviceName"="HKLM\\SYSTEM\\ControlSet???\\Control\\Lsa\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\3]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\.exe\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\.exe\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\4]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\*file\\shell\\*\\command\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\*file\\shell\\*\\command\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\5]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Filter\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Filter\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\6]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\7]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Active Setup\\Installed Components\\*\\StubPath"
"DeviceName"="*\\Software\\Microsoft\\Active Setup\\Installed Components\\*\\StubPath"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\8]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\AboutURLs\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\AboutURLs\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\9]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Page_URL"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Page_URL"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\10]
@DACL=(02 0000)
"Flags"=dword:00000004
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\11]
@DACL=(02 0000)
"Flags"=dword:00000001
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\12]
@DACL=(02 0000)
"Flags"=dword:00000002
"DefaultAction"=dword:00000004
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\13]
@DACL=(02 0000)
"Flags"=dword:00000010
"DefaultAction"=dword:00000004
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\14]
@DACL=(02 0000)
"Flags"=dword:00200000
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\2]
@DACL=(02 0000)
"Flags"=dword:00010000
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\3]
@DACL=(02 0000)
"Flags"=dword:00000100
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\4]
@DACL=(02 0000)
"Flags"=dword:00000080
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\5]
@DACL=(02 0000)
"Flags"=dword:00000040
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\6]
@DACL=(02 0000)
"Flags"=dword:00000020
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\7]
@DACL=(02 0000)
"Flags"=dword:00001000
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\8]
@DACL=(02 0000)
"Flags"=dword:00000800
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\9]
@DACL=(02 0000)
"Flags"=dword:00000400
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\10]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Search_URL"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Search_URL"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\11]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Local Page"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Local Page"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\12]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Search*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Search*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\13]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Start Page"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Start Page"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\14]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\*"
"DeviceName"="*\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\15]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Cache\\Special Paths\\Cookies\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Cache\\Special Paths\\Cookies\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\16]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Approved\\*"
"DeviceName"="*\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Approved\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\17]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\18]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\DefaultPrefix\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\DefaultPrefix\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\19]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\Prefixes\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\Prefixes\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\20]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKLM\\SYSTEM\\ControlSet???\\Control\\Lsa\\*"
"DeviceName"="HKLM\\SYSTEM\\ControlSet???\\Control\\Lsa\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\4]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\*file\\shell\\*\\command\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\*file\\shell\\*\\command\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\5]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Filter\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Filter\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\6]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\7]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Active Setup\\Installed Components\\*\\StubPath"
"DeviceName"="*\\Software\\Microsoft\\Active Setup\\Installed Components\\*\\StubPath"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\8]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\AboutURLs\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\AboutURLs\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\9]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Page_URL"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Page_URL"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\14]
@DACL=(02 0000)
"Flags"=dword:00200000
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\2\Allowed\0]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\system32\\*"
"DeviceName"="c:\\WINDOWS\\system32\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\18\Rules\0\Allowed\3]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKLM\\SOFTWARE\\Classes\\CLSID\\{9B5D0ACB-253F-30E4-95B8-38D48CF2F721}\\InprocServer32\\"
"DeviceName"="HKLM\\SOFTWARE\\Classes\\CLSID\\{9B5D0ACB-253F-30E4-95B8-38D48CF2F721}\\InprocServer32\\"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\18\Rules\0\Allowed\4]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\CLSID*"
"DeviceName"="*\\SOFTWARE\\Classes\\CLSID*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\18\Rules\1]
@DACL=(02 0000)
"Flags"=dword:00010000
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\0]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\system32\\*"
"DeviceName"="c:\\WINDOWS\\system32\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\1]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKLM\\SYSTEM\\ControlSet???\\Services\\*"
"DeviceName"="HKLM\\SYSTEM\\ControlSet???\\Services\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\10]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Search_URL"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Search_URL"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\11]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Local Page"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Local Page"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\12]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Search*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Search*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\13]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Start Page"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Start Page"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\14]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\*"
"DeviceName"="*\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\15]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Cache\\Special Paths\\Cookies\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Cache\\Special Paths\\Cookies\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\16]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Approved\\*"
"DeviceName"="*\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Approved\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\17]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\18]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\DefaultPrefix\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\DefaultPrefix\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\19]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\Prefixes\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\Prefixes\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\2]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\CLSID*"
"DeviceName"="*\\SOFTWARE\\Classes\\CLSID*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\20]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKLM\\SYSTEM\\ControlSet???\\Control\\Lsa\\*"
"DeviceName"="HKLM\\SYSTEM\\ControlSet???\\Control\\Lsa\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\3]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\.exe\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\.exe\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\4]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\*file\\shell\\*\\command\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\*file\\shell\\*\\command\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\5]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Filter\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Filter\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\6]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\7]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Active Setup\\Installed Components\\*\\StubPath"
"DeviceName"="*\\Software\\Microsoft\\Active Setup\\Installed Components\\*\\StubPath"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\8]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\AboutURLs\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\AboutURLs\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\9]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Page_URL"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Page_URL"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\13]
@DACL=(02 0000)
"Flags"=dword:00200000
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\14]
@DACL=(02 0000)
"F
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.687 [GMT 1:00]
Lancé depuis: c:\documents and settings\Benoit\Bureau\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_BOONTY_GAMES
((((((((((((((((((((((((((((( Fichiers créés du 2010-02-15 au 2010-03-15 ))))))))))))))))))))))))))))))))))))
.
2010-03-14 21:22 . 2008-04-13 18:46 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2010-03-14 21:22 . 2008-04-13 18:46 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2010-03-14 21:22 . 2008-04-13 18:39 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2010-03-14 21:22 . 2008-04-13 18:39 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2010-03-14 21:22 . 2008-04-13 18:46 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys
2010-03-14 21:22 . 2008-04-13 18:46 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2010-03-14 21:22 . 2008-04-13 18:46 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys
2010-03-14 21:22 . 2008-04-13 18:46 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2010-03-14 21:22 . 2008-04-13 18:46 85248 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys
2010-03-14 21:22 . 2008-04-13 18:46 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2010-03-14 21:22 . 2008-04-13 18:46 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys
2010-03-14 21:22 . 2008-04-13 18:46 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2010-03-14 21:21 . 2008-04-14 02:33 54784 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-03-14 21:21 . 2008-04-14 02:33 54784 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-03-14 21:21 . 2010-03-14 21:27 -------- d-----w- c:\program files\ManyCam 2.4
2010-03-14 20:00 . 2010-03-14 20:01 -------- d-----w- c:\program files\jv16 PowerTools
2010-03-14 00:12 . 2010-03-14 00:12 -------- d-----w- c:\documents and settings\az\Application Data\OnlineArmor
2010-03-13 23:49 . 2010-03-13 23:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo Downloader
2010-03-13 23:42 . 2010-03-13 23:42 -------- d-----w- c:\documents and settings\az\Local Settings\Application Data\ATI
2010-03-13 23:42 . 2010-03-13 23:42 -------- d-----w- c:\documents and settings\az\Application Data\ATI
2010-03-13 23:42 . 2010-03-14 21:44 -------- d-----w- c:\documents and settings\az\Local Settings\Application Data\ApplicationHistory
2010-03-13 23:42 . 2010-03-13 23:42 125 ----a-w- c:\documents and settings\az\Local Settings\Application Data\fusioncache.dat
2010-03-12 22:18 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-03-04 11:49 . 2010-03-04 11:49 -------- d-----w- c:\documents and settings\az\Application Data\LockHunter
2010-03-03 21:16 . 1999-01-20 04:01 210032 ----a-w- c:\windows\system32\DBCLIENT.DLL
2010-03-03 21:16 . 2010-03-03 21:16 -------- d-----w- c:\program files\Fichiers communs\Borland Shared
2010-03-03 21:15 . 2010-03-14 20:08 -------- d-----w- c:\program files\ZebHelpProcess
2010-03-03 21:12 . 2010-03-09 19:36 -------- d-----w- c:\program files\ZHPFix
2010-03-03 12:28 . 2010-03-04 05:23 -------- d-----w- c:\program files\Unlocker
2010-03-02 20:08 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-02 19:09 . 2010-03-02 19:09 -------- d-----w- c:\documents and settings\az\Local Settings\Application Data\Ahead
2010-02-22 15:43 . 2010-02-22 15:43 -------- d-----w- c:\documents and settings\az\Local Settings\Application Data\Thunderbird
2010-02-22 15:43 . 2010-02-22 15:43 -------- d-----w- c:\documents and settings\az\Application Data\Thunderbird
2010-02-17 09:01 . 2010-03-13 19:33 -------- d-----w- c:\documents and settings\az\Application Data\WIPE
2010-02-16 11:38 . 2010-03-14 21:20 -------- d-----w- c:\documents and settings\Benoit\Application Data\WIPE
2010-02-16 11:38 . 2007-06-18 16:57 219136 ----a-w- c:\windows\sqlite3_engine.dll
2010-02-16 11:38 . 2010-02-16 11:38 -------- d-----w- c:\program files\Wipe
2010-02-16 11:38 . 2008-04-14 02:12 76288 ----a-w- c:\windows\system32\taskkill.exe
2010-02-16 11:38 . 2007-06-22 01:08 139776 ----a-w- c:\windows\system32\dhSQLite.dll
2010-02-16 11:38 . 2007-06-18 16:57 219136 ----a-w- c:\windows\system32\sqlite3_engine.dll
2010-02-14 20:38 . 2010-03-06 11:20 -------- d-----w- c:\documents and settings\az\Application Data\dvdcss
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-15 22:45 . 2009-09-23 03:42 191303712 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-03-15 22:40 . 2009-09-23 03:42 2242340 --sha-w- c:\windows\system32\drivers\fidbox.idx
2010-03-14 21:36 . 2010-01-05 19:31 -------- d-----w- c:\program files\Panda USB Vaccine
2010-03-14 00:02 . 2004-08-05 12:00 595304 ----a-w- c:\windows\system32\perfh00C.dat
2010-03-14 00:02 . 2004-08-05 12:00 123306 ----a-w- c:\windows\system32\perfc00C.dat
2010-03-13 19:34 . 2009-07-29 10:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-03-04 06:15 . 2010-02-22 15:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Mozilla Thunderbird
2010-03-03 21:17 . 2010-02-06 00:23 -------- d-----w- c:\program files\trend micro
2010-03-02 20:41 . 2009-11-01 22:28 -------- d-----w- c:\documents and settings\Benoit\Application Data\dvdcss
2010-02-11 08:56 . 2010-02-11 08:56 -------- d-----w- c:\program files\CA Yahoo! Anti-Spy
2010-02-11 08:56 . 2010-02-11 08:56 -------- d-----w- c:\program files\Fichiers communs\Scanner
2010-02-09 19:34 . 2010-02-09 19:34 503808 ----a-w- c:\documents and settings\az\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-21aec659-n\msvcp71.dll
2010-02-09 19:34 . 2010-02-09 19:34 499712 ----a-w- c:\documents and settings\az\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-21aec659-n\jmc.dll
2010-02-09 19:34 . 2010-02-09 19:34 348160 ----a-w- c:\documents and settings\az\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-21aec659-n\msvcr71.dll
2010-02-09 19:34 . 2010-02-09 19:34 61440 ----a-w- c:\documents and settings\az\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7aea4576-n\decora-sse.dll
2010-02-09 19:34 . 2010-02-09 19:34 12800 ----a-w- c:\documents and settings\az\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7aea4576-n\decora-d3d.dll
2010-02-09 19:28 . 2009-07-17 14:32 -------- d-----w- c:\program files\Fichiers communs\Java
2010-02-09 19:23 . 2010-02-09 19:23 503808 ----a-w- c:\documents and settings\Benoit\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-54b5b4f3-n\msvcp71.dll
2010-02-09 19:23 . 2010-02-09 19:23 499712 ----a-w- c:\documents and settings\Benoit\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-54b5b4f3-n\jmc.dll
2010-02-09 19:23 . 2010-02-09 19:23 348160 ----a-w- c:\documents and settings\Benoit\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-54b5b4f3-n\msvcr71.dll
2010-02-09 19:23 . 2010-02-09 19:23 61440 ----a-w- c:\documents and settings\Benoit\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-62beb195-n\decora-sse.dll
2010-02-09 19:23 . 2010-02-09 19:23 12800 ----a-w- c:\documents and settings\Benoit\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-62beb195-n\decora-d3d.dll
2010-02-09 19:23 . 2009-09-10 12:59 -------- d-----w- c:\program files\Java
2010-02-06 20:17 . 2010-02-06 20:17 -------- d-----w- c:\documents and settings\az\Application Data\vlc
2010-02-06 19:10 . 2010-01-09 13:39 -------- d-----w- c:\documents and settings\Benoit\Application Data\Apple Computer
2010-02-06 02:05 . 2010-02-06 02:05 -------- d-----w- c:\documents and settings\az\Application Data\GlarySoft
2010-02-05 21:34 . 2010-02-05 21:34 -------- d-----w- c:\documents and settings\az\Application Data\Malwarebytes
2010-02-04 04:36 . 2010-02-04 04:36 -------- d-----w- c:\documents and settings\az\Application Data\Iomatic
2010-02-04 04:36 . 2010-02-04 04:36 68768 ----a-w- c:\documents and settings\az\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-04 03:09 . 2010-02-04 03:09 -------- d-----w- c:\documents and settings\Administrateur\Application Data\LockHunter
2010-01-31 20:18 . 2010-01-31 18:56 -------- d-----w- c:\program files\COMODO
2010-01-31 18:56 . 2010-01-31 18:56 -------- d-----w- c:\documents and settings\Benoit\Application Data\Comodo
2010-01-31 18:53 . 2010-01-31 18:53 -------- d-----w- c:\documents and settings\Benoit\Application Data\Iomatic
2010-01-27 19:17 . 2009-09-23 19:32 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-01-27 17:55 . 2010-01-27 17:55 -------- d-----w- c:\program files\Avira
2010-01-27 17:55 . 2010-01-27 17:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2010-01-20 18:07 . 2010-02-06 02:06 50688 ----a-w- C:\Copie de ATF-Cleaner.exe
2010-01-20 17:49 . 2009-12-22 18:20 -------- d-----w- c:\program files\a-squared Free
2010-01-19 18:24 . 2010-01-19 18:23 -------- d-----w- c:\program files\10Opera
2010-01-11 19:39 . 2010-02-22 15:42 98304 ----a-w- c:\documents and settings\All Users\Application Data\Mozilla Thunderbird\nssdbm3.dll
2010-01-11 19:39 . 2010-02-22 15:42 249856 ----a-w- c:\documents and settings\All Users\Application Data\Mozilla Thunderbird\freebl3.dll
2010-01-11 19:39 . 2010-02-22 15:42 155648 ----a-w- c:\documents and settings\All Users\Application Data\Mozilla Thunderbird\softokn3.dll
2010-01-08 22:40 . 2009-07-17 16:37 5115824 -c--a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-07 15:07 . 2009-07-17 16:36 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-07-17 16:36 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-05 20:50 . 2009-07-17 14:55 68768 ----a-w- c:\documents and settings\Benoit\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-05 20:22 . 2009-07-17 14:27 23704 -c--a-w- c:\windows\system32\emptyregdb.dat
2009-12-31 16:50 . 2004-08-05 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:07 . 2004-09-29 18:49 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-17 16:14 . 2009-07-17 15:10 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-17 07:41 . 2009-07-17 14:26 347648 ----a-w- c:\windows\system32\mspaint.exe
2009-11-29 18:53 . 2009-09-23 03:42 360480 --sha-w- c:\windows\system32\drivers\fidbox2.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-01-11 246504]
c:\documents and settings\Benoit\Menu D‚marrer\Programmes\D‚marrage\
PandaUSBVaccine.lnk - c:\program files\Panda USB Vaccine\USBVaccine.exe [2010-1-5 1287176]
[HKLM\~\startupfolder\C:^Documents and Settings^Benoit^Menu Démarrer^Programmes^Démarrage^is-2IC1G.lnk]
[HKLM\~\startupfolder\C:^Documents and Settings^Benoit^Menu Démarrer^Programmes^Démarrage^PandaUSBVaccine.lnk]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FTweakFCleaner
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2006-01-02 14:41 45056 ----a-w- c:\program files\ATI Technologies\ATI.ACE\CLI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 02:33 15360 ------w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2004-06-21 11:50 172032 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-10-28 19:21 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:34 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"MSConfig"=c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\10Opera\\opera.exe"=
R1 is-2IC1Gdrv;is-2IC1Gdrv;c:\windows\system32\drivers\54929990.sys [20/12/2009 19:05 148496]
R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [22/12/2009 19:20 1858144]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [27/01/2010 18:55 108289]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [14/01/2008 11:06 21632]
S0 DwProt;DrWeb Protection;c:\windows\system32\drivers\dwprot.sys --> c:\windows\system32\drivers\dwprot.sys [?]
.
Contenu du dossier 'Tâches planifiées'
2010-01-19 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2009-12-27 11:09]
.
.
------- Examen supplémentaire -------
.
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Benoit\Application Data\Mozilla\Firefox\Profiles\4hdtmv90.default\
FF - plugin: c:\program files\10Opera\program\plugins\npdsplay.dll
FF - plugin: c:\program files\10Opera\program\plugins\npwmsdrm.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
- - - - ORPHELINS SUPPRIMES - - - -
ShellExecuteHooks-{4F07DA45-8170-4859-9B5F-037EF2970034} - (no file)
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-15 23:43
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\10\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\13\Rules]
@DACL=(02 0000)
"Num"=dword:00000002
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\19\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\2\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\20\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\21\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\22\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\23\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\27\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\3\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\43\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\7\Rules]
@DACL=(02 0000)
"Num"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\9\Rules]
@DACL=(02 0000)
"Num"=dword:00000003
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\1\Rules\12]
@DACL=(02 0000)
"Flags"=dword:00000010
"DefaultAction"=dword:00000004
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0]
@DACL=(02 0000)
"Flags"=dword:00000008
"DefaultAction"=dword:00000004
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\10]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\CurrentState"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\CurrentState"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\11]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\OriginalStateInfo"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\OriginalStateInfo"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\12]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\RestoredStateInfo"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\RestoredStateInfo"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\2]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\DeskHtmlMinorVersion"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\DeskHtmlMinorVersion"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\3]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\Settings"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\Settings"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\4]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\GeneralFlags"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\GeneralFlags"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\5]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Source"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Source"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\6]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\SubscribedURL"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\SubscribedURL"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\7]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\FriendlyName"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\FriendlyName"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\8]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Flags"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Flags"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\0\Allowed\9]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Position"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Position"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\1]
@DACL=(02 0000)
"Flags"=dword:00000008
"DefaultAction"=dword:00000004
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\1\Allowed\1]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\explorer.exe"
"DeviceName"="c:\\WINDOWS\\explorer.exe"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\11\Allowed\0]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\explorer.exe"
"DeviceName"="c:\\WINDOWS\\explorer.exe"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\2]
@DACL=(02 0000)
"Flags"=dword:00010000
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\10\Rules\3]
@DACL=(02 0000)
"Flags"=dword:00000100
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\11\Rules\1]
@DACL=(02 0000)
"Flags"=dword:00000001
"DefaultAction"=dword:00000004
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\11\Rules\2]
@DACL=(02 0000)
"Flags"=dword:00000002
"DefaultAction"=dword:00000004
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\11\Rules\3]
@DACL=(02 0000)
"Flags"=dword:00000080
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\11\Rules\3\Allowed\2]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\system32\\msiexec.exe"
"DeviceName"="c:\\WINDOWS\\system32\\msiexec.exe"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\11\Rules\4]
@DACL=(02 0000)
"Flags"=dword:00000400
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\0\Allowed\10]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\CurrentState"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\CurrentState"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\0\Allowed\11]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\OriginalStateInfo"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\OriginalStateInfo"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\0\Allowed\12]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\RestoredStateInfo"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\RestoredStateInfo"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\0\Allowed\5]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Source"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Source"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\0\Allowed\6]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\SubscribedURL"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\SubscribedURL"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\0\Allowed\7]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\FriendlyName"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\FriendlyName"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\0\Allowed\8]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Flags"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Flags"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\0\Allowed\9]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Position"
"DeviceName"="HKUS\\S-1-5-21-1482476501-725345543-682003330-1005\\Software\\Microsoft\\Internet Explorer\\Desktop\\Components\\0\\Position"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\140\Rules\0\Allowed\1]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\system32\\notepad.exe"
"DeviceName"="c:\\WINDOWS\\system32\\notepad.exe"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\140\Rules\1]
@DACL=(02 0000)
"Flags"=dword:00000200
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\140\Rules\1\Allowed\2]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\Documents and Settings\\Benoit\\Menu Démarrer\\Programmes\\Démarrage\\*"
"DeviceName"="c:\\Documents and Settings\\Benoit\\Menu Démarrer\\Programmes\\Démarrage\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\140\Rules\2]
@DACL=(02 0000)
"Flags"=dword:00010000
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\15\Rules\0\Allowed\1]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKLM\\SOFTWARE\\Classes\\CLSID\\{0A4286EA-E355-44FB-8086-AF3DF7645BD9}\\ProgID\\"
"DeviceName"="HKLM\\SOFTWARE\\Classes\\CLSID\\{0A4286EA-E355-44FB-8086-AF3DF7645BD9}\\ProgID\\"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\15\Rules\2]
@DACL=(02 0000)
"Flags"=dword:00000002
"DefaultAction"=dword:00000004
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\15\Rules\3]
@DACL=(02 0000)
"Flags"=dword:00000080
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\15\Rules\3\Allowed\2]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\system32\\msiexec.exe"
"DeviceName"="c:\\WINDOWS\\system32\\msiexec.exe"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\15\Rules\4]
@DACL=(02 0000)
"Flags"=dword:00000400
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\16\Rules\0\Allowed\2]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKLM\\SOFTWARE\\Classes\\CLSID\\{9B5D0ACB-253F-30E4-95B8-38D48CF2F721}\\InprocServer32"
"DeviceName"="HKLM\\SOFTWARE\\Classes\\CLSID\\{9B5D0ACB-253F-30E4-95B8-38D48CF2F721}\\InprocServer32"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\16\Rules\0\Allowed\3]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKLM\\SOFTWARE\\Classes\\CLSID\\{9B5D0ACB-253F-30E4-95B8-38D48CF2F721}\\InprocServer32\\"
"DeviceName"="HKLM\\SOFTWARE\\Classes\\CLSID\\{9B5D0ACB-253F-30E4-95B8-38D48CF2F721}\\InprocServer32\\"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\16\Rules\0\Allowed\4]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\CLSID*"
"DeviceName"="*\\SOFTWARE\\Classes\\CLSID*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\161\Rules\13\Allowed\1]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\system32\\notepad.exe"
"DeviceName"="c:\\WINDOWS\\system32\\notepad.exe"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\168\Rules\1\Allowed\1]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\CLSID*"
"DeviceName"="*\\SOFTWARE\\Classes\\CLSID*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\169\Rules\1\Allowed\1]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\CLSID*"
"DeviceName"="*\\SOFTWARE\\Classes\\CLSID*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\169\Rules\2\Allowed\0]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\system32\\*"
"DeviceName"="c:\\WINDOWS\\system32\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Protections]
@DACL=(02 0000)
"Num"=dword:00000000
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules]
@DACL=(02 0000)
"Num"=dword:00000002
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\1]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\*"
"DeviceName"="*\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\10]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Search_URL"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Search_URL"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\11]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Local Page"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Local Page"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\12]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Search*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Search*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\13]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Start Page"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Start Page"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\14]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\*"
"DeviceName"="*\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\15]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Cache\\Special Paths\\Cookies\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Cache\\Special Paths\\Cookies\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\16]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Approved\\*"
"DeviceName"="*\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Approved\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\17]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\18]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\DefaultPrefix\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\DefaultPrefix\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\19]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\Prefixes\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\Prefixes\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\2]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\CLSID*"
"DeviceName"="*\\SOFTWARE\\Classes\\CLSID*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\20]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKLM\\SYSTEM\\ControlSet???\\Control\\Lsa\\*"
"DeviceName"="HKLM\\SYSTEM\\ControlSet???\\Control\\Lsa\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\3]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\.exe\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\.exe\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\4]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\*file\\shell\\*\\command\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\*file\\shell\\*\\command\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\5]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Filter\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Filter\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\6]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\7]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Active Setup\\Installed Components\\*\\StubPath"
"DeviceName"="*\\Software\\Microsoft\\Active Setup\\Installed Components\\*\\StubPath"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\8]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\AboutURLs\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\AboutURLs\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\1\Allowed\9]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Page_URL"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Page_URL"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\10]
@DACL=(02 0000)
"Flags"=dword:00000004
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\11]
@DACL=(02 0000)
"Flags"=dword:00000001
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\12]
@DACL=(02 0000)
"Flags"=dword:00000002
"DefaultAction"=dword:00000004
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\13]
@DACL=(02 0000)
"Flags"=dword:00000010
"DefaultAction"=dword:00000004
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\14]
@DACL=(02 0000)
"Flags"=dword:00200000
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\2]
@DACL=(02 0000)
"Flags"=dword:00010000
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\3]
@DACL=(02 0000)
"Flags"=dword:00000100
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\4]
@DACL=(02 0000)
"Flags"=dword:00000080
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\5]
@DACL=(02 0000)
"Flags"=dword:00000040
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\6]
@DACL=(02 0000)
"Flags"=dword:00000020
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\7]
@DACL=(02 0000)
"Flags"=dword:00001000
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\8]
@DACL=(02 0000)
"Flags"=dword:00000800
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\174\Rules\9]
@DACL=(02 0000)
"Flags"=dword:00000400
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\10]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Search_URL"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Search_URL"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\11]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Local Page"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Local Page"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\12]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Search*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Search*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\13]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Start Page"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Start Page"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\14]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\*"
"DeviceName"="*\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\15]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Cache\\Special Paths\\Cookies\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Cache\\Special Paths\\Cookies\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\16]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Approved\\*"
"DeviceName"="*\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Approved\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\17]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\18]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\DefaultPrefix\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\DefaultPrefix\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\19]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\Prefixes\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\Prefixes\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\20]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKLM\\SYSTEM\\ControlSet???\\Control\\Lsa\\*"
"DeviceName"="HKLM\\SYSTEM\\ControlSet???\\Control\\Lsa\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\4]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\*file\\shell\\*\\command\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\*file\\shell\\*\\command\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\5]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Filter\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Filter\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\6]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\7]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Active Setup\\Installed Components\\*\\StubPath"
"DeviceName"="*\\Software\\Microsoft\\Active Setup\\Installed Components\\*\\StubPath"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\8]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\AboutURLs\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\AboutURLs\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\1\Allowed\9]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Page_URL"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Page_URL"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\14]
@DACL=(02 0000)
"Flags"=dword:00200000
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\178\Rules\2\Allowed\0]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\system32\\*"
"DeviceName"="c:\\WINDOWS\\system32\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\18\Rules\0\Allowed\3]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKLM\\SOFTWARE\\Classes\\CLSID\\{9B5D0ACB-253F-30E4-95B8-38D48CF2F721}\\InprocServer32\\"
"DeviceName"="HKLM\\SOFTWARE\\Classes\\CLSID\\{9B5D0ACB-253F-30E4-95B8-38D48CF2F721}\\InprocServer32\\"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\18\Rules\0\Allowed\4]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\CLSID*"
"DeviceName"="*\\SOFTWARE\\Classes\\CLSID*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\18\Rules\1]
@DACL=(02 0000)
"Flags"=dword:00010000
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\0]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="c:\\WINDOWS\\system32\\*"
"DeviceName"="c:\\WINDOWS\\system32\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\1]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKLM\\SYSTEM\\ControlSet???\\Services\\*"
"DeviceName"="HKLM\\SYSTEM\\ControlSet???\\Services\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\10]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Search_URL"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Search_URL"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\11]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Local Page"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Local Page"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\12]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Search*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Search*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\13]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Start Page"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Start Page"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\14]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\*"
"DeviceName"="*\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\15]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Cache\\Special Paths\\Cookies\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Cache\\Special Paths\\Cookies\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\16]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Approved\\*"
"DeviceName"="*\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Approved\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\17]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\18]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\DefaultPrefix\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\DefaultPrefix\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\19]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\Prefixes\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\URL\\Prefixes\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\2]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\CLSID*"
"DeviceName"="*\\SOFTWARE\\Classes\\CLSID*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\20]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="HKLM\\SYSTEM\\ControlSet???\\Control\\Lsa\\*"
"DeviceName"="HKLM\\SYSTEM\\ControlSet???\\Control\\Lsa\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\3]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\.exe\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\.exe\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\4]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\*file\\shell\\*\\command\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\*file\\shell\\*\\command\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\5]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Filter\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Filter\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\6]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\*"
"DeviceName"="*\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\7]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\Software\\Microsoft\\Active Setup\\Installed Components\\*\\StubPath"
"DeviceName"="*\\Software\\Microsoft\\Active Setup\\Installed Components\\*\\StubPath"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\8]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\AboutURLs\\*"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\AboutURLs\\*"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\1\Allowed\9]
@DACL=(02 0000)
"Flags"=dword:00000000
"Filename"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Page_URL"
"DeviceName"="*\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\Default_Page_URL"
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\13]
@DACL=(02 0000)
"Flags"=dword:00200000
"DefaultAction"=dword:00000001
[HKEY_LOCAL_MACHINE\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\184\Rules\14]
@DACL=(02 0000)
"F
toujours personne pour m'aider a supprimmer, ce dossier impossible a supprimé??
j'ai essayé avec 4,ou 5 destructeur, en mode sans echec.. rien y fait!
j'ai essayé avec 4,ou 5 destructeur, en mode sans echec.. rien y fait!
