inkolune

Membres

Afficher le profil Afficher son activité

Compteur de contenus
64
Inscription
le 8 février 2006
Dernière visite
le 16 août 2008

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par inkolune

infecté par Trojan.Win32.Agent.cs

inkolune a posté un sujet dans Analyses et éradication malwares

Bonjour, je me retrouve face à un virus que Kaspersky ne sait pas effacer... et l'alerte ne cesse de revenir...pouvez-vous m'aider? voici le rapport hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 12:57:54, on 7/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\NotifyPhoneBook.exe C:\Program Files\Belgacom\bin\sprtcmd.exe C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe C:\Program Files\Fichiers communs\Sony Shared\GMR\GMRMan.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAutoUpdate.exe C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\MS_update_0612_KB74062.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.skynet.be/search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: CIEPl Object - {02E60F0E-0497-4F6D-9214-39335A631A70} - C:\WINDOWS\system32\service.dll O2 - BHO: Acrobat Helper - {06846E6F-C8D7-4D56-B87D-784B7D6BE083} - C:\WINDOWS\system\ctlsdlg.dll (file missing) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {36645342-9475-2663-166A-466739207346} - C:\WINDOWS\system32\ipv6motp.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [AME_CSA] rundll32 csa.cpl,RUN_DLL O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe" O4 - HKLM\..\Run: [OfficeGuard RegChecker] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\ogrc.exe" O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /wait O4 - HKLM\..\Run: [sxalaaaa] C:\WINDOWS\system32\sxalaaaa.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [CONNECTScheduler] "C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" /RUN_SCHEDULER O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [sxalaaaa] C:\WINDOWS\system32\sxalaaaa.exe O4 - Global Startup: CONNECTAUTrayApp.lnk = C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: MS_update_0612_KB74062.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {33331111-1111-1111-1111-611111193423} - O16 - DPF: {33331111-1111-1111-1111-615111193427} - O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{AC854101-7275-4C52-80EE-D4C64BB5AF5E}: NameServer = 195.238.2.21 195.238.2.22 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: service - C:\WINDOWS\SYSTEM32\service.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVP Control Centre Service (AVPCC) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /service (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: KAV Monitor Service (KAVMonitorService) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe" /service (file missing) O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
- le 7 mars 2007
- 18 réponses
spyfalcon + hijackthis

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

rebonjour... mon ordi est vrmt très lent à présent..je me suis dit que c'était peut-être à cause de tous les logiciels que j'ai du installer pour la désinfection alors je les ai désinstallé..mais ça n'a rien changer et j'ai vu que dans ajouts/supression de programme, hijackthis faisait plus de 1Go..alors je l'ai aussi désinstaller..mais maintenant que je fais dans programme files, il me dit que renommer, déplacer ou supprimer hijackthis pourraient empéché certains programmes de fonctionner..alors je suis un peu perdu... et le dossier "links" ne veut réapparait tout le temps dans mes favoris.. et derniere chose, j'ai reçu 3 messages d' "arrêt du système" hier qui dit : "arrêt du système. Veuillez enregistrer tous les travaus en cours et quitter votre session. Toutes les modifications non enregistrées seront perdues. Cet arrêt a été initié par AUTORITE NT\SYSTEM temps restant avant l'arrêt du systeme: 00:00:59 message - Le processus système 'C:\WINDOWS\system32\lsass.exe' s'est terminé de manière inattendue avec le code d'état 128. Le système va maintenant s'éteindre et redémarrer." enfin voilà merci bien!
- le 7 mars 2006
- 15 réponses
spyfalcon + hijackthis

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

voilà le truc de la restauration système est effectué!! mon ordi semble fonctionner correctement...hormis le fait que un dossier links vient se créer dans mes favoris...pas très genant mais bizarre... et mes fenetres explorer s'ouvrent toute petite...enfait, elles s'ouvrent réduites au maximum et je sais pas comment on change ça... enfin voilà, merci bcp bcp de l'aide précieuse que vous m'apporter cher Mr Ingals
- le 4 mars 2006
- 15 réponses
spyfalcon + hijackthis

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

le voici fait jeudi 2 mars 2006 22:12:28 Système d'exploitation : Microsoft Windows XP Professional, Service Pack 1 (Build 2600) Version de Kaspersky On-line Scanner: 5.0.78.0 Dernière mise à jour de la base antivirus Kaspersky : 2/03/2006 Enregistrements dans la base antivirus Kaspersky : 168822 Paramètres d'analyse Analyser avec la base antivirus suivante standard Analyser les archives vrai Analyser les bases de messagerie. vrai Cible de l'analyse Poste de travail A:\ C:\ D:\ E:\ Statistiques de l'analyse Total d'objets analysés : 56080 Nombre de virus trouvés 4 Nombre d'objets infectés 6 Nombre d'objets suspects 0 Durée de l'analyse 01:18:07 Nom de l'objet infecté Nom du virus Dernière action C:\!KillBox\dfrgsrv.exe Infecté: Trojan-Downloader.Win32.Zlob.hd ignoré C:\!KillBox\svlmngr.exe Infecté: Backdoor.Win32.Rbot.anx ignoré C:\System Volume Information\_restore{09D26824-11BE-49E1-A012-B4DC92ADD04F}\RP52\A0023535.dll Infecté: not-virus:Hoax.Win32.Renos.v ignoré C:\System Volume Information\_restore{09D26824-11BE-49E1-A012-B4DC92ADD04F}\RP52\A0023537.tlb Infecté: Trojan-Downloader.Win32.Zlob.gw ignoré C:\System Volume Information\_restore{09D26824-11BE-49E1-A012-B4DC92ADD04F}\RP55\A0023673.exe Infecté: Trojan-Downloader.Win32.Zlob.hd ignoré C:\System Volume Information\_restore{09D26824-11BE-49E1-A012-B4DC92ADD04F}\RP55\A0023674.exe Infecté: Backdoor.Win32.Rbot.anx ignoré Analyse terminée.
- le 2 mars 2006
- 15 réponses
spyfalcon + hijackthis

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

voilà qui est fait et oui, j'avais bien enlevé lui => -C:\WINDOWS\system32\svlmngr.exe ..euh enfin, il n'était déjà plus là..et là, je viens de vérifier, il n'y est tjs pas... et pour ATF cleaner, fallait-il tjs cocher ça? Windows Temp Current User Temp All Users Temp Temporary Internet Files Prefetch Java Cache si oui, tant mieux..sinon..faudra recommencer. voilà merci bcp!!
- le 1 mars 2006
- 15 réponses
spyfalcon + hijackthis

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

voici après 1h47' de scan!!! mercredi 1 mars 2006 12:20:29 Système d'exploitation : Microsoft Windows XP Professional, Service Pack 1 (Build 2600) Version de Kaspersky On-line Scanner: 5.0.78.0 Dernière mise à jour de la base antivirus Kaspersky : 1/03/2006 Enregistrements dans la base antivirus Kaspersky : 168465 Paramètres d'analyse Analyser avec la base antivirus suivante standard Analyser les archives vrai Analyser les bases de messagerie. vrai Cible de l'analyse Poste de travail A:\ C:\ D:\ E:\ Statistiques de l'analyse Total d'objets analysés : 53149 Nombre de virus trouvés 5 Nombre d'objets infectés 6 Nombre d'objets suspects 0 Durée de l'analyse 01:47:00 Nom de l'objet infecté Nom du virus Dernière action C:\System Volume Information\_restore{09D26824-11BE-49E1-A012-B4DC92ADD04F}\RP52\A0023535.dll Infecté: not-virus:Hoax.Win32.Renos.v ignoré C:\System Volume Information\_restore{09D26824-11BE-49E1-A012-B4DC92ADD04F}\RP52\A0023537.tlb Infecté: Trojan-Downloader.Win32.Zlob.gw ignoré C:\WINDOWS\system32\dfrgsrv.exe Infecté: Trojan-Downloader.Win32.Zlob.hd ignoré C:\WINDOWS\system32\i Infecté: Trojan-Downloader.BAT.Ftp.ab ignoré C:\WINDOWS\system32\ii Infecté: Trojan-Downloader.BAT.Ftp.ab ignoré C:\WINDOWS\system32\svlmngr.exe Infecté: Backdoor.Win32.Rbot.anx ignoré Analyse terminée.
- le 1 mars 2006
- 15 réponses
spyfalcon + hijackthis

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

voici le rapport hijackthis Logfile of HijackThis v1.99.1 Scan saved at 21:29:27, on 28/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avast4\aswUpdSv.exe C:\Program Files\Avast4\ashServ.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Avast4\ashDisp.exe C:\WINDOWS\System32\GSICON.EXE C:\WINDOWS\System32\dslagent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\Mixer.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\Avast4\ashMaiSv.exe C:\Program Files\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Hijackthis\HijackThis.exe O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Barre d'outils de MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-be\msntb.dll (file missing) O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Recherche sur le bureau de Windows.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-be\bin\WindowsSearch.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-be\msntb.dll/search.htm O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-be\msntabres.dll/229?5939264ccc6744de8c8196e0654ae642 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-be\msntabres.dll/230?5939264ccc6744de8c8196e0654ae642 O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O17 - HKLM\System\CCS\Services\Tcpip\..\{0ED3919B-0E07-4C12-8C67-7E6A8867EF09}: NameServer = 195.238.2.21 195.238.2.22 O17 - HKLM\System\CS1\Services\Tcpip\..\{0ED3919B-0E07-4C12-8C67-7E6A8867EF09}: NameServer = 195.238.2.21 195.238.2.22 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe et le ewido --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 21:07:54, 28/02/2006 + Somme de contrôle: 75E49DF0 + Résultats du scan: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objecta\{4da4616d-7e6e-4fd9-a2d5-b6c535733e22} -> Adware.Generic : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@adtech[2].txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@as-us.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@qksrv[1].txt -> TrackingCookie.Qksrv : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@sel.as-us.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@trafficmp[2].txt -> TrackingCookie.Trafficmp : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@wreport.weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Cookies\moi@zedo[2].txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Local Settings\Temp\Cookies\moi@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Local Settings\Temp\Cookies\moi@spylog[1].txt -> TrackingCookie.Spylog : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Local Settings\Temp\Cookies\moi@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Local Settings\Temp\Cookies\moi@weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Local Settings\Temp\Cookies\moi@wreport.weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\mOi\Local Settings\Temp\Cookies\moi@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder ::Fin du rapport voilà!merci bcp!tout c'est fait sans problème!
- le 28 février 2006
- 15 réponses
spyfalcon + hijackthis

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

merci bcp monsieur hingals =) est-ce normal que ça m'ai lancé en même temps un nettoya de disque???quoi qu'il en soit, c'est fait... voici pour ce qu'il est du rapport de smitfraudfix SmitFraudFix v2.21 Rapport fait à 9:49:28,47 le lun. 27/02/2006 Executé à partir de C:\Documents and Settings\mOi\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\ »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» Recherche ...\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Recherche Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» Recherche Bureau »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Recherche éléments du bureau »»»»»»»»»»»»»»»»»»»»»»»» Recherche Sharedtaskscheduler SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" [HKEY_CLASSES_ROOT\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" [HKEY_CLASSES_ROOT\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport et voici le log hijackthis Logfile of HijackThis v1.99.1 Scan saved at 9:50:29, on 27/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avast4\aswUpdSv.exe C:\Program Files\Avast4\ashServ.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Avast4\ashDisp.exe C:\WINDOWS\System32\GSICON.EXE C:\WINDOWS\System32\dslagent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\Mixer.exe C:\WINDOWS\System32\svlmngr.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Avast4\ashMaiSv.exe C:\Program Files\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Barre d'outils de MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-be\msntb.dll (file missing) O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [svlmngr] svlmngr.exe O4 - HKLM\..\RunServices: [svlmngr] svlmngr.exe O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Compaqs Service Driver] copypad32.exe O4 - HKCU\..\RunServices: [Compaqs Service Driver] copypad32.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Recherche sur le bureau de Windows.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-be\bin\WindowsSearch.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-be\msntb.dll/search.htm O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-be\msntabres.dll/229?5939264ccc6744de8c8196e0654ae642 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-be\msntabres.dll/230?5939264ccc6744de8c8196e0654ae642 O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Sha...t//DexiaIIA.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{0ED3919B-0E07-4C12-8C67-7E6A8867EF09}: NameServer = 195.238.2.21 195.238.2.22 O17 - HKLM\System\CS1\Services\Tcpip\..\{0ED3919B-0E07-4C12-8C67-7E6A8867EF09}: NameServer = 195.238.2.21 195.238.2.22 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe =) merci bcp!j'attends la suite des opérations!
- le 27 février 2006
- 15 réponses
spyfalcon + hijackthis

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

voici le rapport SmitFraudFix v2.21 Rapport fait à 21:22:12,61 le dim. 26/02/2006 Executé à partir de C:\Documents and Settings\mOi\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\ »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32 C:\WINDOWS\system32\dxmpp.dll PRESENT ! C:\WINDOWS\system32\ld????.tmp PRESENT ! C:\WINDOWS\system32\mssearchnet.exe PRESENT ! C:\WINDOWS\system32\msvol.tlb PRESENT ! C:\WINDOWS\system32\ncompat.tlb PRESENT ! C:\WINDOWS\system32\nvctrl.exe PRESENT ! C:\WINDOWS\system32\ot.ico PRESENT ! C:\WINDOWS\system32\1024\ PRESENT! »»»»»»»»»»»»»»»»»»»»»»»» Recherche ...\Application Data C:\Documents and Settings\mOi\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyFalcon 2.0.lnk PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Recherche Menu Démarrer C:\Documents and Settings\mOi\Menu Démarrer\SpyFalcon 2.0.lnk PRESENT ! C:\Documents and Settings\mOi\Menu Démarrer\Programmes\SpyFalcon PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Recherche Bureau »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files C:\Program Files\SpyFalcon\ PRESENT! »»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Recherche éléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Recherche Sharedtaskscheduler SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" [HKEY_CLASSES_ROOT\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" [HKEY_CLASSES_ROOT\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{D1A2E7CD-F5C1-21A8-CA2C-13D0AC72D19D}"="Wheel Mouse Optical Driver" [HKEY_CLASSES_ROOT\CLSID\{D1A2E7CD-F5C1-21A8-CA2C-13D0AC72D19D}\InProcServer32] @="C:\WINDOWS\System32\dxmpp.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{D1A2E7CD-F5C1-21A8-CA2C-13D0AC72D19D}\InProcServer32] @="C:\WINDOWS\System32\dxmpp.dll" »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport merci bcp, j'attends la suite!
- le 26 février 2006
- 15 réponses
spyfalcon + hijackthis

inkolune a posté un sujet dans Analyses et éradication malwares

voici quelque jour que spyfalcon s'installe tout seul sur mon ordinateur et puis ben voilà, j'arrive pas à m'en débarrasser et si en même temps, il y a moyen de regarder l'état de mon ordi =) merci voici le rapport hijackthis! Logfile of HijackThis v1.99.1 Scan saved at 13:57:54, on 23/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avast4\aswUpdSv.exe C:\Program Files\Avast4\ashServ.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\mssearchnet.exe C:\PROGRA~1\Avast4\ashDisp.exe C:\WINDOWS\System32\GSICON.EXE C:\WINDOWS\System32\dslagent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\Mixer.exe C:\WINDOWS\System32\svlmngr.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Avast4\ashMaiSv.exe C:\Program Files\Avast4\ashWebSv.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\SpyFalcon\SpyFalcon.exe C:\Program Files\SpyFalcon\SpyFalcon.exe C:\Program Files\eMule\emule.exe C:\Program Files\SLD Codec Pack\mplayerc.exe C:\Program Files\AAA\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Barre d'outils de MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-be\msntb.dll (file missing) O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [svlmngr] svlmngr.exe O4 - HKLM\..\Run: [spyFalcon] C:\Program Files\SpyFalcon\SpyFalcon.exe /h O4 - HKLM\..\RunServices: [svlmngr] svlmngr.exe O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Compaqs Service Driver] copypad32.exe O4 - HKCU\..\RunServices: [Compaqs Service Driver] copypad32.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Recherche sur le bureau de Windows.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-be\bin\WindowsSearch.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-be\msntb.dll/search.htm O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-be\msntabres.dll/229?5939264ccc6744de8c8196e0654ae642 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-be\msntabres.dll/230?5939264ccc6744de8c8196e0654ae642 O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Sha...t//DexiaIIA.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{0ED3919B-0E07-4C12-8C67-7E6A8867EF09}: NameServer = 195.238.2.21 195.238.2.22 O17 - HKLM\System\CS1\Services\Tcpip\..\{0ED3919B-0E07-4C12-8C67-7E6A8867EF09}: NameServer = 195.238.2.21 195.238.2.22 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
- le 26 février 2006
- 15 réponses
L'antivirus me signale des problèmes sur mon PC

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

ben en sommes, il n'y a pas eu de rapport...
- le 17 février 2006
- 53 réponses
L'antivirus me signale des problèmes sur mon PC

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

voilà, le scan est fini et il y a des failles de sécurité détectées...
- le 15 février 2006
- 53 réponses
L'antivirus me signale des problèmes sur mon PC

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

j'ai essayé une fois et ça ne faisait rien alors j'ai réessayé et à un moment, il m'a envoyé un rapport d'erreur parlant de getMAC.exe qui ne répondait pas...=\ en y réfléchissant...c'est moi qui ai foiré la premiere fois..MAis la deuxieme fois, il y a bien eu ce problème avec getMAC.exe... maintenant, ça scanne =)
- le 15 février 2006
- 53 réponses
L'antivirus me signale des problèmes sur mon PC

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

kaspersky ne fonctionne pas non plus...
- le 15 février 2006
- 53 réponses
L'antivirus me signale des problèmes sur mon PC

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

hum je savais pas pour le p2p...mais par rapport au lowID que j'aimerai voir en highID, ya pas moyen de savoir sans parler de p2p =)? hum d'accord comme vous voudrez... euh le scan panda ne veut pas démarrer bien que j'ai désactivé Avast...
- le 15 février 2006
- 53 réponses
L'antivirus me signale des problèmes sur mon PC

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

ah ok... et qu'est-ce que ça veut dire le lowID sur emule...il me met ceci "You have a lowid. Please review your network config and/or your settings." ..[et enfait, avant cette manipulation, j'avais un highID...ça a un rapport?] et voici le rapport hijackthis Logfile of HijackThis v1.99.1 Scan saved at 16:44:40, on 15/02/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\NotifyPhoneBook.exe C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Winamp\Winamp.exe C:\Program Files\eMule\emule.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Hijakthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67}: NameServer = 195.238.2.21 195.238.2.22 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe tjs la ligne 017...et je ne peux pas la fixer directement avec hijackthis?
- le 15 février 2006
- 53 réponses
L'antivirus me signale des problèmes sur mon PC

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

excusez moi de ma lenteur..mais je n'ai pas eu accès à cet ordi depuis dimanche ..désolé! j'avais bien fait la manipulation avec Fixwareout en mode normal et rien trouvé [je viens de le refaire une fois]. j'ai enlevé les deux adresses et j'ai remplacé par "Obtenir l'adresse de serveurs DNS automatiquement" [ ça sert à quoi ça???] et voici le rapport regsearch =) REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.0.1 ; Results at 15/02/2006 16:10:44 for strings: ; '{736e6c5e-bbe5-4a71-aecd-8bcdacb11b67}' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dhcp\Parameters] "{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67}"=hex:0f,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,fc,43,f3,43,f9,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ fc,43,f3,43,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,fc,43,f3,43,2b,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,fc,43,f3,43,2c,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,fc,43,f3,43,06,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,fc,43,f3,43 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\lanmanserver\Linkage] ; Contents of value: ; \Device\NetbiosSmb ; \Device\NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Bind"=hex(7):5c,44,65,76,69,63,65,5c,4e,65,74,62,69,6f,73,53,6d,62,00,5c,44,\ 65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,35,35,41,43,34,35,\ 45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,37,42,38,2d,35,35,44,36,44,31,30,\ 43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,\ 70,5f,7b,35,44,38,34,36,42,42,32,2d,37,39,43,43,2d,34,33,30,46,2d,39,39,36,\ 35,2d,46,31,46,43,35,39,38,38,34,37,36,31,7d,00,5c,44,65,76,69,63,65,5c,4e,\ 65,74,42,54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,36,2d,35,42,39,41,\ 2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,43,30,33,34,7d,00,\ 5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,39,36,30,34,\ 35,39,37,32,2d,38,31,43,31,2d,34,44,32,35,2d,38,33,34,30,2d,39,39,44,34,39,\ 37,42,36,30,34,39,39,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,\ 70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,42,2d,38,\ 43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,44,65,76,69,63,65,\ 5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,37,33,36,45,36,43,35,45,2d,42,42,\ 45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,42,31,31,42,36,37,\ 7d,00,00 ; Contents of value: ; \Device\LanmanServer_NetbiosSmb ; \Device\LanmanServer_NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} \Device\LanmanServer_NetBT_Tcpip ; \Device\LanmanServer_NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\LanmanServer_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\LanmanServer_NetBT_Tcpip ; \Device\LanmanServer_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\LanmanServer_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\LanmanServer_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanServer_NetBT_Tcpip ; \Device\LanmanServer_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\LanmanServer_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanServer_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\LanmanServer_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanServer_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\LanmanServer_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Export"=hex(7):5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,76,65,72,5f,\ 4e,65,74,62,69,6f,73,53,6d,62,00,5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,\ 53,65,72,76,65,72,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,35,35,41,43,34,\ 35,45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,37,42,38,2d,35,35,44,36,44,31,\ 30,43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,\ 76,65,72,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,35,44,38,34,36,42,42,32,\ 2d,37,39,43,43,2d,34,33,30,46,2d,39,39,36,35,2d,46,31,46,43,35,39,38,38,34,\ 37,36,31,7d,00,5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,76,65,72,\ 5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,36,2d,35,42,\ 39,41,2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,43,30,33,34,\ 7d,00,5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,76,65,72,5f,4e,65,\ 74,42,54,5f,54,63,70,69,70,5f,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,\ 34,44,32,35,2d,38,33,34,30,2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,5c,\ 44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,76,65,72,5f,4e,65,74,42,54,\ 5f,54,63,70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,\ 42,2d,38,43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,44,65,76,\ 69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,76,65,72,5f,4e,65,74,42,54,5f,54,63,\ 70,69,70,5f,7b,37,33,36,45,36,43,35,45,2d,42,42,45,35,2d,34,41,37,31,2d,41,\ 45,43,44,2d,38,42,43,44,41,43,42,31,31,42,36,37,7d,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\lanmanworkstation\Linkage] ; Contents of value: ; \Device\NetbiosSmb ; \Device\NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Bind"=hex(7):5c,44,65,76,69,63,65,5c,4e,65,74,62,69,6f,73,53,6d,62,00,5c,44,\ 65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,35,35,41,43,34,35,\ 45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,37,42,38,2d,35,35,44,36,44,31,30,\ 43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,\ 70,5f,7b,35,44,38,34,36,42,42,32,2d,37,39,43,43,2d,34,33,30,46,2d,39,39,36,\ 35,2d,46,31,46,43,35,39,38,38,34,37,36,31,7d,00,5c,44,65,76,69,63,65,5c,4e,\ 65,74,42,54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,36,2d,35,42,39,41,\ 2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,43,30,33,34,7d,00,\ 5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,39,36,30,34,\ 35,39,37,32,2d,38,31,43,31,2d,34,44,32,35,2d,38,33,34,30,2d,39,39,44,34,39,\ 37,42,36,30,34,39,39,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,\ 70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,42,2d,38,\ 43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,44,65,76,69,63,65,\ 5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,37,33,36,45,36,43,35,45,2d,42,42,\ 45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,42,31,31,42,36,37,\ 7d,00,00 ; Contents of value: ; \Device\LanmanWorkstation_NetbiosSmb ; \Device\LanmanWorkstation_NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} \Device\LanmanWorkstation_NetBT_Tcpip ; \Device\LanmanWorkstation_NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\LanmanWorkstation_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\LanmanWorkstation_NetBT_Tcpip ; \Device\LanmanWorkstation_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\LanmanWorkstation_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\LanmanWorkstation_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanWorkstation_NetBT_Tcpip ; \Device\LanmanWorkstation_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\LanmanWorkstation_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanWorkstation_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\LanmanWorkstation_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanWorkstation_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\LanmanWorkstation_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Export"=hex(7):5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,\ 74,69,6f,6e,5f,4e,65,74,62,69,6f,73,53,6d,62,00,5c,44,65,76,69,63,65,5c,4c,\ 61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,6e,5f,4e,65,74,42,54,5f,54,63,\ 70,69,70,5f,7b,35,35,41,43,34,35,45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,\ 37,42,38,2d,35,35,44,36,44,31,30,43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,\ 5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,6e,5f,4e,65,74,42,54,5f,\ 54,63,70,69,70,5f,7b,35,44,38,34,36,42,42,32,2d,37,39,43,43,2d,34,33,30,46,\ 2d,39,39,36,35,2d,46,31,46,43,35,39,38,38,34,37,36,31,7d,00,5c,44,65,76,69,\ 63,65,5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,6e,5f,4e,65,74,42,\ 54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,36,2d,35,42,39,41,2d,34,33,\ 46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,43,30,33,34,7d,00,5c,44,65,\ 76,69,63,65,5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,6e,5f,4e,65,\ 74,42,54,5f,54,63,70,69,70,5f,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,\ 34,44,32,35,2d,38,33,34,30,2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,5c,\ 44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,6e,5f,\ 4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,\ 35,2d,34,32,30,42,2d,38,43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,\ 00,5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,\ 6e,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,37,33,36,45,36,43,35,45,2d,42,\ 42,45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,42,31,31,42,36,\ 37,7d,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBIOS\Linkage] ; Contents of value: ; \Device\NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} ; \Device\NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} ; \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} ; \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Bind"=hex(7):5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,\ 35,35,41,43,34,35,45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,37,42,38,2d,35,\ 35,44,36,44,31,30,43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,\ 54,5f,54,63,70,69,70,5f,7b,35,44,38,34,36,42,42,32,2d,37,39,43,43,2d,34,33,\ 30,46,2d,39,39,36,35,2d,46,31,46,43,35,39,38,38,34,37,36,31,7d,00,5c,44,65,\ 76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,\ 36,2d,35,42,39,41,2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,\ 43,30,33,34,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,\ 5f,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,34,44,32,35,2d,38,33,34,30,\ 2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,5c,44,65,76,69,63,65,5c,4e,65,\ 74,42,54,5f,54,63,70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,\ 34,32,30,42,2d,38,43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,\ 44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,37,33,36,45,36,\ 43,35,45,2d,42,42,45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,\ 42,31,31,42,36,37,7d,00,00 ; Contents of value: ; \Device\NetBIOS_NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} ; \Device\NetBIOS_NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\NetBIOS_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} ; \Device\NetBIOS_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBIOS_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBIOS_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} ; \Device\NetBIOS_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBIOS_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBIOS_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBIOS_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBIOS_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBIOS_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Export"=hex(7):5c,44,65,76,69,63,65,5c,4e,65,74,42,49,4f,53,5f,4e,65,74,42,54,\ 5f,54,63,70,69,70,5f,7b,35,35,41,43,34,35,45,43,2d,30,33,37,37,2d,34,38,30,\ 37,2d,41,37,42,38,2d,35,35,44,36,44,31,30,43,42,43,43,46,7d,00,5c,44,65,76,\ 69,63,65,5c,4e,65,74,42,49,4f,53,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,\ 35,44,38,34,36,42,42,32,2d,37,39,43,43,2d,34,33,30,46,2d,39,39,36,35,2d,46,\ 31,46,43,35,39,38,38,34,37,36,31,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,\ 49,4f,53,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,36,\ 2d,35,42,39,41,2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,43,\ 30,33,34,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,49,4f,53,5f,4e,65,74,42,\ 54,5f,54,63,70,69,70,5f,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,34,44,\ 32,35,2d,38,33,34,30,2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,5c,44,65,\ 76,69,63,65,5c,4e,65,74,42,49,4f,53,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,\ 7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,42,2d,38,43,34,32,2d,\ 45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,\ 42,49,4f,53,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,37,33,36,45,36,43,35,\ 45,2d,42,42,45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,42,31,\ 31,42,36,37,7d,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBT\Linkage] ; Contents of value: ; \Device\Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} ; \Device\Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} ; \Device\Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} ; \Device\Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Bind"=hex(7):5c,44,65,76,69,63,65,5c,54,63,70,69,70,5f,7b,35,35,41,43,34,35,\ 45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,37,42,38,2d,35,35,44,36,44,31,30,\ 43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,5c,54,63,70,69,70,5f,7b,35,44,38,\ 34,36,42,42,32,2d,37,39,43,43,2d,34,33,30,46,2d,39,39,36,35,2d,46,31,46,43,\ 35,39,38,38,34,37,36,31,7d,00,5c,44,65,76,69,63,65,5c,54,63,70,69,70,5f,7b,\ 43,30,44,30,43,39,46,36,2d,35,42,39,41,2d,34,33,46,39,2d,41,35,32,30,2d,43,\ 41,30,43,45,35,43,35,43,30,33,34,7d,00,5c,44,65,76,69,63,65,5c,54,63,70,69,\ 70,5f,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,34,44,32,35,2d,38,33,34,\ 30,2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,5c,44,65,76,69,63,65,5c,54,\ 63,70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,42,2d,\ 38,43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,44,65,76,69,63,\ 65,5c,54,63,70,69,70,5f,7b,37,33,36,45,36,43,35,45,2d,42,42,45,35,2d,34,41,\ 37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,42,31,31,42,36,37,7d,00,00 ; Contents of value: ; \Device\NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} ; \Device\NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} ; \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} ; \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Export"=hex(7):5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,\ 35,35,41,43,34,35,45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,37,42,38,2d,35,\ 35,44,36,44,31,30,43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,\ 54,5f,54,63,70,69,70,5f,7b,35,44,38,34,36,42,42,32,2d,37,39,43,43,2d,34,33,\ 30,46,2d,39,39,36,35,2d,46,31,46,43,35,39,38,38,34,37,36,31,7d,00,5c,44,65,\ 76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,\ 36,2d,35,42,39,41,2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,\ 43,30,33,34,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,\ 5f,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,34,44,32,35,2d,38,33,34,30,\ 2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,5c,44,65,76,69,63,65,5c,4e,65,\ 74,42,54,5f,54,63,70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,\ 34,32,30,42,2d,38,43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,\ 44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,37,33,36,45,36,\ 43,35,45,2d,42,42,45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,\ 42,31,31,42,36,37,7d,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBT\Parameters\Interfaces\Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67}] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Linkage] ; Contents of value: ; \Device\Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} ; \Device\Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} ; \Device\Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Export"=hex(7):5c,44,65,76,69,63,65,5c,54,63,70,69,70,5f,7b,43,30,44,30,43,39,\ 46,36,2d,35,42,39,41,2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,\ 35,43,30,33,34,7d,00,5c,44,65,76,69,63,65,5c,54,63,70,69,70,5f,7b,39,36,30,\ 34,35,39,37,32,2d,38,31,43,31,2d,34,44,32,35,2d,38,33,34,30,2d,39,39,44,34,\ 39,37,42,36,30,34,39,39,7d,00,5c,44,65,76,69,63,65,5c,54,63,70,69,70,5f,7b,\ 39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,42,2d,38,43,34,32,2d,45,\ 42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,44,65,76,69,63,65,5c,54,63,70,69,\ 70,5f,7b,37,33,36,45,36,43,35,45,2d,42,42,45,35,2d,34,41,37,31,2d,41,45,43,\ 44,2d,38,42,43,44,41,43,42,31,31,42,36,37,7d,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Adapters\NdisWanIp] ; Contents of value: ; Tcpip\Parameters\Interfaces\{96045972-81C1-4D25-8340-99D497B60499} ; Tcpip\Parameters\Interfaces\{915CA5ED-7EC5-420B-8C42-EB93A5F94502} Tcpip\Parameters\Interfaces\{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; Tcpip\Parameters\Interfaces\{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "IpConfig"=hex(7):54,63,70,69,70,5c,50,61,72,61,6d,65,74,65,72,73,5c,49,6e,74,\ 65,72,66,61,63,65,73,5c,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,34,44,\ 32,35,2d,38,33,34,30,2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,54,63,70,\ 69,70,5c,50,61,72,61,6d,65,74,65,72,73,5c,49,6e,74,65,72,66,61,63,65,73,5c,\ 7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,42,2d,38,43,34,32,2d,\ 45,42,39,33,41,35,46,39,34,35,30,32,7d,00,54,63,70,69,70,5c,50,61,72,61,6d,\ 65,74,65,72,73,5c,49,6e,74,65,72,66,61,63,65,73,5c,7b,37,33,36,45,36,43,35,\ 45,2d,42,42,45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,42,31,\ 31,42,36,37,7d,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67}] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Dhcp\Parameters] "{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67}"=hex:0f,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,6a,41,f3,43,f9,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 6a,41,f3,43,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,6a,41,f3,43,2b,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,6a,41,f3,43,2c,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,6a,41,f3,43,06,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,6a,41,f3,43 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\lanmanserver\Linkage] ; Contents of value: ; \Device\NetbiosSmb ; \Device\NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Bind"=hex(7):5c,44,65,76,69,63,65,5c,4e,65,74,62,69,6f,73,53,6d,62,00,5c,44,\ 65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,35,35,41,43,34,35,\ 45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,37,42,38,2d,35,35,44,36,44,31,30,\ 43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,\ 70,5f,7b,35,44,38,34,36,42,42,32,2d,37,39,43,43,2d,34,33,30,46,2d,39,39,36,\ 35,2d,46,31,46,43,35,39,38,38,34,37,36,31,7d,00,5c,44,65,76,69,63,65,5c,4e,\ 65,74,42,54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,36,2d,35,42,39,41,\ 2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,43,30,33,34,7d,00,\ 5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,39,36,30,34,\ 35,39,37,32,2d,38,31,43,31,2d,34,44,32,35,2d,38,33,34,30,2d,39,39,44,34,39,\ 37,42,36,30,34,39,39,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,\ 70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,42,2d,38,\ 43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,44,65,76,69,63,65,\ 5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,37,33,36,45,36,43,35,45,2d,42,42,\ 45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,42,31,31,42,36,37,\ 7d,00,00 ; Contents of value: ; \Device\LanmanServer_NetbiosSmb ; \Device\LanmanServer_NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} \Device\LanmanServer_NetBT_Tcpip ; \Device\LanmanServer_NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\LanmanServer_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\LanmanServer_NetBT_Tcpip ; \Device\LanmanServer_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\LanmanServer_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\LanmanServer_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanServer_NetBT_Tcpip ; \Device\LanmanServer_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\LanmanServer_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanServer_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\LanmanServer_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanServer_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\LanmanServer_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Export"=hex(7):5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,76,65,72,5f,\ 4e,65,74,62,69,6f,73,53,6d,62,00,5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,\ 53,65,72,76,65,72,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,35,35,41,43,34,\ 35,45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,37,42,38,2d,35,35,44,36,44,31,\ 30,43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,\ 76,65,72,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,35,44,38,34,36,42,42,32,\ 2d,37,39,43,43,2d,34,33,30,46,2d,39,39,36,35,2d,46,31,46,43,35,39,38,38,34,\ 37,36,31,7d,00,5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,76,65,72,\ 5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,36,2d,35,42,\ 39,41,2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,43,30,33,34,\ 7d,00,5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,76,65,72,5f,4e,65,\ 74,42,54,5f,54,63,70,69,70,5f,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,\ 34,44,32,35,2d,38,33,34,30,2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,5c,\ 44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,76,65,72,5f,4e,65,74,42,54,\ 5f,54,63,70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,\ 42,2d,38,43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,44,65,76,\ 69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,76,65,72,5f,4e,65,74,42,54,5f,54,63,\ 70,69,70,5f,7b,37,33,36,45,36,43,35,45,2d,42,42,45,35,2d,34,41,37,31,2d,41,\ 45,43,44,2d,38,42,43,44,41,43,42,31,31,42,36,37,7d,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\lanmanworkstation\Linkage] ; Contents of value: ; \Device\NetbiosSmb ; \Device\NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Bind"=hex(7):5c,44,65,76,69,63,65,5c,4e,65,74,62,69,6f,73,53,6d,62,00,5c,44,\ 65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,35,35,41,43,34,35,\ 45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,37,42,38,2d,35,35,44,36,44,31,30,\ 43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,\ 70,5f,7b,35,44,38,34,36,42,42,32,2d,37,39,43,43,2d,34,33,30,46,2d,39,39,36,\ 35,2d,46,31,46,43,35,39,38,38,34,37,36,31,7d,00,5c,44,65,76,69,63,65,5c,4e,\ 65,74,42,54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,36,2d,35,42,39,41,\ 2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,43,30,33,34,7d,00,\ 5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,39,36,30,34,\ 35,39,37,32,2d,38,31,43,31,2d,34,44,32,35,2d,38,33,34,30,2d,39,39,44,34,39,\ 37,42,36,30,34,39,39,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,\ 70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,42,2d,38,\ 43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,44,65,76,69,63,65,\ 5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,37,33,36,45,36,43,35,45,2d,42,42,\ 45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,42,31,31,42,36,37,\ 7d,00,00 ; Contents of value: ; \Device\LanmanWorkstation_NetbiosSmb ; \Device\LanmanWorkstation_NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} \Device\LanmanWorkstation_NetBT_Tcpip ; \Device\LanmanWorkstation_NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\LanmanWorkstation_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\LanmanWorkstation_NetBT_Tcpip ; \Device\LanmanWorkstation_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\LanmanWorkstation_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\LanmanWorkstation_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanWorkstation_NetBT_Tcpip ; \Device\LanmanWorkstation_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\LanmanWorkstation_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanWorkstation_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\LanmanWorkstation_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanWorkstation_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\LanmanWorkstation_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Export"=hex(7):5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,\ 74,69,6f,6e,5f,4e,65,74,62,69,6f,73,53,6d,62,00,5c,44,65,76,69,63,65,5c,4c,\ 61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,6e,5f,4e,65,74,42,54,5f,54,63,\ 70,69,70,5f,7b,35,35,41,43,34,35,45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,\ 37,42,38,2d,35,35,44,36,44,31,30,43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,\ 5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,6e,5f,4e,65,74,42,54,5f,\ 54,63,70,69,70,5f,7b,35,44,38,34,36,42,42,32,2d,37,39,43,43,2d,34,33,30,46,\ 2d,39,39,36,35,2d,46,31,46,43,35,39,38,38,34,37,36,31,7d,00,5c,44,65,76,69,\ 63,65,5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,6e,5f,4e,65,74,42,\ 54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,36,2d,35,42,39,41,2d,34,33,\ 46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,43,30,33,34,7d,00,5c,44,65,\ 76,69,63,65,5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,6e,5f,4e,65,\ 74,42,54,5f,54,63,70,69,70,5f,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,\ 34,44,32,35,2d,38,33,34,30,2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,5c,\ 44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,6e,5f,\ 4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,\ 35,2d,34,32,30,42,2d,38,43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,\ 00,5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,\ 6e,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,37,33,36,45,36,43,35,45,2d,42,\ 42,45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,42,31,31,42,36,\ 37,7d,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\NetBIOS\Linkage] ; Contents of value: ; \Device\NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} ; \Device\NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} ; \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} ; \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Bind"=hex(7):5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,\ 35,35,41,43,34,35,45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,37,42,38,2d,35,\ 35,44,36,44,31,30,43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,\ 54,5f,54,63,70,69,70,5f,7b,35,44,38,34,36,42,42,32,2d,37,39,43,43,2d,34,33,\ 30,46,2d,39,39,36,35,2d,46,31,46,43,35,39,38,38,34,37,36,31,7d,00,5c,44,65,\ 76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,\ 36,2d,35,42,39,41,2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,\ 43,30,33,34,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,\ 5f,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,34,44,32,35,2d,38,33,34,30,\ 2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,5c,44,65,76,69,63,65,5c,4e,65,\ 74,42,54,5f,54,63,70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,\ 34,32,30,42,2d,38,43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,\ 44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,37,33,36,45,36,\ 43,35,45,2d,42,42,45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,\ 42,31,31,42,36,37,7d,00,00 ; Contents of value: ; \Device\NetBIOS_NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} ; \Device\NetBIOS_NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\NetBIOS_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} ; \Device\NetBIOS_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBIOS_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBIOS_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} ; \Device\NetBIOS_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBIOS_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBIOS_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBIOS_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBIOS_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBIOS_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Export"=hex(7):5c,44,65,76,69,63,65,5c,4e,65,74,42,49,4f,53,5f,4e,65,74,42,54,\ 5f,54,63,70,69,70,5f,7b,35,35,41,43,34,35,45,43,2d,30,33,37,37,2d,34,38,30,\ 37,2d,41,37,42,38,2d,35,35,44,36,44,31,30,43,42,43,43,46,7d,00,5c,44,65,76,\ 69,63,65,5c,4e,65,74,42,49,4f,53,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,\ 35,44,38,34,36,42,42,32,2d,37,39,43,43,2d,34,33,30,46,2d,39,39,36,35,2d,46,\ 31,46,43,35,39,38,38,34,37,36,31,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,\ 49,4f,53,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,36,\ 2d,35,42,39,41,2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,43,\ 30,33,34,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,49,4f,53,5f,4e,65,74,42,\ 54,5f,54,63,70,69,70,5f,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,34,44,\ 32,35,2d,38,33,34,30,2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,5c,44,65,\ 76,69,63,65,5c,4e,65,74,42,49,4f,53,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,\ 7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,42,2d,38,43,34,32,2d,\ 45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,\ 42,49,4f,53,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,37,33,36,45,36,43,35,\ 45,2d,42,42,45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,42,31,\ 31,42,36,37,7d,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\NetBT\Linkage] ; Contents of value: ; \Device\Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} ; \Device\Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} ; \Device\Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} ; \Device\Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Bind"=hex(7):5c,44,65,76,69,63,65,5c,54,63,70,69,70,5f,7b,35,35,41,43,34,35,\ 45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,37,42,38,2d,35,35,44,36,44,31,30,\ 43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,5c,54,63,70,69,70,5f,7b,35,44,38,\ 34,36,42,42,32,2d,37,39,43,43,2d,34,33,30,46,2d,39,39,36,35,2d,46,31,46,43,\ 35,39,38,38,34,37,36,31,7d,00,5c,44,65,76,69,63,65,5c,54,63,70,69,70,5f,7b,\ 43,30,44,30,43,39,46,36,2d,35,42,39,41,2d,34,33,46,39,2d,41,35,32,30,2d,43,\ 41,30,43,45,35,43,35,43,30,33,34,7d,00,5c,44,65,76,69,63,65,5c,54,63,70,69,\ 70,5f,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,34,44,32,35,2d,38,33,34,\ 30,2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,5c,44,65,76,69,63,65,5c,54,\ 63,70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,42,2d,\ 38,43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,44,65,76,69,63,\ 65,5c,54,63,70,69,70,5f,7b,37,33,36,45,36,43,35,45,2d,42,42,45,35,2d,34,41,\ 37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,42,31,31,42,36,37,7d,00,00 ; Contents of value: ; \Device\NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} ; \Device\NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} ; \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} ; \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Export"=hex(7):5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,\ 35,35,41,43,34,35,45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,37,42,38,2d,35,\ 35,44,36,44,31,30,43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,\ 54,5f,54,63,70,69,70,5f,7b,35,44,38,34,36,42,42,32,2d,37,39,43,43,2d,34,33,\ 30,46,2d,39,39,36,35,2d,46,31,46,43,35,39,38,38,34,37,36,31,7d,00,5c,44,65,\ 76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,\ 36,2d,35,42,39,41,2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,\ 43,30,33,34,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,\ 5f,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,34,44,32,35,2d,38,33,34,30,\ 2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,5c,44,65,76,69,63,65,5c,4e,65,\ 74,42,54,5f,54,63,70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,\ 34,32,30,42,2d,38,43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,\ 44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,37,33,36,45,36,\ 43,35,45,2d,42,42,45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,\ 42,31,31,42,36,37,7d,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\NetBT\Parameters\Interfaces\Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67}] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Linkage] ; Contents of value: ; \Device\Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} ; \Device\Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} ; \Device\Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Export"=hex(7):5c,44,65,76,69,63,65,5c,54,63,70,69,70,5f,7b,43,30,44,30,43,39,\ 46,36,2d,35,42,39,41,2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,\ 35,43,30,33,34,7d,00,5c,44,65,76,69,63,65,5c,54,63,70,69,70,5f,7b,39,36,30,\ 34,35,39,37,32,2d,38,31,43,31,2d,34,44,32,35,2d,38,33,34,30,2d,39,39,44,34,\ 39,37,42,36,30,34,39,39,7d,00,5c,44,65,76,69,63,65,5c,54,63,70,69,70,5f,7b,\ 39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,42,2d,38,43,34,32,2d,45,\ 42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,44,65,76,69,63,65,5c,54,63,70,69,\ 70,5f,7b,37,33,36,45,36,43,35,45,2d,42,42,45,35,2d,34,41,37,31,2d,41,45,43,\ 44,2d,38,42,43,44,41,43,42,31,31,42,36,37,7d,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Adapters\NdisWanIp] ; Contents of value: ; Tcpip\Parameters\Interfaces\{96045972-81C1-4D25-8340-99D497B60499} ; Tcpip\Parameters\Interfaces\{915CA5ED-7EC5-420B-8C42-EB93A5F94502} Tcpip\Parameters\Interfaces\{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; Tcpip\Parameters\Interfaces\{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "IpConfig"=hex(7):54,63,70,69,70,5c,50,61,72,61,6d,65,74,65,72,73,5c,49,6e,74,\ 65,72,66,61,63,65,73,5c,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,34,44,\ 32,35,2d,38,33,34,30,2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,54,63,70,\ 69,70,5c,50,61,72,61,6d,65,74,65,72,73,5c,49,6e,74,65,72,66,61,63,65,73,5c,\ 7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,42,2d,38,43,34,32,2d,\ 45,42,39,33,41,35,46,39,34,35,30,32,7d,00,54,63,70,69,70,5c,50,61,72,61,6d,\ 65,74,65,72,73,5c,49,6e,74,65,72,66,61,63,65,73,5c,7b,37,33,36,45,36,43,35,\ 45,2d,42,42,45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,42,31,\ 31,42,36,37,7d,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dhcp\Parameters] "{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67}"=hex:0f,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,fc,43,f3,43,f9,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ fc,43,f3,43,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,fc,43,f3,43,2b,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,fc,43,f3,43,2c,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,fc,43,f3,43,06,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,fc,43,f3,43 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\Linkage] ; Contents of value: ; \Device\NetbiosSmb ; \Device\NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Bind"=hex(7):5c,44,65,76,69,63,65,5c,4e,65,74,62,69,6f,73,53,6d,62,00,5c,44,\ 65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,35,35,41,43,34,35,\ 45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,37,42,38,2d,35,35,44,36,44,31,30,\ 43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,\ 70,5f,7b,35,44,38,34,36,42,42,32,2d,37,39,43,43,2d,34,33,30,46,2d,39,39,36,\ 35,2d,46,31,46,43,35,39,38,38,34,37,36,31,7d,00,5c,44,65,76,69,63,65,5c,4e,\ 65,74,42,54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,36,2d,35,42,39,41,\ 2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,43,30,33,34,7d,00,\ 5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,39,36,30,34,\ 35,39,37,32,2d,38,31,43,31,2d,34,44,32,35,2d,38,33,34,30,2d,39,39,44,34,39,\ 37,42,36,30,34,39,39,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,\ 70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,42,2d,38,\ 43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,44,65,76,69,63,65,\ 5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,37,33,36,45,36,43,35,45,2d,42,42,\ 45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,42,31,31,42,36,37,\ 7d,00,00 ; Contents of value: ; \Device\LanmanServer_NetbiosSmb ; \Device\LanmanServer_NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} \Device\LanmanServer_NetBT_Tcpip ; \Device\LanmanServer_NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\LanmanServer_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\LanmanServer_NetBT_Tcpip ; \Device\LanmanServer_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\LanmanServer_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\LanmanServer_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanServer_NetBT_Tcpip ; \Device\LanmanServer_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\LanmanServer_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanServer_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\LanmanServer_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanServer_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\LanmanServer_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Export"=hex(7):5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,76,65,72,5f,\ 4e,65,74,62,69,6f,73,53,6d,62,00,5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,\ 53,65,72,76,65,72,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,35,35,41,43,34,\ 35,45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,37,42,38,2d,35,35,44,36,44,31,\ 30,43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,\ 76,65,72,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,35,44,38,34,36,42,42,32,\ 2d,37,39,43,43,2d,34,33,30,46,2d,39,39,36,35,2d,46,31,46,43,35,39,38,38,34,\ 37,36,31,7d,00,5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,76,65,72,\ 5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,36,2d,35,42,\ 39,41,2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,43,30,33,34,\ 7d,00,5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,76,65,72,5f,4e,65,\ 74,42,54,5f,54,63,70,69,70,5f,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,\ 34,44,32,35,2d,38,33,34,30,2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,5c,\ 44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,76,65,72,5f,4e,65,74,42,54,\ 5f,54,63,70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,\ 42,2d,38,43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,44,65,76,\ 69,63,65,5c,4c,61,6e,6d,61,6e,53,65,72,76,65,72,5f,4e,65,74,42,54,5f,54,63,\ 70,69,70,5f,7b,37,33,36,45,36,43,35,45,2d,42,42,45,35,2d,34,41,37,31,2d,41,\ 45,43,44,2d,38,42,43,44,41,43,42,31,31,42,36,37,7d,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\Linkage] ; Contents of value: ; \Device\NetbiosSmb ; \Device\NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip ; \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Bind"=hex(7):5c,44,65,76,69,63,65,5c,4e,65,74,62,69,6f,73,53,6d,62,00,5c,44,\ 65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,35,35,41,43,34,35,\ 45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,37,42,38,2d,35,35,44,36,44,31,30,\ 43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,\ 70,5f,7b,35,44,38,34,36,42,42,32,2d,37,39,43,43,2d,34,33,30,46,2d,39,39,36,\ 35,2d,46,31,46,43,35,39,38,38,34,37,36,31,7d,00,5c,44,65,76,69,63,65,5c,4e,\ 65,74,42,54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,36,2d,35,42,39,41,\ 2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,43,30,33,34,7d,00,\ 5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,39,36,30,34,\ 35,39,37,32,2d,38,31,43,31,2d,34,44,32,35,2d,38,33,34,30,2d,39,39,44,34,39,\ 37,42,36,30,34,39,39,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,\ 70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,42,2d,38,\ 43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,44,65,76,69,63,65,\ 5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,37,33,36,45,36,43,35,45,2d,42,42,\ 45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,42,31,31,42,36,37,\ 7d,00,00 ; Contents of value: ; \Device\LanmanWorkstation_NetbiosSmb ; \Device\LanmanWorkstation_NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} \Device\LanmanWorkstation_NetBT_Tcpip ; \Device\LanmanWorkstation_NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\LanmanWorkstation_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\LanmanWorkstation_NetBT_Tcpip ; \Device\LanmanWorkstation_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\LanmanWorkstation_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\LanmanWorkstation_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanWorkstation_NetBT_Tcpip ; \Device\LanmanWorkstation_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\LanmanWorkstation_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanWorkstation_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\LanmanWorkstation_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\LanmanWorkstation_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\LanmanWorkstation_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Export"=hex(7):5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,\ 74,69,6f,6e,5f,4e,65,74,62,69,6f,73,53,6d,62,00,5c,44,65,76,69,63,65,5c,4c,\ 61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,6e,5f,4e,65,74,42,54,5f,54,63,\ 70,69,70,5f,7b,35,35,41,43,34,35,45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,\ 37,42,38,2d,35,35,44,36,44,31,30,43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,\ 5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,6e,5f,4e,65,74,42,54,5f,\ 54,63,70,69,70,5f,7b,35,44,38,34,36,42,42,32,2d,37,39,43,43,2d,34,33,30,46,\ 2d,39,39,36,35,2d,46,31,46,43,35,39,38,38,34,37,36,31,7d,00,5c,44,65,76,69,\ 63,65,5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,6e,5f,4e,65,74,42,\ 54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,36,2d,35,42,39,41,2d,34,33,\ 46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,43,30,33,34,7d,00,5c,44,65,\ 76,69,63,65,5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,6e,5f,4e,65,\ 74,42,54,5f,54,63,70,69,70,5f,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,\ 34,44,32,35,2d,38,33,34,30,2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,5c,\ 44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,6e,5f,\ 4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,\ 35,2d,34,32,30,42,2d,38,43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,\ 00,5c,44,65,76,69,63,65,5c,4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,\ 6e,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,37,33,36,45,36,43,35,45,2d,42,\ 42,45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,42,31,31,42,36,\ 37,7d,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBIOS\Linkage] ; Contents of value: ; \Device\NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} ; \Device\NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} ; \Device\NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} ; \Device\NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Bind"=hex(7):5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,\ 35,35,41,43,34,35,45,43,2d,30,33,37,37,2d,34,38,30,37,2d,41,37,42,38,2d,35,\ 35,44,36,44,31,30,43,42,43,43,46,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,\ 54,5f,54,63,70,69,70,5f,7b,35,44,38,34,36,42,42,32,2d,37,39,43,43,2d,34,33,\ 30,46,2d,39,39,36,35,2d,46,31,46,43,35,39,38,38,34,37,36,31,7d,00,5c,44,65,\ 76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,\ 36,2d,35,42,39,41,2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,\ 43,30,33,34,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,\ 5f,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,34,44,32,35,2d,38,33,34,30,\ 2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,5c,44,65,76,69,63,65,5c,4e,65,\ 74,42,54,5f,54,63,70,69,70,5f,7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,\ 34,32,30,42,2d,38,43,34,32,2d,45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,\ 44,65,76,69,63,65,5c,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,37,33,36,45,36,\ 43,35,45,2d,42,42,45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,\ 42,31,31,42,36,37,7d,00,00 ; Contents of value: ; \Device\NetBIOS_NetBT_Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} ; \Device\NetBIOS_NetBT_Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\NetBIOS_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} ; \Device\NetBIOS_NetBT_Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\NetBIOS_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBIOS_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} ; \Device\NetBIOS_NetBT_Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\NetBIOS_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBIOS_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBIOS_NetBT_Tcpip_{915CA5ED-7EC5-420B-8C42-EB93A5F94502} \Device\NetBIOS_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; \Device\NetBIOS_NetBT_Tcpip_{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67} ; "Export"=hex(7):5c,44,65,76,69,63,65,5c,4e,65,74,42,49,4f,53,5f,4e,65,74,42,54,\ 5f,54,63,70,69,70,5f,7b,35,35,41,43,34,35,45,43,2d,30,33,37,37,2d,34,38,30,\ 37,2d,41,37,42,38,2d,35,35,44,36,44,31,30,43,42,43,43,46,7d,00,5c,44,65,76,\ 69,63,65,5c,4e,65,74,42,49,4f,53,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,\ 35,44,38,34,36,42,42,32,2d,37,39,43,43,2d,34,33,30,46,2d,39,39,36,35,2d,46,\ 31,46,43,35,39,38,38,34,37,36,31,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,\ 49,4f,53,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,43,30,44,30,43,39,46,36,\ 2d,35,42,39,41,2d,34,33,46,39,2d,41,35,32,30,2d,43,41,30,43,45,35,43,35,43,\ 30,33,34,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,42,49,4f,53,5f,4e,65,74,42,\ 54,5f,54,63,70,69,70,5f,7b,39,36,30,34,35,39,37,32,2d,38,31,43,31,2d,34,44,\ 32,35,2d,38,33,34,30,2d,39,39,44,34,39,37,42,36,30,34,39,39,7d,00,5c,44,65,\ 76,69,63,65,5c,4e,65,74,42,49,4f,53,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,\ 7b,39,31,35,43,41,35,45,44,2d,37,45,43,35,2d,34,32,30,42,2d,38,43,34,32,2d,\ 45,42,39,33,41,35,46,39,34,35,30,32,7d,00,5c,44,65,76,69,63,65,5c,4e,65,74,\ 42,49,4f,53,5f,4e,65,74,42,54,5f,54,63,70,69,70,5f,7b,37,33,36,45,36,43,35,\ 45,2d,42,42,45,35,2d,34,41,37,31,2d,41,45,43,44,2d,38,42,43,44,41,43,42,31,\ 31,42,36,37,7d,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Linkage] ; Contents of value: ; \Device\Tcpip_{55AC45EC-0377-4807-A7B8-55D6D10CBCCF} ; \Device\Tcpip_{5D846BB2-79CC-430F-9965-F1FC59884761} \Device\Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} ; \Device\Tcpip_{C0D0C9F6-5B9A-43F9-A520-CA0CE5C5C034} \Device\Tcpip_{96045972-81C1-4D25-8340-99D497B60499} \Device\Tcpip_{91
- le 15 février 2006
- 53 réponses
L'antivirus me signale des problèmes sur mon PC

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

j'ai reçu un message d'avast comme quoi il y avait des problèmes de comptabilité entre avast et zonealarm et il m'a demandé d'arreter je ne sais plus quoi... =\ enfin voilà, j'attends les prochaines directives... =)
- le 12 février 2006
- 53 réponses
L'antivirus me signale des problèmes sur mon PC

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

la ligne 017 n'était pas présente, je n'ai donc pas pu la fixer et je suppose que ce rapport sera donc inutile Fixwareout ver 1.003 Last edited 1/12/2006 Post this report in the forums please Reg Entries that were deleted PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, There WILL be LEGIT FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE. »»»»» Search by size and names... »»»»» Misc files »»»»» Checking for older varients covered by the Rem3 tool et voici celui d'hijackthis Logfile of HijackThis v1.99.1 Scan saved at 18:14:23, on 12/02/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe C:\WINDOWS\system32\NotifyPhoneBook.exe C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Hijakthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67}: NameServer = 85.255.116.152 85.255.112.232 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe arf..je vois qu'elle est là... que faire si avec fixwareout elle n'apparait pas?
- le 12 février 2006
- 53 réponses
L'antivirus me signale des problèmes sur mon PC

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

Eh ben vous êtes vrmt vrmt très exeptionnels comme personnes!je vous remercie d'autant plus que vous faites celà pour la beauté du geste!!!et il me reste une petite question indiscrete =)!quand je vois le temps que vous passez ici et la rapidité de vos réponses, comment faites-vous pour combiner ce bénévola et votre gagne pain??? en tout cas!merci merci merci!!! concernant le pare feu, le sp2 va pas être chiant si j'en installe un nouveau? il n'y a pas moyen de désactivé totalement le sp2? voici le rapport hijack Logfile of HijackThis v1.99.1 Scan saved at 15:36:53, on 12/02/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe C:\WINDOWS\system32\NotifyPhoneBook.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Hijakthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{736E6C5E-BBE5-4A71-AECD-8BCDACB11B67}: NameServer = 85.255.116.152 85.255.112.232 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
- le 12 février 2006
- 53 réponses
L'antivirus me signale des problèmes sur mon PC

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

je suis fier de vous avoir permis de préparer le fix le plus long qu'il vous ait été donné de faire en tout cas, le dossier F-secure à quitter les rangs!!ouf!!bien joué!voici le dernier rapport de regsearch après ces dernières manipulations! petite question: quel est l'interet pour vous de passer votre temps à aider les gens démunis [comme moi =)]?est-ce un travail rémunéré?si oui, par qui? enfin, si ce n'est pas indiscret comme question...=) en tout cas, mille merci de passer du temps pour m'aider! j'attends les prochaines directives chef ingals! bien à vous! REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.0.1 ; Results at 10/02/2006 23:39:06 for strings: ; 'f-secure' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\Rechercher des logiciels espions dans les dossiers...\Command] @="\"C:\\Program Files\\F-Secure Anti-Virus\\Anti-Spyware\\Anti-Spyware.exe\" \"%1\" \"+SD\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shell\Rechercher des logiciels espions dans les dossiers...\Command] @="\"C:\\Program Files\\F-Secure Anti-Virus\\Anti-Spyware\\Anti-Spyware.exe\" \"%1\" \"+SD\"" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_FILTER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_FILTER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_FILTER\0000] "Service"="F-Secure Filter" "DeviceDesc"="F-Secure File System Filter" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_FILTER\0000\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000] "Service"="F-Secure Gatekeeper" "DeviceDesc"="F-Secure Gatekeeper" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER\0000] "Service"="F-Secure Gatekeeper Handler Starter" "DeviceDesc"="F-Secure Gatekeeper Handler Starter" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_RECOGNIZER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_RECOGNIZER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_RECOGNIZER\0000] "Service"="F-Secure Recognizer" "DeviceDesc"="F-Secure File System Recognizer" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FSDFWD\0000] "DeviceDesc"="F-Secure Anti-Virus Firewall Daemon" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FSFW\0000] "DeviceDesc"="F-Secure Firewall Driver" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FSMA\0000] "DeviceDesc"="F-Secure Management Agent" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\Program\\fspex.exe"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\Program\\fspex.exe:*:Enabled:F-Secure Anti-Virus 2005" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_FILTER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_FILTER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_FILTER\0000] "Service"="F-Secure Filter" "DeviceDesc"="F-Secure File System Filter" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_FILTER\0000\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_GATEKEEPER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000] "Service"="F-Secure Gatekeeper" "DeviceDesc"="F-Secure Gatekeeper" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER\0000] "Service"="F-Secure Gatekeeper Handler Starter" "DeviceDesc"="F-Secure Gatekeeper Handler Starter" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_RECOGNIZER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_RECOGNIZER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_RECOGNIZER\0000] "Service"="F-Secure Recognizer" "DeviceDesc"="F-Secure File System Recognizer" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FSDFWD\0000] "DeviceDesc"="F-Secure Anti-Virus Firewall Daemon" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FSFW\0000] "DeviceDesc"="F-Secure Firewall Driver" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FSMA\0000] "DeviceDesc"="F-Secure Management Agent" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\Program\\fspex.exe"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\Program\\fspex.exe:*:Enabled:F-Secure Anti-Virus 2005" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F-SECURE_FILTER] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F-SECURE_FILTER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F-SECURE_FILTER\0000] "Service"="F-Secure Filter" "DeviceDesc"="F-Secure File System Filter" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F-SECURE_FILTER\0000\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F-SECURE_GATEKEEPER] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000] "Service"="F-Secure Gatekeeper" "DeviceDesc"="F-Secure Gatekeeper" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER\0000] "Service"="F-Secure Gatekeeper Handler Starter" "DeviceDesc"="F-Secure Gatekeeper Handler Starter" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F-SECURE_RECOGNIZER] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F-SECURE_RECOGNIZER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F-SECURE_RECOGNIZER\0000] "Service"="F-Secure Recognizer" "DeviceDesc"="F-Secure File System Recognizer" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FSDFWD\0000] "DeviceDesc"="F-Secure Anti-Virus Firewall Daemon" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FSFW\0000] "DeviceDesc"="F-Secure Firewall Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FSMA\0000] "DeviceDesc"="F-Secure Management Agent" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\Program\\fspex.exe"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\Program\\fspex.exe:*:Enabled:F-Secure Anti-Virus 2005" [HKEY_USERS\.DEFAULT\Software\Netscape\Netscape Navigator\User Trusted External Applications] "C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\6.3.2.62-4476822L\\Program\\PrvCnt.exe"="Yes" [HKEY_USERS\S-1-5-21-1757981266-1275210071-839522115-1004\Software\F-Secure] [HKEY_USERS\S-1-5-21-1757981266-1275210071-839522115-1004\Software\F-Secure\F-Secure PEX] [HKEY_USERS\S-1-5-21-1757981266-1275210071-839522115-1004\Software\F-Secure\F-Secure PEX\Start-Up Wizard] [HKEY_USERS\S-1-5-21-1757981266-1275210071-839522115-1004\Software\Netscape\Netscape Navigator\User Trusted External Applications] "C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\6.3.2.62-4476822L\\Program\\PrvCnt.exe"="Yes" [HKEY_USERS\S-1-5-18\Software\Netscape\Netscape Navigator\User Trusted External Applications] "C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\6.3.2.62-4476822L\\Program\\PrvCnt.exe"="Yes" ; End Of The Log...
- le 10 février 2006
- 53 réponses
L'antivirus me signale des problèmes sur mon PC

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

voici le rapport REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.0.1 ; Results at 10/02/2006 17:43:31 for strings: ; 'f-secure' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.fskey] @="F-Secure.License" "Content Type"="F-Secure/FSLicenseFile" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\Rechercher des logiciels espions dans les dossiers...\Command] @="\"C:\\Program Files\\F-Secure Anti-Virus\\Anti-Spyware\\Anti-Spyware.exe\" \"%1\" \"+SD\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shell\Rechercher des logiciels espions dans les dossiers...\Command] @="\"C:\\Program Files\\F-Secure Anti-Virus\\Anti-Spyware\\Anti-Spyware.exe\" \"%1\" \"+SD\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\F-Secure.License] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\F-Secure.License\DefaultIcon] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\F-Secure.License\DefaultIcon] @="C:\\Program Files\\F-Secure Anti-Virus\\TNB\\fstnbins.DLL,0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\F-Secure.License\Shell] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\F-Secure.License\Shell\Open] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\F-Secure.License\Shell\Open\Command] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\F-Secure.License\Shell\Open\Command] @="C:\\Program Files\\F-Secure Anti-Virus\\TNB\\TNBUtil.exe /keycodefile:%1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FSFIX] @="F-Secure Hot-Fix" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FSFIX\shell\open] @="&Apply F-Secure Hot-Fix" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FSFIX\shell\open\command] @="\"C:\\Program Files\\F-Secure Anti-Virus\\Common\\FSHOTFIX.EXE\" \"%1\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "F-Secure Manager"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] "F-Secure Management Agent"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Anti-Spyware] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Anti-Spyware] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Spyware\\FSASWINS.DLL" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Spyware\\fsaswuni.log" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure Anti-Spyware\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Anti-Virus Client Security Installer] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Anti-Virus Client Security Installer] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\FSAVCSIN.DLL" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\fsavcsin.log" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure Anti-Virus Client Security Installer\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure DAAS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure DAAS] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\DAAS\\DAASINST.DLL" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\DAAS\\daasinst.log" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure DAAS\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Diagnostics] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Diagnostics] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\fsdiagin.dll" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\fsdiagun.log" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure Diagnostics\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure E-mail Scanning] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure E-mail Scanning] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\FWES\\ES_setup.DLL" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\FWES\\FSAVES_UNINST.LOG" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure E-mail Scanning\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure FWES] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure FWES] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\FWES\\FWESINST.DLL" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\FWES\\dfuninst.log" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure FWES\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure GUI] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure GUI] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\FSGUI\\FSGUIINS.DLL" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\FSGUI\\fsguiuni.log" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure GUI\"" "ProductRegKey"="F-Secure GUI" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure TNB] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure TNB] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\TNB\\FSTNBINS.DLL" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\TNB\\fstnbins.log" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure TNB\"" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_FILTER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_FILTER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_FILTER\0000] "Service"="F-Secure Filter" "DeviceDesc"="F-Secure File System Filter" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_FILTER\0000\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_FILTER\0000\Control] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000] "Service"="F-Secure Gatekeeper" "DeviceDesc"="F-Secure Gatekeeper" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000\Control] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER\0000] "Service"="F-Secure Gatekeeper Handler Starter" "DeviceDesc"="F-Secure Gatekeeper Handler Starter" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_RECOGNIZER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_RECOGNIZER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_RECOGNIZER\0000] "Service"="F-Secure Recognizer" "DeviceDesc"="F-Secure File System Recognizer" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_RECOGNIZER\0000\Control] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FSDFWD\0000] "DeviceDesc"="F-Secure Anti-Virus Firewall Daemon" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FSFW\0000] "DeviceDesc"="F-Secure Firewall Driver" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FSMA\0000] "DeviceDesc"="F-Secure Management Agent" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application] ; Contents of value: ; WSH ; WMIAdapter Wmdm ; WmdmPmSN WinMgmt Winlogo ; WinMgmt Winlogon Windows Product ; Winlogon Windows Product Activation Windo ; Windows Product Activation Windows 3.1 Migration WebClient VSS VBRun ; Windows 3.1 Migration WebClient VSS VBRuntime Userinit Userenv SysmonLog Starter SpoolerCt ; WebClient VSS VBRuntime Userinit Userenv SysmonLog Starter SpoolerCtrs Software Restriction Policies ; VSS VBRuntime Userinit Userenv SysmonLog Starter SpoolerCtrs Software Restriction Policies Software Inst ; VBRuntime Userinit Userenv SysmonLog Starter SpoolerCtrs Software Restriction Policies Software Installation Secur ; Userinit Userenv SysmonLog Starter SpoolerCtrs Software Restriction Policies Software Installation SecurityCenter SclgNtfy ; Userenv SysmonLog Starter SpoolerCtrs Software Restriction Policies Software Installation SecurityCenter SclgNtfy SceSrv SceCli saf ; SysmonLog Starter SpoolerCtrs Software Restriction Policies Software Installation SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remot ; Starter SpoolerCtrs Software Restriction Policies Software Installation SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfP ; SpoolerCtrs Software Restriction Policies Software Installation SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet P ; Software Restriction Policies Software Installation SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline F ; Software Installation SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiI ; SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine m ; SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office ; SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.3 ; SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony S ; safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider ; SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTm ; Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder ; PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment ; PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Manage ; PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Se ; Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus ; Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESEN ; PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQu ; Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ C ; Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Pl ; Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoE ; ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autoch ; NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Applica ; MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application ; MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Applic ; MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Autochk ATI Smart Application Management Application Hang Application Error Application ; ATI Smart Application Management Application Hang Application Error Application ; Application Management Application Hang Application Error Application ; Application Hang Application Error Application ; Application Error Application ; Application ; "Sources"=hex(7):57,53,48,00,57,4d,49,41,64,61,70,74,65,72,00,57,6d,64,6d,50,\ 6d,53,4e,00,57,69,6e,4d,67,6d,74,00,57,69,6e,6c,6f,67,6f,6e,00,57,69,6e,64,\ 6f,77,73,20,50,72,6f,64,75,63,74,20,41,63,74,69,76,61,74,69,6f,6e,00,57,69,\ 6e,64,6f,77,73,20,33,2e,31,20,4d,69,67,72,61,74,69,6f,6e,00,57,65,62,43,6c,\ 69,65,6e,74,00,56,53,53,00,56,42,52,75,6e,74,69,6d,65,00,55,73,65,72,69,6e,\ 69,74,00,55,73,65,72,65,6e,76,00,53,79,73,6d,6f,6e,4c,6f,67,00,53,74,61,72,\ 74,65,72,00,53,70,6f,6f,6c,65,72,43,74,72,73,00,53,6f,66,74,77,61,72,65,20,\ 52,65,73,74,72,69,63,74,69,6f,6e,20,50,6f,6c,69,63,69,65,73,00,53,6f,66,74,\ 77,61,72,65,20,49,6e,73,74,61,6c,6c,61,74,69,6f,6e,00,53,65,63,75,72,69,74,\ 79,43,65,6e,74,65,72,00,53,63,6c,67,4e,74,66,79,00,53,63,65,53,72,76,00,53,\ 63,65,43,6c,69,00,73,61,66,72,73,6c,76,00,53,41,46,72,64,6d,73,00,52,65,6d,\ 6f,74,65,20,41,73,73,69,73,74,61,6e,63,65,00,50,65,72,66,50,72,6f,63,00,50,\ 65,72,66,4f,53,00,50,65,72,66,4e,65,74,00,50,65,72,66,6d,6f,6e,00,50,65,72,\ 66,6c,69,62,00,50,65,72,66,44,69,73,6b,00,50,65,72,66,63,74,72,73,00,4f,66,\ 66,6c,69,6e,65,20,46,69,6c,65,73,00,4f,61,6b,6c,65,79,00,6e,74,62,61,63,6b,\ 75,70,00,4e,65,72,6f,43,68,65,63,6b,00,4d,53,53,51,4c,53,45,52,56,45,52,2f,\ 4d,53,44,45,00,4d,73,69,49,6e,73,74,61,6c,6c,65,72,00,4d,53,44,54,43,20,43,\ 6c,69,65,6e,74,00,4d,53,44,54,43,00,4d,53,44,4d,69,6e,65,00,6d,6e,6d,73,72,\ 76,63,00,4d,69,63,72,6f,73,6f,66,74,20,4f,66,66,69,63,65,20,31,30,00,4d,69,\ 63,72,6f,73,6f,66,74,20,48,2e,33,32,33,20,54,65,6c,65,70,68,6f,6e,79,20,53,\ 65,72,76,69,63,65,20,50,72,6f,76,69,64,65,72,00,4c,6f,61,64,50,65,72,66,00,\ 49,41,41,4e,54,6d,6f,6e,00,48,65,6c,70,53,76,63,00,66,73,62,77,73,79,73,00,\ 46,6f,6c,64,65,72,20,52,65,64,69,72,65,63,74,69,6f,6e,00,46,69,6c,65,20,44,\ 65,70,6c,6f,79,6d,65,6e,74,00,46,2d,53,65,63,75,72,65,20,4d,61,6e,61,67,65,\ 6d,65,6e,74,20,41,67,65,6e,74,00,46,2d,53,65,63,75,72,65,20,41,6e,74,69,2d,\ 56,69,72,75,73,00,45,76,65,6e,74,53,79,73,74,65,6d,00,45,53,45,4e,54,00,44,\ 72,57,61,74,73,6f,6e,00,44,69,73,6b,51,75,6f,74,61,00,63,72,79,70,74,33,32,\ 00,43,4f,4d,2b,00,43,4f,4d,00,43,69,00,43,68,6b,64,73,6b,00,42,61,63,6b,57,\ 65,62,20,50,6c,75,67,2d,69,6e,20,2d,20,34,34,37,36,38,32,32,00,41,75,74,6f,\ 45,6e,72,6f,6c,6c,6d,65,6e,74,00,41,75,74,6f,63,68,6b,00,41,54,49,20,53,6d,\ 61,72,74,00,41,70,70,6c,69,63,61,74,69,6f,6e,20,4d,61,6e,61,67,65,6d,65,6e,\ 74,00,41,70,70,6c,69,63,61,74,69,6f,6e,20,48,61,6e,67,00,41,70,70,6c,69,63,\ 61,74,69,6f,6e,20,45,72,72,6f,72,00,41,70,70,6c,69,63,61,74,69,6f,6e,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\BackWeb Plug-in - 4476822] "EventMessageFile"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\6.3.2.62-4476822L\\Program\\ServiceWrapper.dll" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\F-Secure Anti-Virus] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\F-Secure Anti-Virus] ; Contents of value: ; C:\Program Files\F-Secure Anti-Virus\Common\AMEHEVN.DLL "EventMessageFile"=hex(2):43,3a,5c,50,72,6f,67,72,61,6d,20,46,69,6c,65,73,5c,\ 46,2d,53,65,63,75,72,65,20,41,6e,74,69,2d,56,69,72,75,73,5c,43,6f,6d,6d,6f,\ 6e,5c,41,4d,45,48,45,56,4e,2e,44,4c,4c,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\F-Secure Management Agent] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\F-Secure Management Agent] ; Contents of value: ; C:\Program Files\F-Secure Anti-Virus\Common\AMEHEVN.DLL "EventMessageFile"=hex(2):43,3a,5c,50,72,6f,67,72,61,6d,20,46,69,6c,65,73,5c,\ 46,2d,53,65,63,75,72,65,20,41,6e,74,69,2d,56,69,72,75,73,5c,43,6f,6d,6d,6f,\ 6e,5c,41,4d,45,48,45,56,4e,2e,44,4c,4c,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\fsbwsys] ; Contents of value: ; "C:\Program Files\F-Secure Anti-Virus\backweb\4476822\program\fsbwsys.exe" "EventMessageFile"=hex(2):22,43,3a,5c,50,72,6f,67,72,61,6d,20,46,69,6c,65,73,\ 5c,46,2d,53,65,63,75,72,65,20,41,6e,74,69,2d,56,69,72,75,73,5c,62,61,63,6b,\ 77,65,62,5c,34,34,37,36,38,32,32,5c,70,72,6f,67,72,61,6d,5c,66,73,62,77,73,\ 79,73,2e,65,78,65,22,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\F-Secure Gatekeeper Handler Starter] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\F-Secure Gatekeeper Handler Starter] ; Contents of value: ; "C:\Program Files\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe" "ImagePath"=hex(2):22,43,3a,5c,50,72,6f,67,72,61,6d,20,46,69,6c,65,73,5c,46,2d,\ 53,65,63,75,72,65,20,41,6e,74,69,2d,56,69,72,75,73,5c,41,6e,74,69,2d,56,69,\ 72,75,73,5c,66,73,67,6b,33,32,73,74,2e,65,78,65,22,00 "DisplayName"="F-Secure Gatekeeper Handler Starter" "Description"="F-Secure Gatekeeper Handler Starter" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\F-Secure Gatekeeper Handler Starter\Parameters] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\F-Secure Gatekeeper Handler Starter\Parameters] "BasePath"="\\??\\C:\\Program Files\\F-Secure Anti-Virus\\Anti-Virus" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\F-Secure Gatekeeper Handler Starter\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\F-Secure Gatekeeper Handler Starter\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\F-Secure Gatekeeper Handler Starter\Enum] "0"="Root\\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER\\0000" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FSDFWD] ; Contents of value: ; "C:\Program Files\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe" "ImagePath"=hex(2):22,43,3a,5c,50,72,6f,67,72,61,6d,20,46,69,6c,65,73,5c,46,2d,\ 53,65,63,75,72,65,20,41,6e,74,69,2d,56,69,72,75,73,5c,46,57,45,53,5c,50,72,\ 6f,67,72,61,6d,5c,66,73,64,66,77,64,2e,65,78,65,22,00 "DisplayName"="F-Secure Anti-Virus Firewall Daemon" "Description"="F-Secure Anti-Virus Firewall Daemon" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FSFW] "DisplayName"="F-Secure Firewall Driver" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\Program\\fspex.exe"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\Program\\fspex.exe:*:Enabled:F-Secure Anti-Virus 2005" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_FILTER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_FILTER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_FILTER\0000] "Service"="F-Secure Filter" "DeviceDesc"="F-Secure File System Filter" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_FILTER\0000\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_GATEKEEPER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000] "Service"="F-Secure Gatekeeper" "DeviceDesc"="F-Secure Gatekeeper" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER\0000] "Service"="F-Secure Gatekeeper Handler Starter" "DeviceDesc"="F-Secure Gatekeeper Handler Starter" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_RECOGNIZER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_RECOGNIZER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_F-SECURE_RECOGNIZER\0000] "Service"="F-Secure Recognizer" "DeviceDesc"="F-Secure File System Recognizer" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FSDFWD\0000] "DeviceDesc"="F-Secure Anti-Virus Firewall Daemon" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FSFW\0000] "DeviceDesc"="F-Secure Firewall Driver" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FSMA\0000] "DeviceDesc"="F-Secure Management Agent" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application] ; Contents of value: ; WSH ; WMIAdapter Wmdm ; WmdmPmSN WinMgmt Winlogo ; WinMgmt Winlogon Windows Product ; Winlogon Windows Product Activation Windo ; Windows Product Activation Windows 3.1 Migration WebClient VSS VBRun ; Windows 3.1 Migration WebClient VSS VBRuntime Userinit Userenv SysmonLog Starter SpoolerCt ; WebClient VSS VBRuntime Userinit Userenv SysmonLog Starter SpoolerCtrs Software Restriction Policies ; VSS VBRuntime Userinit Userenv SysmonLog Starter SpoolerCtrs Software Restriction Policies Software Inst ; VBRuntime Userinit Userenv SysmonLog Starter SpoolerCtrs Software Restriction Policies Software Installation Secur ; Userinit Userenv SysmonLog Starter SpoolerCtrs Software Restriction Policies Software Installation SecurityCenter SclgNtfy ; Userenv SysmonLog Starter SpoolerCtrs Software Restriction Policies Software Installation SecurityCenter SclgNtfy SceSrv SceCli saf ; SysmonLog Starter SpoolerCtrs Software Restriction Policies Software Installation SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remot ; Starter SpoolerCtrs Software Restriction Policies Software Installation SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfP ; SpoolerCtrs Software Restriction Policies Software Installation SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet P ; Software Restriction Policies Software Installation SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline F ; Software Installation SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiI ; SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine m ; SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office ; SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.3 ; SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony S ; safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider ; SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTm ; Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder ; PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment ; PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Manage ; PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Se ; Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus ; Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESEN ; PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQu ; Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ C ; Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Pl ; Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoE ; ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autoch ; NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Applica ; MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application ; MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Applic ; MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Autochk ATI Smart Application Management Application Hang Application Error Application ; ATI Smart Application Management Application Hang Application Error Application ; Application Management Application Hang Application Error Application ; Application Hang Application Error Application ; Application Error Application ; Application ; "Sources"=hex(7):57,53,48,00,57,4d,49,41,64,61,70,74,65,72,00,57,6d,64,6d,50,\ 6d,53,4e,00,57,69,6e,4d,67,6d,74,00,57,69,6e,6c,6f,67,6f,6e,00,57,69,6e,64,\ 6f,77,73,20,50,72,6f,64,75,63,74,20,41,63,74,69,76,61,74,69,6f,6e,00,57,69,\ 6e,64,6f,77,73,20,33,2e,31,20,4d,69,67,72,61,74,69,6f,6e,00,57,65,62,43,6c,\ 69,65,6e,74,00,56,53,53,00,56,42,52,75,6e,74,69,6d,65,00,55,73,65,72,69,6e,\ 69,74,00,55,73,65,72,65,6e,76,00,53,79,73,6d,6f,6e,4c,6f,67,00,53,74,61,72,\ 74,65,72,00,53,70,6f,6f,6c,65,72,43,74,72,73,00,53,6f,66,74,77,61,72,65,20,\ 52,65,73,74,72,69,63,74,69,6f,6e,20,50,6f,6c,69,63,69,65,73,00,53,6f,66,74,\ 77,61,72,65,20,49,6e,73,74,61,6c,6c,61,74,69,6f,6e,00,53,65,63,75,72,69,74,\ 79,43,65,6e,74,65,72,00,53,63,6c,67,4e,74,66,79,00,53,63,65,53,72,76,00,53,\ 63,65,43,6c,69,00,73,61,66,72,73,6c,76,00,53,41,46,72,64,6d,73,00,52,65,6d,\ 6f,74,65,20,41,73,73,69,73,74,61,6e,63,65,00,50,65,72,66,50,72,6f,63,00,50,\ 65,72,66,4f,53,00,50,65,72,66,4e,65,74,00,50,65,72,66,6d,6f,6e,00,50,65,72,\ 66,6c,69,62,00,50,65,72,66,44,69,73,6b,00,50,65,72,66,63,74,72,73,00,4f,66,\ 66,6c,69,6e,65,20,46,69,6c,65,73,00,4f,61,6b,6c,65,79,00,6e,74,62,61,63,6b,\ 75,70,00,4e,65,72,6f,43,68,65,63,6b,00,4d,53,53,51,4c,53,45,52,56,45,52,2f,\ 4d,53,44,45,00,4d,73,69,49,6e,73,74,61,6c,6c,65,72,00,4d,53,44,54,43,20,43,\ 6c,69,65,6e,74,00,4d,53,44,54,43,00,4d,53,44,4d,69,6e,65,00,6d,6e,6d,73,72,\ 76,63,00,4d,69,63,72,6f,73,6f,66,74,20,4f,66,66,69,63,65,20,31,30,00,4d,69,\ 63,72,6f,73,6f,66,74,20,48,2e,33,32,33,20,54,65,6c,65,70,68,6f,6e,79,20,53,\ 65,72,76,69,63,65,20,50,72,6f,76,69,64,65,72,00,4c,6f,61,64,50,65,72,66,00,\ 49,41,41,4e,54,6d,6f,6e,00,48,65,6c,70,53,76,63,00,66,73,62,77,73,79,73,00,\ 46,6f,6c,64,65,72,20,52,65,64,69,72,65,63,74,69,6f,6e,00,46,69,6c,65,20,44,\ 65,70,6c,6f,79,6d,65,6e,74,00,46,2d,53,65,63,75,72,65,20,4d,61,6e,61,67,65,\ 6d,65,6e,74,20,41,67,65,6e,74,00,46,2d,53,65,63,75,72,65,20,41,6e,74,69,2d,\ 56,69,72,75,73,00,45,76,65,6e,74,53,79,73,74,65,6d,00,45,53,45,4e,54,00,44,\ 72,57,61,74,73,6f,6e,00,44,69,73,6b,51,75,6f,74,61,00,63,72,79,70,74,33,32,\ 00,43,4f,4d,2b,00,43,4f,4d,00,43,69,00,43,68,6b,64,73,6b,00,42,61,63,6b,57,\ 65,62,20,50,6c,75,67,2d,69,6e,20,2d,20,34,34,37,36,38,32,32,00,41,75,74,6f,\ 45,6e,72,6f,6c,6c,6d,65,6e,74,00,41,75,74,6f,63,68,6b,00,41,54,49,20,53,6d,\ 61,72,74,00,41,70,70,6c,69,63,61,74,69,6f,6e,20,4d,61,6e,61,67,65,6d,65,6e,\ 74,00,41,70,70,6c,69,63,61,74,69,6f,6e,20,48,61,6e,67,00,41,70,70,6c,69,63,\ 61,74,69,6f,6e,20,45,72,72,6f,72,00,41,70,70,6c,69,63,61,74,69,6f,6e,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\BackWeb Plug-in - 4476822] "EventMessageFile"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\6.3.2.62-4476822L\\Program\\ServiceWrapper.dll" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\F-Secure Anti-Virus] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\F-Secure Anti-Virus] ; Contents of value: ; C:\Program Files\F-Secure Anti-Virus\Common\AMEHEVN.DLL "EventMessageFile"=hex(2):43,3a,5c,50,72,6f,67,72,61,6d,20,46,69,6c,65,73,5c,\ 46,2d,53,65,63,75,72,65,20,41,6e,74,69,2d,56,69,72,75,73,5c,43,6f,6d,6d,6f,\ 6e,5c,41,4d,45,48,45,56,4e,2e,44,4c,4c,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\F-Secure Management Agent] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\F-Secure Management Agent] ; Contents of value: ; C:\Program Files\F-Secure Anti-Virus\Common\AMEHEVN.DLL "EventMessageFile"=hex(2):43,3a,5c,50,72,6f,67,72,61,6d,20,46,69,6c,65,73,5c,\ 46,2d,53,65,63,75,72,65,20,41,6e,74,69,2d,56,69,72,75,73,5c,43,6f,6d,6d,6f,\ 6e,5c,41,4d,45,48,45,56,4e,2e,44,4c,4c,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\fsbwsys] ; Contents of value: ; "C:\Program Files\F-Secure Anti-Virus\backweb\4476822\program\fsbwsys.exe" "EventMessageFile"=hex(2):22,43,3a,5c,50,72,6f,67,72,61,6d,20,46,69,6c,65,73,\ 5c,46,2d,53,65,63,75,72,65,20,41,6e,74,69,2d,56,69,72,75,73,5c,62,61,63,6b,\ 77,65,62,5c,34,34,37,36,38,32,32,5c,70,72,6f,67,72,61,6d,5c,66,73,62,77,73,\ 79,73,2e,65,78,65,22,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\F-Secure Filter] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\F-Secure Filter] ; Contents of value: ; \??\C:\Program Files\F-Secure Anti-Virus\Anti-Virus\Win2K\FSfilter.sys "ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,50,72,6f,67,72,61,6d,20,46,69,6c,65,73,\ 5c,46,2d,53,65,63,75,72,65,20,41,6e,74,69,2d,56,69,72,75,73,5c,41,6e,74,69,\ 2d,56,69,72,75,73,5c,57,69,6e,32,4b,5c,46,53,66,69,6c,74,65,72,2e,73,79,73,\ 00 "DisplayName"="F-Secure File System Filter" ; Contents of value: ; F-Secure Recognizer ; "DependOnService"=hex(7):46,2d,53,65,63,75,72,65,20,52,65,63,6f,67,6e,69,7a,65,\ 72,00,00 "Description"="F-Secure File System Filter" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\F-Secure Filter\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\F-Secure Gatekeeper] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\F-Secure Gatekeeper] ; Contents of value: ; \??\C:\Program Files\F-Secure Anti-Virus\Anti-Virus\Win2K\FSgk.sys "ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,50,72,6f,67,72,61,6d,20,46,69,6c,65,73,\ 5c,46,2d,53,65,63,75,72,65,20,41,6e,74,69,2d,56,69,72,75,73,5c,41,6e,74,69,\ 2d,56,69,72,75,73,5c,57,69,6e,32,4b,5c,46,53,67,6b,2e,73,79,73,00 "DisplayName"="F-Secure Gatekeeper" ; Contents of value: ; F-Secure Filter ; "DependOnService"=hex(7):46,2d,53,65,63,75,72,65,20,46,69,6c,74,65,72,00,00 "Description"="F-Secure Gatekeeper" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\F-Secure Gatekeeper\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\F-Secure Gatekeeper Handler Starter] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\F-Secure Gatekeeper Handler Starter] ; Contents of value: ; "C:\Program Files\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe" "ImagePath"=hex(2):22,43,3a,5c,50,72,6f,67,72,61,6d,20,46,69,6c,65,73,5c,46,2d,\ 53,65,63,75,72,65,20,41,6e,74,69,2d,56,69,72,75,73,5c,41,6e,74,69,2d,56,69,\ 72,75,73,5c,66,73,67,6b,33,32,73,74,2e,65,78,65,22,00 "DisplayName"="F-Secure Gatekeeper Handler Starter" "Description"="F-Secure Gatekeeper Handler Starter" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\F-Secure Gatekeeper Handler Starter\Parameters] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\F-Secure Gatekeeper Handler Starter\Parameters] "BasePath"="\\??\\C:\\Program Files\\F-Secure Anti-Virus\\Anti-Virus" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\F-Secure Gatekeeper Handler Starter\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\F-Secure Recognizer] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\F-Secure Recognizer] ; Contents of value: ; \??\C:\Program Files\F-Secure Anti-Virus\Anti-Virus\Win2K\FSrec.sys "ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,50,72,6f,67,72,61,6d,20,46,69,6c,65,73,\ 5c,46,2d,53,65,63,75,72,65,20,41,6e,74,69,2d,56,69,72,75,73,5c,41,6e,74,69,\ 2d,56,69,72,75,73,5c,57,69,6e,32,4b,5c,46,53,72,65,63,2e,73,79,73,00 "DisplayName"="F-Secure File System Recognizer" "Description"="F-Secure File System Recognizer" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\F-Secure Recognizer\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FSDFWD] ; Contents of value: ; "C:\Program Files\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe" "ImagePath"=hex(2):22,43,3a,5c,50,72,6f,67,72,61,6d,20,46,69,6c,65,73,5c,46,2d,\ 53,65,63,75,72,65,20,41,6e,74,69,2d,56,69,72,75,73,5c,46,57,45,53,5c,50,72,\ 6f,67,72,61,6d,5c,66,73,64,66,77,64,2e,65,78,65,22,00 "DisplayName"="F-Secure Anti-Virus Firewall Daemon" "Description"="F-Secure Anti-Virus Firewall Daemon" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FSFW] "DisplayName"="F-Secure Firewall Driver" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FSMA] ; Contents of value: ; "C:\Program Files\F-Secure Anti-Virus\Common\FSMA32.EXE" "ImagePath"=hex(2):22,43,3a,5c,50,72,6f,67,72,61,6d,20,46,69,6c,65,73,5c,46,2d,\ 53,65,63,75,72,65,20,41,6e,74,69,2d,56,69,72,75,73,5c,43,6f,6d,6d,6f,6e,5c,\ 46,53,4d,41,33,32,2e,45,58,45,22,00 "DisplayName"="F-Secure Management Agent" "Description"="F-Secure Management Agent" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\Program\\fspex.exe"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\Program\\fspex.exe:*:Enabled:F-Secure Anti-Virus 2005" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F-SECURE_FILTER] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F-SECURE_FILTER\00
- le 10 février 2006
- 53 réponses
L'antivirus me signale des problèmes sur mon PC

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

ok merci =) je viens de le faire mais je n'ai que ces trois là F-Secure Gatekeeper Handler Starter F-Secure Anti-Virus Firewall Daemon F-Secure Management Agent qui sont tous trois désactivés! je vais la suite! merci bcp tjs impossible de supprimer le dossier Fsecure antivirus...il ne reste pourtant que trois fichiers: C:\Program Files\F-Secure Anti-Virus\Common\fpshx.dll C:\Program Files\F-Secure Anti-Virus\Common\FSMA32.DLL C:\Program Files\F-Secure Anti-Virus\Common\FSPMAPI.DLL et C:\WINDOWS\System32\fsdfw.sys n'existait plus. voici le rapport de RegSearch REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.0.1 ; Results at 10/02/2006 17:23:40 for strings: ; 'f-secure' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\{23814B80-52A2-11d0-BC1A-004095606CB9}] @="F-Secure" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.fskey] @="F-Secure.License" "Content Type"="F-Secure/FSLicenseFile" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23814B80-52A2-11d0-BC1A-004095606CB9}] "LanguageFile"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\FSHXFRA.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23814B80-52A2-11d0-BC1A-004095606CB9}\InProcServer32] @="C:\\Program Files\\F-Secure Anti-Virus\\Common\\fpshx.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\Rechercher des logiciels espions dans les dossiers...\Command] @="\"C:\\Program Files\\F-Secure Anti-Virus\\Anti-Spyware\\Anti-Spyware.exe\" \"%1\" \"+SD\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shell\Rechercher des logiciels espions dans les dossiers...\Command] @="\"C:\\Program Files\\F-Secure Anti-Virus\\Anti-Spyware\\Anti-Spyware.exe\" \"%1\" \"+SD\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\F-Secure.License] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\F-Secure.License\DefaultIcon] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\F-Secure.License\DefaultIcon] @="C:\\Program Files\\F-Secure Anti-Virus\\TNB\\fstnbins.DLL,0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\F-Secure.License\Shell] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\F-Secure.License\Shell\Open] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\F-Secure.License\Shell\Open\Command] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\F-Secure.License\Shell\Open\Command] @="C:\\Program Files\\F-Secure Anti-Virus\\TNB\\TNBUtil.exe /keycodefile:%1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\{23814B80-52A2-11d0-BC1A-004095606CB9}] @="F-Secure" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FSFIX] @="F-Secure Hot-Fix" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FSFIX\shell\open] @="&Apply F-Secure Hot-Fix" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FSFIX\shell\open\command] @="\"C:\\Program Files\\F-Secure Anti-Virus\\Common\\FSHOTFIX.EXE\" \"%1\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DA0AC514-C1AE-11D3-84E7-005004C65534}\1.0\0\win32] @="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\program\\fsbwce.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DA0AC514-C1AE-11D3-84E7-005004C65534}\1.0\HELPDIR] @="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\program\\" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure] "InstallationRootDirectory"="C:\\Program Files\\F-Secure Anti-Virus" "F-Secure Hot-Fix Public Key"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\FSFIX.PUB" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Anti-Spyware] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Anti-Spyware] "InstallationDirectory"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Spyware" "UninstallKey"="F-Secure Anti-Spyware" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Anti-Virus] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Anti-Virus] "InstallationDirectory"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Virus" "DatabaseUpdateDirectoryHttp"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Virus\\dbupdate.htp" "Path"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Virus" "UninstallKey"="F-Secure Anti-Virus" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Customization] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Customization] "UninstallationLog"="C:\\Program Files\\F-Secure Anti-Virus\\common\\custom\\uninst.log" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\DAAS] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\DAAS] "InstallationDirectory"="C:\\Program Files\\F-Secure Anti-Virus\\DAAS" "DAASDLL"="C:\\Program Files\\F-Secure Anti-Virus\\DAAS\\daas.dll" "UninstallKey"="F-Secure DAAS" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Delay Loading] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Delay Loading] ; Contents of value: ; c:\program files\f-secure anti-virus\fsisu.dll ; "fsisu.dll"=hex(7):63,3a,5c,70,72,6f,67,72,61,6d,20,66,69,6c,65,73,5c,66,2d,73,\ 65,63,75,72,65,20,61,6e,74,69,2d,76,69,72,75,73,5c,66,73,69,73,75,2e,64,6c,\ 6c,00,00 ; Contents of value: ; c:\program files\f-secure anti-virus\fsisunt.dll ; "fsisunt.dll"=hex(7):63,3a,5c,70,72,6f,67,72,61,6d,20,66,69,6c,65,73,5c,66,2d,\ 73,65,63,75,72,65,20,61,6e,74,69,2d,76,69,72,75,73,5c,66,73,69,73,75,6e,74,\ 2e,64,6c,6c,00,00 ; Contents of value: ; c:\program files\f-secure anti-virus\fsld32.dll ; c:\program files\f-secure anti-virus\common\fsld32.dll ; "fsld32.dll"=hex(7):63,3a,5c,70,72,6f,67,72,61,6d,20,66,69,6c,65,73,5c,66,2d,\ 73,65,63,75,72,65,20,61,6e,74,69,2d,76,69,72,75,73,5c,66,73,6c,64,33,32,2e,\ 64,6c,6c,00,63,3a,5c,70,72,6f,67,72,61,6d,20,66,69,6c,65,73,5c,66,2d,73,65,\ 63,75,72,65,20,61,6e,74,69,2d,76,69,72,75,73,5c,63,6f,6d,6d,6f,6e,5c,66,73,\ 6c,64,33,32,2e,64,6c,6c,00,00 ; Contents of value: ; c:\program files\f-secure anti-virus\fsdeph.dll ; "fsdeph.dll"=hex(7):63,3a,5c,70,72,6f,67,72,61,6d,20,66,69,6c,65,73,5c,66,2d,\ 73,65,63,75,72,65,20,61,6e,74,69,2d,76,69,72,75,73,5c,66,73,64,65,70,68,2e,\ 64,6c,6c,00,00 ; Contents of value: ; c:\program files\f-secure anti-virus\common\fspmapi.dll ; "fspmapi.dll"=hex(7):63,3a,5c,70,72,6f,67,72,61,6d,20,66,69,6c,65,73,5c,66,2d,\ 73,65,63,75,72,65,20,61,6e,74,69,2d,76,69,72,75,73,5c,63,6f,6d,6d,6f,6e,5c,\ 66,73,70,6d,61,70,69,2e,64,6c,6c,00,00 ; Contents of value: ; c:\program files\f-secure anti-virus\common\fsma32.dll ; "fsma32.dll"=hex(7):63,3a,5c,70,72,6f,67,72,61,6d,20,66,69,6c,65,73,5c,66,2d,\ 73,65,63,75,72,65,20,61,6e,74,69,2d,76,69,72,75,73,5c,63,6f,6d,6d,6f,6e,5c,\ 66,73,6d,61,33,32,2e,64,6c,6c,00,00 ; Contents of value: ; c:\program files\f-secure anti-virus\common\fsma32s.dll ; "fsma32s.dll"=hex(7):63,3a,5c,70,72,6f,67,72,61,6d,20,66,69,6c,65,73,5c,66,2d,\ 73,65,63,75,72,65,20,61,6e,74,69,2d,76,69,72,75,73,5c,63,6f,6d,6d,6f,6e,5c,\ 66,73,6d,61,33,32,73,2e,64,6c,6c,00,00 ; Contents of value: ; c:\program files\f-secure anti-virus\common\fsaa_api.dll ; "fsaa_api.dll"=hex(7):63,3a,5c,70,72,6f,67,72,61,6d,20,66,69,6c,65,73,5c,66,2d,\ 73,65,63,75,72,65,20,61,6e,74,69,2d,76,69,72,75,73,5c,63,6f,6d,6d,6f,6e,5c,\ 66,73,61,61,5f,61,70,69,2e,64,6c,6c,00,00 ; Contents of value: ; c:\program files\f-secure anti-virus\common\fspki.dll ; "fspki.dll"=hex(7):63,3a,5c,70,72,6f,67,72,61,6d,20,66,69,6c,65,73,5c,66,2d,73,\ 65,63,75,72,65,20,61,6e,74,69,2d,76,69,72,75,73,5c,63,6f,6d,6d,6f,6e,5c,66,\ 73,70,6b,69,2e,64,6c,6c,00,00 ; Contents of value: ; c:\program files\f-secure anti-virus\common\dfalsu.dll ; "dfalsu.dll"=hex(7):63,3a,5c,70,72,6f,67,72,61,6d,20,66,69,6c,65,73,5c,66,2d,\ 73,65,63,75,72,65,20,61,6e,74,69,2d,76,69,72,75,73,5c,63,6f,6d,6d,6f,6e,5c,\ 64,66,61,6c,73,75,2e,64,6c,6c,00,00 ; Contents of value: ; c:\program files\f-secure anti-virus\anti-virus\fsgkiapi.dll ; "fsgkiapi.dll"=hex(7):63,3a,5c,70,72,6f,67,72,61,6d,20,66,69,6c,65,73,5c,66,2d,\ 73,65,63,75,72,65,20,61,6e,74,69,2d,76,69,72,75,73,5c,61,6e,74,69,2d,76,69,\ 72,75,73,5c,66,73,67,6b,69,61,70,69,2e,64,6c,6c,00,00 ; Contents of value: ; c:\program files\f-secure anti-virus\tnb\fstnb.dll ; "fstnb.dll"=hex(7):63,3a,5c,70,72,6f,67,72,61,6d,20,66,69,6c,65,73,5c,66,2d,73,\ 65,63,75,72,65,20,61,6e,74,69,2d,76,69,72,75,73,5c,74,6e,62,5c,66,73,74,6e,\ 62,2e,64,6c,6c,00,00 ; Contents of value: ; c:\program files\f-secure anti-virus\fsgui\fsscgui.dll ; "fsscgui.dll"=hex(7):63,3a,5c,70,72,6f,67,72,61,6d,20,66,69,6c,65,73,5c,66,2d,\ 73,65,63,75,72,65,20,61,6e,74,69,2d,76,69,72,75,73,5c,66,73,67,75,69,5c,66,\ 73,73,63,67,75,69,2e,64,6c,6c,00,00 ; Contents of value: ; c:\program files\f-secure anti-virus\daas\daas.dll ; "daas.dll"=hex(7):63,3a,5c,70,72,6f,67,72,61,6d,20,66,69,6c,65,73,5c,66,2d,73,\ 65,63,75,72,65,20,61,6e,74,69,2d,76,69,72,75,73,5c,64,61,61,73,5c,64,61,61,\ 73,2e,64,6c,6c,00,00 ; Contents of value: ; c:\program files\f-secure anti-virus\daas\fsclm.dll ; "fsclm.dll"=hex(7):63,3a,5c,70,72,6f,67,72,61,6d,20,66,69,6c,65,73,5c,66,2d,73,\ 65,63,75,72,65,20,61,6e,74,69,2d,76,69,72,75,73,5c,64,61,61,73,5c,66,73,63,\ 6c,6d,2e,64,6c,6c,00,00 ; Contents of value: ; c:\program files\f-secure anti-virus\common\fswscs.dll ; "fswscs.dll"=hex(7):63,3a,5c,70,72,6f,67,72,61,6d,20,66,69,6c,65,73,5c,66,2d,\ 73,65,63,75,72,65,20,61,6e,74,69,2d,76,69,72,75,73,5c,63,6f,6d,6d,6f,6e,5c,\ 66,73,77,73,63,73,2e,64,6c,6c,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Diagnostics] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Diagnostics] "InstallationDirectory"="C:\\Program Files\\F-Secure Anti-Virus\\Common" "UninstallKey"="F-Secure Diagnostics" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\E-mail Scanning] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\E-mail Scanning] "InstallationDirectory"="C:\\Program Files\\F-Secure Anti-Virus\\FWES" "UninstallKey"="F-Secure E-mail Scanning" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\F-Secure GUI] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\F-Secure GUI] "InstallationDirectory"="C:\\Program Files\\F-Secure Anti-Virus\\FSGUI" "UninstallKey"="F-Secure GUI" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\FSAVCSIN] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\FSAVCSIN] "InstallationDirectory"="C:\\Program Files\\F-Secure Anti-Virus\\Common" "UninstallKey"="F-Secure Anti-Virus Client Security Installer" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\FSPC] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\FSPC] "PasswordDialogDll"="C:\\Program Files\\F-Secure Anti-Virus\\FSGUI\\PCPWD.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\FSSetup] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\FSSetup\Components] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\FSSetup\Components] "F-Secure GUI"=dword:00000007 [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\FSSetup\Dependencies] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\FSSetup\Dependencies] ; Contents of value: ; Management Agent ; TNB Diagnostics F-Sec ; Diagnostics F-Secure GUI FSAVCSIN ; F-Secure GUI FSAVCSIN DAAS ; FSAVCSIN DAAS ; DAAS ; "Anti-Virus"=hex(7):4d,61,6e,61,67,65,6d,65,6e,74,20,41,67,65,6e,74,00,54,4e,\ 42,00,44,69,61,67,6e,6f,73,74,69,63,73,00,46,2d,53,65,63,75,72,65,20,47,55,\ 49,00,46,53,41,56,43,53,49,4e,00,44,41,41,53,00,00 ; Contents of value: ; Anti-Virus ; FWES Management ; Management Agent TNB Diagnostics ; TNB Diagnostics F-Secure GUI FSAVCSIN ; Diagnostics F-Secure GUI FSAVCSIN ; F-Secure GUI FSAVCSIN ; FSAVCSIN ; "E-mail Scanning"=hex(7):41,6e,74,69,2d,56,69,72,75,73,00,46,57,45,53,00,4d,61,\ 6e,61,67,65,6d,65,6e,74,20,41,67,65,6e,74,00,54,4e,42,00,44,69,61,67,6e,6f,\ 73,74,69,63,73,00,46,2d,53,65,63,75,72,65,20,47,55,49,00,46,53,41,56,43,53,\ 49,4e,00,00 ; Contents of value: ; Management Agent ; Diagnostics ; "F-Secure GUI"=hex(7):4d,61,6e,61,67,65,6d,65,6e,74,20,41,67,65,6e,74,00,44,69,\ 61,67,6e,6f,73,74,69,63,73,00,00 ; Contents of value: ; Management Agent ; Diagnostics TNB F-Secure GUI ; TNB F-Secure GUI FSAVCSIN ; F-Secure GUI FSAVCSIN ; FSAVCSIN ; "Anti-Spyware"=hex(7):4d,61,6e,61,67,65,6d,65,6e,74,20,41,67,65,6e,74,00,44,69,\ 61,67,6e,6f,73,74,69,63,73,00,54,4e,42,00,46,2d,53,65,63,75,72,65,20,47,55,\ 49,00,46,53,41,56,43,53,49,4e,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\FWES] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\FWES] "InstallationDirectory"="C:\\Program Files\\F-Secure Anti-Virus\\FWES" "ProgramDirectory"="C:\\Program Files\\F-Secure Anti-Virus\\FWES\\Program" "UninstallKey"="F-Secure FWES" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Gatekeeper] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Gatekeeper\Plug-Ins] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Gatekeeper\Plug-Ins\AVP] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Gatekeeper\Plug-Ins\AVP] "BasePath"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Virus\\" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\GKH2] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\GKH2] "ScannerManagerPath"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Virus\\fssm32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\GKH2\Plug-Ins] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\GKH2\Plug-Ins\F-Secure AVP] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\GKH2\Plug-Ins\F-Secure AVP] "BasePath"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Virus\\" "Name"="F-Secure AVP" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\GKH2\Plug-Ins\F-Secure Libra] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\GKH2\Plug-Ins\F-Secure Libra] "BasePath"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Virus\\" "Name"="F-Secure Libra" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\GKH2\Plug-Ins\F-Secure Orion] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\GKH2\Plug-Ins\F-Secure Orion] "BasePath"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Virus\\" "Name"="F-Secure Orion" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Localization] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Localization] "tnbutil"="C:\\Program Files\\F-Secure Anti-Virus\\TNB\\tnbutil" "gres"="C:\\Program Files\\F-Secure Anti-Virus\\FSGUI\\gres" "avabtres"="C:\\Program Files\\F-Secure Anti-Virus\\FSGUI\\avabtres" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent] "InstallationDirectory"="C:\\Program Files\\F-Secure Anti-Virus\\Common" "UninstallKey"="F-Secure Management Agent" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Host Information] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Plug-Ins] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Plug-Ins\F-Secure Alert and Management Extension Handler] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Plug-Ins\F-Secure Alert and Management Extension Handler] "DisplayName"="F-Secure Alert and Management Extension Handler" "ImagePath"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\FAMEH32.EXE" ; Contents of value: ; F-Secure Configuration Handler ; "DependOnModule"=hex(7):46,2d,53,65,63,75,72,65,20,43,6f,6e,66,69,67,75,72,61,\ 74,69,6f,6e,20,48,61,6e,64,6c,65,72,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Plug-Ins\F-Secure Anti-Virus Firewall Daemon] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Plug-Ins\F-Secure Anti-Virus Firewall Daemon] "DisplayName"="F-Secure Anti-Virus Firewall Daemon" ; Contents of value: ; F-Secure Configuration Handler ; F-Secure Alert and Management Extension Handler ; "DependOnModule"=hex(7):46,2d,53,65,63,75,72,65,20,43,6f,6e,66,69,67,75,72,61,\ 74,69,6f,6e,20,48,61,6e,64,6c,65,72,00,46,2d,53,65,63,75,72,65,20,41,6c,65,\ 72,74,20,61,6e,64,20,4d,61,6e,61,67,65,6d,65,6e,74,20,45,78,74,65,6e,73,69,\ 6f,6e,20,48,61,6e,64,6c,65,72,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Plug-Ins\F-Secure Anti-Virus Handler] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Plug-Ins\F-Secure Anti-Virus Handler] "DisplayName"="F-Secure Anti-Virus Handler" "ImagePath"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Virus\\fsav32.exe" ; Contents of value: ; F-Secure Configuration Handler ; F-Secure Gatekeeper Handler ; "DependOnModule"=hex(7):46,2d,53,65,63,75,72,65,20,43,6f,6e,66,69,67,75,72,61,\ 74,69,6f,6e,20,48,61,6e,64,6c,65,72,00,46,2d,53,65,63,75,72,65,20,47,61,74,\ 65,6b,65,65,70,65,72,20,48,61,6e,64,6c,65,72,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Plug-Ins\F-Secure Configuration Handler] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Plug-Ins\F-Secure Configuration Handler] "DisplayName"="F-Secure Configuration Handler" "ImagePath"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\FCH32.EXE" "BasePolicy"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\policy.bpf" "IncrementalPolicy"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\policy.ipf" "IncrementalPolicyBackup"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\policy.ipf.bak" "PublicKey"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\admin.pub" "DefaultPath"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\" "HistoryDirectory"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\History" "BadPolicyDirectory"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\Invalid" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Plug-Ins\F-Secure Gatekeeper Handler] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Plug-Ins\F-Secure Gatekeeper Handler] "DisplayName"="F-Secure Gatekeeper Handler" "ImagePath"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Virus\\FSGK32.EXE" ; Contents of value: ; F-Secure Configuration Handler ; F-Secure Alert and Management Extension Handler ; "DependOnModule"=hex(7):46,2d,53,65,63,75,72,65,20,43,6f,6e,66,69,67,75,72,61,\ 74,69,6f,6e,20,48,61,6e,64,6c,65,72,00,46,2d,53,65,63,75,72,65,20,41,6c,65,\ 72,74,20,61,6e,64,20,4d,61,6e,61,67,65,6d,65,6e,74,20,45,78,74,65,6e,73,69,\ 6f,6e,20,48,61,6e,64,6c,65,72,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Plug-Ins\F-Secure GUI Launcher Plug-In] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Plug-Ins\F-Secure GUI Launcher Plug-In] "DisplayName"="F-Secure GUI Launcher Plug-In" "ImagePath"="C:\\Program Files\\F-Secure Anti-Virus\\FSGUI\\guilaunc.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Plug-Ins\F-Secure Management Agent User Interface Plug-In] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Plug-Ins\F-Secure Management Agent User Interface Plug-In] "DisplayName"="F-Secure Management Agent User Interface Plug-In" "ImagePath"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\FSMAUI32.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Plug-Ins\F-Secure Manager] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Plug-Ins\F-Secure Manager] "DisplayName"="F-Secure Manager" "ImagePath"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\FSM32.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Management Agent\Statistics Filters] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Manager] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Manager] "AboutDLL"="C:\\Program Files\\F-Secure Anti-Virus\\FSGUI\\av550about.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Manager\Plug-ins] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Manager\Plug-ins\F-Secure Anti-Virus Plug-In] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Manager\Plug-ins\F-Secure Anti-Virus Plug-In] "ImagePath"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Virus\\fsmuiav.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Manager\Plug-ins\F-Secure GUI Launcher Plug-In] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Manager\Plug-ins\F-Secure GUI Launcher Plug-In] "ImagePath"="C:\\Program Files\\F-Secure Anti-Virus\\FSGUI\\guilaunc.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Manager\Plug-ins\F-Secure Management Agent Plug-In] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Manager\Plug-ins\F-Secure Management Agent Plug-In] "ImagePath"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\fsmaui32.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Security Center Support] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Security Center Support\F-Secure Anti-Virus] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Security Center Support\F-Secure Firewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\Setup] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB] "InstallationDirectory"="C:\\Program Files\\F-Secure Anti-Virus\\TNB" "FSTNBUTIL"="C:\\Program Files\\F-Secure Anti-Virus\\TNB\\TNBUtil.exe" "UninstallKey"="F-Secure TNB" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\127] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\127] "ProductName"="F-Secure Anti-Virus" "UninstallKey"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure Anti-Virus\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\181] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\181] "ProductName"="F-Secure Management Agent" "UninstallKey"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure Management Agent\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\277] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\277] "WebShopURL"="http://www.f-secure.com/estore/"'>http://www.f-secure.com/estore/"'>http://www.f-secure.com/estore/"'>http://www.f-secure.com/estore/"'>http://www.f-secure.com/estore/"'>http://www.f-secure.com/estore/"'>http://www.f-secure.com/estore/"'>http://www.f-secure.com/estore/"'>http://www.f-secure.com/estore/"'>http://www.f-secure.com/estore/"'>http://www.f-secure.com/estore/"'>http://www.f-secure.com/estore/"'>http://www.f-secure.com/estore/" "ProductName"="F-Secure Internet Security 2005" "Plugin"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\program\\pextnbplugin.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\303] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\303] "WebShopURL"="http://www.f-secure.com/estore/" "ProductName"="F-Secure Anti-Virus 2005" "Plugin"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\program\\pextnbplugin.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\305] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\305] "WebShopURL"="http://www.f-secure.com/estore/" "Plugin"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\program\\pextnbplugin.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\414] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\414] "ProductName"="F-Secure E-mail Scanning" "UninstallKey"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure E-mail Scanning\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\424] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\424] "WebShopURL"="http://www.f-secure.com/estore/" "Plugin"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\program\\pextnbplugin.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\426] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\426] "WebShopURL"="http://www.f-secure.com/estore/" "Plugin"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\program\\pextnbplugin.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\428] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\428] "WebShopURL"="http://www.f-secure.com/estore/" "Plugin"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\program\\pextnbplugin.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\430] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\430] "WebShopURL"="http://www.f-secure.com/estore/" "Plugin"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\program\\pextnbplugin.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\438] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\438] "WebShopURL"="http://www.f-secure.com/estore/" "Plugin"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\program\\pextnbplugin.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\440] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\440] "WebShopURL"="http://www.f-secure.com/estore/" "Plugin"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\program\\pextnbplugin.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\442] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\442] "WebShopURL"="http://www.f-secure.com/estore/" "Plugin"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\program\\pextnbplugin.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\444] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\444] "WebShopURL"="http://www.f-secure.com/estore/" "Plugin"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\program\\pextnbplugin.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\460] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\462] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\462] "ProductName"="F-Secure Anti-Spyware" "UninstallKey"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure Anti-Spyware\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\466] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\466] "WebShopURL"="http://www.f-secure.com/estore/" "ProductName"="F-Secure Anti-Virus 2005" "Plugin"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\program\\pextnbplugin.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\468] [HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\TNB\Products\468] "WebShopURL"="http://www.f-secure.com/estore/" "ProductName"="F-Secure Internet Security 2005" "Plugin"="C:\\Program Files\\F-Secure Anti-Virus\\backweb\\4476822\\program\\pextnbplugin.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Anti-Spyware] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Anti-Spyware] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Spyware\\FSASWINS.DLL" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Spyware\\fsaswuni.log" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure Anti-Spyware\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Anti-Virus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Anti-Virus] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Virus\\FSAVUNIN.DLL" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\Anti-Virus\\dfuninst.log" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure Anti-Virus\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Anti-Virus Client Security Installer] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Anti-Virus Client Security Installer] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\FSAVCSIN.DLL" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\fsavcsin.log" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure Anti-Virus Client Security Installer\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure DAAS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure DAAS] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\DAAS\\DAASINST.DLL" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\DAAS\\daasinst.log" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure DAAS\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Diagnostics] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Diagnostics] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\fsdiagin.dll" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\fsdiagun.log" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure Diagnostics\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure E-mail Scanning] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure E-mail Scanning] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\FWES\\ES_setup.DLL" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\FWES\\FSAVES_UNINST.LOG" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure E-mail Scanning\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure FWES] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure FWES] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\FWES\\FWESINST.DLL" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\FWES\\dfuninst.log" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure FWES\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure GUI] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure GUI] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\FSGUI\\FSGUIINS.DLL" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\FSGUI\\fsguiuni.log" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure GUI\"" "ProductRegKey"="F-Secure GUI" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Management Agent] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Management Agent] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\FSMAUNIN.DLL" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\Common\\dfuninst.log" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure Management Agent\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure TNB] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure TNB] "UninstallDllPath"="C:\\Program Files\\F-Secure Anti-Virus\\TNB\\FSTNBINS.DLL" "UninstallLogPath"="C:\\Program Files\\F-Secure Anti-Virus\\TNB\\fstnbins.log" "UninstallString"="\"C:\\Program Files\\F-Secure Anti-Virus\\fsuninst.exe\" /UninstRegKey:\"F-Secure TNB\"" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_FILTER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_FILTER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_FILTER\0000] "Service"="F-Secure Filter" "DeviceDesc"="F-Secure File System Filter" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_FILTER\0000\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_FILTER\0000\Control] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000] "Service"="F-Secure Gatekeeper" "DeviceDesc"="F-Secure Gatekeeper" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER\0000\Control] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_GATEKEEPER_HANDLER_STARTER\0000] "Service"="F-Secure Gatekeeper Handler Starter" "DeviceDesc"="F-Secure Gatekeeper Handler Starter" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_RECOGNIZER] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_RECOGNIZER\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_RECOGNIZER\0000] "Service"="F-Secure Recognizer" "DeviceDesc"="F-Secure File System Recognizer" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_F-SECURE_RECOGNIZER\0000\Control] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FSDFWD\0000] "DeviceDesc"="F-Secure Anti-Virus Firewall Daemon" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FSFW\0000] "DeviceDesc"="F-Secure Firewall Driver" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FSMA\0000] "DeviceDesc"="F-Secure Management Agent" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application] ; Contents of value: ; WSH ; WMIAdapter Wmdm ; WmdmPmSN WinMgmt Winlogo ; WinMgmt Winlogon Windows Product ; Winlogon Windows Product Activation Windo ; Windows Product Activation Windows 3.1 Migration WebClient VSS VBRun ; Windows 3.1 Migration WebClient VSS VBRuntime Userinit Userenv SysmonLog Starter SpoolerCt ; WebClient VSS VBRuntime Userinit Userenv SysmonLog Starter SpoolerCtrs Software Restriction Policies ; VSS VBRuntime Userinit Userenv SysmonLog Starter SpoolerCtrs Software Restriction Policies Software Inst ; VBRuntime Userinit Userenv SysmonLog Starter SpoolerCtrs Software Restriction Policies Software Installation Secur ; Userinit Userenv SysmonLog Starter SpoolerCtrs Software Restriction Policies Software Installation SecurityCenter SclgNtfy ; Userenv SysmonLog Starter SpoolerCtrs Software Restriction Policies Software Installation SecurityCenter SclgNtfy SceSrv SceCli saf ; SysmonLog Starter SpoolerCtrs Software Restriction Policies Software Installation SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remot ; Starter SpoolerCtrs Software Restriction Policies Software Installation SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfP ; SpoolerCtrs Software Restriction Policies Software Installation SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet P ; Software Restriction Policies Software Installation SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline F ; Software Installation SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiI ; SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine m ; SclgNtfy SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office ; SceSrv SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.3 ; SceCli safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony S ; safrslv SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider ; SAFrdms Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTm ; Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder ; PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment ; PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Manage ; PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Se ; Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus ; Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESEN ; PerfDisk Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQu ; Perfctrs Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ C ; Offline Files Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Pl ; Oakley ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoE ; ntbackup NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autoch ; NeroCheck MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Applica ; MSSQLSERVER/MSDE MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application ; MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Applic ; MSDTC Client MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; MSDTC MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; MSDMine mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; mnmsrvc Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Microsoft Office 10 Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Microsoft H.323 Telephony Service Provider LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; LoadPerf IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; IAANTmon HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; HelpSvc fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; fsbwsys Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Folder Redirection File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; File Deployment F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; F-Secure Management Agent F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; F-Secure Anti-Virus EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; EventSystem ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; ESENT DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; DrWatson DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; DiskQuota crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; crypt32 COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; COM+ COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; COM Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Ci Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Chkdsk BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; BackWeb Plug-in - 4476822 AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; AutoEnrollment Autochk ATI Smart Application Management Application Hang Application Error Application ; Autochk ATI Smart Application Management Application Hang Application Error Application ; ATI Smart Application Management Application Hang Application Error Application ; Application Management Application Hang Application Error Application ; Application Hang Application Error Application ; Application Error Application ; Applicati
- le 10 février 2006
- 53 réponses
L'antivirus me signale des problèmes sur mon PC

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

que dois-je faire avec ceci F-Secure File System Filter: \??\C:\Program Files\F-Secure Anti-Virus\Anti-Virus\Win2K\FSfilter.sys (autostart) F-Secure Gatekeeper: \??\C:\Program Files\F-Secure Anti-Virus\Anti-Virus\Win2K\FSgk.sys (autostart) F-Secure Gatekeeper Handler Starter: "C:\Program Files\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe" (disabled) F-Secure File System Recognizer: \??\C:\Program Files\F-Secure Anti-Virus\Anti-Virus\Win2K\FSrec.sys (autostart) F-Secure Anti-Virus Firewall Daemon: "C:\Program Files\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe" (disabled) F-Secure Firewall Driver: System32\drivers\fsdfw.sys (system) F-Secure Management Agent: "C:\Program Files\F-Secure Anti-Virus\Common\FSMA32.EXE" (disabled)
- le 10 février 2006
- 53 réponses
L'antivirus me signale des problèmes sur mon PC

inkolune a répondu à un(e) sujet de inkolune dans Analyses et éradication malwares

je n'arrive pas à télécharger le contrôle activeX pour kaspersky..lorsque j'appuie sur la petite barre au dessus de la page [pour télécharger le contrôle], rien ne se passe..... mon ordi a l'air de bien fonctionner =) mais le problème de la barre d'adresse réside tjs et je n'arrive tjs pas à enlever le dossier Fsecure =( et n'est-ce pas mauvais que j'ai le sp2 et avast avec des restes de Fsecure? à chaque démarrage, le petit bouclier rouge "alertes de sécurité windows" en bas à droite, me dit que mon ordi cours un risque parce que la mise à jour est désactivée...mais je ne veux pas mettre ça à jour, puisque j'ai avast... enfin voilà, que me reste-t-il à faire Mr Ingals =) ?
- le 10 février 2006
- 53 réponses

Connexion

inkolune

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par inkolune

infecté par Trojan.Win32.Agent.cs

spyfalcon + hijackthis

spyfalcon + hijackthis

spyfalcon + hijackthis

spyfalcon + hijackthis

spyfalcon + hijackthis

spyfalcon + hijackthis

spyfalcon + hijackthis

spyfalcon + hijackthis

spyfalcon + hijackthis

L'antivirus me signale des problèmes sur mon PC

L'antivirus me signale des problèmes sur mon PC

L'antivirus me signale des problèmes sur mon PC

L'antivirus me signale des problèmes sur mon PC

L'antivirus me signale des problèmes sur mon PC

L'antivirus me signale des problèmes sur mon PC

L'antivirus me signale des problèmes sur mon PC

L'antivirus me signale des problèmes sur mon PC

L'antivirus me signale des problèmes sur mon PC

L'antivirus me signale des problèmes sur mon PC

L'antivirus me signale des problèmes sur mon PC

L'antivirus me signale des problèmes sur mon PC

L'antivirus me signale des problèmes sur mon PC

L'antivirus me signale des problèmes sur mon PC

L'antivirus me signale des problèmes sur mon PC

Zebulon

Outils en ligne

Naviguer