Log Combofix besoin d'aide
Résolu
Utilisateur anonyme
-
kalimusic Messages postés 14014 Date d'inscription Statut Contributeur sécurité Dernière intervention -
kalimusic Messages postés 14014 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Bonjour,
Je viens de faire un scan de mon pc infecté avec combofix
Quelqu'un peut-il m'aider pour l'analyse du log ? Est-ce qu'il y a encore des infections ?
Si oui, quelle est la procédure à suivre pour toutes les supprimer ?
Merci d'avance de votre aide
ComboFix 12-12-25.02 - Lucky Luc 25/12/2012 18:47:00.3.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.32.1036.18.511.308 [GMT 1:00]
Lancé depuis: c:\documents and settings\Lucky Luc\Bureau\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Lucky Luc\Application Data\inst.exe
c:\documents and settings\Lucky Luc\Application Data\Microsoft\Messenger
c:\documents and settings\Lucky Luc\Application Data\Microsoft\Messenger\activesharingfolder.dat
c:\documents and settings\Lucky Luc\Local Settings\Application Data\assembly\tmp
c:\documents and settings\Lucky Luc\WINDOWS
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\SET104C.tmp
c:\windows\system32\SET1069.tmp
c:\windows\system32\SET10B9.tmp
c:\windows\system32\SET10BD.tmp
c:\windows\system32\SET10BE.tmp
c:\windows\system32\SET10BF.tmp
c:\windows\system32\SET10C0.tmp
c:\windows\system32\SET10C1.tmp
c:\windows\system32\SET10C2.tmp
c:\windows\system32\SET10C3.tmp
c:\windows\system32\SET10C4.tmp
c:\windows\system32\SET10C8.tmp
c:\windows\system32\SET10D1.tmp
c:\windows\system32\SET1143.tmp
c:\windows\system32\SET114C.tmp
c:\windows\system32\SET11E7.tmp
c:\windows\system32\SET11FF.tmp
c:\windows\system32\SET1203.tmp
c:\windows\system32\SET14B.tmp
c:\windows\system32\SET14F.tmp
c:\windows\system32\SET150.tmp
c:\windows\system32\SET155.tmp
c:\windows\system32\SET156.tmp
c:\windows\system32\SET157.tmp
c:\windows\system32\SET159.tmp
c:\windows\system32\SET15B.tmp
c:\windows\system32\SET15D.tmp
c:\windows\system32\SET192.tmp
c:\windows\system32\SET19E.tmp
c:\windows\system32\SET214.tmp
c:\windows\system32\SET22F.tmp
c:\windows\system32\SET2CA.tmp
c:\windows\system32\SET2E8.tmp
c:\windows\system32\SET2F1.tmp
c:\windows\system32\SET72A.tmp
c:\windows\system32\SET747.tmp
c:\windows\system32\SET793.tmp
c:\windows\system32\SET797.tmp
c:\windows\system32\SET798.tmp
c:\windows\system32\SET799.tmp
c:\windows\system32\SET79A.tmp
c:\windows\system32\SET79B.tmp
c:\windows\system32\SET79C.tmp
c:\windows\system32\SET79D.tmp
c:\windows\system32\SET79E.tmp
c:\windows\system32\SET7A6.tmp
c:\windows\system32\SET7AF.tmp
c:\windows\system32\SET825.tmp
c:\windows\system32\SET82E.tmp
c:\windows\system32\SET8C9.tmp
c:\windows\system32\SET8E0.tmp
c:\windows\system32\SET8E4.tmp
c:\windows\system32\SETB1.tmp
c:\windows\system32\SETE1.tmp
c:\windows\system32\Thumbs.db
c:\windows\system32\TZLog.log
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-11-25 au 2012-12-25 ))))))))))))))))))))))))))))))))))))
.
.
2012-12-25 15:53 . 2012-12-25 15:53 -------- d-----w- c:\windows\LastGood
2012-12-25 02:30 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-12-25 02:30 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-12-25 02:29 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-12-25 02:29 . 2012-10-30 22:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-12-25 02:29 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-12-25 02:29 . 2012-10-30 22:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-12-25 02:29 . 2012-10-30 22:51 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-12-25 02:29 . 2012-10-30 22:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-12-25 02:28 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2012-12-25 02:28 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-12-25 02:27 . 2012-12-25 02:27 -------- d-----w- c:\program files\AVAST Software
2012-12-25 02:27 . 2012-12-25 02:27 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2012-12-24 17:17 . 2012-10-12 18:09 22400 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-12-24 15:35 . 2012-12-24 15:36 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit
2012-12-24 01:45 . 2012-05-31 10:25 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-12-24 00:31 . 2012-12-24 00:31 -------- d--h--w- c:\windows\system32\GroupPolicy
2012-12-23 22:49 . 2012-12-23 22:49 91104 ----a-w- c:\program files\Mozilla Firefox\smime3.dll
2012-12-23 22:49 . 2012-12-23 22:49 21472 ----a-w- c:\program files\Mozilla Firefox\plc4.dll
2012-12-23 22:49 . 2012-12-23 22:49 20960 ----a-w- c:\program files\Mozilla Firefox\plds4.dll
2012-12-23 22:49 . 2012-12-23 22:49 16864 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
2012-12-23 22:49 . 2012-12-23 22:49 155104 ----a-w- c:\program files\Mozilla Firefox\softokn3.dll
2012-12-23 22:49 . 2012-12-23 22:49 145376 ----a-w- c:\program files\Mozilla Firefox\ssl3.dll
2012-12-23 22:49 . 2012-12-23 22:49 892176 ----a-w- c:\program files\Mozilla Firefox\uninstall\helper.exe
2012-12-23 22:49 . 2012-12-23 22:49 96224 ----a-w- c:\program files\Mozilla Firefox\webapprt-stub.exe
2012-12-23 22:49 . 2012-12-23 22:49 270816 ----a-w- c:\program files\Mozilla Firefox\updater.exe
2012-12-23 22:49 . 2012-12-23 22:49 157272 ----a-w- c:\program files\Mozilla Firefox\webapp-uninstaller.exe
2012-12-23 22:49 . 2012-12-23 22:49 19424 ----a-w- c:\program files\Mozilla Firefox\xpcom.dll
2012-12-23 22:49 . 2012-12-23 22:49 15112160 ----a-w- c:\program files\Mozilla Firefox\xul.dll
2012-12-23 21:59 . 2012-12-23 21:59 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help
2012-12-23 21:58 . 2012-12-23 21:58 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2012-12-23 21:38 . 2012-12-23 21:38 -------- d-----w- c:\program files\Fichiers communs\Skype
2012-12-23 19:35 . 2012-12-23 19:35 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2012-12-22 16:06 . 2012-08-28 15:04 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2012-12-22 02:11 . 2012-05-28 18:17 536576 ----a-w- c:\program files\Fichiers communs\System\ado\SETBC.tmp
2012-12-22 02:11 . 2012-05-28 18:17 536576 ------w- c:\program files\Fichiers communs\System\ado\SET72E.tmp
2012-12-22 02:11 . 2012-05-28 18:17 536576 ------w- c:\program files\Fichiers communs\System\ado\SET1050.tmp
2012-12-22 02:07 . 2012-12-22 02:07 -------- d-----w- c:\documents and settings\Lucky Luc\Local Settings\Application Data\ESET
2012-12-22 01:15 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-12-22 01:15 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2012-12-22 00:23 . 2012-12-24 15:35 -------- d-----w- c:\documents and settings\Lucky Luc\Application Data\IObit
2012-12-22 00:22 . 2012-12-24 15:35 -------- d-----w- c:\program files\IObit
2012-12-21 16:01 . 2012-12-22 00:41 -------- d-----w- c:\documents and settings\Lucky Luc\Application Data\GlarySoft
2012-12-21 13:15 . 2012-12-21 13:16 -------- d-----w- c:\program files\CrystalDiskInfo
2012-12-21 00:16 . 2012-12-21 00:16 -------- d-----w- c:\program files\SuperCopier2
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-21 00:11 . 2012-10-21 16:22 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-21 00:11 . 2012-10-21 16:22 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-13 11:55 . 2010-08-25 18:04 1866496 ----a-w- c:\windows\system32\win32k.sys
2012-11-02 02:02 . 2010-08-25 18:05 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-10-21 14:38 . 2012-10-21 14:39 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-21 14:38 . 2012-10-21 14:40 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-10-21 14:38 . 2012-08-05 10:36 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-21 14:38 . 2011-06-06 16:09 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-02 18:04 . 2010-08-25 18:04 58368 ----a-w- c:\windows\system32\synceng.dll
2012-09-29 17:54 . 2009-04-12 01:21 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-23 22:50 . 2012-12-23 22:50 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2004-08-19 14:10 60416 --sha-w- c:\windows\BricoPacks\SysFiles\84_MSIMN.EXE
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"LWBKEYBOARD"="c:\program files\Labtec\Desktop\6.0\KbdAp32A.exe" [2007-03-26 395264]
"LWBMOUSE"="c:\program files\Labtec\Desktop\6.0\MOffice.exe" [2007-04-11 457728]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-16 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2003-03-27 53248]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"TWCU"="c:\program files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe" [2010-02-04 561263]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2012-07-03 252848]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
.
c:\documents and settings\Lucky Luc\Menu Démarrer\Programmes\Démarrage\
Poste de travail.lnk - [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-08-26 21:14 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [25/12/2012 3:29 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25/12/2012 3:30 361032]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [10/10/2006 13:53 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [27/02/2007 12:39 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [26/08/2010 22:14 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25/12/2012 3:30 21256]
R2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [28/08/2010 18:26 20328]
R3 powervr;powervr;c:\windows\system32\drivers\powervr.sys [27/09/2002 15:34 566496]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13/07/2012 13:28 160944]
S3 Jukebox3_1394;Jukebox3_1394;c:\windows\system32\drivers\ctpd1394.sys [6/09/2009 18:15 23536]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [24/06/2007 23:33 47360]
S3 PID_400C;Video Blaster WebCam 5 (WDM);c:\windows\system32\drivers\Pd100Vid.sys [26/03/2007 21:30 335980]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16/02/2006 17:51 12872]
S4 Mrxvdsv;Mrxvdsv; [x]
.
Contenu du dossier 'Tâches planifiées'
.
2012-12-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-21 00:11]
.
2012-12-25 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-12-25 22:50]
.
2012-12-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-15 17:35]
.
2012-12-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-15 17:35]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = file:\\c:\program files\Internet Explorer\MyGoogle.html
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Lucky Luc\Application Data\Mozilla\Firefox\Profiles\44nv1hbb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.enabled - false
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-12-20 16:00; nl-NL@dictionaries.addons.mozilla.org; c:\documents and settings\Lucky Luc\Application Data\Mozilla\Firefox\Profiles\44nv1hbb.default\extensions\nl-NL@dictionaries.addons.mozilla.org
FF - ExtSQL: 2012-12-20 16:00; {563e4790-7e70-11da-a72b-0800200c9a66}; c:\documents and settings\Lucky Luc\Application Data\Mozilla\Firefox\Profiles\44nv1hbb.default\extensions\{563e4790-7e70-11da-a72b-0800200c9a66}.xpi
FF - ExtSQL: 2012-12-25 03:30; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.switch.threshold - 1000000
.
- - - - ORPHELINS SUPPRIMES - - - -
.
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-25 19:03
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-436374069-115176313-725345543-1003_Classes\Applications\Photoshop.exe\shell]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-436374069-115176313-725345543-1003_Classes\JavaPlugin.142_05\CLSID]
@DACL=(02 0000)
@="{5852F5ED-8BF4-11D4-A245-0080C6F74284}"
.
[HKEY_USERS\S-1-5-21-436374069-115176313-725345543-1003_Classes\JavaPlugin.150_02\CLSID]
@DACL=(02 0000)
@="{5852F5ED-8BF4-11D4-A245-0080C6F74284}"
.
[HKEY_USERS\S-1-5-21-436374069-115176313-725345543-1003_Classes\JavaPlugin.150_05\CLSID]
@DACL=(02 0000)
@="{5852F5ED-8BF4-11D4-A245-0080C6F74284}"
.
[HKEY_USERS\S-1-5-21-436374069-115176313-725345543-1003_Classes\JavaPlugin.150_06\CLSID]
@DACL=(02 0000)
@="{5852F5ED-8BF4-11D4-A245-0080C6F74284}"
.
[HKEY_USERS\S-1-5-21-436374069-115176313-725345543-1003_Classes\JavaPlugin.150_09\CLSID]
@DACL=(02 0000)
@="{5852F5ED-8BF4-11D4-A245-0080C6F74284}"
.
[HKEY_USERS\S-1-5-21-436374069-115176313-725345543-1003_Classes\JavaPlugin.150_10\CLSID]
@DACL=(02 0000)
@="{5852F5ED-8BF4-11D4-A245-0080C6F74284}"
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,bb,9c,aa,ca,7b,a0,2b,42,80,d7,c2,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,bb,9c,aa,ca,7b,a0,2b,42,80,d7,c2,\
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\Content]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\History]
@DACL=(02 0000)
"Queue"="0"
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\IMSys]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\Network]
@DACL=(02 0000)
"IMBR1"=hex:01,00,00,00,ff,9c,cc,33
"IMBRU"="26AA25BD-224D-482B-81CB-AC704C154AA5"
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\Options]
@DACL=(02 0000)
"UseWPOnDesktop"=dword:00000001
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\PatchUpdates]
@DACL=(02 0000)
"TOTS"=dword:49aace00
"GRTS"=dword:49ab13ab
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\SsData]
@DACL=(02 0000)
"Screensaver"="E9EE8159-84BB-4D910B813-B8CEDC24EAAA"
"SSDefault"="40242AE5-DFC3-4FA108AC7-10CCDD67B640"
"DelayMouseMoveOnPreview"=dword:00000000
"MouseDismissDelayMillisec"=dword:00000000
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\System]
@DACL=(02 0000)
"DefaultSkin"="31E66266-2152-4B4608CB1-C2E183EF1402"
"FIR"=dword:00000001
"NeoManagerFirstInstanceTime"=dword:49aacdaf
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\WpData]
@DACL=(02 0000)
"WallpaperMode"=dword:00000000
"Wallpaper"="8040F8A0-5438-41AF09FEE-61E1CF34CAB5"
"UserPhotoPath"=""
"WPAvgCreationTime"=dword:00000bb8
.
[HKEY_LOCAL_MACHINE\software\54c\2A08021262385]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E6F787C2-C759-4403-B1BD-9359CB96EB04}\TypeLib]
@DACL=(02 0000)
@="{DCB43485-19FB-4D6D-BB3D-73C7F48D5F00}"
.
[HKEY_LOCAL_MACHINE\software\Classes\ppifile\shell]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{075034D6-4432-46EF-AF14-F3021E88CFE7}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"
.
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{1EC0D7B0-A7E7-464E-A2E5-A98D2C78A2B1}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"
.
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{586DDA9D-3455-4C7F-AAD2-0EE94CB2EA63}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"
.
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{7AD76FF8-C20A-4E30-9C56-A58A6E27F3EA}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"
.
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{93F2EB70-60E5-4A11-8866-62CD1DBD8A50}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"
.
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{A70BD689-F574-4781-923B-3E2583268B49}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"
.
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{AAB556BD-EB62-4F90-9DAF-075FA4239861}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"
.
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{AD09045A-3DBF-4A8B-A24D-39609315510B}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IE40.BrowseUI\RegBackup]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP4\KB2229593\Filelist\5]
@DACL=(02 0000)
"FileName"="helpsvc.exe"
"Version"="5.1.2600.5997"
"BuildDate"="Mon Jun 14 16:31 2010"
"BuildCheckSum"="ba245"
"Location"="c:\\WINDOWS\\pchealth\\helpctr\\binaries"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP4\KB2229593\Filelist\6]
@DACL=(02 0000)
"FileName"="helpsvc.exe"
"Version"="5.1.2600.5997"
"BuildDate"="Mon Jun 14 16:31 2010"
"BuildCheckSum"="ba245"
"Location"="c:\\WINDOWS\\system32\\DllCache"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\17AFD8C1970420F48BBB741BC2A165F5]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a28084.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\17BB7F68F8EF60333A529FE30E46718B]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270c33.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\1FDE42FC632E233438BCC407A1B9BC0F]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b699.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\2451D69CF585D214C8A52004DB1A469B]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b69a.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\24DF66A32D05A9E3185BCE3E5E3C90A7]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270bed.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\256917180E811B74A9218FB20F574DBD]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b69b.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\28C9EA2BB7CD1463FB8C7872C5F46370]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270c1b.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\295DC294DD789E13083868560A521636]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270bd0.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\2F2AEE7ADCFB45A45A57B7187A686E85]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270c0e.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\325BFA1894CCB7A338BBFE6ACEC6E73C]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a4717d.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\3D90EFE177C6D6E478F667BC032D50C6]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a28085.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\4152E9034D92C5043B1B417D32B1AF61]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a28086.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\41A670B5874F6653EBA789C5C326F94A]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270c24.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\43F3D5FAA348FB140A3FF2BB0AB09A9B]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a28088.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\484CA1D2615EC8048852CA1B3C65CAA7]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b69f.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\4C9878626E35BDD4F833D8F0E900B0AE]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b6a0.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\5E903427217EC6249BD46B4B52112CF9]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b69c.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\68AB67CA7DA700005205A7C804008022]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\50230d.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\68AB67CA7DA700005205A7C804008032]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\1457c12.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\68AB67CA7DA700005205A7C804008042]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\3f2b2.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\6ADA61945FCC7E03693E761445361DD4]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a4717c.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\6D0233A2508C08244B326B56DB3ED3F8]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\452ecb.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\735890DC758856044B6BCA20C32B4CE8]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\164253.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\7FCDE114D557E4147AB4D3DC56385F98]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\1e0f39.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\82B28DCEEB84C6245BB5E60C22162658]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b698.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\881B67FDBD11CD343A98012492599A97]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a2808b.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\8922FFA100CCB3A468A66CB2383797E4]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\164273.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\91C30D4F0ACD90B4387EEBB3608C4DCD]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a2808d.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\9E0DE89293FE9BB33898F24ED18CCF08]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270c3c.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\B4C419EC05CA8E13D92A51BD928D65F8]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270bda.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\B8F6D1795C8E4A94E93D980C010B8D2D]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a28087.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\BB3686E2280450B3BBC202FE614DDB28]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270bdb.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\BE7C28545F39D804F992A5B51E7E8654]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b69d.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\C3CFBEEB1B8483A43A5C18AB91FDF504]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270bf6.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\DE6BA3F2C1597EC4A89C5864DFFCF1A5]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b69e.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\E0337B0F8B42AE34C86D1D4124A8C1CE]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a2808c.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\E54DA494170E9184E8511E40F1FB0F37]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270c00.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\E6C461BDA4E80374796CED4868BE63F7]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a2808a.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\E9030CAD6F70DA545BFBB5D0FE17FFEE]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a28089.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\F9DC276355B3ECF3D85A5DC7A31B1005]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\16425c.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\4A44758810A10B4458A8A06E37C8CB7F\Features]
@DACL=(02 0000)
"CRT_WinSXS"="_j0,Y]s!Soe8MkbIdFwUbN^.Zr'AG(u8MkbIdFwUbN^.Zr'AG(*9MkbIdFwU%9YbWIfIbe?9MkbIdFwU_j0,Y]s!Sou8MkbIdFwU_j0,Y]s!So*9MkbIdFwU!N0,YT,$So*9MkbIdFwU!N0,YT,$Sou8MkbIdFwUa@0,YF5$So*9MkbIdFwUe?0,Yk5$So*9MkbIdFwU]A0,Yx4$So*9MkbIdFwUe?0,Yk5$Sou8MkbIdFwUa@0,YF5$Sou8MkbIdFwUXB0,YS4$So*9MkbIdFwU]A0,Yx4$Sou8MkbIdFwUTC0,Y*4$So*9MkbIdFwUPD0,Ya3$So*9MkbIdFwUXB0,YS4$Sou8MkbIdFwU&vv.ZiM}F(*9MkbIdFwUTC0,Y*4$Sou8MkbIdFwULE0,Y83$So*9MkbIdFwUPD0,Ya3$Sou8MkbIdFwULE0,Y83$Sou8MkbIdFwUEgn.Z_T*G(*9MkbIdFwUzH^.ZJcAG(*9MkbIdFwU&vv.ZiM}F(u8MkbIdFwUEgn.Z_T*G(u8MkbIdFwU=6U.Z@jJG(*9MkbIdFwUzH^.ZJcAG(u8MkbIdFwU=6U.Z@jJG(u8MkbIdFwUaZO,H*K2'Ee8MkbIdFwUd?y.IED+lV*9MkbIdFwUaZO,H*K2'E*9MkbIdFwU%?O,H~_2'E*9MkbIdFwUg+O,H9h2'E*9MkbIdFwUc,O,Hog2'E*9MkbIdFwU_-O,HJg2'E*9MkbIdFwUZ.O,H}f2'E*9MkbIdFwUV0O,HWf2'E*9MkbIdFwUR1O,H.f2'E*9MkbIdFwUN2O,Hee2'E*9MkbIdFwU(g70I8-kkV*9MkbIdFwUGW.0I-5tkV*9MkbIdFwU}5y.ItF+lV*9MkbIdFwU@&q.IjM5lV*9MkbIdFwU!M!&ZZc0%ne8MkbIdFwU&-Q([pOMt&*9MkbIdFwU&-Q([pOMt&u8MkbIdFwU+SnXWTvLne?9MkbIdFwU!M!&ZZc0%nu8MkbIdFwU!M!&ZZc0%n*9MkbIdFwUG,!&ZRw0%n*9MkbIdFwU%z~%ZD$1%n*9MkbIdFwUG,!&ZRw0%nu8MkbIdFwU)y~%Zi$1%n*9MkbIdFwU%z~%ZD$1%nu8MkbIdFwU)y~%Zi$1%nu8MkbIdFwU}z~%Zv!1%n*9MkbIdFwUx{~%ZQ!1%n*9MkbIdFwU}z~%Zv!1%nu8MkbIdFwUp~~%Z_~0%n*9MkbIdFwUt}~%Z(!1%n*9MkbIdFwUx{~%ZQ!1%nu8MkbIdFwUt}~%Z(!1%nu8MkbIdFwUJXj([g9-t&*9MkbIdFwUl!!&Z6~0%n*9MkbIdFwUp~~%Z_~0%nu8MkbIdFwUeIb([]D7t&*9MkbIdFwUl!!&Z6~0%nu8MkbIdFwUC'Q([HRMt&*9MkbIdFwUJXj([g9-t&u8MkbIdFwU^sH([=YVt&*9MkbIdFwUeIb([]D7t&u8MkbIdFwUC'Q([HRMt&u8MkbIdFwU^sH([=YVt&u8MkbIdFwU=$k'IN]I8Ce8MkbIdFwUAd9cJeUCHT*9MkbIdFwU=$k'IN]I8C*9MkbIdFwU^cj'IFqI8C*9MkbIdFwUDTj'I]yI8C*9MkbIdFwU@Uj'I4yI8C*9MkbIdFwU8Vj'IjxI8C*9MkbIdFwU4Wj'IExI8C*9MkbIdFwU0Xj'IwwI8C*9MkbIdFwU+Yj'IRwI8C*9MkbIdFwU'Zj'I)wI8C*9MkbIdFwUa0VcJ[C!HT*9MkbIdFwU{{McJQJ,HT*9MkbIdFwUY^9cJ9XCHT*9MkbIdFwUtN1cJ.'LHT*9MkbIdFwU"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\4A44758810A10B4458A8A06E37C8CB7F\InstallProperties]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\8a46c4.msi"
"AuthorizedCDFPrefix"=""
"Comments"=""
"Contact"=""
"DisplayVersion"="1.0.0.0"
"HelpLink"=""
"HelpTelephone"=""
"InstallDate"="20070410"
"InstallLocation"=""
"InstallSource"="c:\\Program Files\\activePDF\\PrimoPDF\\"
"ModifyPath"=expand:"MsiExec.exe /I{885744A4-1A01-44B0-858A-0AE6738CBCF7}"
"Publisher"="activePDF, Inc."
"Readme"=""
"Size"=""
"EstimatedSize"=dword:00000fb0
"UninstallString"=expand:"MsiExec.exe /I{885744A4-1A01-44B0-858A-0AE6738CBCF7}"
"URLInfoAbout"=""
"URLUpdateInfo"=""
"VersionMajor"=dword:00000001
"VersionMinor"=dword:00000000
"WindowsInstaller"=dword:00000001
"Version"=dword:01000000
"Language"=dword:00000409
"DisplayName"="PrimoPDF Redistribution Package"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\9040110900063D11C8EF10054038389C\Features]
@DACL=(02 0000)
"OPCRemovePreviousMax"="\02AlwaysInstalled"
"OPCRemovePreviousMin"="\02AlwaysInstalled"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\9040110900063D11C8EF10054038389C\InstallProperties]
@DACL=(02 0000)
"QuietUninstallString"="MsiExec.Exe /x {90110409-6000-11D3-8CFE-0150048383C9} /qn"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\c049C053C7D38EE4AB9A00CB3B5D2472\Features]
@DACL=(02 0000)
"WebPublFiles"="]aZF&kXsf(lf*L[_GKba}gbvW,Qmf(G'*L[H+8]bZ}IuVaZtf(Cyn.Q2tAE!_{@h=i,nf(R8(L[JO9}X_}M^V8Xqf(Rp)L[_GKbahlT]jI{jf(=1&L[-81-]I-M04-B~f(8Hw.QdFt.0T4}vzw$wf(dKr.QPSdMu"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\C65FE06E033C5754483629E1071D54B8\Features]
@DACL=(02 0000)
"X"="9!CSbHOa'AH^LbXu6rdD5UP.+3Xx)=SXC.NJ0mG'\02ImageEncodingDecodingPlugIns"
"Font"="kqBx'JW_e?I-^e?1w9ZAab_.d-~Jw8+KFZpSR+gC\02ImageEncodingDecodingPlugIns"
"Media"="Hv~SBRnct94mmS1_Zdq^']~AOmAIR@+eeh4'?Mze-)%UDnvSn=_!6JzU60{9ugr1s8(AP9kc48!$smPT~0{TcaP10=CoX]%O9e3a\02ImageEncodingDecodingPlugIns"
"ACDSee"="d^i7HZo?'@O[qlZYpOP09ijjnf!}P?!UW?VD9?N2VqtTDP'?E=0(!KZ0p'eCLr}G%%8Q?AQDa7pcdR9.kj2Kt'oGA?r]ENl6nkK=6=UJnz3i=={3ZGb'F(N3Fhu^eOh$Y83chXarC!uIq+polyrLD@(U@Wddg+9sK2bg,'u+Y@7Fap3QknuPe['8dx'eD=s'kw&LyhK(dROGSr^Oq9U$Qehl3u_DMZvSxAsQT@hP^4+L}_mzDGSAsKsfd@gvqw^jY*]EdGT&b8+6-=D1GoJ)1Q9q_l-qyO&q)=mtpqBMA3Svue*oh=3s5@RF7G^JjAvac@VX%}!t2?U)RTl,m@}6N*KJtFUgw@-7h,?d[.M]'9bY+dG+C=Thg.C.x]2F07-v9=Top9[tUT*MwCLge7pFrcp0g=)e'[WRkl$J)aCjzT0d%A)(sOD$Vh&{$wikM@{)D@)XVp2yAY&gjYRyX_34l8?3LT2?xQYtOT5Z9*ZO4=e,$&DuTtpDS=?+]s6rS?b?9mpYq)t7u6yTR%3R[AaFWoN8ru&?YKUQm{3n?=y[X)m'ZXJVsQw0Q*~LO=$0O{&XLU-+7d~l%QYf{8nBD?XkaPtdjtwfy~iG%@OtmSx^Isj$@3Bdyg23{9cGnC8]kA~v8vv[lLqi?=}QqJUhg'rwy8K&Yn{E.?%xc^e{1SHiUD1MFhV%0?Bt,yCECF=thxHZut0K*9Idzt3J@+CPf14xbr!Ga=*sfAv9L_11[WU6j=I+y=X$t]sQ%VYD=5Vt*Umk'@9K,S&IGNGhB3&5,B^pf(V%eqFgkW_B83&5,B^pf(V%eqFgkW_BBsu{dRF1g(Qpy?VXB]2dKsu{dRF1g(Qpy?VXB]2d?su{dRF1g(Qpy?VXB]2d8su{dRF1g(Qpy?VXB]2dNsu{dRF1g(Qpy?VXB]2d"
"ImageEncodingDecodingPlugIns"=""
"DevDetect"="Xr,7,7U].9A2Hm5GP^q2Z3C^kD~$%?=4Y5Jh5).*Eb{Ah'Aur@MHHFRv.9ys"
"ACDSeeTrial"="]ElVtMpB}9D93}Aj+LK'WVRYWas+M=HL_?QYH,cOJFIF52H$.=M='dCuM6I'oUSzu,WSd=vP62)a-GD7w%ixRb@1_?=?]ClWoO2w%.T}Kr3g-AjOnEAd88tt\02ACDSee"
"ArchivePlugIns"=""
"Adobe"="L-MP*7l=m@M=,8Ce^S@Uu?PiJVO,-?ojL+T0FL[A\02ImageEncodingDecodingPlugIns"
"CommandExtensionPlugIns"=""
"Archive"="F4%gcQ=ra8*'bNy0jU*^+'VY)TXgTApP%ef'kHo6\02CommandExtensionPlugIns"
"Canvas"="xK{cITqadAX){Rofa&?c\02ImageEncodingDecodingPlugIns"
"DFinder"="S!RyzgclX?1NzLZ_W=%@=4G6LVa9eAOEx3lON^h0\02CommandExtensionPlugIns"
"DjVu"="Ku[gK-G5u=-2hsoNk(ZfMKkB4{HBY??iOSq0B!'%\02ImageEncodingDecodingPlugIns"
"Email"="=vcJcYlR[?Bvqfu'@[sse!neJmMV6@XdVs7{Mg64\02CommandExtensionPlugIns"
"FPX"=",*IXg-='S?_'W'jvI'fhd@,RhAnz.9C7,MgH?d@mS]-l'.bNj8m}T1p&QUrl\02ImageEncodingDecodingPlugIns"
"HTML"="5+Yg]+YDy@a$R{'kT3[@\02CommandExtensionPlugIns"
"ICN"="99}(ru=*Z9qA@FO}0fFsqk,o]Xf*69f4ev3,U$RX\02ImageEncodingDecodingPlugIns"
"ICO"="RYX+B$xBF?pt+&8^?Bx69-HbLCA$3=x!R1zM.m*q\02ImageEncodingDecodingPlugIns"
"IFF"="S~FM&qf0H@}j8.7c*cUOu0s@E{?Kz?5AXVRDlK4-\02ImageEncodingDecodingPlugIns"
"KDC"="PXq4Z~j6$@yq3w8a=@cw!Kb[y929Y={t1(IBcyMXRgk6Q1]x)?T5x-E'^+ql\02ImageEncodingDecodingPlugIns"
"LHA"="QC!U,9?gY=ZJyOUg!YMVIa1mPfSkD9^X~?GMl,pD\02ArchivePlugIns"
"MAG"="yLr4cB{9c?}'xa$+mfYrir'z'AY]cAiXT!2mzZL9\02ImageEncodingDecodingPlugIns"
"PaneExtension"=""
"PhotoCD"="p1Ao[sa]AAqJyZ&[d@hV0L[.M=YNKAcHPgo}G?&F\02ImageEncodingDecodingPlugIns"
"PIC"="N2G*v@%bj80m@J,eIS't2D&ymg27i9g,9pw54a7f\02ImageEncodingDecodingPlugIns"
"PICT"="F4}_QE}7'8mWBdAeO2paGINQ65aMk=2(ni,'*E7@\02ImageEncodingDecodingPlugIns"
"PIX"="hVq.ZMza_9.Mv59U-m3iorqQ78yaj9]Q*VC=B[fP\02ImageEncodingDecodingPlugIns"
"PNM"="nM(2v.'e}8'gpE%=z8*oTO[Q3ucmr9bT)6YhPFl.\02ImageEncodingDecodingPlugIns"
"PrintsGifts"="Yv+Huydr^@&E'''nK'{gJntb7~NbC9'I!Yv?smnS\02PaneExtension"
"PSD"="A16Z'Libo@miJm+z4_FLb*&A'B3b(A{vPq&q,({S\02ImageEncodingDecodingPlugIns"
"PSP"="JWZm6dwMX=@8MBW%P~LICMPHH.B$F=IKI4$WKf8V\02ImageEncodingDecodingPlugIns"
"RAS"="y{ZxQvQxT?_O@7^348yhi(c~?uf_z8NX6XUtOb[X\02ImageEncodingDecodingPlugIns"
"RSB"="Wjot!T2r-9*FRV.gNc}^2b1_n&lov8[]ja8=ws@)\02ImageEncodingDecodingPlugIns"
"SendPix"="jB3y@EXo(9hR(=m(rMIt$n{5._Pq[A(n_3Cxd8yRrjwg8.gFQ9%6Q84-Uh6=\02CommandExtensionPlugIns"
"SGI"="v~0rhJ)!]@4Lz2MNhL*(_^twL!rxv@T)6?&JxZGo\02ImageEncodingDecodingPlugIns"
"SusieArchive"="O&PCno$pDAcPr15nnj8sp!yjFY@Vo?vBoK5'v!,E\02ArchivePlugIns"
"SusieImage"="^&nYuKuGn@V!pm$uUdv'C^Iv6!l?ZAdAMsl?5z.B\02ImageEncodingDecodingPlugIns"
"TGZ"="C91zKY5.l=g@)^OJw=7nH12x%@TWX@I_xL^p5p+B\02ArchivePlugIns"
"ZIP"="!ZuWyJqoVA?6j73p}e}%3$dP.jfGl@[Uq8*dh.tK\02ArchivePlugIns"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\C65FE06E033C5754483629E1071D54B8\InstallProperties]
@DACL=(02 0000)
"RegOwner"="X"
"RegCompany"="Privé"
"ProductID"="16"
"LocalPackage"="c:\\WINDOWS\\Installer\\465d22.msi"
"AuthorizedCDFPrefix"=""
"Comments"="This database contains the necessary files and logic to install ACDSee and additional support programs and plug-ins where appropriate"
"Contact"="Technical Support"
"DisplayVersion"="6.0.0"
"HelpLink"=expand:"http://www.acdsystems.com/English/Support"
"HelpTelephone"="250-544-6701"
"InstallDate"="20070609"
"InstallLocation"="c:\\Program Files\\ACD Systems\\"
"InstallSource"="c:\\WINDOWS\\Downloaded Installations\\{9BFC0003-66DB-4EC4-B8CF-64E7B2598C22}\\"
"ModifyPath"=expand:"MsiExec.exe /I{E60EF56C-C330-4575-8463-921E70D1458B}"
"NoRepair"=dword:00000001
"Publisher"="ACD Systems Ltd."
"Readme"=expand:"\"\""
"Size"=""
"EstimatedSize"=dword:00005cd4
"UninstallString"=expand:"MsiExec.exe /I{E60EF56C-C330-4575-8463-921E70D1458B}"
"URLInfoAbout"="https://www.acdsee.com/en/index/"
"URLUpdateInfo"="\"\""
"VersionMajor"=dword:00000006
"VersionMinor"=dword:00000000
"WindowsInstaller"=dword:00000001
"Version"=dword:06000000
"Language"=dword:00000409
"DisplayName"="ACDSee 6.0 Standard Trial"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\C8177384E6B569442B38FFBFA5398752\Transforms]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,72,73,76,70,73,70,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,72,73,76,70,73,70,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000018]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000020]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000022]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000023]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'winlogon.exe'(880)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
Heure de fin: 2012-12-25 19:08:29
ComboFix-quarantined-files.txt 2012-12-25 18:08
.
Avant-CF: 28.392.759.296 octets libres
Après-CF: 28.717.211.648 octets libres
.
- - End Of File - - CD48A03F153688040AD6B18C8108F9E7
Je viens de faire un scan de mon pc infecté avec combofix
Quelqu'un peut-il m'aider pour l'analyse du log ? Est-ce qu'il y a encore des infections ?
Si oui, quelle est la procédure à suivre pour toutes les supprimer ?
Merci d'avance de votre aide
ComboFix 12-12-25.02 - Lucky Luc 25/12/2012 18:47:00.3.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.32.1036.18.511.308 [GMT 1:00]
Lancé depuis: c:\documents and settings\Lucky Luc\Bureau\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Lucky Luc\Application Data\inst.exe
c:\documents and settings\Lucky Luc\Application Data\Microsoft\Messenger
c:\documents and settings\Lucky Luc\Application Data\Microsoft\Messenger\activesharingfolder.dat
c:\documents and settings\Lucky Luc\Local Settings\Application Data\assembly\tmp
c:\documents and settings\Lucky Luc\WINDOWS
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\SET104C.tmp
c:\windows\system32\SET1069.tmp
c:\windows\system32\SET10B9.tmp
c:\windows\system32\SET10BD.tmp
c:\windows\system32\SET10BE.tmp
c:\windows\system32\SET10BF.tmp
c:\windows\system32\SET10C0.tmp
c:\windows\system32\SET10C1.tmp
c:\windows\system32\SET10C2.tmp
c:\windows\system32\SET10C3.tmp
c:\windows\system32\SET10C4.tmp
c:\windows\system32\SET10C8.tmp
c:\windows\system32\SET10D1.tmp
c:\windows\system32\SET1143.tmp
c:\windows\system32\SET114C.tmp
c:\windows\system32\SET11E7.tmp
c:\windows\system32\SET11FF.tmp
c:\windows\system32\SET1203.tmp
c:\windows\system32\SET14B.tmp
c:\windows\system32\SET14F.tmp
c:\windows\system32\SET150.tmp
c:\windows\system32\SET155.tmp
c:\windows\system32\SET156.tmp
c:\windows\system32\SET157.tmp
c:\windows\system32\SET159.tmp
c:\windows\system32\SET15B.tmp
c:\windows\system32\SET15D.tmp
c:\windows\system32\SET192.tmp
c:\windows\system32\SET19E.tmp
c:\windows\system32\SET214.tmp
c:\windows\system32\SET22F.tmp
c:\windows\system32\SET2CA.tmp
c:\windows\system32\SET2E8.tmp
c:\windows\system32\SET2F1.tmp
c:\windows\system32\SET72A.tmp
c:\windows\system32\SET747.tmp
c:\windows\system32\SET793.tmp
c:\windows\system32\SET797.tmp
c:\windows\system32\SET798.tmp
c:\windows\system32\SET799.tmp
c:\windows\system32\SET79A.tmp
c:\windows\system32\SET79B.tmp
c:\windows\system32\SET79C.tmp
c:\windows\system32\SET79D.tmp
c:\windows\system32\SET79E.tmp
c:\windows\system32\SET7A6.tmp
c:\windows\system32\SET7AF.tmp
c:\windows\system32\SET825.tmp
c:\windows\system32\SET82E.tmp
c:\windows\system32\SET8C9.tmp
c:\windows\system32\SET8E0.tmp
c:\windows\system32\SET8E4.tmp
c:\windows\system32\SETB1.tmp
c:\windows\system32\SETE1.tmp
c:\windows\system32\Thumbs.db
c:\windows\system32\TZLog.log
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-11-25 au 2012-12-25 ))))))))))))))))))))))))))))))))))))
.
.
2012-12-25 15:53 . 2012-12-25 15:53 -------- d-----w- c:\windows\LastGood
2012-12-25 02:30 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-12-25 02:30 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-12-25 02:29 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-12-25 02:29 . 2012-10-30 22:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-12-25 02:29 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-12-25 02:29 . 2012-10-30 22:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-12-25 02:29 . 2012-10-30 22:51 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-12-25 02:29 . 2012-10-30 22:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-12-25 02:28 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2012-12-25 02:28 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-12-25 02:27 . 2012-12-25 02:27 -------- d-----w- c:\program files\AVAST Software
2012-12-25 02:27 . 2012-12-25 02:27 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2012-12-24 17:17 . 2012-10-12 18:09 22400 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-12-24 15:35 . 2012-12-24 15:36 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit
2012-12-24 01:45 . 2012-05-31 10:25 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-12-24 00:31 . 2012-12-24 00:31 -------- d--h--w- c:\windows\system32\GroupPolicy
2012-12-23 22:49 . 2012-12-23 22:49 91104 ----a-w- c:\program files\Mozilla Firefox\smime3.dll
2012-12-23 22:49 . 2012-12-23 22:49 21472 ----a-w- c:\program files\Mozilla Firefox\plc4.dll
2012-12-23 22:49 . 2012-12-23 22:49 20960 ----a-w- c:\program files\Mozilla Firefox\plds4.dll
2012-12-23 22:49 . 2012-12-23 22:49 16864 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
2012-12-23 22:49 . 2012-12-23 22:49 155104 ----a-w- c:\program files\Mozilla Firefox\softokn3.dll
2012-12-23 22:49 . 2012-12-23 22:49 145376 ----a-w- c:\program files\Mozilla Firefox\ssl3.dll
2012-12-23 22:49 . 2012-12-23 22:49 892176 ----a-w- c:\program files\Mozilla Firefox\uninstall\helper.exe
2012-12-23 22:49 . 2012-12-23 22:49 96224 ----a-w- c:\program files\Mozilla Firefox\webapprt-stub.exe
2012-12-23 22:49 . 2012-12-23 22:49 270816 ----a-w- c:\program files\Mozilla Firefox\updater.exe
2012-12-23 22:49 . 2012-12-23 22:49 157272 ----a-w- c:\program files\Mozilla Firefox\webapp-uninstaller.exe
2012-12-23 22:49 . 2012-12-23 22:49 19424 ----a-w- c:\program files\Mozilla Firefox\xpcom.dll
2012-12-23 22:49 . 2012-12-23 22:49 15112160 ----a-w- c:\program files\Mozilla Firefox\xul.dll
2012-12-23 21:59 . 2012-12-23 21:59 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help
2012-12-23 21:58 . 2012-12-23 21:58 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2012-12-23 21:38 . 2012-12-23 21:38 -------- d-----w- c:\program files\Fichiers communs\Skype
2012-12-23 19:35 . 2012-12-23 19:35 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2012-12-22 16:06 . 2012-08-28 15:04 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2012-12-22 02:11 . 2012-05-28 18:17 536576 ----a-w- c:\program files\Fichiers communs\System\ado\SETBC.tmp
2012-12-22 02:11 . 2012-05-28 18:17 536576 ------w- c:\program files\Fichiers communs\System\ado\SET72E.tmp
2012-12-22 02:11 . 2012-05-28 18:17 536576 ------w- c:\program files\Fichiers communs\System\ado\SET1050.tmp
2012-12-22 02:07 . 2012-12-22 02:07 -------- d-----w- c:\documents and settings\Lucky Luc\Local Settings\Application Data\ESET
2012-12-22 01:15 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-12-22 01:15 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2012-12-22 00:23 . 2012-12-24 15:35 -------- d-----w- c:\documents and settings\Lucky Luc\Application Data\IObit
2012-12-22 00:22 . 2012-12-24 15:35 -------- d-----w- c:\program files\IObit
2012-12-21 16:01 . 2012-12-22 00:41 -------- d-----w- c:\documents and settings\Lucky Luc\Application Data\GlarySoft
2012-12-21 13:15 . 2012-12-21 13:16 -------- d-----w- c:\program files\CrystalDiskInfo
2012-12-21 00:16 . 2012-12-21 00:16 -------- d-----w- c:\program files\SuperCopier2
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-21 00:11 . 2012-10-21 16:22 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-21 00:11 . 2012-10-21 16:22 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-13 11:55 . 2010-08-25 18:04 1866496 ----a-w- c:\windows\system32\win32k.sys
2012-11-02 02:02 . 2010-08-25 18:05 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-10-21 14:38 . 2012-10-21 14:39 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-21 14:38 . 2012-10-21 14:40 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-10-21 14:38 . 2012-08-05 10:36 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-21 14:38 . 2011-06-06 16:09 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-02 18:04 . 2010-08-25 18:04 58368 ----a-w- c:\windows\system32\synceng.dll
2012-09-29 17:54 . 2009-04-12 01:21 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-23 22:50 . 2012-12-23 22:50 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2004-08-19 14:10 60416 --sha-w- c:\windows\BricoPacks\SysFiles\84_MSIMN.EXE
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"LWBKEYBOARD"="c:\program files\Labtec\Desktop\6.0\KbdAp32A.exe" [2007-03-26 395264]
"LWBMOUSE"="c:\program files\Labtec\Desktop\6.0\MOffice.exe" [2007-04-11 457728]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-16 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2003-03-27 53248]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"TWCU"="c:\program files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe" [2010-02-04 561263]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2012-07-03 252848]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
.
c:\documents and settings\Lucky Luc\Menu Démarrer\Programmes\Démarrage\
Poste de travail.lnk - [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-08-26 21:14 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [25/12/2012 3:29 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25/12/2012 3:30 361032]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [10/10/2006 13:53 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [27/02/2007 12:39 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [26/08/2010 22:14 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25/12/2012 3:30 21256]
R2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [28/08/2010 18:26 20328]
R3 powervr;powervr;c:\windows\system32\drivers\powervr.sys [27/09/2002 15:34 566496]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13/07/2012 13:28 160944]
S3 Jukebox3_1394;Jukebox3_1394;c:\windows\system32\drivers\ctpd1394.sys [6/09/2009 18:15 23536]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [24/06/2007 23:33 47360]
S3 PID_400C;Video Blaster WebCam 5 (WDM);c:\windows\system32\drivers\Pd100Vid.sys [26/03/2007 21:30 335980]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16/02/2006 17:51 12872]
S4 Mrxvdsv;Mrxvdsv; [x]
.
Contenu du dossier 'Tâches planifiées'
.
2012-12-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-21 00:11]
.
2012-12-25 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-12-25 22:50]
.
2012-12-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-15 17:35]
.
2012-12-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-15 17:35]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = file:\\c:\program files\Internet Explorer\MyGoogle.html
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Lucky Luc\Application Data\Mozilla\Firefox\Profiles\44nv1hbb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.enabled - false
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-12-20 16:00; nl-NL@dictionaries.addons.mozilla.org; c:\documents and settings\Lucky Luc\Application Data\Mozilla\Firefox\Profiles\44nv1hbb.default\extensions\nl-NL@dictionaries.addons.mozilla.org
FF - ExtSQL: 2012-12-20 16:00; {563e4790-7e70-11da-a72b-0800200c9a66}; c:\documents and settings\Lucky Luc\Application Data\Mozilla\Firefox\Profiles\44nv1hbb.default\extensions\{563e4790-7e70-11da-a72b-0800200c9a66}.xpi
FF - ExtSQL: 2012-12-25 03:30; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.switch.threshold - 1000000
.
- - - - ORPHELINS SUPPRIMES - - - -
.
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-25 19:03
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-436374069-115176313-725345543-1003_Classes\Applications\Photoshop.exe\shell]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-436374069-115176313-725345543-1003_Classes\JavaPlugin.142_05\CLSID]
@DACL=(02 0000)
@="{5852F5ED-8BF4-11D4-A245-0080C6F74284}"
.
[HKEY_USERS\S-1-5-21-436374069-115176313-725345543-1003_Classes\JavaPlugin.150_02\CLSID]
@DACL=(02 0000)
@="{5852F5ED-8BF4-11D4-A245-0080C6F74284}"
.
[HKEY_USERS\S-1-5-21-436374069-115176313-725345543-1003_Classes\JavaPlugin.150_05\CLSID]
@DACL=(02 0000)
@="{5852F5ED-8BF4-11D4-A245-0080C6F74284}"
.
[HKEY_USERS\S-1-5-21-436374069-115176313-725345543-1003_Classes\JavaPlugin.150_06\CLSID]
@DACL=(02 0000)
@="{5852F5ED-8BF4-11D4-A245-0080C6F74284}"
.
[HKEY_USERS\S-1-5-21-436374069-115176313-725345543-1003_Classes\JavaPlugin.150_09\CLSID]
@DACL=(02 0000)
@="{5852F5ED-8BF4-11D4-A245-0080C6F74284}"
.
[HKEY_USERS\S-1-5-21-436374069-115176313-725345543-1003_Classes\JavaPlugin.150_10\CLSID]
@DACL=(02 0000)
@="{5852F5ED-8BF4-11D4-A245-0080C6F74284}"
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,bb,9c,aa,ca,7b,a0,2b,42,80,d7,c2,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,bb,9c,aa,ca,7b,a0,2b,42,80,d7,c2,\
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\Content]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\History]
@DACL=(02 0000)
"Queue"="0"
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\IMSys]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\Network]
@DACL=(02 0000)
"IMBR1"=hex:01,00,00,00,ff,9c,cc,33
"IMBRU"="26AA25BD-224D-482B-81CB-AC704C154AA5"
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\Options]
@DACL=(02 0000)
"UseWPOnDesktop"=dword:00000001
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\PatchUpdates]
@DACL=(02 0000)
"TOTS"=dword:49aace00
"GRTS"=dword:49ab13ab
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\SsData]
@DACL=(02 0000)
"Screensaver"="E9EE8159-84BB-4D910B813-B8CEDC24EAAA"
"SSDefault"="40242AE5-DFC3-4FA108AC7-10CCDD67B640"
"DelayMouseMoveOnPreview"=dword:00000000
"MouseDismissDelayMillisec"=dword:00000000
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\System]
@DACL=(02 0000)
"DefaultSkin"="31E66266-2152-4B4608CB1-C2E183EF1402"
"FIR"=dword:00000001
"NeoManagerFirstInstanceTime"=dword:49aacdaf
.
[HKEY_USERS\S-1-5-21-329068152-1123561945-1801674531-501\Software\Magentic\WpData]
@DACL=(02 0000)
"WallpaperMode"=dword:00000000
"Wallpaper"="8040F8A0-5438-41AF09FEE-61E1CF34CAB5"
"UserPhotoPath"=""
"WPAvgCreationTime"=dword:00000bb8
.
[HKEY_LOCAL_MACHINE\software\54c\2A08021262385]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E6F787C2-C759-4403-B1BD-9359CB96EB04}\TypeLib]
@DACL=(02 0000)
@="{DCB43485-19FB-4D6D-BB3D-73C7F48D5F00}"
.
[HKEY_LOCAL_MACHINE\software\Classes\ppifile\shell]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{075034D6-4432-46EF-AF14-F3021E88CFE7}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"
.
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{1EC0D7B0-A7E7-464E-A2E5-A98D2C78A2B1}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"
.
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{586DDA9D-3455-4C7F-AAD2-0EE94CB2EA63}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"
.
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{7AD76FF8-C20A-4E30-9C56-A58A6E27F3EA}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"
.
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{93F2EB70-60E5-4A11-8866-62CD1DBD8A50}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"
.
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{A70BD689-F574-4781-923B-3E2583268B49}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"
.
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{AAB556BD-EB62-4F90-9DAF-075FA4239861}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"
.
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{AD09045A-3DBF-4A8B-A24D-39609315510B}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IE40.BrowseUI\RegBackup]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP4\KB2229593\Filelist\5]
@DACL=(02 0000)
"FileName"="helpsvc.exe"
"Version"="5.1.2600.5997"
"BuildDate"="Mon Jun 14 16:31 2010"
"BuildCheckSum"="ba245"
"Location"="c:\\WINDOWS\\pchealth\\helpctr\\binaries"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP4\KB2229593\Filelist\6]
@DACL=(02 0000)
"FileName"="helpsvc.exe"
"Version"="5.1.2600.5997"
"BuildDate"="Mon Jun 14 16:31 2010"
"BuildCheckSum"="ba245"
"Location"="c:\\WINDOWS\\system32\\DllCache"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\17AFD8C1970420F48BBB741BC2A165F5]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a28084.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\17BB7F68F8EF60333A529FE30E46718B]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270c33.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\1FDE42FC632E233438BCC407A1B9BC0F]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b699.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\2451D69CF585D214C8A52004DB1A469B]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b69a.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\24DF66A32D05A9E3185BCE3E5E3C90A7]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270bed.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\256917180E811B74A9218FB20F574DBD]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b69b.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\28C9EA2BB7CD1463FB8C7872C5F46370]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270c1b.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\295DC294DD789E13083868560A521636]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270bd0.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\2F2AEE7ADCFB45A45A57B7187A686E85]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270c0e.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\325BFA1894CCB7A338BBFE6ACEC6E73C]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a4717d.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\3D90EFE177C6D6E478F667BC032D50C6]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a28085.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\4152E9034D92C5043B1B417D32B1AF61]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a28086.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\41A670B5874F6653EBA789C5C326F94A]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270c24.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\43F3D5FAA348FB140A3FF2BB0AB09A9B]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a28088.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\484CA1D2615EC8048852CA1B3C65CAA7]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b69f.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\4C9878626E35BDD4F833D8F0E900B0AE]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b6a0.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\5E903427217EC6249BD46B4B52112CF9]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b69c.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\68AB67CA7DA700005205A7C804008022]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\50230d.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\68AB67CA7DA700005205A7C804008032]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\1457c12.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\68AB67CA7DA700005205A7C804008042]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\3f2b2.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\6ADA61945FCC7E03693E761445361DD4]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a4717c.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\6D0233A2508C08244B326B56DB3ED3F8]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\452ecb.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\735890DC758856044B6BCA20C32B4CE8]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\164253.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\7FCDE114D557E4147AB4D3DC56385F98]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\1e0f39.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\82B28DCEEB84C6245BB5E60C22162658]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b698.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\881B67FDBD11CD343A98012492599A97]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a2808b.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\8922FFA100CCB3A468A66CB2383797E4]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\164273.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\91C30D4F0ACD90B4387EEBB3608C4DCD]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a2808d.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\9E0DE89293FE9BB33898F24ED18CCF08]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270c3c.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\B4C419EC05CA8E13D92A51BD928D65F8]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270bda.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\B8F6D1795C8E4A94E93D980C010B8D2D]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a28087.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\BB3686E2280450B3BBC202FE614DDB28]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270bdb.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\BE7C28545F39D804F992A5B51E7E8654]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b69d.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\C3CFBEEB1B8483A43A5C18AB91FDF504]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270bf6.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\DE6BA3F2C1597EC4A89C5864DFFCF1A5]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\99b69e.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\E0337B0F8B42AE34C86D1D4124A8C1CE]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a2808c.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\E54DA494170E9184E8511E40F1FB0F37]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\270c00.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\E6C461BDA4E80374796CED4868BE63F7]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a2808a.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\E9030CAD6F70DA545BFBB5D0FE17FFEE]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\a28089.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Patches\F9DC276355B3ECF3D85A5DC7A31B1005]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\16425c.msp"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\4A44758810A10B4458A8A06E37C8CB7F\Features]
@DACL=(02 0000)
"CRT_WinSXS"="_j0,Y]s!Soe8MkbIdFwUbN^.Zr'AG(u8MkbIdFwUbN^.Zr'AG(*9MkbIdFwU%9YbWIfIbe?9MkbIdFwU_j0,Y]s!Sou8MkbIdFwU_j0,Y]s!So*9MkbIdFwU!N0,YT,$So*9MkbIdFwU!N0,YT,$Sou8MkbIdFwUa@0,YF5$So*9MkbIdFwUe?0,Yk5$So*9MkbIdFwU]A0,Yx4$So*9MkbIdFwUe?0,Yk5$Sou8MkbIdFwUa@0,YF5$Sou8MkbIdFwUXB0,YS4$So*9MkbIdFwU]A0,Yx4$Sou8MkbIdFwUTC0,Y*4$So*9MkbIdFwUPD0,Ya3$So*9MkbIdFwUXB0,YS4$Sou8MkbIdFwU&vv.ZiM}F(*9MkbIdFwUTC0,Y*4$Sou8MkbIdFwULE0,Y83$So*9MkbIdFwUPD0,Ya3$Sou8MkbIdFwULE0,Y83$Sou8MkbIdFwUEgn.Z_T*G(*9MkbIdFwUzH^.ZJcAG(*9MkbIdFwU&vv.ZiM}F(u8MkbIdFwUEgn.Z_T*G(u8MkbIdFwU=6U.Z@jJG(*9MkbIdFwUzH^.ZJcAG(u8MkbIdFwU=6U.Z@jJG(u8MkbIdFwUaZO,H*K2'Ee8MkbIdFwUd?y.IED+lV*9MkbIdFwUaZO,H*K2'E*9MkbIdFwU%?O,H~_2'E*9MkbIdFwUg+O,H9h2'E*9MkbIdFwUc,O,Hog2'E*9MkbIdFwU_-O,HJg2'E*9MkbIdFwUZ.O,H}f2'E*9MkbIdFwUV0O,HWf2'E*9MkbIdFwUR1O,H.f2'E*9MkbIdFwUN2O,Hee2'E*9MkbIdFwU(g70I8-kkV*9MkbIdFwUGW.0I-5tkV*9MkbIdFwU}5y.ItF+lV*9MkbIdFwU@&q.IjM5lV*9MkbIdFwU!M!&ZZc0%ne8MkbIdFwU&-Q([pOMt&*9MkbIdFwU&-Q([pOMt&u8MkbIdFwU+SnXWTvLne?9MkbIdFwU!M!&ZZc0%nu8MkbIdFwU!M!&ZZc0%n*9MkbIdFwUG,!&ZRw0%n*9MkbIdFwU%z~%ZD$1%n*9MkbIdFwUG,!&ZRw0%nu8MkbIdFwU)y~%Zi$1%n*9MkbIdFwU%z~%ZD$1%nu8MkbIdFwU)y~%Zi$1%nu8MkbIdFwU}z~%Zv!1%n*9MkbIdFwUx{~%ZQ!1%n*9MkbIdFwU}z~%Zv!1%nu8MkbIdFwUp~~%Z_~0%n*9MkbIdFwUt}~%Z(!1%n*9MkbIdFwUx{~%ZQ!1%nu8MkbIdFwUt}~%Z(!1%nu8MkbIdFwUJXj([g9-t&*9MkbIdFwUl!!&Z6~0%n*9MkbIdFwUp~~%Z_~0%nu8MkbIdFwUeIb([]D7t&*9MkbIdFwUl!!&Z6~0%nu8MkbIdFwUC'Q([HRMt&*9MkbIdFwUJXj([g9-t&u8MkbIdFwU^sH([=YVt&*9MkbIdFwUeIb([]D7t&u8MkbIdFwUC'Q([HRMt&u8MkbIdFwU^sH([=YVt&u8MkbIdFwU=$k'IN]I8Ce8MkbIdFwUAd9cJeUCHT*9MkbIdFwU=$k'IN]I8C*9MkbIdFwU^cj'IFqI8C*9MkbIdFwUDTj'I]yI8C*9MkbIdFwU@Uj'I4yI8C*9MkbIdFwU8Vj'IjxI8C*9MkbIdFwU4Wj'IExI8C*9MkbIdFwU0Xj'IwwI8C*9MkbIdFwU+Yj'IRwI8C*9MkbIdFwU'Zj'I)wI8C*9MkbIdFwUa0VcJ[C!HT*9MkbIdFwU{{McJQJ,HT*9MkbIdFwUY^9cJ9XCHT*9MkbIdFwUtN1cJ.'LHT*9MkbIdFwU"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\4A44758810A10B4458A8A06E37C8CB7F\InstallProperties]
@DACL=(02 0000)
"LocalPackage"="c:\\WINDOWS\\Installer\\8a46c4.msi"
"AuthorizedCDFPrefix"=""
"Comments"=""
"Contact"=""
"DisplayVersion"="1.0.0.0"
"HelpLink"=""
"HelpTelephone"=""
"InstallDate"="20070410"
"InstallLocation"=""
"InstallSource"="c:\\Program Files\\activePDF\\PrimoPDF\\"
"ModifyPath"=expand:"MsiExec.exe /I{885744A4-1A01-44B0-858A-0AE6738CBCF7}"
"Publisher"="activePDF, Inc."
"Readme"=""
"Size"=""
"EstimatedSize"=dword:00000fb0
"UninstallString"=expand:"MsiExec.exe /I{885744A4-1A01-44B0-858A-0AE6738CBCF7}"
"URLInfoAbout"=""
"URLUpdateInfo"=""
"VersionMajor"=dword:00000001
"VersionMinor"=dword:00000000
"WindowsInstaller"=dword:00000001
"Version"=dword:01000000
"Language"=dword:00000409
"DisplayName"="PrimoPDF Redistribution Package"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\9040110900063D11C8EF10054038389C\Features]
@DACL=(02 0000)
"OPCRemovePreviousMax"="\02AlwaysInstalled"
"OPCRemovePreviousMin"="\02AlwaysInstalled"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\9040110900063D11C8EF10054038389C\InstallProperties]
@DACL=(02 0000)
"QuietUninstallString"="MsiExec.Exe /x {90110409-6000-11D3-8CFE-0150048383C9} /qn"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\c049C053C7D38EE4AB9A00CB3B5D2472\Features]
@DACL=(02 0000)
"WebPublFiles"="]aZF&kXsf(lf*L[_GKba}gbvW,Qmf(G'*L[H+8]bZ}IuVaZtf(Cyn.Q2tAE!_{@h=i,nf(R8(L[JO9}X_}M^V8Xqf(Rp)L[_GKbahlT]jI{jf(=1&L[-81-]I-M04-B~f(8Hw.QdFt.0T4}vzw$wf(dKr.QPSdMu"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\C65FE06E033C5754483629E1071D54B8\Features]
@DACL=(02 0000)
"X"="9!CSbHOa'AH^LbXu6rdD5UP.+3Xx)=SXC.NJ0mG'\02ImageEncodingDecodingPlugIns"
"Font"="kqBx'JW_e?I-^e?1w9ZAab_.d-~Jw8+KFZpSR+gC\02ImageEncodingDecodingPlugIns"
"Media"="Hv~SBRnct94mmS1_Zdq^']~AOmAIR@+eeh4'?Mze-)%UDnvSn=_!6JzU60{9ugr1s8(AP9kc48!$smPT~0{TcaP10=CoX]%O9e3a\02ImageEncodingDecodingPlugIns"
"ACDSee"="d^i7HZo?'@O[qlZYpOP09ijjnf!}P?!UW?VD9?N2VqtTDP'?E=0(!KZ0p'eCLr}G%%8Q?AQDa7pcdR9.kj2Kt'oGA?r]ENl6nkK=6=UJnz3i=={3ZGb'F(N3Fhu^eOh$Y83chXarC!uIq+polyrLD@(U@Wddg+9sK2bg,'u+Y@7Fap3QknuPe['8dx'eD=s'kw&LyhK(dROGSr^Oq9U$Qehl3u_DMZvSxAsQT@hP^4+L}_mzDGSAsKsfd@gvqw^jY*]EdGT&b8+6-=D1GoJ)1Q9q_l-qyO&q)=mtpqBMA3Svue*oh=3s5@RF7G^JjAvac@VX%}!t2?U)RTl,m@}6N*KJtFUgw@-7h,?d[.M]'9bY+dG+C=Thg.C.x]2F07-v9=Top9[tUT*MwCLge7pFrcp0g=)e'[WRkl$J)aCjzT0d%A)(sOD$Vh&{$wikM@{)D@)XVp2yAY&gjYRyX_34l8?3LT2?xQYtOT5Z9*ZO4=e,$&DuTtpDS=?+]s6rS?b?9mpYq)t7u6yTR%3R[AaFWoN8ru&?YKUQm{3n?=y[X)m'ZXJVsQw0Q*~LO=$0O{&XLU-+7d~l%QYf{8nBD?XkaPtdjtwfy~iG%@OtmSx^Isj$@3Bdyg23{9cGnC8]kA~v8vv[lLqi?=}QqJUhg'rwy8K&Yn{E.?%xc^e{1SHiUD1MFhV%0?Bt,yCECF=thxHZut0K*9Idzt3J@+CPf14xbr!Ga=*sfAv9L_11[WU6j=I+y=X$t]sQ%VYD=5Vt*Umk'@9K,S&IGNGhB3&5,B^pf(V%eqFgkW_B83&5,B^pf(V%eqFgkW_BBsu{dRF1g(Qpy?VXB]2dKsu{dRF1g(Qpy?VXB]2d?su{dRF1g(Qpy?VXB]2d8su{dRF1g(Qpy?VXB]2dNsu{dRF1g(Qpy?VXB]2d"
"ImageEncodingDecodingPlugIns"=""
"DevDetect"="Xr,7,7U].9A2Hm5GP^q2Z3C^kD~$%?=4Y5Jh5).*Eb{Ah'Aur@MHHFRv.9ys"
"ACDSeeTrial"="]ElVtMpB}9D93}Aj+LK'WVRYWas+M=HL_?QYH,cOJFIF52H$.=M='dCuM6I'oUSzu,WSd=vP62)a-GD7w%ixRb@1_?=?]ClWoO2w%.T}Kr3g-AjOnEAd88tt\02ACDSee"
"ArchivePlugIns"=""
"Adobe"="L-MP*7l=m@M=,8Ce^S@Uu?PiJVO,-?ojL+T0FL[A\02ImageEncodingDecodingPlugIns"
"CommandExtensionPlugIns"=""
"Archive"="F4%gcQ=ra8*'bNy0jU*^+'VY)TXgTApP%ef'kHo6\02CommandExtensionPlugIns"
"Canvas"="xK{cITqadAX){Rofa&?c\02ImageEncodingDecodingPlugIns"
"DFinder"="S!RyzgclX?1NzLZ_W=%@=4G6LVa9eAOEx3lON^h0\02CommandExtensionPlugIns"
"DjVu"="Ku[gK-G5u=-2hsoNk(ZfMKkB4{HBY??iOSq0B!'%\02ImageEncodingDecodingPlugIns"
"Email"="=vcJcYlR[?Bvqfu'@[sse!neJmMV6@XdVs7{Mg64\02CommandExtensionPlugIns"
"FPX"=",*IXg-='S?_'W'jvI'fhd@,RhAnz.9C7,MgH?d@mS]-l'.bNj8m}T1p&QUrl\02ImageEncodingDecodingPlugIns"
"HTML"="5+Yg]+YDy@a$R{'kT3[@\02CommandExtensionPlugIns"
"ICN"="99}(ru=*Z9qA@FO}0fFsqk,o]Xf*69f4ev3,U$RX\02ImageEncodingDecodingPlugIns"
"ICO"="RYX+B$xBF?pt+&8^?Bx69-HbLCA$3=x!R1zM.m*q\02ImageEncodingDecodingPlugIns"
"IFF"="S~FM&qf0H@}j8.7c*cUOu0s@E{?Kz?5AXVRDlK4-\02ImageEncodingDecodingPlugIns"
"KDC"="PXq4Z~j6$@yq3w8a=@cw!Kb[y929Y={t1(IBcyMXRgk6Q1]x)?T5x-E'^+ql\02ImageEncodingDecodingPlugIns"
"LHA"="QC!U,9?gY=ZJyOUg!YMVIa1mPfSkD9^X~?GMl,pD\02ArchivePlugIns"
"MAG"="yLr4cB{9c?}'xa$+mfYrir'z'AY]cAiXT!2mzZL9\02ImageEncodingDecodingPlugIns"
"PaneExtension"=""
"PhotoCD"="p1Ao[sa]AAqJyZ&[d@hV0L[.M=YNKAcHPgo}G?&F\02ImageEncodingDecodingPlugIns"
"PIC"="N2G*v@%bj80m@J,eIS't2D&ymg27i9g,9pw54a7f\02ImageEncodingDecodingPlugIns"
"PICT"="F4}_QE}7'8mWBdAeO2paGINQ65aMk=2(ni,'*E7@\02ImageEncodingDecodingPlugIns"
"PIX"="hVq.ZMza_9.Mv59U-m3iorqQ78yaj9]Q*VC=B[fP\02ImageEncodingDecodingPlugIns"
"PNM"="nM(2v.'e}8'gpE%=z8*oTO[Q3ucmr9bT)6YhPFl.\02ImageEncodingDecodingPlugIns"
"PrintsGifts"="Yv+Huydr^@&E'''nK'{gJntb7~NbC9'I!Yv?smnS\02PaneExtension"
"PSD"="A16Z'Libo@miJm+z4_FLb*&A'B3b(A{vPq&q,({S\02ImageEncodingDecodingPlugIns"
"PSP"="JWZm6dwMX=@8MBW%P~LICMPHH.B$F=IKI4$WKf8V\02ImageEncodingDecodingPlugIns"
"RAS"="y{ZxQvQxT?_O@7^348yhi(c~?uf_z8NX6XUtOb[X\02ImageEncodingDecodingPlugIns"
"RSB"="Wjot!T2r-9*FRV.gNc}^2b1_n&lov8[]ja8=ws@)\02ImageEncodingDecodingPlugIns"
"SendPix"="jB3y@EXo(9hR(=m(rMIt$n{5._Pq[A(n_3Cxd8yRrjwg8.gFQ9%6Q84-Uh6=\02CommandExtensionPlugIns"
"SGI"="v~0rhJ)!]@4Lz2MNhL*(_^twL!rxv@T)6?&JxZGo\02ImageEncodingDecodingPlugIns"
"SusieArchive"="O&PCno$pDAcPr15nnj8sp!yjFY@Vo?vBoK5'v!,E\02ArchivePlugIns"
"SusieImage"="^&nYuKuGn@V!pm$uUdv'C^Iv6!l?ZAdAMsl?5z.B\02ImageEncodingDecodingPlugIns"
"TGZ"="C91zKY5.l=g@)^OJw=7nH12x%@TWX@I_xL^p5p+B\02ArchivePlugIns"
"ZIP"="!ZuWyJqoVA?6j73p}e}%3$dP.jfGl@[Uq8*dh.tK\02ArchivePlugIns"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\C65FE06E033C5754483629E1071D54B8\InstallProperties]
@DACL=(02 0000)
"RegOwner"="X"
"RegCompany"="Privé"
"ProductID"="16"
"LocalPackage"="c:\\WINDOWS\\Installer\\465d22.msi"
"AuthorizedCDFPrefix"=""
"Comments"="This database contains the necessary files and logic to install ACDSee and additional support programs and plug-ins where appropriate"
"Contact"="Technical Support"
"DisplayVersion"="6.0.0"
"HelpLink"=expand:"http://www.acdsystems.com/English/Support"
"HelpTelephone"="250-544-6701"
"InstallDate"="20070609"
"InstallLocation"="c:\\Program Files\\ACD Systems\\"
"InstallSource"="c:\\WINDOWS\\Downloaded Installations\\{9BFC0003-66DB-4EC4-B8CF-64E7B2598C22}\\"
"ModifyPath"=expand:"MsiExec.exe /I{E60EF56C-C330-4575-8463-921E70D1458B}"
"NoRepair"=dword:00000001
"Publisher"="ACD Systems Ltd."
"Readme"=expand:"\"\""
"Size"=""
"EstimatedSize"=dword:00005cd4
"UninstallString"=expand:"MsiExec.exe /I{E60EF56C-C330-4575-8463-921E70D1458B}"
"URLInfoAbout"="https://www.acdsee.com/en/index/"
"URLUpdateInfo"="\"\""
"VersionMajor"=dword:00000006
"VersionMinor"=dword:00000000
"WindowsInstaller"=dword:00000001
"Version"=dword:06000000
"Language"=dword:00000409
"DisplayName"="ACDSee 6.0 Standard Trial"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\C8177384E6B569442B38FFBFA5398752\Transforms]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,72,73,76,70,73,70,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,72,73,76,70,73,70,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000018]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000020]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000022]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000023]
@DACL=(02 0000)
@SACL=
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,
6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,\
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'winlogon.exe'(880)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
Heure de fin: 2012-12-25 19:08:29
ComboFix-quarantined-files.txt 2012-12-25 18:08
.
Avant-CF: 28.392.759.296 octets libres
Après-CF: 28.717.211.648 octets libres
.
- - End Of File - - CD48A03F153688040AD6B18C8108F9E7
A voir également:
- Log Combofix besoin d'aide
- Aide au logement - Guide
- Vpn no log - Guide
- Log freebox - Forum Freebox
- View rescue log - Guide
- Log crash windows - Guide
8 réponses
re,
Lenteur ne signifie pas infection.
Désinstalle Spybot S&D (de toute façon obsolète) et SUPERAntiSpyware.
A +
Lenteur ne signifie pas infection.
Désinstalle Spybot S&D (de toute façon obsolète) et SUPERAntiSpyware.
A +
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
mon portable vaio a été infecté par cette crasse de virus de la police
(voir mon autre post)
ma tour n'a pas été infectée par ce virus de la police
(voir mon autre post)
ma tour n'a pas été infectée par ce virus de la police
ok :)
Ouvre la commande Exécuter en pressant Windows + R
● Dans la boite de dialogue, tape ComboFix /Uninstall
● Valide par Ok puis suivre les invites à l'écran.
● Un message confirme que ComboFix a été désinstallé.
Garde tes logiciels à jour :
Maintenir Java, Adobe Reader et le player Flash à jour ou bien tu peux utiliser cet outil : Vérifier et mettre à jour facilement les logiciels à risque avec SX Check&Update
!! Décoche les cases proposant des logiciels partenaires pendant les installations !!
Désinstalle les anciennes versions de Java si tu en as encore installées.
https://www.java.com/fr/download/help/remove_olderversions.html
Joyeuses Fêtes
ps : pour l'autre pc, un autre membre de CCM regardera car moi je vais me déconnecter bientôt.
Ouvre la commande Exécuter en pressant Windows + R
● Dans la boite de dialogue, tape ComboFix /Uninstall
● Valide par Ok puis suivre les invites à l'écran.
● Un message confirme que ComboFix a été désinstallé.
Garde tes logiciels à jour :
Maintenir Java, Adobe Reader et le player Flash à jour ou bien tu peux utiliser cet outil : Vérifier et mettre à jour facilement les logiciels à risque avec SX Check&Update
!! Décoche les cases proposant des logiciels partenaires pendant les installations !!
Désinstalle les anciennes versions de Java si tu en as encore installées.
https://www.java.com/fr/download/help/remove_olderversions.html
Joyeuses Fêtes
ps : pour l'autre pc, un autre membre de CCM regardera car moi je vais me déconnecter bientôt.
