thebear
-
Compteur de contenus
25 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par thebear
-
MERCI LES AMIS OPERATION REUSSIE The bear
-
Salut, Sur conseil de tornado, qui m'a beaucoup aidé ces derniers temps, je poste ce hijackthis pour une éventuelle optimisation. Merci PS: Si tu désires optimiser ton rapport hijackthis, donc ton système (notamment pour les ligne O4 <=> programmes qui se lancent au démarrage de Windows), tu peux poster un rapport hijack dans le sous-forum Optimisation-sécurisation. The bear Logfile of HijackThis v1.99.1 Scan saved at 19:50:04, on 12/05/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Documents and Settings\fabrice\Bureau\Guitar Pro 4 Demo\GP4Demo.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HijackThis\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.fr R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F62A3468-F453-4FDE-87F5-53F9F35A72DC}: NameServer = 213.36.80.1 213.36.80.1 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
-
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
Merci pout tout TORNADO... je tente le hijack dans le sous forum... -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
Salut SUPERTORNADO, Voilà ce que tu m'as demandé...encore merci...j'installe de ce pas firefox et ses composants... j'ai déjà mis à jour WXP avec le SP2... A bientôt ET UN GRAND MERCI The bear La totalité des ports TCP testés sont masqués, votre ordinateur ne donne donc aucune réponse aux tests de ports effectués. Votre machine est donc invisible aux yeux de pirates potentiels. Ports TCP ouverts Aucun port détecté Ports TCP fermés Aucun port détecté Ports TCP masqués 21 ftp Utilisé pour le transfert de fichier entre ordinateurs 22 ssh Le shell SSH permet de se connecter à un serveur de façon sécurisée 23 telnet Utilisé pour obtenir un shell distant 25 smtp Utilisé pour le transfert de courrier électronique entre deux hôtes. Si vous n'utilisez pas de serveur de messagerie, il est conseillé de fermer ce port. 79 finger Permet de connaître diverses informations relatives à votre profil 80 http Utilisé pour les services Web. Si vous n'utilisez pas de serveur web, il est conseillé de fermer ce port 110 pop3 Utilisé par les serveurs de messagerie Internet. Si vous n'utilisez pas de serveur de messagerie, il est conseillé de fermer ce port. 113 auth Utilisé par certains serveurs de messagerie ou de newsgroups (MiRC - Virc...). Des problèmes de performances peuvent survenir si ce port est masqué 119 nntp Utilisé par les serveurs de news pour la distribution d'articles Usenet 135 N/A Utilisé pour les applications client/server basées sur des systèmes d'exploitation Microsoft 139 netbios-ssn Utilisé pour le partage de fichiers dans un réseau local 143 imap Utilisé par les serveurs de messagerie Internet pour l'envoi de messages électroniques. Si vous n'utilisez pas de serveur IMAP, il est conseillé de fermer ce port. 389 ldap LDAP (Lightweight Directory Access Protocol) : utilisé pour accéder automatiquement à des services d'annuaires en ligne 443 https Utilisé pour sécuriser les communications HTTP. Si vous n'utilisez pas de serveur web, il est conseillé de fermer ce port. Ce port est également utilisé par AOL Instant Messenger 445 microsoft-ds Utilisé pour le partage des protocoles SMB. Son exploitation peut permettre d'obtenir vos mots de passe 1002 N/A Port non standard 1024 N/A Port réservé 1025 N/A Port non standard 1026 N/A Port non standard 1027 N/A Port non standard 1028 N/A Port non standard 1029 N/A Port non standard 1030 N/A Port non standard 1720 h323hostcall Port non standard. Peut être utilisé par NetMeeting 5000 N/A Utilisé pour communiquer avec tous les périphériques UpnP reliés à votre réseau -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
SALUT SUPERTORNADO, J'ai bien exécuté tes conseils et je te remercie pour leur qualité...je te joins les rapports réalisés ce soir Merci pour tout, je reste à dispo! A+ The bear ps: pendant que je t'écris le garde de ZA travaille dure dure, il a déjà bloqué 5 attaques...est-ce normal? Merci. Rapport avant scan antivir Logfile of HijackThis v1.99.1 Scan saved at 19:25:47, on 05/05/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\HijackThis\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Rapport Antivir AntiVir PersonalEdition Classic Report file date: vendredi 5 mai 2006 19:32 Jobname: 'Manual Selection' Scanning for 370940 virus strains and unwanted programs. Licensed to: AntiVir PersonalEdition Classic Serial number: 0000149996-WURGE-0001 Platform: Windows XP Windows version: (Service Pack 1) [5.1.2600] Username: fabrice Computer name: FAB Version informations: AVSCAN.EXE : 7.0.0.35 540712 21/04/2006 12:47:04 AVSCAN.DLL : 7.0.0.34 41000 05/04/2006 11:03:57 LUKE.DLL : 7.0.0.34 114728 05/04/2006 11:03:58 LUKERES.DLL : 7.0.0.34 25640 05/04/2006 11:03:58 ANTIVIR0.VDF : 6.32.0.60 4323840 02/05/2006 08:29:08 ANTIVIR1.VDF : 6.34.0.209 1930240 02/05/2006 08:29:09 ANTIVIR2.VDF : 6.34.1.1 89600 01/05/2006 17:17:55 ANTIVIR3.VDF : 6.34.1.26 48128 01/05/2006 17:17:55 AVEWIN32.DLL : 7.0.0.8 1171968 21/04/2006 15:40:14 AVPREF.DLL : 6.34.0.0 38440 18/01/2006 12:06:00 AVREP.DLL : 6.34.1.20 2371624 01/05/2006 17:17:56 AVPACK32.DLL : 7.0.0.4 335912 29/03/2006 09:44:25 AVREG.DLL : 6.31.0.90 27688 28/07/2005 10:06:36 NETNT.DLL : 6.32.0.0 6696 27/09/2005 07:56:49 NETNW.DLL : 6.32.0.0 9768 27/09/2005 07:56:49 Start of the scan: vendredi 5 mai 2006 19:32 Start scanning boot sectors: Boot sector 'C:' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( 15 files ). Starting the file scan: C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\fabrice\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\fabrice\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\fabrice\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\fabrice\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system.LOG [WARNING] The file could not be opened! End of the scan: vendredi 5 mai 2006 20:00 Used time: 28:10 min The scan has been done completely. 1784 Scanning directories 60678 Files were scanned 0 viruses and/or unwanted programs was found 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 531 Archives were scanned 15 Warnings 1 Notes Dernier hijack Logfile of HijackThis v1.99.1 Scan saved at 20:02:35, on 05/05/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\HijackThis\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
Salut SUPERTORNADO Apparemment, RAS selon panda et pas de problème de dysfonctionnement du PC... Par contre j'aimerai vraiment me protéger sur le long terme...peux tu me conseiller antivirus et firewall tip- top, même payants...bien entendu si pôssibilité gratuit...that is préférable! Merci The bear PS: je mets à jour mon windows -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
Salut SUPERTORNADO, Voilà le rapport du scan panda en ligne...vu ta taille et la clareté je te joins un rapport de panda, installé sur mon pc. MERCI A+ The bear panda en ligne Incident Statut Analyse Virus Eventuel. panda installé Ne détecte que 4 spywares qui ont été effacés avec succès -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
Cher tornado, ma réponse était dédiée à Tesgaz...ce qui démontre, comme tu peux le constater, mon niveau de netsurfer...bien entendu, rien dans cette réponse ne te concernait et j'essayais simplement d'expliquer à notre ami TESGAZ que certaines requêtes sont parfois de réels SOS...je faisais référence à son dernier message et au forum auquel il renvoie. Une fois de plus cher SUPER TORNADO (parceque maintenaint c'est comme que je t'appelle ) UN ENORME MERCI...j'appliquerai à la fin du week end tes dferniers conseils et je te poste les rapports en question. Du fond du coeur MERCI The bear -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
Salut, J'ai lu avec beaucoup d'intérêt l'ensemble de tes conseils...j'ai beaucoup appris, sur les comportements insécuritaires sur le net...et je te remercie. Néanmoins il faut éviter de mettre tout le monde dan le même sac, je te cite: "je lisais le post d'un membre infecté tout à l'heure qui pleurait d'être infecté...je supose que ce membre ne pleurait pas pour télécharger la derniere version d'émule pour avoir un peu de musique gratuite, etc..on dirait que ces membres quand on les écoute, qu'il n'ont pas de chance, ils choppent toujours des cochonneries" Pour ma part, j'ai récupéré l'utilisation exclusive d'un ordinateur familial, squatté en permanence par 4 autres membres de la tribu...les sites que tu cites ne m'intéresse pas, le téléchargement je sais pas faire et je veux pas faire, les seuls logiciels que j'ai installés sont ceux prescrits par SUPER TORNADO...quand je m'appercois que mon ordinateur met une plombe à ouvrir un fichier, je contacte un informaticien de ma ville, qui gentiment me dit de consulter les experts de ZEBULON avant de faire passer un technicien...alors c'est ce que j'ai fait et une fois de plus merci pour votre diligence et votre intérêt. Comme je l'ai fait pour les autres membres et en dépit de mon novicia en tant qu'internaute je suis prêt à te renvoyer l'ascenceur en cas de besoin...Il existe quelques domaines où moi aussi je suis reconnu, et comme toi, possède une courre d'admirateurs. ENCORE MERCI THE BEAR -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
Mais c'est tout vu Tornado, je n'abandonne pas et j'ai terminé la procédure. Je te poste le dernier Hijackthis et te remercie pour ton aide bénéfique...le net a du bon malgré les infections. S'il reste d'autre trucs à appliquer, je le ferai sans hésitation et peux importe le temps que ça prendra, nous atteindrons le but. Je sais que tu as passé pas mal de temps sur mon dossier, aussi si je peux t'être d'une quelconque aide je le ferai avec grand plaisir ( mais trouve un autre sujet que l'informatique tu t'es rendu compte que c'est pas trop mon truc). Merci a très bientôt The BEAR ++++ Logfile of HijackThis v1.99.1 Scan saved at 08:17:29, on 29/04/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\AVENGINE.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.EXE C:\WINDOWS\System32\ctfmon.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\WebProxy.exe C:\Program Files\HijackThis\hijackthis\HijackThis.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\avciman.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\psimreal.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe O23 - Service: Panda Network Manager (PNMSRV) - Panda Software - c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
Bonjour Kim, et un grand merci pour ton aide...désolé pour le log interminable j'ai du sauter une ligne...et a vrai dire ça commence à me fatiguer cette histoire de trojan...en tout cas si je peux t'aider à mon tour (oublie la sécurité info) je le ferai avec grand plaisir. MERCI The bear -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
Merci Tornado pour tout ce travail....voici le rapport demandé A + The bear ; for 16-bit app support [drivers] wave=mmdrv.dll timer=timer.drv [mci] [driver32] [386enh] woafont=app850.FON EGA80WOA.FON=EGA80850.FON EGA40WOA.FON=EGA40850.FON CGA80WOA.FON=CGA80850.FON CGA40WOA.FON=CGA40850.FON [Routing.Information] DebuggingFlags=1145630100 -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
la SUITE 3 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_ASWRDR\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_ASWTDI] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_ASWTDI\0000] "Service"="aswTdi" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="avast! Network Shield Support" "Capabilities"=dword:00000000 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_ASWTDI\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_AUDIOSRV] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_AUDIOSRV\0000] "Service"="AudioSrv" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Audio Windows" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_AUDIOSRV\0000\Control] "ActiveService"="AudioSrv" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_AVFLT] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_AVFLT\0000] "Service"="AvFlt" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Antivirus Filter Driver" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_AVFLT\0000\Control] "ActiveService"="AvFlt" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_AVG7CORE] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_AVG7RSW] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_AVG7RSW\0000] "Service"="Avg7RsW" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="AVG7 Wrap Driver" "Capabilities"=dword:00000000 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_AVG7RSW\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_AVG7RSXP] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_AVGNTDD] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_AVGNTDD\0000] "Service"="avgntdd" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="avgntdd" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_AVGNTMGR] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_AVGNTMGR\0000] "Service"="avgntmgr" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="avgntmgr" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_AVGTDI] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_BEEP] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_BEEP\0000] "Service"="Beep" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Beep" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0001" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_BEEP\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_BEEP\0000\Control] "ActiveService"="Beep" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_BITS] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_BITS\0000] "Service"="BITS" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Service de transfert intelligent en arrière-plan" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_BROWSER] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_BROWSER\0000] "Service"="Browser" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Explorateur d'ordinateur" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_BROWSER\0000\Control] "ActiveService"="Browser" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_CDFS] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_CDFS\0000] "Service"="cdfs" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="cdfs" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_CDFS\0000\Control] "ActiveService"="Cdfs" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_COMFILTR] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_COMFILTR\0000] "Service"="ComFiltr" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Panda Anti-Dialer" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0032" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_COMFILTR\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_COMFILTR\0000\Control] "ActiveService"="ComFiltr" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_COMSYSAPP] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_COMSYSAPP\0000] "Service"="COMSysApp" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Application système COM+" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_CPOINT] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_CPOINT\0000] "Service"="cpoint" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Panda CPoint Driver" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0033" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_CPOINT\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_CPOINT\0000\Control] "ActiveService"="cpoint" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_CRYPTSVC] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_CRYPTSVC\0000] "Service"="CryptSvc" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Services de cryptographie" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_CRYPTSVC\0000\Control] "ActiveService"="CryptSvc" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DHCP] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DHCP\0000] "Service"="Dhcp" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Client DHCP" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DHCP\0000\Control] "ActiveService"="Dhcp" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DIRECTPRT] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DIRECTPRT\0000] "Service"="directprt" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="IO Direct printing service" "Capabilities"=dword:00000000 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DIRECTPRT\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DIRECTPRT\0000\Control] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DMBOOT] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DMBOOT\0000] "Service"="dmboot" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="dmboot" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0002" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DMBOOT\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DMBOOT\0000\Control] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DMLOAD] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DMLOAD\0000] "Service"="dmload" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="dmload" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0003" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DMLOAD\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DMLOAD\0000\Control] "ActiveService"="dmload" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DMSERVER] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DMSERVER\0000] "Service"="dmserver" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Gestionnaire de disque logique" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DMSERVER\0000\Control] "ActiveService"="dmserver" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DNSCACHE] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DNSCACHE\0000] "Service"="Dnscache" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Client DNS" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DNSCACHE\0000\Control] "ActiveService"="Dnscache" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DSAFLT] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DSAFLT\0000] "Service"="DSAFLT" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="DSA Filter Plugin" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0034" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DSAFLT\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_DSAFLT\0000\Control] "ActiveService"="DSAFLT" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_ERSVC] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_ERSVC\0000] "Service"="ERSvc" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Service de rapport d'erreurs" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_ERSVC\0000\Control] "ActiveService"="ERSvc" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_EVENTSYSTEM] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_EVENTSYSTEM\0000] "Service"="EventSystem" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Système d'événements de COM+" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_EVENTSYSTEM\0000\Control] "ActiveService"="EventSystem" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_EWIDO_SECURITY_SUITE_CONTROL] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_EWIDO_SECURITY_SUITE_CONTROL\0000] "Service"="ewido security suite control" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="ewido security suite control" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_EWIDO_SECURITY_SUITE_CONTROL\0000\Control] "ActiveService"="ewido security suite control" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FALLBACK] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FALLBACK\0000] "Service"="Fallback" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Fallback" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0004" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FALLBACK\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FALLBACK\0000\Control] "ActiveService"="Fallback" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FASTFAT] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FASTFAT\0000] "Service"="fastfat" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="fastfat" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FASTFAT\0000\Control] "ActiveService"="Fastfat" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FASTUSERSWITCHINGCOMPATIBILITY] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FASTUSERSWITCHINGCOMPATIBILITY\0000] "Service"="FastUserSwitchingCompatibility" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Compatibilité avec le Changement rapide d'utilisateur" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FASTUSERSWITCHINGCOMPATIBILITY\0000\Control] "ActiveService"="FastUserSwitchingCompatibility" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FIPS] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FIPS\0000] "Service"="Fips" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Fips" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0005" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FIPS\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FIPS\0000\Control] "ActiveService"="Fips" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FNETMON] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FNETMON\0000] "Service"="FNETMON" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="NetMon Filter Plugin" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0035" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FNETMON\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FNETMON\0000\Control] "ActiveService"="FNETMON" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FSKS] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FSKS\0000] "Service"="Fsks" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Fsks" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0006" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FSKS\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FSKS\0000\Control] "ActiveService"="Fsks" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FS_REC] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FS_REC\0000] "Service"="Fs_Rec" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Fs_Rec" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FS_REC\0000\Control] "ActiveService"="Fs_Rec" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FWDRV] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FWDRV\0000] "Service"="fwdrv" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Firewall Driver" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0036" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FWNET] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_FWNET\0000] "Service"="fwnet" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="fwnet64" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_GPC] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_GPC\0000] "Service"="Gpc" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Classificateur de paquets générique" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0007" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_GPC\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_GPC\0000\Control] "ActiveService"="Gpc" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_HELPSVC] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_HELPSVC\0000] "Service"="helpsvc" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Aide et support" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_HELPSVC\0000\Control] "ActiveService"="helpsvc" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_IDSFLT] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_IDSFLT\0000] "Service"="IDSFLT" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Ids Filter Plugin" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0037" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_IDSFLT\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_IDSFLT\0000\Control] "ActiveService"="IDSFLT" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_IMAPISERVICE] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_IMAPISERVICE\0000] "Service"="ImapiService" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Service COM de gravage de CD IMAPI" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_IMAPISERVICE\0000\Control] "ActiveService"="ImapiService" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_IPFILTERDRIVER] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_IPFILTERDRIVER\0000] "Service"="IpFilterDriver" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Pilote de filtre de trafic IP" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0038" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_IPFILTERDRIVER\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_IPFILTERDRIVER\0000\Control] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_IPSEC] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_IPSEC\0000] "Service"="IPSec" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Pilote IPSEC" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0008" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_IPSEC\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_IPSEC\0000\Control] "ActiveService"="IPSec" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_K56] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_K56\0000] "Service"="K56" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="K56" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0009" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_K56\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_K56\0000\Control] "ActiveService"="K56" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_KHIPS] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_KHIPS\0000] "Service"="khips" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Kerio HIPS Driver" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0039" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_KSECDD] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_KSECDD\0000] "Service"="ksecdd" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="ksecdd" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0010" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_KSECDD\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_KSECDD\0000\Control] "ActiveService"="KSecDD" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_LANMANSERVER] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_LANMANSERVER\0000] "Service"="lanmanserver" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Serveur" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_LANMANSERVER\0000\Control] "ActiveService"="lanmanserver" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_LANMANWORKSTATION] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_LANMANWORKSTATION\0000] "Service"="LanmanWorkstation" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Station de travail" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_LANMANWORKSTATION\0000\Control] "ActiveService"="lanmanworkstation" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_LMHOSTS] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_LMHOSTS\0000] "Service"="LmHosts" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Assistance TCP/IP NetBIOS" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_LMHOSTS\0000\Control] "ActiveService"="LmHosts" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MCHINJDRV] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MCHINJDRV\0000] "Service"="mchInjDrv" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="mchInjDrv" "Capabilities"=dword:00000000 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MCHINJDRV\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MESSENGER] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MESSENGER\0000] "Service"="Messenger" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Affichage des messages" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MNMDD] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MNMDD\0000] "Service"="mnmdd" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="mnmdd" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0011" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MNMDD\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MNMDD\0000\Control] "ActiveService"="mnmdd" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MOUNTMGR] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MOUNTMGR\0000] "Service"="mountmgr" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="mountmgr" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0012" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MOUNTMGR\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MOUNTMGR\0000\Control] "ActiveService"="MountMgr" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MRXDAV] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MRXDAV\0000] "Service"="MRxDAV" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Redirecteur client WebDav" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MRXDAV\0000\Control] "ActiveService"="MRxDAV" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MRXSMB] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MRXSMB\0000] "Service"="MRxSmb" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="MRXSMB" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MRXSMB\0000\Control] "ActiveService"="MRxSmb" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MSDTC] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MSDTC\0000] "Service"="MSDTC" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Distributed Transaction Coordinator" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MSFS] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MSFS\0000] "Service"="Msfs" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Msfs" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MSFS\0000\Control] "ActiveService"="Msfs" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MSISERVER] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MSISERVER\0000] "Service"="MSIServer" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Windows Installer" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MUP] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MUP\0000] "Service"="Mup" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Mup" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MUP\0000\Control] "ActiveService"="Mup" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NDIS] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NDIS\0000] "Service"="NDIS" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Pilote système NDIS" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0013" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NDIS\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NDIS\0000\Control] "ActiveService"="NDIS" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NDISTAPI] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NDISTAPI\0000] "Service"="NdisTapi" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Pilote TAPI NDIS d'accès distant" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0014" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NDISTAPI\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NDISTAPI\0000\Control] "ActiveService"="NdisTapi" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NDISUIO] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NDISUIO\0000] "Service"="Ndisuio" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="NDIS mode utilisateur E/S Protocole" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0015" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NDISUIO\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NDISUIO\0000\Control] "ActiveService"="Ndisuio" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NDPROXY] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NDPROXY\0000] "Service"="NDProxy" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="NDProxy" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0016" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NDPROXY\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NDPROXY\0000\Control] "ActiveService"="NDProxy" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETBIOS] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETBIOS\0000] "Service"="NetBIOS" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Interface NetBIOS" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETBIOS\0000\Control] "ActiveService"="NetBIOS" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETBT] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETBT\0000] "Service"="NetBT" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="NetBIOS sur TCP/IP" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0017" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETBT\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETBT\0000\Control] "ActiveService"="NetBT" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETFLT] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETFLT\0000] "Service"="netflt" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Panda Net Driver [NDIS Layer]" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0040" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETFLT\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETFLT\0000\Control] "ActiveService"="netflt" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETFLTDI] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETFLTDI\0000] "Service"="NETFLTDI" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Panda Net Driver [TDI Layer]" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0041" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETFLTDI\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETFLTDI\0000\Control] "ActiveService"="NETFLTDI" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETMAN] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETMAN\0000] "Service"="Netman" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Connexions réseau" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NETMAN\0000\Control] "ActiveService"="Netman" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NLA] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NLA\0000] "Service"="Nla" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="NLA (Network Location Awareness)" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NLA\0000\Control] "ActiveService"="Nla" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NPFS] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NPFS\0000] "Service"="Npfs" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Npfs" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NPFS\0000\Control] "ActiveService"="Npfs" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NTFS] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NTFS\0000] "Service"="ntfs" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="ntfs" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NTFS\0000\Control] "ActiveService"="Ntfs" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NTSEC] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NTSEC\0000] "Service"="NTSec" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="NTSec(ntsec)" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NULL] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NULL\0000] "Service"="Null" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Null" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0018" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NULL\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NULL\0000\Control] "ActiveService"="Null" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PARTMGR] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PARTMGR\0000] "Service"="PartMgr" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="PartMgr" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0019" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PARTMGR\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PARTMGR\0000\Control] "ActiveService"="PartMgr" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PARVDM] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PARVDM\0000] "Service"="ParVdm" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000020 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="ParVdm" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0020" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PARVDM\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PARVDM\0000\Control] "ActiveService"="ParVdm" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVDRV] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVDRV\0000] "Service"="PAVDRV" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="pavdrv" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVDRV\0000\Control] "ActiveService"="PAVDRV" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVFNSVR] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVFNSVR\0000] "Service"="PAVFNSVR" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Panda Function Service" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVFNSVR\0000\Control] "ActiveService"="PAVFNSVR" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVPROC] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVPROC\0000] "Service"="PavProc" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Panda Process Protection Driver" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0042" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVPROC\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVPROC\0000\Control] "ActiveService"="PavProc" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVPRSRV] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVPRSRV\0000] "Service"="PavPrSrv" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Panda Process Protection Service" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVPRSRV\0000\Control] "ActiveService"="PavPrSrv" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVSRK.SYS] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVSRK.SYS\0000] "Service"="PavSRK.sys" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="PavSRK.sys" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0043" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVSRK.SYS\0000\LogConf] [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVSRK.SYS\0000\Control] "ActiveService"="PavSRK.sys" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVSRV] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVSRV\0000] "Service"="PAVSRV" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Panda anti-virus service" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PAVSRV\0000\Control] "ActiveService"="PAVSRV" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PNMSRV] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PNMSRV\0000] "Service"="PNMSRV" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="Panda Network Manager" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_PNMSRV\0000\Control] "ActiveService"="PNMSRV" [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_POLICYAGENT] "NextInstance"=dword:00000001 [HKEY_LOCAL_ -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
LA SUITE 2 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{97ebaacb-95bd-11d0-a3ea-00a0c9223196}\##?#Root#SYSTEM#0000#{97ebaacb-95bd-11d0-a3ea-00a0c9223196}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{97f76ef0-f883-11d0-af1f-0000f800845c}] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{97f76ef0-f883-11d0-af1f-0000f800845c}\##?#ACPI#PNP0401#3&61aaa01&0#{97f76ef0-f883-11d0-af1f-0000f800845c}] "DeviceInstance"="ACPI\\PNP0401\\3&61aaa01&0" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{97f76ef0-f883-11d0-af1f-0000f800845c}\##?#ACPI#PNP0401#3&61aaa01&0#{97f76ef0-f883-11d0-af1f-0000f800845c}\#] "SymbolicLink"="\\\\?\\ACPI#PNP0401#3&61aaa01&0#{97f76ef0-f883-11d0-af1f-0000f800845c}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{97f76ef0-f883-11d0-af1f-0000f800845c}\##?#ACPI#PNP0401#3&61aaa01&0#{97f76ef0-f883-11d0-af1f-0000f800845c}\#\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{97f76ef0-f883-11d0-af1f-0000f800845c}\##?#ACPI#PNP0401#3&61aaa01&0#{97f76ef0-f883-11d0-af1f-0000f800845c}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{97fadb10-4e33-40ae-359c-8bef029dbdd0}] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{97fadb10-4e33-40ae-359c-8bef029dbdd0}\##?#ACPI#GenuineIntel_-_x86_Family_6_Model_8#_0#{97fadb10-4e33-40ae-359c-8bef029dbdd0}] "DeviceInstance"="ACPI\\GenuineIntel_-_x86_Family_6_Model_8\\_0" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{97fadb10-4e33-40ae-359c-8bef029dbdd0}\##?#ACPI#GenuineIntel_-_x86_Family_6_Model_8#_0#{97fadb10-4e33-40ae-359c-8bef029dbdd0}\#] "SymbolicLink"="\\\\?\\ACPI#GenuineIntel_-_x86_Family_6_Model_8#_0#{97fadb10-4e33-40ae-359c-8bef029dbdd0}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{97fadb10-4e33-40ae-359c-8bef029dbdd0}\##?#ACPI#GenuineIntel_-_x86_Family_6_Model_8#_0#{97fadb10-4e33-40ae-359c-8bef029dbdd0}\#\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{97fadb10-4e33-40ae-359c-8bef029dbdd0}\##?#ACPI#GenuineIntel_-_x86_Family_6_Model_8#_0#{97fadb10-4e33-40ae-359c-8bef029dbdd0}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{9ea331fa-b91b-45f8-9285-bd2bc77afcde}] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{9ea331fa-b91b-45f8-9285-bd2bc77afcde}\##?#Root#SYSTEM#0000#{9ea331fa-b91b-45f8-9285-bd2bc77afcde}] "DeviceInstance"="Root\\SYSTEM\\0000" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{9ea331fa-b91b-45f8-9285-bd2bc77afcde}\##?#Root#SYSTEM#0000#{9ea331fa-b91b-45f8-9285-bd2bc77afcde}\#{2f412ab5-ed3a-4590-ab24-b0ce2aa77d3c}&{9B365890-165F-11D0-A195-0020AFD156E4}] "SymbolicLink"="\\\\?\\Root#SYSTEM#0000#{9ea331fa-b91b-45f8-9285-bd2bc77afcde}\\{2f412ab5-ed3a-4590-ab24-b0ce2aa77d3c}&{9B365890-165F-11D0-A195-0020AFD156E4}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{9ea331fa-b91b-45f8-9285-bd2bc77afcde}\##?#Root#SYSTEM#0000#{9ea331fa-b91b-45f8-9285-bd2bc77afcde}\#{2f412ab5-ed3a-4590-ab24-b0ce2aa77d3c}&{9B365890-165F-11D0-A195-0020AFD156E4}\Device Parameters] "CLSID"="{17CCA71B-ECD7-11D0-B908-00A0C9223196}" "FriendlyName"="Splitter audio du noyau Microsoft" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{9ea331fa-b91b-45f8-9285-bd2bc77afcde}\##?#Root#SYSTEM#0000#{9ea331fa-b91b-45f8-9285-bd2bc77afcde}\#{2f412ab5-ed3a-4590-ab24-b0ce2aa77d3c}&{9B365890-165F-11D0-A195-0020AFD156E4}\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{9ea331fa-b91b-45f8-9285-bd2bc77afcde}\##?#Root#SYSTEM#0000#{9ea331fa-b91b-45f8-9285-bd2bc77afcde}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a5dcbf10-6530-11d2-901f-00c04fb951ed}] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a5dcbf10-6530-11d2-901f-00c04fb951ed}\##?#USB#Vid_046d&Pid_c00e#5&f1546e9&0&1#{a5dcbf10-6530-11d2-901f-00c04fb951ed}] "DeviceInstance"="USB\\Vid_046d&Pid_c00e\\5&f1546e9&0&1" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a5dcbf10-6530-11d2-901f-00c04fb951ed}\##?#USB#Vid_046d&Pid_c00e#5&f1546e9&0&1#{a5dcbf10-6530-11d2-901f-00c04fb951ed}\#] "SymbolicLink"="\\\\?\\USB#Vid_046d&Pid_c00e#5&f1546e9&0&1#{a5dcbf10-6530-11d2-901f-00c04fb951ed}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a5dcbf10-6530-11d2-901f-00c04fb951ed}\##?#USB#Vid_046d&Pid_c00e#5&f1546e9&0&1#{a5dcbf10-6530-11d2-901f-00c04fb951ed}\#\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a5dcbf10-6530-11d2-901f-00c04fb951ed}\##?#USB#Vid_046d&Pid_c00e#5&f1546e9&0&1#{a5dcbf10-6530-11d2-901f-00c04fb951ed}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a5dcbf10-6530-11d2-901f-00c04fb951ed}\##?#USB#Vid_046d&Pid_c00e#5&f1546e9&0&2#{a5dcbf10-6530-11d2-901f-00c04fb951ed}] "DeviceInstance"="USB\\Vid_046d&Pid_c00e\\5&f1546e9&0&2" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a5dcbf10-6530-11d2-901f-00c04fb951ed}\##?#USB#Vid_046d&Pid_c00e#5&f1546e9&0&2#{a5dcbf10-6530-11d2-901f-00c04fb951ed}\#] "SymbolicLink"="\\\\?\\USB#Vid_046d&Pid_c00e#5&f1546e9&0&2#{a5dcbf10-6530-11d2-901f-00c04fb951ed}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a5dcbf10-6530-11d2-901f-00c04fb951ed}\##?#USB#Vid_04b8&Pid_010f#6&f2018d7&0&4#{a5dcbf10-6530-11d2-901f-00c04fb951ed}] "DeviceInstance"="USB\\Vid_04b8&Pid_010f\\6&f2018d7&0&4" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a5dcbf10-6530-11d2-901f-00c04fb951ed}\##?#USB#Vid_04b8&Pid_010f#6&f2018d7&0&4#{a5dcbf10-6530-11d2-901f-00c04fb951ed}\#] "SymbolicLink"="\\\\?\\USB#Vid_04b8&Pid_010f#6&f2018d7&0&4#{a5dcbf10-6530-11d2-901f-00c04fb951ed}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a5dcbf10-6530-11d2-901f-00c04fb951ed}\##?#USB#Vid_1110&Pid_9021#00604C227259#{a5dcbf10-6530-11d2-901f-00c04fb951ed}] "DeviceInstance"="USB\\Vid_1110&Pid_9021\\00604C227259" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a5dcbf10-6530-11d2-901f-00c04fb951ed}\##?#USB#Vid_1110&Pid_9021#00604C227259#{a5dcbf10-6530-11d2-901f-00c04fb951ed}\#] "SymbolicLink"="\\\\?\\USB#Vid_1110&Pid_9021#00604C227259#{a5dcbf10-6530-11d2-901f-00c04fb951ed}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a5dcbf10-6530-11d2-901f-00c04fb951ed}\##?#USB#Vid_1110&Pid_9021#00604C227259#{a5dcbf10-6530-11d2-901f-00c04fb951ed}\#\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a5dcbf10-6530-11d2-901f-00c04fb951ed}\##?#USB#Vid_1110&Pid_9021#00604C227259#{a5dcbf10-6530-11d2-901f-00c04fb951ed}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a5dcbf10-6530-11d2-901f-00c04fb951ed}\##?#USB#Vid_1110&Pid_9022#6&f2018d7&0&1#{a5dcbf10-6530-11d2-901f-00c04fb951ed}] "DeviceInstance"="USB\\Vid_1110&Pid_9022\\6&f2018d7&0&1" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a5dcbf10-6530-11d2-901f-00c04fb951ed}\##?#USB#Vid_1110&Pid_9022#6&f2018d7&0&1#{a5dcbf10-6530-11d2-901f-00c04fb951ed}\#] "SymbolicLink"="\\\\?\\USB#Vid_1110&Pid_9022#6&f2018d7&0&1#{a5dcbf10-6530-11d2-901f-00c04fb951ed}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a5dcbf10-6530-11d2-901f-00c04fb951ed}\##?#USB#Vid_1110&Pid_9022#6&f2018d7&0&1#{a5dcbf10-6530-11d2-901f-00c04fb951ed}\#\Control] "Linked"=dword:00000000 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a5dcbf10-6530-11d2-901f-00c04fb951ed}\##?#USB#Vid_1110&Pid_9022#6&f2018d7&0&1#{a5dcbf10-6530-11d2-901f-00c04fb951ed}\Control] "ReferenceCount"=dword:00000000 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}\##?#Root#SYSTEM#0000#{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}] "DeviceInstance"="Root\\SYSTEM\\0000" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}\##?#Root#SYSTEM#0000#{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}\#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}&{9B365890-165F-11D0-A195-0020AFD156E4}] "SymbolicLink"="\\\\?\\Root#SYSTEM#0000#{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}\\{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}&{9B365890-165F-11D0-A195-0020AFD156E4}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}\##?#Root#SYSTEM#0000#{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}\#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}&{9B365890-165F-11D0-A195-0020AFD156E4}\Device Parameters] "CLSID"="{17CCA71B-ECD7-11D0-B908-00A0C9223196}" "FriendlyName"="Périphérique audio système du noyau Microsoft" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}\##?#Root#SYSTEM#0000#{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}\#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}&{9B365890-165F-11D0-A195-0020AFD156E4}\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}\##?#Root#SYSTEM#0000#{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_L2TPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}] "DeviceInstance"="Root\\MS_L2TPMINIPORT\\0000" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_L2TPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{12AFF7F9-201A-4666-A223-AA2BB9C3D32D}] "SymbolicLink"="\\\\?\\Root#MS_L2TPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\\{12AFF7F9-201A-4666-A223-AA2BB9C3D32D}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_L2TPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{12AFF7F9-201A-4666-A223-AA2BB9C3D32D}\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_L2TPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_NDISWANIP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}] "DeviceInstance"="Root\\MS_NDISWANIP\\0000" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_NDISWANIP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#NDISWANIP] "SymbolicLink"="\\\\?\\Root#MS_NDISWANIP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\\NDISWANIP" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_NDISWANIP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#NDISWANIP\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_NDISWANIP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_PPPOEMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}] "DeviceInstance"="Root\\MS_PPPOEMINIPORT\\0000" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_PPPOEMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{52A93436-8CCA-4375-A368-C302857D5913}] "SymbolicLink"="\\\\?\\Root#MS_PPPOEMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\\{52A93436-8CCA-4375-A368-C302857D5913}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_PPPOEMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{52A93436-8CCA-4375-A368-C302857D5913}\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_PPPOEMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_PPTPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}] "DeviceInstance"="Root\\MS_PPTPMINIPORT\\0000" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_PPTPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{925DE68E-EFA9-48EF-8112-7DE6F154CD93}] "SymbolicLink"="\\\\?\\Root#MS_PPTPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\\{925DE68E-EFA9-48EF-8112-7DE6F154CD93}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_PPTPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{925DE68E-EFA9-48EF-8112-7DE6F154CD93}\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_PPTPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_PSCHEDMP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}] "DeviceInstance"="Root\\MS_PSCHEDMP\\0000" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_PSCHEDMP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{1A3E7046-D9C4-4F72-9471-00D96454C99A}] "SymbolicLink"="\\\\?\\Root#MS_PSCHEDMP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\\{1A3E7046-D9C4-4F72-9471-00D96454C99A}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_PSCHEDMP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{1A3E7046-D9C4-4F72-9471-00D96454C99A}\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_PSCHEDMP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_PTIMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}] "DeviceInstance"="Root\\MS_PTIMINIPORT\\0000" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_PTIMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{715EC1F2-99CD-45C3-AD13-5B402B51A97B}] "SymbolicLink"="\\\\?\\Root#MS_PTIMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\\{715EC1F2-99CD-45C3-AD13-5B402B51A97B}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_PTIMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{715EC1F2-99CD-45C3-AD13-5B402B51A97B}\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#MS_PTIMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#Root#SYSTEM#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}] "DeviceInstance"="Root\\SYSTEM\\0000" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#Root#SYSTEM#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{eeab7790-c514-11d1-b42b-00805fc1270e}&asyncmac] "SymbolicLink"="\\\\?\\Root#SYSTEM#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\\{eeab7790-c514-11d1-b42b-00805fc1270e}&asyncmac" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#Root#SYSTEM#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{eeab7790-c514-11d1-b42b-00805fc1270e}&asyncmac\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#Root#SYSTEM#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#SW#{eeab7790-c514-11d1-b42b-00805fc1270e}#asyncmac#{ad498944-762f-11d0-8dcb-00c04fc3358c}] "DeviceInstance"="SW\\{eeab7790-c514-11d1-b42b-00805fc1270e}\\asyncmac" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#SW#{eeab7790-c514-11d1-b42b-00805fc1270e}#asyncmac#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{9A81F2FC-6AA4-49F6-A881-58020536211E}] "SymbolicLink"="\\\\?\\SW#{eeab7790-c514-11d1-b42b-00805fc1270e}#asyncmac#{ad498944-762f-11d0-8dcb-00c04fc3358c}\\{9A81F2FC-6AA4-49F6-A881-58020536211E}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#USB#Vid_1110&Pid_9021#00604C227259#{ad498944-762f-11d0-8dcb-00c04fc3358c}] "DeviceInstance"="USB\\Vid_1110&Pid_9021\\00604C227259" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#USB#Vid_1110&Pid_9021#00604C227259#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{99975590-6934-41C3-81E3-24C395CBE382}] "SymbolicLink"="\\\\?\\USB#Vid_1110&Pid_9021#00604C227259#{ad498944-762f-11d0-8dcb-00c04fc3358c}\\{99975590-6934-41C3-81E3-24C395CBE382}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#USB#Vid_1110&Pid_9021#00604C227259#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{99975590-6934-41C3-81E3-24C395CBE382}\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#USB#Vid_1110&Pid_9021#00604C227259#{ad498944-762f-11d0-8dcb-00c04fc3358c}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad809c00-7b88-11d0-a5d6-28db04c10000}] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad809c00-7b88-11d0-a5d6-28db04c10000}\##?#Root#SYSTEM#0000#{ad809c00-7b88-11d0-a5d6-28db04c10000}] "DeviceInstance"="Root\\SYSTEM\\0000" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad809c00-7b88-11d0-a5d6-28db04c10000}\##?#Root#SYSTEM#0000#{ad809c00-7b88-11d0-a5d6-28db04c10000}\#{b7eafdc0-a680-11d0-96d8-00aa0051e51d}&{9B365890-165F-11D0-A195-0020AFD156E4}] "SymbolicLink"="\\\\?\\Root#SYSTEM#0000#{ad809c00-7b88-11d0-a5d6-28db04c10000}\\{b7eafdc0-a680-11d0-96d8-00aa0051e51d}&{9B365890-165F-11D0-A195-0020AFD156E4}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad809c00-7b88-11d0-a5d6-28db04c10000}\##?#Root#SYSTEM#0000#{ad809c00-7b88-11d0-a5d6-28db04c10000}\#{b7eafdc0-a680-11d0-96d8-00aa0051e51d}&{9B365890-165F-11D0-A195-0020AFD156E4}\Device Parameters] "CLSID"="{17CCA71B-ECD7-11D0-B908-00A0C9223196}" "FriendlyName"="Mélangeur audio Wave de noyau Microsoft" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad809c00-7b88-11d0-a5d6-28db04c10000}\##?#Root#SYSTEM#0000#{ad809c00-7b88-11d0-a5d6-28db04c10000}\#{b7eafdc0-a680-11d0-96d8-00aa0051e51d}&{9B365890-165F-11D0-A195-0020AFD156E4}\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{ad809c00-7b88-11d0-a5d6-28db04c10000}\##?#Root#SYSTEM#0000#{ad809c00-7b88-11d0-a5d6-28db04c10000}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{adb44c00-1b8d-11d4-8d5e-00a0c90d1c42}] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{adb44c00-1b8d-11d4-8d5e-00a0c90d1c42}\##?#PCI#VEN_127A&DEV_2015&SUBSYS_2015127A&REV_01#3&61aaa01&0&80#{adb44c00-1b8d-11d4-8d5e-00a0c90d1c42}] "DeviceInstance"="PCI\\VEN_127A&DEV_2015&SUBSYS_2015127A&REV_01\\3&61aaa01&0&80" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{adb44c00-1b8d-11d4-8d5e-00a0c90d1c42}\##?#PCI#VEN_127A&DEV_2015&SUBSYS_2015127A&REV_01#3&61aaa01&0&80#{adb44c00-1b8d-11d4-8d5e-00a0c90d1c42}\#COM3] "SymbolicLink"="\\\\?\\PCI#VEN_127A&DEV_2015&SUBSYS_2015127A&REV_01#3&61aaa01&0&80#{adb44c00-1b8d-11d4-8d5e-00a0c90d1c42}\\COM3" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{adb44c00-1b8d-11d4-8d5e-00a0c90d1c42}\##?#PCI#VEN_127A&DEV_2015&SUBSYS_2015127A&REV_01#3&61aaa01&0&80#{adb44c00-1b8d-11d4-8d5e-00a0c90d1c42}\#COM3\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{adb44c00-1b8d-11d4-8d5e-00a0c90d1c42}\##?#PCI#VEN_127A&DEV_2015&SUBSYS_2015127A&REV_01#3&61aaa01&0&80#{adb44c00-1b8d-11d4-8d5e-00a0c90d1c42}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{bf963d80-c559-11d0-8a2b-00a0c9255ac1}] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{bf963d80-c559-11d0-8a2b-00a0c9255ac1}\##?#Root#SYSTEM#0000#{bf963d80-c559-11d0-8a2b-00a0c9255ac1}] "DeviceInstance"="Root\\SYSTEM\\0000" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{bf963d80-c559-11d0-8a2b-00a0c9255ac1}\##?#Root#SYSTEM#0000#{bf963d80-c559-11d0-8a2b-00a0c9255ac1}\#{4245ff73-1db4-11d2-86e4-98ae20524153}&{9B365890-165F-11D0-A195-0020AFD156E4}] "SymbolicLink"="\\\\?\\Root#SYSTEM#0000#{bf963d80-c559-11d0-8a2b-00a0c9255ac1}\\{4245ff73-1db4-11d2-86e4-98ae20524153}&{9B365890-165F-11D0-A195-0020AFD156E4}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{bf963d80-c559-11d0-8a2b-00a0c9255ac1}\##?#Root#SYSTEM#0000#{bf963d80-c559-11d0-8a2b-00a0c9255ac1}\#{4245ff73-1db4-11d2-86e4-98ae20524153}&{9B365890-165F-11D0-A195-0020AFD156E4}\Device Parameters] "CLSID"="{17CCA71B-ECD7-11D0-B908-00A0C9223196}" "FriendlyName"="Suppresseur d'écho acoustique (Noyau Microsoft)" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{bf963d80-c559-11d0-8a2b-00a0c9255ac1}\##?#Root#SYSTEM#0000#{bf963d80-c559-11d0-8a2b-00a0c9255ac1}\#{4245ff73-1db4-11d2-86e4-98ae20524153}&{9B365890-165F-11D0-A195-0020AFD156E4}\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{bf963d80-c559-11d0-8a2b-00a0c9255ac1}\##?#Root#SYSTEM#0000#{bf963d80-c559-11d0-8a2b-00a0c9255ac1}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{cae56030-684a-11d0-d6f6-00a0c90f57da}] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{cae56030-684a-11d0-d6f6-00a0c90f57da}\##?#LEGACY#JOYSTICK#4&a7ff3a&0&ENUM{cae56030-684a-11d0-d6f6-00a0c90f57da}] "DeviceInstance"="LEGACY\\JOYSTICK\\4&a7ff3a&0&ENUM&" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{cae56030-684a-11d0-d6f6-00a0c90f57da}\##?#LEGACY#JOYSTICK#4&a7ff3a&0&ENUM{cae56030-684a-11d0-d6f6-00a0c90f57da}\#] "SymbolicLink"="\\\\?\\LEGACY#JOYSTICK#4&a7ff3a&0&ENUM{cae56030-684a-11d0-d6f6-00a0c90f57da}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{cae56030-684a-11d0-d6f6-00a0c90f57da}\##?#LEGACY#JOYSTICK#4&a7ff3a&0&ENUM{cae56030-684a-11d0-d6f6-00a0c90f57da}\#\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{cae56030-684a-11d0-d6f6-00a0c90f57da}\##?#LEGACY#JOYSTICK#4&a7ff3a&0&ENUM{cae56030-684a-11d0-d6f6-00a0c90f57da}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{cae56030-684a-11d0-d6f6-00a0c90f57da}\##?#VIAUDIO#*PNPB02F#4&24ee3932&0&0001#{cae56030-684a-11d0-d6f6-00a0c90f57da}] "DeviceInstance"="VIAUDIO\\*PNPB02F\\4&24ee3932&0&0001" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{cae56030-684a-11d0-d6f6-00a0c90f57da}\##?#VIAUDIO#*PNPB02F#4&24ee3932&0&0001#{cae56030-684a-11d0-d6f6-00a0c90f57da}\#] "SymbolicLink"="\\\\?\\VIAUDIO#*PNPB02F#4&24ee3932&0&0001#{cae56030-684a-11d0-d6f6-00a0c90f57da}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{cae56030-684a-11d0-d6f6-00a0c90f57da}\##?#VIAUDIO#*PNPB02F#4&24ee3932&0&0001#{cae56030-684a-11d0-d6f6-00a0c90f57da}\#\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{cae56030-684a-11d0-d6f6-00a0c90f57da}\##?#VIAUDIO#*PNPB02F#4&24ee3932&0&0001#{cae56030-684a-11d0-d6f6-00a0c90f57da}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c5066e-72c1-11d2-9755-0000f8004788}] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c5066e-72c1-11d2-9755-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c5066e-72c1-11d2-9755-0000f8004788}] "DeviceInstance"="SW\\{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}\\{9B365890-165F-11D0-A195-0020AFD156E4}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c5066e-72c1-11d2-9755-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c5066e-72c1-11d2-9755-0000f8004788}\#SAD4] "SymbolicLink"="\\\\?\\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c5066e-72c1-11d2-9755-0000f8004788}\\SAD4" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c5066e-72c1-11d2-9755-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c5066e-72c1-11d2-9755-0000f8004788}\#SAD4\Device Parameters] "CLSID"="{17CCA71B-ECD7-11D0-B908-00A0C9223196}" "FriendlyName"="Creative Sound Blaster PCI" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c5066e-72c1-11d2-9755-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c5066e-72c1-11d2-9755-0000f8004788}\#SAD4\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c5066e-72c1-11d2-9755-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c5066e-72c1-11d2-9755-0000f8004788}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c50671-72c1-11d2-9755-0000f8004788}] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c50671-72c1-11d2-9755-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50671-72c1-11d2-9755-0000f8004788}] "DeviceInstance"="SW\\{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}\\{9B365890-165F-11D0-A195-0020AFD156E4}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c50671-72c1-11d2-9755-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50671-72c1-11d2-9755-0000f8004788}\#SAD5] "SymbolicLink"="\\\\?\\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50671-72c1-11d2-9755-0000f8004788}\\SAD5" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c50671-72c1-11d2-9755-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50671-72c1-11d2-9755-0000f8004788}\#SAD5\Device Parameters] "CLSID"="{17CCA71B-ECD7-11D0-B908-00A0C9223196}" "FriendlyName"="Creative Sound Blaster PCI" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c50671-72c1-11d2-9755-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50671-72c1-11d2-9755-0000f8004788}\#SAD5\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c50671-72c1-11d2-9755-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50671-72c1-11d2-9755-0000f8004788}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c50674-72c1-11d2-9755-0000f8004788}] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c50674-72c1-11d2-9755-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50674-72c1-11d2-9755-0000f8004788}] "DeviceInstance"="SW\\{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}\\{9B365890-165F-11D0-A195-0020AFD156E4}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c50674-72c1-11d2-9755-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50674-72c1-11d2-9755-0000f8004788}\#SAD6] "SymbolicLink"="\\\\?\\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50674-72c1-11d2-9755-0000f8004788}\\SAD6" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c50674-72c1-11d2-9755-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50674-72c1-11d2-9755-0000f8004788}\#SAD6\Device Parameters] "CLSID"="{17CCA71B-ECD7-11D0-B908-00A0C9223196}" "FriendlyName"="Creative Sound Blaster MPU-401" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c50674-72c1-11d2-9755-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50674-72c1-11d2-9755-0000f8004788}\#SAD6\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{d6c50674-72c1-11d2-9755-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50674-72c1-11d2-9755-0000f8004788}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#PCI#VEN_1106&DEV_3058&SUBSYS_760915DD&REV_20#3&61aaa01&0&3D#{dda54a40-1e4c-11d1-a050-405705c10000}] "DeviceInstance"="PCI\\VEN_1106&DEV_3058&SUBSYS_760915DD&REV_20\\3&61aaa01&0&3D" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#PCI#VEN_1106&DEV_3058&SUBSYS_760915DD&REV_20#3&61aaa01&0&3D#{dda54a40-1e4c-11d1-a050-405705c10000}\#Topology] "SymbolicLink"="\\\\?\\PCI#VEN_1106&DEV_3058&SUBSYS_760915DD&REV_20#3&61aaa01&0&3D#{dda54a40-1e4c-11d1-a050-405705c10000}\\Topology" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#PCI#VEN_1106&DEV_3058&SUBSYS_760915DD&REV_20#3&61aaa01&0&3D#{dda54a40-1e4c-11d1-a050-405705c10000}\#Topology\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#PCI#VEN_1106&DEV_3058&SUBSYS_760915DD&REV_20#3&61aaa01&0&3D#{dda54a40-1e4c-11d1-a050-405705c10000}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#PCI#VEN_1274&DEV_5880&SUBSYS_80011274&REV_02#3&61AAA01&0&78#{dda54a40-1e4c-11d1-a050-405705c10000}] "DeviceInstance"="PCI\\VEN_1274&DEV_5880&SUBSYS_80011274&REV_02\\3&61aaa01&0&78" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#PCI#VEN_1274&DEV_5880&SUBSYS_80011274&REV_02#3&61AAA01&0&78#{dda54a40-1e4c-11d1-a050-405705c10000}\#Topology] "SymbolicLink"="\\\\?\\PCI#VEN_1274&DEV_5880&SUBSYS_80011274&REV_02#3&61aaa01&0&78#{dda54a40-1e4c-11d1-a050-405705c10000}\\Topology" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#PCI#VEN_1274&DEV_5880&SUBSYS_80011274&REV_02#3&61AAA01&0&78#{dda54a40-1e4c-11d1-a050-405705c10000}\#Topology\Device Parameters] "FriendlyName"="Creative Sound Blaster PCI" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#PCI#VEN_1274&DEV_5880&SUBSYS_80011274&REV_02#3&61AAA01&0&78#{dda54a40-1e4c-11d1-a050-405705c10000}\#Topology\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#PCI#VEN_1274&DEV_5880&SUBSYS_80011274&REV_02#3&61AAA01&0&78#{dda54a40-1e4c-11d1-a050-405705c10000}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dff220f3-f70f-11d0-b917-00a0c9223196}] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dff220f3-f70f-11d0-b917-00a0c9223196}\##?#Root#SYSTEM#0000#{dff220f3-f70f-11d0-b917-00a0c9223196}] "DeviceInstance"="Root\\SYSTEM\\0000" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dff220f3-f70f-11d0-b917-00a0c9223196}\##?#Root#SYSTEM#0000#{dff220f3-f70f-11d0-b917-00a0c9223196}\#{6c1b9f60-c0a9-11d0-96d8-00aa0051e51d}&{9B365890-165F-11D0-A195-0020AFD156E4}] "SymbolicLink"="\\\\?\\Root#SYSTEM#0000#{dff220f3-f70f-11d0-b917-00a0c9223196}\\{6c1b9f60-c0a9-11d0-96d8-00aa0051e51d}&{9B365890-165F-11D0-A195-0020AFD156E4}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dff220f3-f70f-11d0-b917-00a0c9223196}\##?#Root#SYSTEM#0000#{dff220f3-f70f-11d0-b917-00a0c9223196}\#{6c1b9f60-c0a9-11d0-96d8-00aa0051e51d}&{9B365890-165F-11D0-A195-0020AFD156E4}\Device Parameters] "CLSID"="{17CCA71B-ECD7-11D0-B908-00A0C9223196}" "FriendlyName"="Synthétiseur de table de sons GC noyau Microsoft" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dff220f3-f70f-11d0-b917-00a0c9223196}\##?#Root#SYSTEM#0000#{dff220f3-f70f-11d0-b917-00a0c9223196}\#{6c1b9f60-c0a9-11d0-96d8-00aa0051e51d}&{9B365890-165F-11D0-A195-0020AFD156E4}\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dff220f3-f70f-11d0-b917-00a0c9223196}\##?#Root#SYSTEM#0000#{dff220f3-f70f-11d0-b917-00a0c9223196}\#{8c07dd50-7a8d-11d2-8f8c-00c04fbf8fef}&dmusic] "SymbolicLink"="\\\\?\\Root#SYSTEM#0000#{dff220f3-f70f-11d0-b917-00a0c9223196}\\{8c07dd50-7a8d-11d2-8f8c-00c04fbf8fef}&dmusic" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dff220f3-f70f-11d0-b917-00a0c9223196}\##?#Root#SYSTEM#0000#{dff220f3-f70f-11d0-b917-00a0c9223196}\#{8c07dd50-7a8d-11d2-8f8c-00c04fbf8fef}&dmusic\Device Parameters] "CLSID"="{17CCA71B-ECD7-11D0-B908-00A0C9223196}" "FriendlyName"="Synthétiseur DLS du noyau Microsoft" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dff220f3-f70f-11d0-b917-00a0c9223196}\##?#Root#SYSTEM#0000#{dff220f3-f70f-11d0-b917-00a0c9223196}\#{8c07dd50-7a8d-11d2-8f8c-00c04fbf8fef}&dmusic\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dff220f3-f70f-11d0-b917-00a0c9223196}\##?#Root#SYSTEM#0000#{dff220f3-f70f-11d0-b917-00a0c9223196}\Control] "ReferenceCount"=dword:00000002 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{f18a0e88-c30c-11d0-8815-00a0c906bed8}] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{f18a0e88-c30c-11d0-8815-00a0c906bed8}\##?#USB#ROOT_HUB#4&31d6675a&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}] "DeviceInstance"="USB\\ROOT_HUB\\4&31d6675a&0" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{f18a0e88-c30c-11d0-8815-00a0c906bed8}\##?#USB#ROOT_HUB#4&31d6675a&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}\#] "SymbolicLink"="\\\\?\\USB#ROOT_HUB#4&31d6675a&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{f18a0e88-c30c-11d0-8815-00a0c906bed8}\##?#USB#ROOT_HUB#4&31d6675a&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}\#\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{f18a0e88-c30c-11d0-8815-00a0c906bed8}\##?#USB#ROOT_HUB#4&31d6675a&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{f18a0e88-c30c-11d0-8815-00a0c906bed8}\##?#USB#ROOT_HUB#4&89f89ec&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}] "DeviceInstance"="USB\\ROOT_HUB\\4&89f89ec&0" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{f18a0e88-c30c-11d0-8815-00a0c906bed8}\##?#USB#ROOT_HUB#4&89f89ec&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}\#] "SymbolicLink"="\\\\?\\USB#ROOT_HUB#4&89f89ec&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{f18a0e88-c30c-11d0-8815-00a0c906bed8}\##?#USB#ROOT_HUB#4&89f89ec&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}\#\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{f18a0e88-c30c-11d0-8815-00a0c906bed8}\##?#USB#ROOT_HUB#4&89f89ec&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{f18a0e88-c30c-11d0-8815-00a0c906bed8}\##?#USB#Vid_058f&Pid_9254#5&f1546e9&0&2#{f18a0e88-c30c-11d0-8815-00a0c906bed8}] "DeviceInstance"="USB\\Vid_058f&Pid_9254\\5&f1546e9&0&2" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{f18a0e88-c30c-11d0-8815-00a0c906bed8}\##?#USB#Vid_058f&Pid_9254#5&f1546e9&0&2#{f18a0e88-c30c-11d0-8815-00a0c906bed8}\#] "SymbolicLink"="\\\\?\\USB#Vid_058f&Pid_9254#5&f1546e9&0&2#{f18a0e88-c30c-11d0-8815-00a0c906bed8}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{f18a0e88-c30c-11d0-8815-00a0c906bed8}\##?#USB#Vid_058f&Pid_9254#5&f1546e9&0&2#{f18a0e88-c30c-11d0-8815-00a0c906bed8}\#\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{f18a0e88-c30c-11d0-8815-00a0c906bed8}\##?#USB#Vid_058f&Pid_9254#5&f1546e9&0&2#{f18a0e88-c30c-11d0-8815-00a0c906bed8}\Control] "ReferenceCount"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{fbf6f530-07b9-11d2-a71e-0000f8004788}] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{fbf6f530-07b9-11d2-a71e-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}] "DeviceInstance"="SW\\{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}\\{9B365890-165F-11D0-A195-0020AFD156E4}" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{fbf6f530-07b9-11d2-a71e-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}\#SAD0] "SymbolicLink"="\\\\?\\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}\\SAD0" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{fbf6f530-07b9-11d2-a71e-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}\#SAD0\Device Parameters] "CLSID"="{17CCA71B-ECD7-11D0-B908-00A0C9223196}" "FriendlyName"="Port externe MIDI VIA" "FilterData"=hex:02,00,00,00,00,00,20,00,05,00,00,00,00,00,00,00,30,70,69,33,\ 09,00,00,00,01,00,00,00,02,00,00,00,01,00,00,00,fc,00,00,00,30,74,79,33,00,\ 00,00,00,0c,01,00,00,1c,01,00,00,31,74,79,33,00,00,00,00,0c,01,00,00,2c,01,\ 00,00,4c,01,00,00,31,70,69,33,01,00,00,00,00,00,00,00,01,00,00,00,01,00,00,\ 00,fc,00,00,00,30,74,79,33,00,00,00,00,0c,01,00,00,3c,01,00,00,4c,01,00,00,\ 32,70,69,33,09,00,00,00,00,00,00,00,01,00,00,00,01,00,00,00,fc,00,00,00,30,\ 74,79,33,00,00,00,00,0c,01,00,00,3c,01,00,00,4c,01,00,00,33,70,69,33,01,00,\ 00,00,01,00,00,00,01,00,00,00,01,00,00,00,fc,00,00,00,30,74,79,33,00,00,00,\ 00,0c,01,00,00,2c,01,00,00,4c,01,00,00,34,70,69,33,01,00,00,00,01,00,00,00,\ 01,00,00,00,01,00,00,00,fc,00,00,00,30,74,79,33,00,00,00,00,0c,01,00,00,1c,\ 01,00,00,4c,01,00,00,04,ad,94,69,ef,93,d0,11,a3,cc,00,a0,c9,22,31,96,60,d3,\ 25,e7,cc,62,cf,11,a5,d6,28,db,04,c1,00,00,60,27,26,1d,57,e9,cf,11,a5,d6,28,\ db,04,c1,00,00,bc,f8,82,1a,8b,3f,d2,11,b7,74,00,60,08,33,16,c1,a0,5f,a1,2c,\ fe,6c,cf,11,a5,d6,28,db,04,c1,00,00,20,b3,47,47,ce,62,cf,11,a5,d6,28,db,04,\ c1,00,00,00,00,00,00,00,00,00,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{fbf6f530-07b9-11d2-a71e-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}\#SAD0\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{fbf6f530-07b9-11d2-a71e-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}\#SAD1] "SymbolicLink"="\\\\?\\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}\\SAD1" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{fbf6f530-07b9-11d2-a71e-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}\#SAD1\Device Parameters] "CLSID"="{17CCA71B-ECD7-11D0-B908-00A0C9223196}" "FriendlyName"="Audio VIA (WAVE)" "FilterData"=hex:02,00,00,00,00,00,20,00,0e,00,00,00,00,00,00,00,30,70,69,33,\ 01,00,00,00,00,00,00,00,01,00,00,00,01,00,00,00,08,03,00,00,30,74,79,33,00,\ 00,00,00,18,03,00,00,28,03,00,00,08,04,00,00,31,70,69,33,09,00,00,00,00,00,\ 00,00,01,00,00,00,01,00,00,00,38,03,00,00,30,74,79,33,00,00,00,00,18,03,00,\ 00,28,03,00,00,08,04,00,00,32,70,69,33,01,00,00,00,00,00,00,00,01,00,00,00,\ 01,00,00,00,08,03,00,00,30,74,79,33,00,00,00,00,18,03,00,00,28,03,00,00,08,\ 04,00,00,33,70,69,33,01,00,00,00,00,00,00,00,01,00,00,00,01,00,00,00,48,03,\ 00,00,30,74,79,33,00,00,00,00,18,03,00,00,28,03,00,00,08,04,00,00,34,70,69,\ 33,01,00,00,00,00,00,00,00,01,00,00,00,01,00,00,00,58,03,00,00,30,74,79,33,\ 00,00,00,00,18,03,00,00,28,03,00,00,08,04,00,00,35,70,69,33,01,00,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,68,03,00,00,30,74,79,33,00,00,00,00,18,03,\ 00,00,28,03,00,00,08,04,00,00,36,70,69,33,01,00,00,00,00,00,00,00,01,00,00,\ 00,01,00,00,00,08,03,00,00,30,74,79,33,00,00,00,00,18,03,00,00,28,03,00,00,\ 08,04,00,00,37,70,69,33,01,00,00,00,00,00,00,00,01,00,00,00,01,00,00,00,08,\ 03,00,00,30,74,79,33,00,00,00,00,18,03,00,00,28,03,00,00,08,04,00,00,38,70,\ 69,33,01,00,00,00,00,00,00,00,01,00,00,00,01,00,00,00,78,03,00,00,30,74,79,\ 33,00,00,00,00,18,03,00,00,28,03,00,00,08,04,00,00,39,70,69,33,01,00,00,00,\ 00,00,00,00,01,00,00,00,01,00,00,00,08,03,00,00,30,74,79,33,00,00,00,00,18,\ 03,00,00,28,03,00,00,08,04,00,00,3a,70,69,33,05,00,00,00,ff,ff,ff,ff,01,00,\ 00,00,01,00,00,00,88,03,00,00,30,74,79,33,00,00,00,00,98,03,00,00,a8,03,00,\ 00,08,04,00,00,3b,70,69,33,05,00,00,00,ff,ff,ff,ff,01,00,00,00,01,00,00,00,\ 88,03,00,00,30,74,79,33,00,00,00,00,98,03,00,00,b8,03,00,00,08,04,00,00,3c,\ 70,69,33,05,00,00,00,ff,ff,ff,ff,06,00,00,00,01,00,00,00,00,00,00,00,30,74,\ 79,33,00,00,00,00,18,03,00,00,c8,03,00,00,31,74,79,33,00,00,00,00,18,03,00,\ 00,d8,03,00,00,32,74,79,33,00,00,00,00,18,03,00,00,c8,03,00,00,33,74,79,33,\ 00,00,00,00,18,03,00,00,d8,03,00,00,34,74,79,33,00,00,00,00,18,03,00,00,e8,\ 03,00,00,35,74,79,33,00,00,00,00,18,03,00,00,e8,03,00,00,08,04,00,00,3d,70,\ 69,33,0d,00,00,00,ff,ff,ff,ff,05,00,00,00,01,00,00,00,f8,03,00,00,30,74,79,\ 33,00,00,00,00,18,03,00,00,c8,03,00,00,31,74,79,33,00,00,00,00,18,03,00,00,\ c8,03,00,00,32,74,79,33,00,00,00,00,18,03,00,00,c8,03,00,00,33,74,79,33,00,\ 00,00,00,18,03,00,00,d8,03,00,00,34,74,79,33,00,00,00,00,18,03,00,00,c8,03,\ 00,00,08,04,00,00,e1,1f,f2,df,0f,f7,d0,11,b9,17,00,a0,c9,22,31,96,61,75,64,\ 73,00,00,10,00,80,00,00,aa,00,38,9b,71,90,31,ba,6d,bd,67,cf,11,a0,f7,00,20,\ af,d1,56,e4,e1,1c,f2,df,0f,f7,d0,11,b9,17,00,a0,c9,22,31,96,e1,1b,f2,df,0f,\ f7,d0,11,b9,17,00,a0,c9,22,31,96,e3,1f,f2,df,0f,f7,d0,11,b9,17,00,a0,c9,22,\ 31,96,e3,20,f2,df,0f,f7,d0,11,b9,17,00,a0,c9,22,31,96,e1,1e,f2,df,0f,f7,d0,\ 11,b9,17,00,a0,c9,22,31,96,20,fa,a4,47,51,a2,d1,11,a0,50,00,00,f8,00,47,88,\ 60,d3,25,e7,cc,62,cf,11,a5,d6,28,db,04,c1,00,00,60,27,26,1d,57,e9,cf,11,a5,\ d6,28,db,04,c1,00,00,bc,f8,82,1a,8b,3f,d2,11,b7,74,00,60,08,33,16,c1,01,00,\ 00,00,00,00,10,00,80,00,00,aa,00,38,9b,71,03,00,00,00,00,00,10,00,80,00,00,\ aa,00,38,9b,71,09,00,00,00,00,00,10,00,80,00,00,aa,00,38,9b,71,04,ad,94,69,\ ef,93,d0,11,a3,cc,00,a0,c9,22,31,96,20,b3,47,47,ce,62,cf,11,a5,d6,28,db,04,\ c1,00,00,00,00,00,00,00,00,00,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{fbf6f530-07b9-11d2-a71e-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}\#SAD1\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{fbf6f530-07b9-11d2-a71e-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}\#SAD2] "SymbolicLink"="\\\\?\\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}\\SAD2" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{fbf6f530-07b9-11d2-a71e-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}\#SAD2\Device Parameters] "CLSID"="{17CCA71B-ECD7-11D0-B908-00A0C9223196}" "FriendlyName"="Creative Sound Blaster MPU-401" "FilterData"=hex:02,00,00,00,00,00,20,00,04,00,00,00,00,00,00,00,30,70,69,33,\ 09,00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,c0,00,00,00,30,74,79,33,00,\ 00,00,00,d0,00,00,00,e0,00,00,00,00,01,00,00,31,70,69,33,01,00,00,00,00,00,\ 00,00,01,00,00,00,01,00,00,00,c0,00,00,00,30,74,79,33,00,00,00,00,d0,00,00,\ 00,f0,00,00,00,00,01,00,00,32,70,69,33,09,00,00,00,00,00,00,00,01,00,00,00,\ 01,00,00,00,c0,00,00,00,30,74,79,33,00,00,00,00,d0,00,00,00,f0,00,00,00,00,\ 01,00,00,33,70,69,33,01,00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,c0,00,\ 00,00,30,74,79,33,00,00,00,00,d0,00,00,00,e0,00,00,00,00,01,00,00,04,ad,94,\ 69,ef,93,d0,11,a3,cc,00,a0,c9,22,31,96,60,d3,25,e7,cc,62,cf,11,a5,d6,28,db,\ 04,c1,00,00,60,27,26,1d,57,e9,cf,11,a5,d6,28,db,04,c1,00,00,a0,5f,a1,2c,fe,\ 6c,cf,11,a5,d6,28,db,04,c1,00,00,20,b3,47,47,ce,62,cf,11,a5,d6,28,db,04,c1,\ 00,00,00,00,00,00,00,00,00,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{fbf6f530-07b9-11d2-a71e-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}\#SAD2\Control] "Linked"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{fbf6f530-07b9-11d2-a71e-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}\#SAD3] "SymbolicLink"="\\\\?\\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}\\SAD3" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{fbf6f530-07b9-11d2-a71e-0000f8004788}\##?#SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}\#SAD3\Device Parameters] "CLSID"="{17CCA71B-ECD7-11D0-B908-00A0C9223196}" "FriendlyName"="Creative Sound Blaster PCI" "FilterData"=hex:02,00,00,00,00,00,20,00,0c,00,00,00,00,00,00,00,30,70,69,33,\ 01,00,00,00,00,00,00,00,01,00,00,00,01,00,00,00,b0,02,00,00,30,74,79,33,00,\ 00,00,00,c0,02,00,00,d0,02,00,00,c0,03,00,00,31,70,69,33,09,00,00,00,00,00,\ 00,00,01,00,00,00,01,00,00,00,e0,02,00,00,30,74,79,33,00,00,00,00,c0,02,00,\ 00,d0,02,00,00,c0,03,00,00,32,70,69,33,01,00,00,00,00,00,00,00,01,00,00,00,\ 01,00,00,00,f0,02,00,00,30,74,79,33,00,00,00,00,c0,02,00,00,d0,02,00,00,c0,\ 03,00,00,33,70,69,33,01,00,00,00,00,00,00,00,01,00,00,00,01,00,00,00,b0,02,\ 00,00,30,74,79,33,00,00,00,00,c0,02,00,00,d0,02,00,00,c0,03,00,00,34,70,69,\ 33,01,00,00,00,00,00,00,00,01,00,00,00,01,00,00,00,00,03,00,00,30,74,79,33,\ 00,00,00,00,c0,02,00,00,d0,02,00,00,c0,03,00,00,35,70,69,33,01,00,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,10,03,00,00,30,74,79,33,00,00,00,00,c0,02,\ 00,00,d0,02,00,00,c0,03,00,00,36,70,69,33,01,00,00,00,00,00,00,00,01,00,00,\ 00,01,00,00,00,20,03,00,00,30,74,79,33,00,00,00,00,c0,02,00,00,d0,02,00,00,\ c0,03,00,00,37,70,69,33,01,00,00,00,00,00,00,00,01,00,00,00,01,00,00,00,30,\ 03,00,00,30,74,79,33,00,00,00,00,c0,02,00,00,d0,02,00,00,c0,03,00,00,38,70,\ 69,33,05,00,00,00,ff,ff,ff,ff,01,00,00,00,01,00,00,00,40,03,00,00,30,74,79,\ 33,00,00,00,00,50,03,00,00,60,03,00,00,c0,03,00,00,39,70,69,33,05,00,00,00,\ ff,ff,ff,ff,01,00,00,00,01,00,00,00,40,03,00,00,30,74,79,33,00,00,00,00,50,\ 03,00,00,70,03,00,00,c0,03,00,00,3a,70,69,33,05,00,00,00,ff,ff,ff,ff,06,00,\ 00,00,01,00,00,00,00,00,00,00,30,74,79,33,00,00,00,00,c0,02,00,00,80,03,00,\ 00,31,74,79,33,00,00,00,00,c0,02,00,00,90,03,00,00,32,74,79,33,00,00,00,00,\ c0,02,00,00,80,03,00,00,33,74,79,33,00,00,00,00,c0,02,00,00,90,03,00,00,34,\ 74,79,33,00,00,00,00,c0,02,00,00,a0,03,00,00,35,74,79,33,00,00,00,00,c0,02,\ 00,00,a0,03,00,00,c0,03,00,00,3b,70,69,33,0d,00,00,00,ff,ff,ff,ff,05,00,00,\ 00,01,00,00,00,b0,03,00,00,30,74,79,33,00,00,00,00,c0,02,00,00,80,03,00,00,\ 31,74,79,33,00,00,00,00,c0,02,00,00,80,03,00,00,32,74,79,33,00,00,00,00,c0,\ 02,00,00,80,03,00,00,33,74,79,33,00,00,00,00,c0,02,00,00,90,03,00,00,34,74,\ 79,33,00,00,00,00,c0,02,00,00,80,03,00,00,c0,03,00,00,e1,1f,f2,df,0f,f7,d0,\ 11,b9,17,00,a0,c9,22,31,96,61,75,64,73,00,00,10,00,80,00,00,aa,00,38,9b,71,\ 90,31,ba,6d,bd,67,cf,11,a0,f7,00,20,af,d1,56,e4,e1,1c,f2,df,0f,f7,d0,11,b9,\ 17,00,a0,c9,22,31,96,e1,1e,f2,df,0f,f7,d0,11,b9,17,00,a0,c9,22,31,96,ec,20,\ f2,df,0f,f7,d0,11,b9,17,00,a0,c9,22,31,96,e1,1b,f2,df,0f,f7,d0,11,b9,17,00,\ a0,c9,22,31,96,e3,1f,f2,df,0f,f7,d0,11,b9,17,00,a0,c9,22,31,96,e3,20,f2,df,\ 0f,f7,d0,11,b9,17,00,a0,c9,22,31,96,20,fa,a4,47,51,a2,d1,11,a0,50,00,00,f8,\ 00,47,88,60,d3,25,e7,cc,62,cf,11,a5,d6,28,db,04,c1,00,00,60,27,26,1d,57,e9,\ cf,11,a5,d6,28,db,04,c1,00,00,bc,f8,82,1a,8b,3f,d2,11,b7,74,00,60,08,33,16,\ c1,01,00,00,00,00,00,10,00,80,00,00,aa,00,38,9b,71,03,00,00,00,00,00,10,00,\ 80,00,00,aa,00,38,9b,71,09,00,00,00,00,00,10,00,80,00,00,aa,00,38,9b,71,04,\ ad,94,69,ef,93,d0,11,a3,cc,00,a0,c9,22,31,96,20,b3,47,47,ce,62,cf,11,a5,d6,\ 28,db,04,c1,00,00,00,00,00,00,00,00,00,00< -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
la suite [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0007] "InfPath"="wave.inf" "InfSection"="MS_MMACM" "InfSectionExt"=".NT" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2535.0" "MatchingDeviceId"="ms_mmacm" "DriverDesc"="Codecs audio" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0008] "InfPath"="wave.inf" "InfSection"="MS_MMVCD" "InfSectionExt"=".NT" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2535.0" "MatchingDeviceId"="ms_mmvcd" "DriverDesc"="Périphériques de capture vidéo hérités" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0009] "InfPath"="wave.inf" "InfSection"="MS_MMDRV" "InfSectionExt"=".NT" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2535.0" "MatchingDeviceId"="ms_mmdrv" "DriverDesc"="Pilotes audio hérités" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0010] "InfPath"="wdmaudio.inf" "InfSection"="WDM_SYSAUDIO" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2535.0" "MatchingDeviceId"="sw\\{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}" "DriverDesc"="Périphérique audio système du noyau Microsoft" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0011] "InfPath"="ksfilter.inf" "InfSection"="MSKSSRV" "InfSectionExt"=".NT" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2600.0" "MatchingDeviceId"="sw\\{96e080c7-143c-11d1-b40f-00a0c9223196}" "DriverDesc"="Proxy de service de répartition Microsoft" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0012] "InfPath"="wdmaudio.inf" "InfSection"="WDM_KMIXER" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2535.0" "MatchingDeviceId"="sw\\{b7eafdc0-a680-11d0-96d8-00aa0051e51d}" "DriverDesc"="Mélangeur audio Wave de noyau Microsoft" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0013] "InfPath"="wdmaudio.inf" "InfSection"="WDM_WDMAUD" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2535.0" "MatchingDeviceId"="sw\\{cd171de3-69e5-11d2-b56d-0000f8754380}" "DriverDesc"="Pilote WINMM de compatibilité audio WDM Microsoft" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0014] "InfPath"="wdmaudio.inf" "InfSection"="WDM_DMUSIC" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2535.0" "MatchingDeviceId"="sw\\{8c07dd50-7a8d-11d2-8f8c-00c04fbf8fef}" "DriverDesc"="Synthétiseur DLS du noyau Microsoft" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0015] "InfPath"="wdmaudio.inf" "InfSection"="WDM_SWMIDI" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2535.0" "MatchingDeviceId"="sw\\{6c1b9f60-c0a9-11d0-96d8-00aa0051e51d}" "DriverDesc"="Synthétiseur de table de sons GC noyau Microsoft" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0016] "InfPath"="ksfilter.inf" "InfSection"="MSPQM" "InfSectionExt"=".NT" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2600.0" "MatchingDeviceId"="sw\\{ddf4358e-bb2c-11d0-a42f-00a0c9223196}" "DriverDesc"="Proxy de gestion de qualité de répartition Microsoft" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0017] "InfPath"="wdmaudio.inf" "InfSection"="WDM_DRMKAUD" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2535.0" "MatchingDeviceId"="sw\\{eec12db6-ad9c-4168-8658-b03daef417fe}" "DriverDesc"="Filtre de décodeur DRM (Noyau Microsoft)" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0018] "InfPath"="wdmaudio.inf" "InfSection"="WDM_AEC" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2535.0" "MatchingDeviceId"="sw\\{4245ff73-1db4-11d2-86e4-98ae20524153}" "DriverDesc"="Suppresseur d'écho acoustique (Noyau Microsoft)" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0019] "InfPath"="wdmaudio.inf" "InfSection"="WDM_SPLITTER" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2535.0" "MatchingDeviceId"="sw\\{2f412ab5-ed3a-4590-ab24-b0ce2aa77d3c}" "DriverDesc"="Splitter audio du noyau Microsoft" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0020] "InfPath"="ksfilter.inf" "InfSection"="MSPCLOCK" "InfSectionExt"=".NT" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2600.0" "MatchingDeviceId"="sw\\{97ebaacc-95bd-11d0-a3ea-00a0c9223196}" "DriverDesc"="Proxy d'horloge de répartition Microsoft" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] "Class"="Modem" @="Modems" "Installer32"="mdminst.dll,ClassInstall32" "Icon"="0" "TroubleShooter-0"="hcp://help/tshoot/tsmodem.htm" "Default Service"="Modem" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000] "CoInstallers32"=hex(7):48,53,46,5f,49,4e,53,54,2e,64,6c,6c,2c,48,53,46,43,6f,\ 49,6e,73,74,61,6c,6c,65,72,00,00 "AttachedTo"="COM3" "FriendlyName"="Generic SoftK56" "UINumber"=dword:00000001 "LoggingPath"="C:\\WINDOWS\\ModemLog_Generic SoftK56.txt" "DeviceType"=hex:02 "PortConfigDialog"="serialui.dll" "AdvancedSettings"="msports.dll,SerialDisplayAdvancedSettings" "Manufacturer"="Generic" "Model"="Generic SoftK56" "EnumPropPages32"="modemui.dll,ModemPropPagesProvider" "ID"=hex:ca,60,04,00 "PermanentGuid"=hex:a1,9f,09,8a,6c,7f,79,45,86,85,4c,a9,27,7d,a3,1e "PortSubClass"=hex:02 "ConfigDialog"="modemui.dll" "HALDataPump"="AMOS " "ExtHwDriver"="basic2.sys" "EnableSleep"="ON" "EnableACPI"="ON" "CodecInitDelay"="1" "BondOption"="00b3" "Buffers"="ON" "BuffersDelay"=hex:03 "CompanyName"="Generic" "ProductName"="Generic Conexant SoftK56 Modem" "Reset"="ATZ<cr>" "Properties"=hex:c0,01,00,00,ff,00,00,00,00,00,00,00,07,00,00,00,0f,00,00,00,\ 37,03,00,00,00,c2,01,00,c0,da,00,00 "VoiceProfile"=hex:27,32,19,02 "CurrentCountry"=dword:00000001 "UseCurrentCountry"=dword:00000000 "CallerIDPrivate"="P" "CallerIDOutSide"="O" "VariableTerminator"="<cr><lf>" "HandsetCloseDelay"=hex:1e,00,00,00 "TerminateRecord"="<h10><h21>" "TerminatePlay"="<h10><h03>" "AbortPlay"="<h10><h03>" "ForwardDelay"=hex:88,13 "VoiceBaudRate"=hex:00,c2,01,00 "SpeakerPhoneSpecs"=hex:a0,00,00,00,00,00,00,00,96,00,00,00,00,00,00,00 "InfPath"="mdmcxsft.inf" "InfSection"="ModemX2015" "InfSectionExt"=".NT" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.0.0.2" "MatchingDeviceId"="pci\\ven_127a&dev_2015&subsys_2015127a" "DriverDesc"="Generic SoftK56" "ResponsesKeyName"="Generic SoftK56::Generic::Microsoft" "Default"=hex:3c,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,13,01,00,00 "DCB"=hex:1c,00,00,00,00,c2,01,00,15,20,00,00,00,00,0a,00,0a,00,08,00,00,11,13,\ 00,00,00,00,00 "NVRamZHead"=hex:48,45,44,52,5a,49,30,2e,30,35,2c,30,00 "NVRamZBody"=hex:00,00,2b,0d,0a,08,03,5a,02,06,0e,55,32,ff,8a,00,00,00,00,00,\ 00,34,77,37,00,05,01,49,01,1b,00,06,11,13,ff,ff,07,00,14,03,00,00,01,00,02,\ 01,01,01,07,00,01,00,01,56,39,30,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,5a,00,00,00,01,00,00,00,4b,00,00,00,40,83,00,00,4b,\ 00,00,00,c0,da,00,00,0e,00,00,00,01,00,00,00,01,00,00,00,0e,00,00,00,01,00,\ 00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "MSCurrentCountry"=dword:0000003d "CountryList"=hex:b5,0a,0f,20,26,2e,31,3c,3d,42,46,50,51,52,53,54,57,58,59,00,\ 61,69,6c,73,7b,7e,82,89,8b,9c,9f,a0,a5,a6,fe,a9,b4,09 "NVRamHead"=hex:48,45,44,52,49,30,2e,30,35,2c,30,00 "NVRamBody"=hex:00,00,2b,0d,0a,08,03,3c,02,06,0e,55,32,ff,8a,00,00,00,00,00,00,\ 34,77,37,00,05,01,49,01,1b,00,06,11,13,ff,ff,07,00,14,03,00,00,01,00,02,01,\ 00,01,07,00,01,00,01,56,39,30,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,5a,00,00,00,01,00,00,00,4b,00,00,00,40,83,00,00,4b,00,\ 00,00,c0,da,00,00,0e,00,00,00,01,00,00,00,01,00,00,00,0e,00,00,00,01,00,00,\ 00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CheckedForCountrySelect"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Answer] "1"="ATA<cr>" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\ATPUD] "ATPUD"=hex:00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,2f,00,00,00,\ 00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Blst] "FLAG"=hex:00,00,00,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Clients] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Clients\Ras] "EnableForRas"=dword:00000000 "EnableForRouting"=dword:00000000 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\CloseHandset] "1"="at+vls=0<cr>" "2"="at+fclass=0<cr>" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country] "Previous"=hex:3d,00 "CountryList"="B5,0A,0F,20,26,2E,31,3C,3D,42,46,50,51,52,53,54,57,58,59,00,61,69,6C,73,7B,7E,82,89,8B,9C,9F,A0,A5,A6,FE,A9,B4,09" "COPY_CTY"=hex:00,00,00,00 "Current"=hex:3d,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\0000] "T35CODE"=hex:b5,00 "NAME"="USA" "INTCODE"="011" "TXLEVEL"=hex:0f,0a,0a,0f,0a,0a,0f,0a,0a,00,50,3c "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,00,00,00,ee,02,00,00 "RING"=hex:4b,0f,96,00,00,00,2c,01,40,1f "TONEPARAMS"=hex:0d,02,c2,01,16,00,00,00,cc,ff,cc,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,f4,01,90,01,23,00,00,00,cc,ff,cc,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,cc,ff,cc,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:01,28,23,00,00,b8,01,1e,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,01,00,00,00,2c,01,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,2c,01,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "SREG"=hex:06,00,ff,02,07,01,ff,32,08,02,ff,02,09,01,ff,06,0a,01,ff,0e,0b,32,\ ff,5f,1b,00,ff,49,1d,46,46,46,ff,00,00,00,ff,00,00,00 "DTMF"=hex:5c,00,48,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,13,00,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:ee,02,ee,02,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,c8,00,00,00,8a,02,00,00,c8,\ 00,00,00,8a,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,\ 00,00,84,03,00,00,b8,0b,00,00,54,0b,00,00,f8,11,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,01,00,00,00,dc,00,00,00,18,01,00,00,dc,00,00,00,\ 18,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00 "BLACKLISTING"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "CALLERID"=hex:01,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:00,00,4c,00 "PULSE_ABORT"=hex:10,08,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\0001] "T35CODE"=hex:0a,00 "NAME"="AUSTRIA" "INTCODE"="00" "TXLEVEL"=hex:0f,0a,0b,0f,0a,0b,00,0f,08,00,69,4d "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,00,00,00,84,03,00,00 "RING"=hex:44,0f,2c,01,00,00,2c,01,40,1f "TONEPARAMS"=hex:c2,01,2c,01,23,00,00,00,cf,ff,cf,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,90,01,c8,00,46,00,00,00,ce,ff,ce,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,d1,ff,d1,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:00,28,23,00,00,a4,01,1e,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,08,00,06,03,08,03,07,01,ff,32,08,02,ff,02,09,01,ff,06,0a,01,\ fe,0e,0b,32,ff,55,1b,00,ff,49,1c,00,ff,00,1d,05,64,0a "DTMF"=hex:00,00,00,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:20,03,20,03,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:02,96,00,00,00,fa,00,00,00,96,00,00,00,fa,00,00,00,f4,01,00,00,\ ee,02,00,00,20,03,00,00,b0,04,00,00,02,00,00,00,aa,00,00,00,40,03,00,00,64,\ 00,00,00,84,03,00,00,aa,00,00,00,40,03,00,00,64,00,00,00,84,03,00,00,04,00,\ 00,00,84,03,00,00,b8,0b,00,00,54,0b,00,00,f8,11,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,01,00,00,00,aa,00,00,00,18,01,00,00,aa,00,00,00,\ 18,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00 "BLACKLISTING"=hex:03,03,03,03,03,03,05,00,05,00,00,00,05,00,00,00,0f,00,01 "CALLERID"=hex:00,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:02,02,08,00 "PULSE_ABORT"=hex:0e,07,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\0002] "T35CODE"=hex:0f,00 "NAME"="BELGIUM" "INTCODE"="00" "TXLEVEL"=hex:0f,0a,0b,0f,0a,0b,00,0f,08,00,69,4d "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,00,00,00,84,03,00,00 "RING"=hex:3c,13,2c,01,00,00,2c,01,40,1f "TONEPARAMS"=hex:c2,01,2c,01,23,00,00,00,cf,ff,cf,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,90,01,c8,00,46,00,00,00,ce,ff,ce,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,d1,ff,d1,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:00,28,23,00,00,a4,01,1e,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,08,00,06,03,08,03,07,01,ff,32,08,02,ff,02,09,01,ff,06,0a,01,\ fe,0e,0b,32,ff,55,1b,00,ff,49,1c,00,ff,01,1d,05,64,0c "DTMF"=hex:00,00,00,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:20,03,20,03,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:02,96,00,00,00,fa,00,00,00,96,00,00,00,fa,00,00,00,f4,01,00,00,\ ee,02,00,00,20,03,00,00,b0,04,00,00,02,00,00,00,aa,00,00,00,40,03,00,00,64,\ 00,00,00,84,03,00,00,aa,00,00,00,40,03,00,00,64,00,00,00,84,03,00,00,04,00,\ 00,00,84,03,00,00,b8,0b,00,00,54,0b,00,00,f8,11,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,01,00,00,00,aa,00,00,00,18,01,00,00,64,00,00,00,\ 18,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00 "BLACKLISTING"=hex:03,03,03,03,03,03,05,00,05,00,00,00,05,00,00,00,0f,00,01 "CALLERID"=hex:00,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:02,02,08,00 "PULSE_ABORT"=hex:0e,07,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\0003] "T35CODE"=hex:20,00 "NAME"="CANADA" "INTCODE"="011" "TXLEVEL"=hex:0f,0a,0a,0f,0a,0a,00,0f,08,00,51,39 "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,00,00,00,ee,02,00,00 "RING"=hex:44,0f,2c,01,00,00,2c,01,40,1f "TONEPARAMS"=hex:0d,02,c2,01,16,00,00,00,cc,ff,cc,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,f4,01,90,01,23,00,00,00,cc,ff,cc,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,cc,ff,cc,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:00,28,23,00,00,a4,01,1e,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,08,00,06,00,ff,02,07,01,ff,32,08,02,ff,02,09,01,ff,06,0a,01,\ ff,0e,0b,32,ff,55,1b,00,ff,49,1c,00,ff,00,1d,46,46,46 "DTMF"=hex:5c,00,48,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:ee,02,ee,02,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,c8,00,00,00,8a,02,00,00,c8,\ 00,00,00,8a,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,\ 00,00,84,03,00,00,b8,0b,00,00,54,0b,00,00,f8,11,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,01,00,00,00,dc,00,00,00,18,01,00,00,dc,00,00,00,\ 18,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00 "BLACKLISTING"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "CALLERID"=hex:01,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:02,00,4c,00 "PULSE_ABORT"=hex:18,0c,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\0004] "T35CODE"=hex:26,00 "NAME"="CHINA" "INTCODE"="00" "TXLEVEL"=hex:0f,0a,0a,0f,0a,0a,00,0f,08,00,51,39 "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,00,00,00,84,03,00,00 "RING"=hex:44,0f,2c,01,00,00,2c,01,40,1f "TONEPARAMS"=hex:c2,01,2c,01,46,00,00,00,cc,ff,cc,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,a9,01,fa,00,46,00,00,00,cc,ff,cc,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,cc,ff,cc,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:01,1c,25,00,00,c2,01,28,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,01,00,00,00,2c,01,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,2c,01,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,08,00,06,03,08,03,07,01,ff,5a,0a,01,fe,0e,0b,32,ff,55,1c,00,\ ff,01,1d,05,64,0a,ff,00,00,00,ff,00,00,00,ff,00,00,00 "DTMF"=hex:00,00,00,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:20,03,20,03,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,96,00,00,00,52,03,00,00,96,\ 00,00,00,52,03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,03,00,\ 00,00,84,03,00,00,b8,0b,00,00,54,0b,00,00,f8,11,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,01,00,00,00,dc,00,00,00,18,01,00,00,dc,00,00,00,\ 18,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00 "BLACKLISTING"=hex:01,01,01,01,01,01,05,00,05,00,00,00,00,00,00,00,00,00,00 "CALLERID"=hex:00,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:02,00,0c,00 "PULSE_ABORT"=hex:12,09,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\0005] "T35CODE"=hex:2e,00 "NAME"="Czech" "INTCODE"="00" "TXLEVEL"=hex:0f,0a,0a,0f,0a,0a,00,0f,08,00,51,39 "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,00,00,00,84,03,00,00 "RING"=hex:44,0f,2c,01,00,00,2c,01,40,1f "TONEPARAMS"=hex:c2,01,2c,01,23,00,00,00,d1,ff,d1,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,90,01,c8,00,46,00,00,00,cc,ff,cc,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,d1,ff,d1,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:00,28,23,00,00,a4,01,1e,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,08,00,06,03,08,03,07,01,ff,5a,0a,01,fe,0e,0b,32,ff,55,1c,00,\ ff,00,1d,05,64,0a,ff,00,00,00,ff,00,00,00,ff,00,00,00 "DTMF"=hex:00,00,00,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:20,03,20,03,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:02,96,00,00,00,fa,00,00,00,96,00,00,00,fa,00,00,00,f4,01,00,00,\ ee,02,00,00,20,03,00,00,b0,04,00,00,02,00,00,00,2c,01,00,00,58,02,00,00,2c,\ 01,00,00,58,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,\ 00,00,8a,02,00,00,40,06,00,00,54,0b,00,00,70,17,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,02,00,00,00,96,00,00,00,2c,01,00,00,96,00,00,00,\ 2c,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00 "BLACKLISTING"=hex:01,01,01,01,01,01,05,00,05,00,00,00,00,00,00,00,00,00,00 "CALLERID"=hex:00,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:00,02,0c,00 "PULSE_ABORT"=hex:10,08,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\0006] "T35CODE"=hex:31,00 "NAME"="DENMARK" "INTCODE"="00" "TXLEVEL"=hex:0f,0a,0b,0f,0a,0b,00,0f,08,00,69,4d "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,00,00,00,84,03,00,00 "RING"=hex:44,0f,2c,01,00,00,2c,01,28,23 "TONEPARAMS"=hex:c2,01,2c,01,23,00,00,00,cf,ff,cf,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,90,01,c8,00,46,00,00,00,ce,ff,ce,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,d1,ff,d1,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:00,28,23,00,00,a4,01,1e,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,08,00,06,03,08,03,07,01,ff,32,08,02,ff,02,09,01,ff,06,0a,01,\ fe,0e,0b,32,ff,55,1b,00,ff,49,1c,00,ff,00,ff,00,00,00 "DTMF"=hex:00,00,00,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:20,03,20,03,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:02,96,00,00,00,fa,00,00,00,96,00,00,00,fa,00,00,00,f4,01,00,00,\ ee,02,00,00,20,03,00,00,b0,04,00,00,02,00,00,00,aa,00,00,00,40,03,00,00,64,\ 00,00,00,84,03,00,00,aa,00,00,00,40,03,00,00,64,00,00,00,84,03,00,00,04,00,\ 00,00,84,03,00,00,b8,0b,00,00,54,0b,00,00,f8,11,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,01,00,00,00,aa,00,00,00,18,01,00,00,64,00,00,00,\ 18,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00 "BLACKLISTING"=hex:03,03,03,03,03,03,05,00,05,00,00,00,05,00,00,00,0f,00,01 "CALLERID"=hex:00,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:02,02,08,00 "PULSE_ABORT"=hex:14,0a,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\0007] "T35CODE"=hex:3c,00 "NAME"="FINLAND" "INTCODE"="00" "TXLEVEL"=hex:0f,0a,0b,0f,0a,0b,00,0f,08,00,69,4d "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,00,00,00,00,00,00,00 "RING"=hex:44,0f,2c,01,00,00,2c,01,40,1f "TONEPARAMS"=hex:c2,01,2c,01,23,00,00,00,cf,ff,cf,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,90,01,c8,00,46,00,00,00,ce,ff,ce,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,d1,ff,d1,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:00,28,23,00,00,a4,01,1e,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,08,00,06,03,08,03,07,01,ff,32,08,02,ff,02,09,01,ff,06,0a,01,\ fe,0e,0b,32,ff,55,1b,00,ff,49,ff,00,00,00,ff,00,00,00 "DTMF"=hex:00,00,00,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:20,03,20,03,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:02,96,00,00,00,fa,00,00,00,96,00,00,00,fa,00,00,00,f4,01,00,00,\ ee,02,00,00,20,03,00,00,b0,04,00,00,02,00,00,00,aa,00,00,00,40,03,00,00,64,\ 00,00,00,84,03,00,00,aa,00,00,00,40,03,00,00,64,00,00,00,84,03,00,00,04,00,\ 00,00,84,03,00,00,b8,0b,00,00,54,0b,00,00,f8,11,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,01,00,00,00,aa,00,00,00,18,01,00,00,64,00,00,00,\ 18,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00 "BLACKLISTING"=hex:03,03,03,03,03,03,05,00,05,00,00,00,05,00,00,00,0f,00,01 "CALLERID"=hex:00,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:02,02,08,00 "PULSE_ABORT"=hex:14,0a,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\0008] "T35CODE"=hex:3d,00 "NAME"="FRANCE" "INTCODE"="00" "TXLEVEL"=hex:0f,0a,0b,0f,0a,0b,00,0f,08,00,69,4d "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,00,00,00,84,03,00,00 "RING"=hex:44,0f,2c,01,00,00,2c,01,4c,1d "TONEPARAMS"=hex:c2,01,2c,01,23,00,00,00,cf,ff,cf,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,90,01,c8,00,46,00,00,00,ce,ff,ce,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,d1,ff,d1,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:01,28,23,00,00,b8,01,32,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,01,00,00,00,2c,01,00,00,02,00,00,00,2c,01,00,00,\ 03,00,00,00,02,ff,ff,ff,00,00,00,00,00,00,00,00,01,00,00,00,2c,01,00,00,02,\ 00,00,00,2c,01,00,00,03,00,00,00,01,ff,ff,ff,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,05,00,06,03,08,03,07,01,ff,5a,08,02,ff,02,09,01,ff,06,0a,01,\ fe,0e,0b,32,ff,55,1b,00,ff,49,1d,05,64,1b,1c,00,ff,01 "DTMF"=hex:00,00,00,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:20,03,20,03,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:02,96,00,00,00,fa,00,00,00,96,00,00,00,fa,00,00,00,f4,01,00,00,\ ee,02,00,00,20,03,00,00,b0,04,00,00,02,00,00,00,aa,00,00,00,40,03,00,00,64,\ 00,00,00,84,03,00,00,aa,00,00,00,40,03,00,00,64,00,00,00,84,03,00,00,04,00,\ 00,00,84,03,00,00,b8,0b,00,00,54,0b,00,00,f8,11,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,01,00,00,00,aa,00,00,00,18,01,00,00,64,00,00,00,\ 18,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00 "BLACKLISTING"=hex:03,03,03,03,03,03,05,00,05,00,00,00,05,00,00,00,0f,00,01 "CALLERID"=hex:04,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:02,02,08,00 "PULSE_ABORT"=hex:0e,07,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\0009] "T35CODE"=hex:42,00 "NAME"="GERMANY" "INTCODE"="00" "TXLEVEL"=hex:0f,0a,0b,0f,0a,0b,00,0f,08,00,67,50 "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,fe,00,00,84,03,00,00 "RING"=hex:44,0f,2c,01,00,00,2c,01,40,1f "TONEPARAMS"=hex:c2,01,2c,01,23,00,00,00,cf,ff,cf,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,90,01,c8,00,46,00,00,00,ce,ff,ce,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,d1,ff,d1,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:00,28,23,00,00,a4,01,1e,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,08,00,06,03,08,03,07,01,ff,32,08,02,ff,02,09,01,ff,06,0a,01,\ ff,0e,0b,32,ff,55,1b,00,ff,49,1c,00,ff,00,1d,05,64,0a "DTMF"=hex:00,00,00,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:20,03,20,03,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:02,96,00,00,00,fa,00,00,00,96,00,00,00,fa,00,00,00,f4,01,00,00,\ ee,02,00,00,20,03,00,00,b0,04,00,00,02,00,00,00,aa,00,00,00,40,03,00,00,64,\ 00,00,00,84,03,00,00,aa,00,00,00,40,03,00,00,64,00,00,00,84,03,00,00,04,00,\ 00,00,84,03,00,00,b8,0b,00,00,54,0b,00,00,f8,11,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,01,00,00,00,aa,00,00,00,18,01,00,00,64,00,00,00,\ 18,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00 "BLACKLISTING"=hex:03,03,03,03,03,03,05,00,05,00,00,00,05,00,00,00,0f,00,01 "CALLERID"=hex:00,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:02,02,08,02 "PULSE_ABORT"=hex:0e,07,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\000A] "T35CODE"=hex:46,00 "NAME"="GREECE" "INTCODE"="00" "TXLEVEL"=hex:0f,0a,0b,0f,0a,0b,00,0f,08,00,69,4d "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,00,00,00,84,03,00,00 "RING"=hex:44,0f,2c,01,00,00,2c,01,40,1f "TONEPARAMS"=hex:c2,01,2c,01,23,00,00,00,cf,ff,cf,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,90,01,c8,00,46,00,00,00,ce,ff,ce,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,d1,ff,d1,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:00,28,23,00,00,a4,01,1e,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,08,00,06,03,08,03,07,01,ff,32,08,02,ff,02,09,01,ff,06,0a,01,\ fe,0e,0b,32,ff,55,1b,00,ff,49,1c,00,ff,00,1d,05,64,0a "DTMF"=hex:00,00,00,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:20,03,20,03,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:02,96,00,00,00,fa,00,00,00,96,00,00,00,fa,00,00,00,f4,01,00,00,\ ee,02,00,00,20,03,00,00,b0,04,00,00,02,00,00,00,aa,00,00,00,40,03,00,00,64,\ 00,00,00,84,03,00,00,aa,00,00,00,40,03,00,00,64,00,00,00,84,03,00,00,04,00,\ 00,00,84,03,00,00,b8,0b,00,00,54,0b,00,00,f8,11,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,01,00,00,00,aa,00,00,00,18,01,00,00,64,00,00,00,\ 18,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00 "BLACKLISTING"=hex:03,03,03,03,03,03,05,00,05,00,00,00,05,00,00,00,0f,00,01 "CALLERID"=hex:00,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:02,02,08,00 "PULSE_ABORT"=hex:0e,07,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\000B] "T35CODE"=hex:50,00 "NAME"="HONG-KONG" "INTCODE"="001" "TXLEVEL"=hex:0f,0a,0a,0f,0a,0a,00,0f,08,00,51,39 "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,fe,00,00,84,03,00,00 "RING"=hex:44,0f,2c,01,00,00,2c,01,40,1f "TONEPARAMS"=hex:0d,02,c2,01,16,00,00,00,cc,ff,cc,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,f4,01,90,01,23,00,00,00,cc,ff,cc,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,cc,ff,cc,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:00,28,23,00,00,a4,01,1e,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,08,00,06,03,08,03,07,01,ff,5a,0a,01,fe,0e,0b,32,c8,55,1c,00,\ ff,00,1d,05,64,0a,ff,00,00,00,ff,00,00,00,ff,00,00,00 "DTMF"=hex:00,00,00,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:20,03,20,03,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,c8,00,00,00,8a,02,00,00,c8,\ 00,00,00,8a,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,\ 00,00,84,03,00,00,b8,0b,00,00,54,0b,00,00,f8,11,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,01,00,00,00,dc,00,00,00,18,01,00,00,dc,00,00,00,\ 18,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00 "BLACKLISTING"=hex:01,01,01,01,01,01,05,00,05,00,00,00,00,00,00,00,00,00,00 "CALLERID"=hex:00,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:00,00,4c,00 "PULSE_ABORT"=hex:0e,07,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\000C] "T35CODE"=hex:51,00 "NAME"="HUNGARY" "INTCODE"="00" "TXLEVEL"=hex:0f,0a,0b,0f,0a,0b,00,0f,08,00,69,4d "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,fe,00,00,84,03,00,00 "RING"=hex:44,0f,2c,01,00,00,2c,01,40,1f "TONEPARAMS"=hex:c2,01,2c,01,46,00,00,00,d1,ff,d1,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,c2,01,2c,01,46,00,00,00,d1,ff,d1,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,d1,ff,d1,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:00,28,23,00,00,a4,01,1e,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,08,00,06,03,08,03,07,01,ff,5a,0a,01,fe,0e,0b,32,ff,55,1c,00,\ ff,01,1d,05,64,09,ff,00,00,00,ff,00,00,00,ff,00,00,00 "DTMF"=hex:00,00,00,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:20,03,20,03,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:02,96,00,00,00,fa,00,00,00,96,00,00,00,fa,00,00,00,f4,01,00,00,\ ee,02,00,00,20,03,00,00,b0,04,00,00,02,00,00,00,2c,01,00,00,58,02,00,00,2c,\ 01,00,00,58,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,\ 00,00,8a,02,00,00,40,06,00,00,54,0b,00,00,70,17,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,02,00,00,00,96,00,00,00,2c,01,00,00,96,00,00,00,\ 2c,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00 "BLACKLISTING"=hex:01,01,01,01,01,01,05,00,05,00,00,00,00,00,00,00,00,00,00 "CALLERID"=hex:00,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:00,02,0c,00 "PULSE_ABORT"=hex:0e,07,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\000D] "T35CODE"=hex:52,00 "NAME"="ICELAND" "INTCODE"="90" "TXLEVEL"=hex:0f,0a,0b,0f,0a,0b,00,0f,08,00,6b,54 "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,00,00,00,84,03,00,00 "RING"=hex:44,0f,2c,01,00,00,2c,01,40,1f "TONEPARAMS"=hex:c2,01,2c,01,23,00,00,00,cf,ff,cf,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,90,01,c8,00,46,00,00,00,ce,ff,ce,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,d1,ff,d1,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:00,28,23,00,00,a4,01,1e,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,08,00,06,03,08,03,07,01,ff,32,08,02,ff,02,09,01,ff,06,0a,01,\ fe,0e,0b,32,ff,55,1b,00,ff,49,1d,05,64,0a,ff,00,00,00 "DTMF"=hex:00,00,00,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:20,03,20,03,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:02,96,00,00,00,fa,00,00,00,96,00,00,00,fa,00,00,00,f4,01,00,00,\ ee,02,00,00,20,03,00,00,b0,04,00,00,02,00,00,00,aa,00,00,00,40,03,00,00,64,\ 00,00,00,84,03,00,00,aa,00,00,00,40,03,00,00,64,00,00,00,84,03,00,00,04,00,\ 00,00,84,03,00,00,b8,0b,00,00,54,0b,00,00,f8,11,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,01,00,00,00,aa,00,00,00,18,01,00,00,64,00,00,00,\ 18,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00 "BLACKLISTING"=hex:03,03,03,03,03,03,05,00,05,00,00,00,05,00,00,00,0f,00,01 "CALLERID"=hex:01,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:02,02,08,00 "PULSE_ABORT"=hex:14,0a,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\000E] "T35CODE"=hex:53,00 "NAME"="INDIA" "INTCODE"="00" "TXLEVEL"=hex:0f,0a,0a,0f,0a,0a,00,0f,08,00,51,39 "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,00,00,00,20,03,00,00 "RING"=hex:44,0f,2c,01,00,00,2c,01,40,1f "TONEPARAMS"=hex:c2,01,2c,01,46,00,00,00,cf,ff,cf,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,c2,01,2c,01,46,00,00,00,cf,ff,cf,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,d1,ff,d1,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:00,28,23,00,00,a4,01,1e,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,08,00,06,03,08,03,07,01,ff,5a,0a,01,fe,0e,0b,32,ff,55,1c,00,\ ff,01,1d,05,64,0a,ff,00,00,00,ff,00,00,00,ff,00,00,00 "DTMF"=hex:00,00,00,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:20,03,20,03,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:01,2c,01,00,00,f4,01,00,00,08,07,00,00,98,08,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,c8,00,00,00,b6,03,00,00,c8,\ 00,00,00,b6,03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,\ 00,00,8a,02,00,00,40,06,00,00,54,0b,00,00,70,17,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,02,00,00,00,96,00,00,00,2c,01,00,00,96,00,00,00,\ 2c,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00 "BLACKLISTING"=hex:01,01,01,01,01,01,05,00,05,00,00,00,00,00,00,00,00,00,00 "CALLERID"=hex:00,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:00,00,0c,00 "PULSE_ABORT"=hex:0e,07,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\000F] "T35CODE"=hex:54,00 "NAME"="INDONESIA" "INTCODE"="00" "TXLEVEL"=hex:0f,0a,0a,0f,0a,0a,00,0f,08,00,51,39 "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,00,00,00,84,03,00,00 "RING"=hex:44,0f,2c,01,00,00,2c,01,40,1f "TONEPARAMS"=hex:c2,01,2c,01,16,00,00,00,cc,ff,cc,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,c2,01,90,01,46,00,00,00,cc,ff,cc,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,cc,ff,cc,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:00,28,23,00,00,a4,01,1e,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,08,00,06,03,08,03,07,01,ff,5a,0a,01,fe,0e,0b,28,ff,55,1c,00,\ ff,00,1d,05,64,0a,ff,00,00,00,ff,00,00,00,ff,00,00,00 "DTMF"=hex:00,00,00,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:20,03,20,03,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,c8,00,00,00,8a,02,00,00,c8,\ 00,00,00,8a,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,\ 00,00,84,03,00,00,b8,0b,00,00,54,0b,00,00,f8,11,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,01,00,00,00,dc,00,00,00,18,01,00,00,dc,00,00,00,\ 18,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00 "BLACKLISTING"=hex:01,01,01,01,01,01,05,00,05,00,00,00,00,00,00,00,00,00,00 "CALLERID"=hex:00,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:00,00,0c,00 "PULSE_ABORT"=hex:0e,07,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\0010] "T35CODE"=hex:57,00 "NAME"="IRELAND" "INTCODE"="16" "TXLEVEL"=hex:0f,0a,0b,0f,0a,0b,00,0f,08,00,69,4d "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,00,00,00,84,03,00,00 "RING"=hex:44,0f,2c,01,00,00,2c,01,40,1f "TONEPARAMS"=hex:c2,01,2c,01,23,00,00,00,cf,ff,cf,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,90,01,c8,00,46,00,00,00,ce,ff,ce,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,d1,ff,d1,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:00,28,23,00,00,a4,01,1e,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,08,00,06,03,08,03,07,01,ff,32,08,02,ff,02,09,01,ff,06,0a,01,\ fe,0e,0b,32,ff,55,1b,00,ff,49,1c,00,ff,01,1d,05,64,0a "DTMF"=hex:00,00,00,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:20,03,20,03,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:02,96,00,00,00,fa,00,00,00,96,00,00,00,fa,00,00,00,f4,01,00,00,\ ee,02,00,00,20,03,00,00,b0,04,00,00,02,00,00,00,aa,00,00,00,40,03,00,00,64,\ 00,00,00,84,03,00,00,aa,00,00,00,40,03,00,00,64,00,00,00,84,03,00,00,04,00,\ 00,00,84,03,00,00,b8,0b,00,00,54,0b,00,00,f8,11,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,01,00,00,00,aa,00,00,00,18,01,00,00,64,00,00,00,\ 18,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00 "BLACKLISTING"=hex:03,03,03,03,03,03,05,00,05,00,00,00,05,00,00,00,0f,00,01 "CALLERID"=hex:00,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:02,02,08,00 "PULSE_ABORT"=hex:0e,07,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\0011] "T35CODE"=hex:58,00 "NAME"="ISRAEL" "INTCODE"="00" "TXLEVEL"=hex:0f,0a,0b,0f,0a,0b,00,0f,08,00,51,39 "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,00,00,00,84,03,00,00 "RING"=hex:44,0f,2c,01,00,00,2c,01,40,1f "TONEPARAMS"=hex:c2,01,2c,01,23,00,00,00,cf,ff,cf,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,90,01,c8,00,46,00,00,00,ce,ff,ce,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,d1,ff,d1,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:01,74,40,00,00,90,01,32,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,01,00,00,00,2c,01,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,2c,01,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,08,00,06,03,08,03,07,01,ff,32,08,02,ff,02,09,01,ff,06,0a,01,\ fe,0e,0b,32,ff,55,1b,00,ff,49,1c,00,ff,00,1d,05,64,0a "DTMF"=hex:00,00,00,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:20,03,20,03,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:02,96,00,00,00,fa,00,00,00,96,00,00,00,fa,00,00,00,f4,01,00,00,\ ee,02,00,00,20,03,00,00,b0,04,00,00,02,00,00,00,aa,00,00,00,40,03,00,00,64,\ 00,00,00,84,03,00,00,aa,00,00,00,40,03,00,00,64,00,00,00,84,03,00,00,04,00,\ 00,00,84,03,00,00,b8,0b,00,00,54,0b,00,00,f8,11,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,01,00,00,00,aa,00,00,00,18,01,00,00,64,00,00,00,\ 18,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00 "BLACKLISTING"=hex:03,03,03,03,03,03,05,00,05,00,00,00,05,00,00,00,0f,00,01 "CALLERID"=hex:00,04,00,00,00,52,08,be,0a,c8,00,00,00,05,00,00,00,00,00,00,00,\ 64,00,00,00,01,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00 "SPEEDADJUST"=hex:10,10,10 "FLAGS"=hex:02,02,08,00 "PULSE_ABORT"=hex:0a,05,0a,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Country\0012] "T35CODE"=hex:59,00 "NAME"="ITALY" "INTCODE"="00" "TXLEVEL"=hex:0f,0a,0b,0f,0a,0b,00,0f,08,00,69,4d "RELAYS"=hex:07,80,07,80,04,80,00,80,05,80,07,80,01,80,03,80,00,80,03,80,00,80,\ 00,80 "PULSE"=hex:00,00,01,02,03,00,00,00,00,84,03,00,00 "RING"=hex:44,0f,2c,01,00,00,2c,01,40,1f "TONEPARAMS"=hex:c2,01,2c,01,23,00,00,00,cf,ff,cf,ff,00,00,00,00,46,00,00,00,\ 46,00,00,00,90,01,c8,00,46,00,00,00,ce,ff,ce,ff,01,00,00,00,46,00,00,00,46,\ 00,00,00,c2,01,2c,01,46,00,00,00,d1,ff,d1,ff,09,00,00,00,46,00,00,00,46,00,\ 00,00 "CALL_WAITING"=hex:01,28,23,00,00,a4,01,1e,00,0a,00,00,00,cc,ff,cc,ff,1a,00,00,\ 00,32,00,00,00,32,00,00,00,01,00,00,00,2c,01,00,00,02,00,00,00,2c,01,00,00,\ 03,00,00,00,02,ff,ff,ff,00,00,00,00,00,00,00,00,01,00,00,00,2c,01,00,00,02,\ 00,00,00,2c,01,00,00,03,00,00,00,02,ff,ff,ff,00,00,00,00,00,00,00,00 "SREG"=hex:00,02,08,00,06,03,08,03,07,01,ff,32,08,02,ff,02,09,01,ff,06,0a,01,\ fe,0e,0b,32,ff,55,1b,00,ff,49,1c,00,ff,00,1d,05,64,09 "DTMF"=hex:00,00,00,00 "THRESHOLD"=hex:00,05,00,00,00,05,00,00,00,02,00,00,50,27,90,01,00,00,00,00 "RLSD"=hex:00,00,00,00 "TONE"=hex:20,03,20,03,64,00,05,00,46 "TIMING"=hex:d0,07,d0,07,d0,07,d0,07 "CADENCE"=hex:02,96,00,00,00,fa,00,00,00,96,00,00,00,fa,00,00,00,f4,01,00,00,\ ee,02,00,00,20,03,00,00,b0,04,00,00,02,00,00,00,aa,00,00,00,40,03,00,00,64,\ 00,00,00,84,03,00,00,aa,00,00,00,40,03,00,00,64,00,00,00,84,03,00,00,04,00,\ 00,00,84,03,00,00,b8,0b,00,00,54,0 -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
VOILA CE QUE TU VOULAIS MAIS C4EST HYPER LONG REGEDIT4 [HKEY_LOCAL_MACHINE\System\ControlSet001] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control] "CurrentUser"="USERNAME" "WaitToKillServiceTimeout"="7000" "SystemStartOptions"="FASTDETECT" "SystemBootDevice"="multi(0)disk(0)rdisk(0)partition(1)" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\AGP] "102B0520"=hex:80,00,00,00,00,00,00,00 "102B0521"=hex:80,00,00,00,00,00,00,00 "102B0525"=hex:80,00,00,00,00,00,00,00 "10DE0100"=hex:00,01,00,00,00,00,00,00 "53339102"=hex:00,01,00,00,00,00,00,00 "53338C10"=hex:00,01,00,00,00,00,00,00 "53338C12"=hex:00,01,00,00,00,00,00,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Arbiters] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Arbiters\AllocationOrder] "Pci"=hex(a):48,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,01,00,00,00,01,00,01,00,11,00,00,00,00,01,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,\ 08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,05,00,00,00,00,00,00,ff,\ ff,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,40,01,\ 00,00,00,00,00,00,7f,01,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,02,00,00,00,00,00,00,ff,02,00,00,00,00,00,00,08,01,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,03,00,00,00,00,00,00,6f,03,00,00,00,\ 00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,78,03,00,00,00,00,\ 00,00,7a,03,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,e8,02,00,00,00,00,00,00,ff,02,00,00,00,00,00,00,08,01,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,f0,01,00,00,00,00,00,00,f8,01,00,00,00,00,00,00,08,\ 01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,b0,03,00,00,00,00,00,00,cf,03,\ 00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,03,00,\ 00,00,00,00,00,ff,03,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,ce,01,00,00,00,00,00,00,cf,01,00,00,00,00,00,00,08,01,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,ff,03,00,00,00,00,\ 00,00,00,03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,10,00,00,00,00,\ 00,ff,ff,ff,ff,00,00,00,00,08,03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,0f,00,00,00,00,00,ff,ff,0f,00,00,00,00,00,08,03,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,08,00,00,00,00,00,ff,ff,0b,00,00,00,00,00,08,03,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,00,00,ff,ff,0f,\ 00,00,00,00,00,08,03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,\ 00,00,00,00,ff,ff,bf,ff,00,00,00,00 "Root"=hex(a):68,04,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,01,00,00,00,01,00,01,00,22,00,00,00,00,01,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,05,00,00,00,00,00,00,ff,ff,00,00,00,00,00,\ 00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,40,01,00,00,00,00,00,00,\ 7f,01,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 02,00,00,00,00,00,00,ff,02,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,03,00,00,00,00,00,00,6f,03,00,00,00,00,00,00,08,01,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,78,03,00,00,00,00,00,00,7a,03,00,00,\ 00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,02,00,00,00,\ 00,00,00,ff,02,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,f0,01,00,00,00,00,00,00,f8,01,00,00,00,00,00,00,08,01,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,b0,03,00,00,00,00,00,00,cf,03,00,00,00,00,00,00,\ 08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,03,00,00,00,00,00,00,ff,\ 03,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,ce,01,\ 00,00,00,00,00,00,cf,01,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,01,00,00,00,00,00,00,ff,03,00,00,00,00,00,00,08,02,00,00,\ 00,00,00,00,09,00,00,00,09,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,08,02,00,00,00,00,00,00,08,00,00,00,08,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,08,02,00,00,00,00,00,00,07,00,00,00,07,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,08,02,00,00,00,00,00,00,\ 0b,00,00,00,0b,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,08,\ 02,00,00,00,00,00,00,0a,00,00,00,0a,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,08,02,00,00,00,00,00,00,02,00,00,00,02,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,00,00,00,03,00,00,00,\ 03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,08,02,00,00,00,\ 00,00,00,05,00,00,00,05,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,08,02,00,00,00,00,00,00,04,00,00,00,04,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,08,02,00,00,00,00,00,00,0f,00,00,00,0f,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,08,02,00,00,00,00,00,00,0d,\ 00,00,00,0d,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,08,02,\ 00,00,00,00,00,00,0e,00,00,00,0e,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,08,02,00,00,00,00,00,00,06,00,00,00,06,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,08,02,00,00,00,00,00,00,0c,00,00,00,0c,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,08,02,00,00,00,00,\ 00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,10,00,00,00,00,00,\ ff,ff,ff,ff,00,00,00,00,08,03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,0f,00,00,00,00,00,ff,ff,0f,00,00,00,00,00,08,03,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,08,00,00,00,00,00,ff,ff,0b,00,00,00,00,00,08,03,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,00,00,ff,ff,0f,00,\ 00,00,00,00,08,03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,\ 00,00,00,ff,ff,bf,ff,00,00,00,00,00,04,00,00,00,00,00,00,06,00,00,00,0f,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,08,04,00,00,00,00,00,\ 00,03,00,00,00,04,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 08,04,00,00,00,00,00,00,00,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Arbiters\ReservedResources] "PCStandard"=hex(a):08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,01,00,00,00,01,00,01,00,07,00,00,00,00,01,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,f8,02,00,00,00,00,00,00,ff,02,00,00,00,\ 00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,b0,03,00,00,00,00,\ 00,00,bb,03,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,bc,03,00,00,00,00,00,00,be,03,00,00,00,00,00,00,08,01,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,c0,03,00,00,00,00,00,00,df,03,00,00,00,00,00,00,08,\ 01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,f8,03,00,00,00,00,00,00,ff,03,\ 00,00,00,00,00,00,00,03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,0a,\ 00,00,00,00,00,ff,ff,0b,00,00,00,00,00,08,03,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,f0,ff,00,00,00,00,ff,ff,ff,ff,00,00,00,00 "BrokenVideo"=hex(a):28,05,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,01,00,00,00,01,00,01,00,28,00,00,00,00,01,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,ec,02,00,00,00,00,00,00,ef,02,00,00,00,\ 00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,f8,02,00,00,00,00,\ 00,00,ff,02,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,b0,03,00,00,00,00,00,00,bb,03,00,00,00,00,00,00,08,01,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,c0,03,00,00,00,00,00,00,df,03,00,00,00,00,00,00,08,\ 01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,bc,03,00,00,00,00,00,00,be,03,\ 00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,f8,03,00,\ 00,00,00,00,00,ff,03,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,e8,42,00,00,00,00,00,00,ef,42,00,00,00,00,00,00,08,01,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,e8,4a,00,00,00,00,00,00,ef,4a,00,00,00,00,\ 00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,82,00,00,00,00,00,\ 00,ef,82,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ e8,86,00,00,00,00,00,00,ef,86,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,e8,8a,00,00,00,00,00,00,ef,8a,00,00,00,00,00,00,08,01,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,8e,00,00,00,00,00,00,ef,8e,00,\ 00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,92,00,00,\ 00,00,00,00,ef,92,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,e8,96,00,00,00,00,00,00,ef,96,00,00,00,00,00,00,08,01,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,e8,9a,00,00,00,00,00,00,ef,9a,00,00,00,00,00,\ 00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,9e,00,00,00,00,00,00,\ ef,9e,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,\ a2,00,00,00,00,00,00,ef,a2,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,e8,a6,00,00,00,00,00,00,ef,a6,00,00,00,00,00,00,08,01,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,e8,aa,00,00,00,00,00,00,ef,aa,00,00,\ 00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,ae,00,00,00,\ 00,00,00,ef,ae,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,e8,b6,00,00,00,00,00,00,ef,b6,00,00,00,00,00,00,08,01,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,e8,ba,00,00,00,00,00,00,ef,ba,00,00,00,00,00,00,\ 08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,be,00,00,00,00,00,00,ef,\ be,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,c2,\ 00,00,00,00,00,00,ef,c2,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,e8,c6,00,00,00,00,00,00,ef,c6,00,00,00,00,00,00,08,01,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,e8,ca,00,00,00,00,00,00,ef,ca,00,00,00,\ 00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,ce,00,00,00,00,\ 00,00,ef,ce,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,e8,d2,00,00,00,00,00,00,ef,d2,00,00,00,00,00,00,08,01,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,e8,d6,00,00,00,00,00,00,ef,d6,00,00,00,00,00,00,08,\ 01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,da,00,00,00,00,00,00,ef,da,\ 00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,de,00,\ 00,00,00,00,00,ef,de,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,e8,e2,00,00,00,00,00,00,ef,e2,00,00,00,00,00,00,08,01,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,e8,e6,00,00,00,00,00,00,ef,e6,00,00,00,00,\ 00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,ea,00,00,00,00,00,\ 00,ef,ea,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ e8,ee,00,00,00,00,00,00,ef,ee,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,e8,f6,00,00,00,00,00,00,ef,f6,00,00,00,00,00,00,08,01,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,fa,00,00,00,00,00,00,ef,fa,00,\ 00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,fe,00,00,\ 00,00,00,00,ef,fe,00,00,00,00,00,00,00,03,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,0a,00,00,00,00,00,ff,ff,0b,00,00,00,00,00,08,03,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,f0,ff,00,00,00,00,ff,ff,ff,ff,00,00,00,\ 00 "BrokenMemAtF8"=hex(a):08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,01,00,00,00,01,00,01,00,07,00,00,00,00,01,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,f8,02,00,00,00,00,00,00,ff,02,00,00,\ 00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,b0,03,00,00,00,\ 00,00,00,bb,03,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,bc,03,00,00,00,00,00,00,be,03,00,00,00,00,00,00,08,01,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,c0,03,00,00,00,00,00,00,df,03,00,00,00,00,00,00,\ 08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,f8,03,00,00,00,00,00,00,ff,\ 03,00,00,00,00,00,00,00,03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 0a,00,00,00,00,00,ff,ff,0b,00,00,00,00,00,08,03,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,f8,00,00,00,00,ff,ff,ff,fb,00,00,00,00 "Gateway9500Workaround"=hex(a):08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,01,00,01,00,07,00,00,00,00,\ 01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,f8,02,00,00,00,00,00,00,ff,02,\ 00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,b0,03,00,\ 00,00,00,00,00,bb,03,00,00,00,00,00,00,08,01,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,bc,03,00,00,00,00,00,00,be,03,00,00,00,00,00,00,08,01,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,c0,03,00,00,00,00,00,00,df,03,00,00,00,00,\ 00,00,08,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,f8,03,00,00,00,00,00,\ 00,ff,03,00,00,00,00,00,00,00,03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,0a,00,00,00,00,00,ff,ff,0b,00,00,00,00,00,08,03,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,f0,00,00,00,00,ff,ff,ff,ff,00,00,00,00 "Root"="PCStandard" "Pci"="PCStandard" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\BackupRestore] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\BackupRestore\AsrKeysNotToRestore] "Plug & Play"=hex(7):43,75,72,72,65,6e,74,43,6f,6e,74,72,6f,6c,53,65,74,5c,43,\ 6f,6e,74,72,6f,6c,5c,43,72,69,74,69,63,61,6c,44,65,76,69,63,65,44,61,74,61,\ 62,61,73,65,5c,00,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\BackupRestore\FilesNotToBackup] "ASR Log File"=hex(7):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,72,65,70,61,69,72,\ 5c,61,73,72,2e,6c,6f,67,00,00 "ASR Error File"=hex(7):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,72,65,70,61,69,\ 72,5c,61,73,72,2e,65,72,72,00,00 "Client Side Cache"=hex(7):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,63,73,63,5c,\ 2a,20,2f,73,00,00 "Internet Explorer"=hex(7):25,55,73,65,72,50,72,6f,66,69,6c,65,25,5c,69,6e,64,\ 65,78,2e,64,61,74,20,2f,73,00,00 "Memory Page File"=hex(7):5c,50,61,67,65,66,69,6c,65,2e,73,79,73,00,00 "Microsoft Writer (Bootable State)"=hex(7):25,53,79,73,74,65,6d,52,6f,6f,74,25,\ 5c,52,65,67,69,73,74,72,61,74,69,6f,6e,5c,2a,2e,63,6c,62,00,5c,2a,2e,63,72,\ 6d,6c,6f,67,20,2f,73,00,00 "Microsoft Writer (Service State)"=hex(7):25,53,79,73,74,65,6d,52,6f,6f,74,25,\ 5c,73,79,73,74,65,6d,33,32,5c,4e,74,6d,73,44,61,74,61,5c,2a,00,00 "Netlogon"=hex(7):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,6e,65,74,6c,6f,67,6f,\ 6e,2e,63,68,67,00,00 "Power Management"=hex(7):5c,68,69,62,65,72,66,69,6c,2e,73,79,73,00,00 "VSS Default Provider"=hex(7):5c,53,79,73,74,65,6d,20,56,6f,6c,75,6d,65,20,49,\ 6e,66,6f,72,6d,61,74,69,6f,6e,5c,2a,7b,33,38,30,38,38,37,36,42,2d,43,31,37,\ 36,2d,34,65,34,38,2d,42,37,41,45,2d,30,34,30,34,36,45,36,43,43,37,35,32,7d,\ 20,2f,73,00,00 "Task Scheduler"=hex(7):25,53,59,53,54,45,4d,52,4f,4f,54,25,5c,73,63,68,65,64,\ 6c,67,75,2e,74,78,74,00,00 "Temporary Files"=hex(7):25,54,45,4d,50,25,5c,2a,20,2f,73,00,00 "Winlogon debug"=hex(7):25,57,49,4e,44,49,52,25,5c,64,65,62,75,67,5c,2a,00,00 "WMI Writer"=hex(7):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,\ 33,32,5c,77,62,65,6d,5c,52,65,70,6f,73,69,74,6f,72,79,5c,2a,20,2f,73,00,00 "Catalog Database"=hex(7):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,\ 65,6d,33,32,5c,43,61,74,52,6f,6f,74,32,5c,2a,20,2f,73,00,00 "MS Distributed Transaction Coordinator"=hex(7):43,3a,5c,57,49,4e,44,4f,57,53,\ 5c,53,79,73,74,65,6d,33,32,5c,4d,53,44,74,63,5c,4d,53,44,54,43,2e,4c,4f,47,\ 00,43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,6d,33,32,5c,4d,53,44,74,\ 63,5c,74,72,61,63,65,5c,64,74,63,74,72,61,63,65,2e,6c,6f,67,00,00 "DRM"=hex(7):43,3a,5c,44,6f,63,75,6d,65,6e,74,73,20,61,6e,64,20,53,65,74,74,69,\ 6e,67,73,5c,41,6c,6c,20,55,73,65,72,73,5c,44,52,4d,5c,2a,20,2f,73,00,00 "System Restore"=hex(7):5c,53,79,73,74,65,6d,20,56,6f,6c,75,6d,65,20,49,6e,66,\ 6f,72,6d,61,74,69,6f,6e,5c,5f,72,65,73,74,6f,72,65,7b,35,42,32,30,44,45,43,\ 38,2d,46,41,46,31,2d,34,34,34,46,2d,39,32,31,42,2d,42,35,31,42,36,41,38,32,\ 34,41,36,37,7d,5c,2a,20,2f,73,00,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\BackupRestore\KeysNotToRestore] "Plug & Play"=hex(7):43,75,72,72,65,6e,74,43,6f,6e,74,72,6f,6c,53,65,74,5c,45,\ 6e,75,6d,5c,00,43,75,72,72,65,6e,74,43,6f,6e,74,72,6f,6c,53,65,74,5c,43,6f,\ 6e,74,72,6f,6c,5c,43,72,69,74,69,63,61,6c,44,65,76,69,63,65,44,61,74,61,62,\ 61,73,65,5c,00,00 "Mount Manager"=hex(7):4d,6f,75,6e,74,65,64,44,65,76,69,63,65,73,5c,00,00 "Fault Tolerance"=hex(7):44,69,73,6b,5c,00,00 "Installed Services"=hex(7):43,75,72,72,65,6e,74,43,6f,6e,74,72,6f,6c,53,65,74,\ 5c,53,65,72,76,69,63,65,73,5c,2a,00,00 "Active Directory Restore"=hex(7):43,75,72,72,65,6e,74,43,6f,6e,74,72,6f,6c,53,\ 65,74,5c,53,65,72,76,69,63,65,73,5c,4e,54,44,53,5c,52,65,73,74,6f,72,65,20,\ 49,6e,20,50,72,6f,67,72,65,73,73,5c,00,43,75,72,72,65,6e,74,43,6f,6e,74,72,\ 6f,6c,53,65,74,5c,53,65,72,76,69,63,65,73,5c,4e,54,44,53,5c,50,61,72,61,6d,\ 65,74,65,72,73,5c,4e,65,77,20,44,61,74,61,62,61,73,65,20,47,55,49,44,00,00 "Pending Rename Operations"=hex(7):43,75,72,72,65,6e,74,43,6f,6e,74,72,6f,6c,\ 53,65,74,5c,43,6f,6e,74,72,6f,6c,5c,53,65,73,73,69,6f,6e,20,4d,61,6e,61,67,\ 65,72,5c,50,65,6e,64,69,6e,67,46,69,6c,65,52,65,6e,61,6d,65,4f,70,65,72,61,\ 74,69,6f,6e,73,00,00 "LDM Boot Information"=hex(7):43,75,72,72,65,6e,74,43,6f,6e,74,72,6f,6c,53,65,\ 74,5c,53,65,72,76,69,63,65,73,5c,64,6d,69,6f,5c,62,6f,6f,74,20,69,6e,66,6f,\ 5c,00,00 "Windows Setup"=hex(7):53,65,74,75,70,5c,53,79,73,74,65,6d,50,61,72,74,69,74,\ 69,6f,6e,00,00 "Session Manager"=hex(7):43,75,72,72,65,6e,74,43,6f,6e,74,72,6f,6c,53,65,74,5c,\ 43,6f,6e,74,72,6f,6c,5c,53,65,73,73,69,6f,6e,20,4d,61,6e,61,67,65,72,5c,41,\ 6c,6c,6f,77,50,72,6f,74,65,63,74,65,64,52,65,6e,61,6d,65,73,00,00 "ASR Information"=hex(7):43,75,72,72,65,6e,74,43,6f,6e,74,72,6f,6c,53,65,74,5c,\ 43,6f,6e,74,72,6f,6c,5c,41,53,52,5c,00,00 "Removable Storage Manager"=hex(7):43,75,72,72,65,6e,74,43,6f,6e,74,72,6f,6c,\ 53,65,74,5c,43,6f,6e,74,72,6f,6c,5c,4e,54,4d,53,5c,49,6d,70,6f,72,74,44,61,\ 74,61,62,61,73,65,00,00 "LDM Boot Information (dmboot)"=hex(7):43,75,72,72,65,6e,74,43,6f,6e,74,72,6f,\ 6c,53,65,74,5c,53,65,72,76,69,63,65,73,5c,64,6d,62,6f,6f,74,5c,00,00 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Biosinfo] "InfName"="biosinfo.inf" "SystemBiosDate"="01/11/01" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\BootVerificationProgram] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{00822C9D-E1B1-4D00-8940-5C0DD5A5090B}] "Class"="fsbl-standalone" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] "Class"="WCEUSBS" @="Périphériques USB Windows CE" "NoInstallClass"="1" "SilentInstall"="1" "Icon"="-20" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] "Class"="USB" @="Contrôleurs de bus USB" "Icon"="-20" "NoInstallClass"="1" "TroubleShooter-0"="hcp://help/tshoot/tsUSB.htm" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}\0000] "EnumPropPages32"="usbui.dll,USBControllerPropPageProvider" "Controller"=hex:01 "InfPath"="usbport.inf" "InfSection"="UHCI.Dev" "InfSectionExt"=".NT" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2600.1106" "MatchingDeviceId"="pci\\ven_1106&dev_3038&cc_0c0300" "DriverDesc"="Contrôleur hôte universel USB Rev 5 ou ultérieur VIA" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}\0001] "EnumPropPages32"="usbui.dll,USBControllerPropPageProvider" "Controller"=hex:01 "InfPath"="usbport.inf" "InfSection"="UHCI.Dev" "InfSectionExt"=".NT" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2600.1106" "MatchingDeviceId"="pci\\ven_1106&dev_3038&cc_0c0300" "DriverDesc"="Contrôleur hôte universel USB Rev 5 ou ultérieur VIA" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}\0002] "EnumPropPages32"="usbui.dll,USBHubPropPageProvider" "InfPath"="usbport.inf" "InfSection"="ROOTHUB.Dev" "InfSectionExt"=".NT" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2600.1106" "MatchingDeviceId"="usb\\root_hub" "DriverDesc"="Concentrateur USB racine" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}\0003] "EnumPropPages32"="usbui.dll,USBHubPropPageProvider" "InfPath"="usbport.inf" "InfSection"="ROOTHUB.Dev" "InfSectionExt"=".NT" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2600.1106" "MatchingDeviceId"="usb\\root_hub" "DriverDesc"="Concentrateur USB racine" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}\0004] "DevLoader"="*ntkern" "NTMPDriver"="adildr.sys" "InfPath"="oem0.inf" "InfSection"="ADILOADER.Dev" "InfSectionExt"=".NT" "ProviderName"="Analog Devices" "DriverDateData"=hex:00,80,74,7a,61,f2,c2,01 "DriverDate"="3-25-2003" "DriverVersion"="1.5.0.0" "MatchingDeviceId"="usb\\vid_1110&pid_9022" "DriverDesc"="USB ADSL Loader" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}\0005] "DevLoader"="*NTKERN" "InfPath"="usb.inf" "InfSection"="BADDEVICE.Dev" "InfSectionExt"=".NT" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2600.0" "MatchingDeviceId"="usb\\unknown" "DriverDesc"="Périphérique inconnu" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}\0007] "EnumPropPages32"="usbui.dll,USBHubPropPageProvider" "InfPath"="usb.inf" "InfSection"="StandardHub.Dev" "InfSectionExt"=".NT" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2600.0" "MatchingDeviceId"="usb\\class_09" "DriverDesc"="Concentrateur USB générique" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] "Class"="PnpPrinters" @="IEEE 1394 et imprimantes SCSI" "NoInstallClass"="1" "Icon"="-21" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] "Class"="Dot4" @="Périphériques IEEE 1284.4" "Icon"="-4" "NoInstallClass"="1" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] "Class"="Dot4Print" @="Imprimantes compatibles IEEE 1284.4" "Icon"="-4" "NoInstallClass"="1" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] "Class"="CDROM" @="Lecteurs de CD-ROM/DVD-ROM" "EnumPropPages32"="MmSys.Cpl,MediaPropPageProvider" "Installer32"="storprop.dll,DvdClassInstaller" "SilentInstall"="1" "NoInstallClass"="1" "TroubleShooter-0"="hcp://help/tshoot/tsdrive.htm" "Icon"="-51" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0000] "EnumPropPages32"="storprop.dll,DvdPropPageProvider" "InfPath"="cdrom.inf" "InfSection"="cdrom_install" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2535.0" "MatchingDeviceId"="gencdrom" "DriverDesc"="Lecteur de CD-ROM" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0000\DigitalAudio] "RegistryVersion"=dword:00000001 "NumberOfBuffers"=dword:00000008 "SectorsPerRead"=dword:00000010 "SectorsPerReadMask"=dword:ffffffff "CDDASupported"=dword:00000001 "CDDAAccurate"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] "Class"="Computer" @="Ordinateur" "Installer32"="SysSetup.dll,ComputerClassInstaller" "NoInstallClass"="1" "Icon"="-27" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}\0000] "ResourcePickerTags"="HAL" "InfPath"="hal.inf" "InfSection"="ACPIPIC_UP_HAL" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2600.0" "MatchingDeviceId"="acpipic_up" "DriverDesc"="PC à interface de configuration et d'énergie avancée (ACPI)" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] "UpperFilters"=hex(7):50,61,72,74,4d,67,72,00,00 "Class"="DiskDrive" @="Lecteurs de disque" "Installer32"="StorProp.Dll,DiskClassInstaller" "SilentInstall"="1" "NoInstallClass"="1" "TroubleShooter-0"="hcp://help/tshoot/tsdrive.htm" "Icon"="-53" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\0000] "InfPath"="disk.inf" "InfSection"="disk_install" "InfSectionExt"=".NT" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2535.0" "MatchingDeviceId"="gendisk" "DriverDesc"="Lecteur de disque" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\0001] "InfPath"="disk.inf" "InfSection"="disk_install" "InfSectionExt"=".NT" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2535.0" "MatchingDeviceId"="gendisk" "DriverDesc"="Lecteur de disque" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] "Class"="Display" @="Cartes graphiques" "Installer32"="Desk.Cpl,DisplayClassInstaller" "TroubleShooter-0"="hcp://help/tshoot/tsdisp.htm" "Icon"="-1" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000] "InfPath"="nv4_disp.inf" "InfSection"="nv4" "ProviderName"="NVIDIA" "DriverDateData"=hex:00,40,cc,ef,89,02,c1,01 "DriverDate"="7-2-2001" "DriverVersion"="2.9.5.8" "MatchingDeviceId"="pci\\ven_10de&dev_0110" "DriverDesc"="NVIDIA GeForce2 MX/MX 400 (Microsoft Corporation)" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000\Settings] "InstalledDisplayDrivers"=hex(7):6e,76,34,5f,64,69,73,70,00,00 "VgaCompatible"=dword:00000000 "CapabilityOverride"=dword:00000008 "Attach.ToDesktop"=dword:00000001 "DefaultSettings.BitsPerPel"=dword:00000010 "DefaultSettings.XResolution"=dword:00000320 "DefaultSettings.YResolution"=dword:00000258 "UseCompressedModeFormat"=dword:00000001 "NV4_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;1024,768,-,140-170;1152,864,-16,140-150;1152,864,32,140;S 1280,768,-,-;1280,960,-,-;1280,1024,32,120;1600,900,-16,100-;1600,900,32,85-;1600,1024,-16,100-;1600,1024,32,85-;1600,1200,-16,100-;1600,1200,32,85-;1920,1080,-16,100-;1920,1080,32,75-;1920,1200,-16,85-;1920,1200,32,70-;1920,1440,-,-;2048,1536,-,-" "NV5_Modes_Delta"="A 640,480,-16,140-240;640,480,32,140-170;800,600,-16,140-240;800,600,32,140-150;1024,768,-16,140-200;1152,864,-16,140-170;1280,768,-16,140-150;1280,960,-16,140-150;1280,1024,-16,140-150;S 1600,900,32,100-;1600,1024,-16,120;1600,1024,32,100-;1600,1200,-16,120;1600,1200,32,100-;1920,1080,-16,120;1920,1080,32,85-;1920,1200,-16,100-;1920,1200,32,72-;1920,1440,-16,85-;1920,1440,32,70-;2048,1536,-16,70-;2048,1536,32,-" "NV0A_Modes_Delta"="S 1600,900,-16,120;1600,900,32,100-;1600,1024,-16,120;1600,1024,32,100-;1600,1200,-16,120;1600,1200,32,100-;1920,1080,-16,120;1920,1080,32,85-;1920,1200,-16,100-;1920,1200,32,72-;1920,1440,-16,85-;1920,1440,32,70-;2048,1536,-16,70-;2048,1536,32,-" "NVVANTA_Modes_Delta"="S 1280,768,-,-;1280,960,-,-;1280,1024,32,120;1600,900,-16,100-;1600,900,32,85-;1600,1024,-16,100-;1600,1024,32,85-;1600,1200,-16,100-;1600,1200,32,85-;1920,1080,-16,100-;1920,1080,32,70-;1920,1200,-16,85-;1920,1200,32,70-;1920,1440,-,-;2048,1536,-,-" "NV5M64_Modes_Delta"="S 1600,900,-16,120;1600,900,32,100-;1600,1024,-16,120;1600,1024,32,100-;1600,1200,-16,120;1600,1200,32,100-;1920,1080,-16,120;1920,1080,32,85-;1920,1200,-16,100-;1920,1200,32,-;1920,1440,-16,85-;1920,1440,32,-;2048,1536,-16,70-;2048,1536,32,-" "NV5ULTRA_Modes_Delta"="A 640,480,-16,140-240;640,480,32,140-170;800,600,-16,140-240;800,600,32,140-150;1024,768,-16,140-200;1152,864,-16,140-170;1280,768,-16,140-150;1280,960,-16,140-150;1280,1024,-16,140-150;S 1600,900,32,100-;1600,1024,-16,120;1600,1024,32,100-;1600,1200,-16,120;1600,1200,32,100-;1920,1080,-16,120;1920,1080,32,85-;1920,1200,-16,100-;1920,1200,32,72-;1920,1440,-16,85-;1920,1440,32,70-;2048,1536,-16,70-;2048,1536,32,-" "NV10_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "NV10DDR_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "NV10GL_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "NV11_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "NV11DDR_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "NV11M_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "NV11GL_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "CRUSH11_Modes_Delta"="S 640,400,-,120;640,480,-,120;800,600,-,120;1024,768,-,120;1152,864,-,-;1280,768,-,-;1280,960,-,-;1280,1024,-,120;1600,900,-,120;1600,1024,-,-;1600,1200,-,120;1920,1080,-,-;1920,1200,-,120;1920,1440,-16,120;1920,1440,32,85-;2048,1536,-16,85-;2048,1536,32,70-" "NV15_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "NV15DDR_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "NV15BR_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "NV15GL_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "NV20_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "NV20_1_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "NV20_2_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "NV20_3_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "NV17_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "NV17GL_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "NV25_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "NV25GL_Modes_Delta"="A 640,480,-,140-240;800,600,-,140-240;848,480,-,-240;1024,768,-16,140-240;1024,768,32,140-200;1152,864,-16,140-200;1152,864,32,140-170;1280,720,-16,-170;1280,720,32,-150;1280,768,-16,140-170;1280,768,32,140-150;1280,960,-16,140-170;1280,960,32,140-150;1280,1024,-16,140-170;1280,1024,32,140-150;1360,768,-16,-170;1360,768,32,-150;1600,900,-16,140-150;S 1600,1024,32,120;1600,1200,32,120;1920,1080,-16,120;1920,1080,32,100-;1920,1200,-16,120;1920,1200,32,100-;1920,1440,-16,100-;1920,1440,32,85-;2048,1536,-16,85" "Device Description"="NVIDIA GeForce2 MX/MX 400 (Microsoft Corporation)" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] "Class"="fdc" @="Contrôleur de lecteur de disquettes" "NoInstallClass"="1" "TroubleShooter-0"="hcp://help/tshoot/tsdrive.htm" "Icon"="-9" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\0000] "InfPath"="fdc.inf" "InfSection"="fdc_install" "InfSectionExt"=".NT" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2600.0" "MatchingDeviceId"="*pnp0700" "DriverDesc"="Contrôleur de lecteur de disquettes standard" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] "Class"="hdc" @="Contrôleurs ATA/ATAPI IDE" "Icon"="-9" "Installer32"="SysSetup.Dll,HdcClassInstaller" "TroubleShooter-0"="hcp://help/tshoot/tsdrive.htm" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0000] "TransferModeTiming"=hex(7):31,38,00,30,00,30,00,30,00,30,00,30,00,30,00,30,00,\ 30,00,30,00,30,00,30,00,30,00,30,00,30,00,30,00,30,00,30,00,31,35,00,00 "InfPath"="mshdc.inf" "InfSection"="viaide_Inst" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2600.1106" "MatchingDeviceId"="pci\\ven_1106&dev_0571" "DriverDesc"="Contrôleur IDE Bus Master VIA" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0001] "EnumPropPages32"="storprop.dll,IdePropPageProvider" "InfPath"="mshdc.inf" "InfSection"="atapi_Inst_secondary" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2600.1106" "MatchingDeviceId"="secondary_ide_channel" "DriverDesc"="Canal IDE secondaire" "MasterDeviceType"=dword:00000002 "SlaveDeviceType"=dword:00000000 "MasterDeviceTimingMode"=dword:00000010 "MasterDeviceTimingModeAllowed"=dword:0000001f "MasterIdDataCheckSum"=dword:00021d31 "SlaveDeviceTimingMode"=dword:00000000 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0002] "EnumPropPages32"="storprop.dll,IdePropPageProvider" "InfPath"="mshdc.inf" "InfSection"="atapi_Inst_primary" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2600.1106" "MatchingDeviceId"="primary_ide_channel" "DriverDesc"="Canal IDE principal" "MasterDeviceType"=dword:00000001 "SlaveDeviceType"=dword:00000000 "MasterDeviceTimingMode"=dword:00008010 "SlaveDeviceTimingMode"=dword:00000000 "SlaveDeviceTimingModeAllowed"=dword:ffffffff "SlaveIdDataCheckSum"=dword:00023221 "MasterDeviceTimingModeAllowed"=dword:ffffffff "MasterIdDataCheckSum"=dword:00023221 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] "Class"="Keyboard" "UpperFilters"=hex(7):6b,62,64,63,6c,61,73,73,00,00 @="Claviers" "Icon"="-3" "Installer32"="SysSetup.Dll,KeyboardClassInstaller" "NoInstallClass"="1" "TroubleShooter-0"="hcp://help/tshoot/hdw_keyboard.htm" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}\0000] "LocationInformationOverride"="Branché dans le port clavier" "InfPath"="keyboard.inf" "InfSection"="STANDARD_Inst" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2600.1106" "MatchingDeviceId"="*pnp0303" "DriverDesc"="Clavier standard 101/102 touches ou clavier Microsoft Natural Keyboard PS/2" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] "Class"="MEDIA" @="Contrôleurs audio, vidéo et jeu" "Installer32"="MmSys.Cpl,MediaClassInstaller" "EnumPropPages32"="MmSys.Cpl,MediaPropPageProvider" "TroubleShooter-0"="hcp://help/tshoot/tssound.htm" "Icon"="3004" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000] "AssociatedFilters"="wdmaud,swmidi,redbook" "Driver"="ac97via.SYS" "NTMPDriver"="ac97via.sys,sbemul.sys" "InfPath"="wdma_via.inf" "InfSection"="WDM_VIAudio" "InfSectionExt"=".NT" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2535.0" "MatchingDeviceId"="pci\\ven_1106&dev_3058" "DriverDesc"="Contrôleur audio VIA AC'97 (WDM)" "SetupPreferredAudioDevicesCount"=dword:00000000 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Drivers] "SubClasses"="wave,midi,mixer,aux" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Drivers\aux] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Drivers\aux\wdmaud.drv] "Driver"="wdmaud.drv" "Description"="Contrôleur audio VIA AC'97 (WDM)" "Alias"="aux" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Drivers\midi] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Drivers\midi\wdmaud.drv] "Driver"="wdmaud.drv" "Description"="Contrôleur audio VIA AC'97 (WDM)" "Alias"="midi" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Drivers\mixer] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Drivers\mixer\wdmaud.drv] "Driver"="wdmaud.drv" "Description"="Contrôleur audio VIA AC'97 (WDM)" "Alias"="mixer" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Drivers\wave] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Drivers\wave\wdmaud.drv] "Driver"="wdmaud.drv" "Description"="Contrôleur audio VIA AC'97 (WDM)" "Alias"="wave" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Settings] "VA_WaveOutVolumeL"=dword:0000f203 "VA_WaveOutVolumeR"=dword:0000f203 "VA_WaveOutMute"=dword:00000000 "VA_PCSpeakerVolume"=dword:fff9f203 "VA_PCSpeakerMute"=dword:00000000 "VA_PhoneVolume"=dword:0005f203 "VA_PhoneMute"=dword:00000000 "VA_MicVolume"=dword:0005f203 "VA_MicMute"=dword:00000001 "VA_MicGain"=dword:00000001 "VA_MicSelect"=dword:00000000 "VA_LineInVolumeL"=dword:0005f203 "VA_LineInVolumeR"=dword:0005f203 "VA_LineInMute"=dword:00000000 "VA_CDPlayerVolumeL"=dword:fffe30eb "VA_CDPlayerVolumeR"=dword:fffe30eb "VA_CDPlayerMute"=dword:00000000 "VA_VideoVolumeL"=dword:0005f203 "VA_VideoVolumeR"=dword:0005f203 "VA_VideoMute"=dword:00000001 "VA_AUXVolumeL"=dword:0005f203 "VA_AUXVolumeR"=dword:0005f203 "VA_AUXMute"=dword:00000001 "VA_3DDepthVolume"=dword:80000000 "VA_3DDepthEnhance"=dword:00000001 "VA_MasterVolumeL"=dword:fff9f203 "VA_MasterVolumeR"=dword:fff9f203 "VA_MasterMute"=dword:00000000 "VA_RecSelect"=dword:00000001 "VA_RecMasterMute"=dword:00000000 "VA_RecStereoMixVolumeL"=dword:00107203 "VA_RecStereoMixVolumeR"=dword:00107203 "VA_RecMicVolume"=dword:00107203 "VA_RecLineInVolumeL"=dword:00107203 "VA_RecLineInVolumeR"=dword:00107203 "VA_RecCDPlayerVolumeL"=dword:00107203 "VA_RecCDPlayerVolumeR"=dword:00107203 "VA_RecVideoVolumeL"=dword:00107203 "VA_RecVideoVolumeR"=dword:00107203 "VA_RecAUXVolumeL"=dword:00107203 "VA_RecAUXVolumeR"=dword:00107203 "VA_MonoOutSelect"=dword:00000001 "VA_MonoOutVolume1"=dword:fff9f203 "VA_MonoOutVolume2"=dword:fff9f203 "VA_MonoOutMute"=dword:00000001 "VA_HeadphoneVolumeL"=dword:fff9f203 "VA_HeadphoneVolumeR"=dword:fff9f203 "VA_HeadphoneMute"=dword:00000001 "VA_MaxMicVol"=dword:000c0000 "VA_SPDIFOutAGC"=dword:00000001 "VA_MaxMasterVol"=dword:00000000 "DisableMicSelect"=hex:01 "DisableMonoOut"=hex:01 "DisableHeadphone"=hex:01 "DisableVolHPhone"=hex:01 "VA_MaxPCSpeakerVol"=dword:00000000 "VA_MaxPhoneVol"=dword:000c0000 "VA_MaxLineInVol"=dword:000c0000 "VA_MaxCDPlayerVol"=dword:00000000 "VA_MaxVideoVol"=dword:000c0000 "VA_MaxAUXVol"=dword:000c0000 "VA_MaxRecVol"=dword:00168000 "VA_MaxMonoVol1"=dword:00000000 "VA_MaxMonoVol2"=dword:00000000 "VA_MaxHPOutVol"=dword:00000000 "VA_CIdxDat_00"=dword:00000000 "VA_CodecID_00"=dword:00000000 "VA_CIdxDat_01"=dword:00000000 "VA_CodecID_01"=dword:00000000 "VA_CIdxDat_02"=dword:00000000 "VA_CodecID_02"=dword:00000000 "VA_CIdxDat_03"=dword:00000000 "VA_CodecID_03"=dword:00000000 "VA_CIdxDat_04"=dword:00000000 "VA_CodecID_04"=dword:00000000 "VA_CIdxDat_05"=dword:00000000 "VA_CodecID_05"=dword:00000000 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0001] "AssociatedFilters"="wdmaud,swmidi,redbook" "Driver"="es1371mp.sys" "NTMPDriver"="es1371mp.sys,sbemul.sys" "InfPath"="wdma_ens.inf" "InfSection"="ES1371" "InfSectionExt"=".NTx86" "ProviderName"="Microsoft" "DriverDateData"=hex:00,80,62,c5,c0,01,c1,01 "DriverDate"="7-1-2001" "DriverVersion"="5.1.2535.0" "MatchingDeviceId"="pci\\ven_1274&dev_5880&subsys_80011274" "DriverDesc"="Creative AudioPCI (ES1371,ES1373) (WDM)" "SetupPreferredAudioDevicesCount"=dword:00000000 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0001\Config] "JoystickPortPresent"=dword:00000001 [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0001\Drivers] "SubClasses"="wave,midi,mixer,aux" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0001\Drivers\aux] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0001\Drivers\aux\wdmaud.drv] "Driver"="wdmaud.drv" "Description"="Creative AudioPCI (ES1371,ES1373) (WDM)" "Alias"="aux1" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0001\Drivers\midi] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0001\Drivers\midi\wdmaud.drv] "Driver"="wdmaud.drv" "Description"="Creative AudioPCI (ES1371,ES1373) (WDM)" "Alias"="midi1" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0001\Drivers\mixer] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0001\Drivers\mixer\wdmaud.drv] "Driver"="wdmaud.drv" "Description"="Creative AudioPCI (ES1371,ES1373) (WDM)" "Alias"="mixer1" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0001\Drivers\wave] [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0001\Drivers\wave\wdmaud.drv] "Driver"="wdmaud.drv" "Description"="Creative AudioPCI (ES1371,ES1373) (WDM)" "Alias"="wave1" [HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0001\Settings] "WaveVol_Left"=dword:00030000 "WaveVol_Right"=dword:00030000 "WaveMute"=dword:00000000 "CDVol_Left"=dword:fffb000d "CDVol_Right"=dword:fffb000d "CDMute"=dword:00000000 "LineInVol_Left"=dword:fffffff6 "LineInVol_Right"=dword:fffffff6 "LineInMute"=dword:00000001 "MicBoost"=dword:00000001 "MicVol"=dword:fffffff6 "MicMute"=dword:00000001 "VideoVol_Left"=dword:fffffff6 "VideoVol_Right"=dword:fffffff6 "VideoMute"=dword:00000000 "AuxVol_Left"=dword:fffffff6 "AuxVol_Right"=dword:fffffff6 "AuxMute"=dword:00000000 "PhoneVol"=dword:fffffff6 "PhoneMute"=dword:00000000 "L -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
Salut tornado, voici les rapports que tu m'as demandé...merci beaucoup! A + The bear 04/24/06 18:47:40 [info]: BlackLight Engine 1.0.35 initialized 04/24/06 18:47:40 [info]: OS: 5.1 build 2600 (Service Pack 1) 04/24/06 18:47:40 [Note]: 7019 4 04/24/06 18:47:40 [Note]: 7005 0 04/24/06 18:47:49 [Note]: 7006 0 04/24/06 18:47:50 [Note]: 7011 1460 04/24/06 18:47:50 [Note]: 7026 0 04/24/06 18:47:50 [Note]: 7026 0 04/24/06 18:47:51 [Note]: FSRAW library version 1.7.1015 04/24/06 19:54:32 [Note]: 7007 0 StartupList report, 24/04/2006, 20:01:46 StartupList version: 1.52.2 Started from : C:\Program Files\HijackThis\hijackthis\HijackThis.EXE Detected: Windows XP SP1 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\AVENGINE.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\WebProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis\hijackthis\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\fabrice\Menu Démarrer\Programmes\Démarrage] *No files* Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run APVXDWIN = "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.EXE" /s 1337 virus = explore.exe drwtsn64 = C:\WINDOWS\System32\drwtsn64.exe avast! = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe AdobeReaderPro = winzip.exe -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices drwtsn64 = C:\WINDOWS\System32\drwtsn64.exe Windows Configuration GUI = systemconfig32.exe AdobeReaderPro = winzip.exe -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Windows Configuration GUI = systemconfig32.exe MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background Lseu = "C:\Program Files\ashc\tseh.exe" -vt yazr CTFMON.EXE = C:\WINDOWS\System32\ctfmon.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices Windows Configuration GUI = systemconfig32.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] *No values found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\System32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplayer2.inf,PerUserStub.NT [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{306D6C21-C1B6-4629-986C-E59E1875B8AF}] StubPath = "C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\Messenger\msgsc.dll",ShowIconsUser [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{5945c046-1e7d-11d1-bc44-00c04fd912be}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.Install.PerUser [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = %SystemRoot%\system32\ie4uinit.exe -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=explorer.exe "C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00017.exe" SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F} (no name) - c:\program files\google\googletoolbar1.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7} -------------------------------------------------- Enumerating Task Scheduler jobs: *No jobs found* -------------------------------------------------- Enumerating Download Program Files: [DirectAnimation Java Classes] CODEBASE = file://C:\WINDOWS\Java\classes\dajava.cab OSD = C:\WINDOWS\Downloaded Program Files\DirectAnimation Java Classes.osd [Microsoft XML Parser for Java] CODEBASE = file://C:\WINDOWS\Java\classes\xmldso.cab OSD = C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd [{33564D57-9980-0010-8000-00AA00389B71}] CODEBASE = http://download.microsoft.com/download/D/0...D0C/wmv9dmo.cab [ActiveScan Installer Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab [shockwave Flash Object] InProcServer32 = C:\WINDOWS\System32\Macromed\Flash\Flash8a.ocx CODEBASE = http://download.macromedia.com/pub/shockwa...ash/swflash.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll Protocol #1: C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavlsp.dll Protocol #2: C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavlsp.dll Protocol #3: C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavlsp.dll Protocol #4: C:\WINDOWS\system32\mswsock.dll Protocol #5: C:\WINDOWS\system32\mswsock.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\rsvpsp.dll Protocol #8: C:\WINDOWS\system32\rsvpsp.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll Protocol #14: C:\WINDOWS\system32\mswsock.dll Protocol #15: C:\WINDOWS\system32\mswsock.dll Protocol #16: C:\WINDOWS\system32\mswsock.dll Protocol #17: C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavlsp.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services Pilote ACPI Microsoft: System32\DRIVERS\ACPI.sys (system) General Purpose USB Driver (adildr.sys): System32\Drivers\adildr.sys (autostart) USB ADSL WAN Adapter: System32\DRIVERS\adiusbaw.sys (manual start) Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start) Environnement de prise en charge de réseau AFD: \SystemRoot\System32\drivers\afd.sys (autostart) Avertissement: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start) App Filter Plugin: \??\C:\WINDOWS\System32\Drivers\APPFLT.SYS (system) Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote de média asynchrone RAS: System32\DRIVERS\asyncmac.sys (manual start) Contrôleur de disque dur IDE/ESDI standard: System32\DRIVERS\atapi.sys (system) Protocole client ATM ARP: System32\DRIVERS\atmarpc.sys (manual start) Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote audio Stub: System32\DRIVERS\audstub.sys (manual start) Antivirus Filter Driver: \SystemRoot\system32\drivers\av5flt.sys (manual start) basic2: System32\DRIVERS\HSF_BSC2.sys (manual start) Service de transfert intelligent en arrière-plan: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Explorateur d'ordinateur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote de CD-ROM: System32\DRIVERS\cdrom.sys (system) Service d'indexation: %SystemRoot%\system32\cisvc.exe (manual start) Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (manual start) Panda Anti-Dialer: \??\C:\WINDOWS\System32\DRIVERS\COMFiltr.sys (manual start) Application système COM+: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Panda CPoint Driver: system32\Drivers\cpoint.sys (autostart) Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Client DHCP: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) IO Direct printing service: \??\C:\WINDOWS\System32\directprt.sys (system) Pilote de disque: System32\DRIVERS\disk.sys (system) Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) Pilote de Gestionnaire de disque logique: System32\drivers\dmio.sys (system) dmload: System32\drivers\dmload.sys (system) Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart) Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start) DSA Filter Plugin: \??\C:\WINDOWS\System32\Drivers\DSAFLT.SYS (system) Service de rapport d'erreurs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Creative AudioPCI (ES1371,ES1373) (WDM): system32\drivers\es1371mp.sys (manual start) Journal des événements: %SystemRoot%\system32\services.exe (autostart) Système d'événements de COM+: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start) ewido security suite control: C:\Program Files\ewido anti-malware\ewidoctrl.exe (autostart) Fallback: System32\DRIVERS\HSF_FALL.sys (autostart) Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote de contrôleur de lecteur de disquettes: System32\DRIVERS\fdc.sys (manual start) Pilote de lecteur de disquettes: System32\DRIVERS\flpydisk.sys (manual start) NetMon Filter Plugin: \??\C:\WINDOWS\System32\Drivers\fnetmon.SYS (system) Fsks: System32\DRIVERS\HSF_FSKS.sys (autostart) Pilote du Gestionnaire de volume: System32\DRIVERS\ftdisk.sys (system) fwnet64: "C:\WINDOWS\fwnet64.exe" (autostart) Énumérateur de port jeu: System32\DRIVERS\gameenum.sys (manual start) Classificateur de paquets générique: System32\DRIVERS\msgpc.sys (manual start) Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Accès du périphérique d'interface utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Pilote de classe HID Microsoft: System32\DRIVERS\hidusb.sys (manual start) hsf_msft: System32\DRIVERS\HSF_MSFT.sys (manual start) Pilote pour clavier i8042 et souris sur port PS/2: System32\DRIVERS\i8042prt.sys (system) Ids Filter Plugin: \??\C:\WINDOWS\System32\Drivers\IDSFLT.SYS (system) Pilote de filtre de gravure CD: System32\DRIVERS\imapi.sys (system) Service COM de gravage de CD IMAPI: C:\WINDOWS\System32\imapi.exe (manual start) Pilote de filtre de trafic IP: System32\DRIVERS\ipfltdrv.sys (manual start) Pilote de tunnelage IP dans IP: System32\DRIVERS\ipinip.sys (manual start) Traducteur d'adresses réseau IP: System32\DRIVERS\ipnat.sys (manual start) Pilote IPSEC: System32\DRIVERS\ipsec.sys (system) Service énumérateur IR: System32\DRIVERS\irenum.sys (manual start) Pilote de bus Plug-and-Play ISA/EISA: System32\DRIVERS\isapnp.sys (system) K56: System32\DRIVERS\HSF_K56K.sys (autostart) Pilote de la classe Clavier: System32\DRIVERS\kbdclass.sys (system) Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start) Serveur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Station de travail: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Assistance TCP/IP NetBIOS: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) Affichage des messages: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Partage de Bureau à distance NetMeeting: C:\WINDOWS\System32\mnmsrvc.exe (manual start) Périphérique de filtrage de flux Unimodem: system32\drivers\MODEMCSA.sys (manual start) Pilote de la classe Souris: System32\DRIVERS\mouclass.sys (system) Pilote HID de souris: System32\DRIVERS\mouhid.sys (manual start) Redirecteur client WebDav: System32\DRIVERS\mrxdav.sys (manual start) MRXSMB: System32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start) Windows Installer: C:\WINDOWS\System32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Pilote TAPI NDIS d'accès distant: System32\DRIVERS\ndistapi.sys (manual start) NDIS mode utilisateur E/S Protocole: System32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès distant: System32\DRIVERS\ndiswan.sys (manual start) Interface NetBIOS: System32\DRIVERS\netbios.sys (system) NetBIOS sur TCP/IP: System32\DRIVERS\netbt.sys (system) DDE réseau: %SystemRoot%\system32\netdde.exe (manual start) DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (manual start) Panda Net Driver [NDIS Layer]: System32\Drivers\NETFLT.SYS (system) Panda Net Driver [TDI Layer]: \??\C:\WINDOWS\System32\Drivers\NETFLTDI.SYS (system) Ouverture de session réseau: %SystemRoot%\System32\lsass.exe (manual start) Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) NLA (Network Location Awareness): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\System32\lsass.exe (manual start) Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) NTSec(ntsec): "C:\WINDOWS\system32\ntsec.exe" (autostart) nv: System32\DRIVERS\nv4_mini.sys (manual start) Pilote de filtre de trafic IPX: System32\DRIVERS\nwlnkflt.sys (manual start) Pilote de transfert de trafic IPX: System32\DRIVERS\nwlnkfwd.sys (manual start) Pilote processeur Intel Pentium III: System32\DRIVERS\p3.sys (system) Pilote de port parallèle: System32\DRIVERS\parport.sys (manual start) pavdrv: System32\DRIVERS\pavdrv51.sys (autostart) Panda Function Service: "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe" (autostart) Panda Process Protection Driver: \??\C:\WINDOWS\System32\DRIVERS\PavProc.sys (autostart) Panda Process Protection Service: "C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe" (autostart) PavSRK.sys: \??\C:\WINDOWS\System32\PavSRK.sys (manual start) Panda anti-virus service: "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe" (autostart) Pilote de bus PCI: System32\DRIVERS\pci.sys (system) Plug-and-Play: %SystemRoot%\system32\services.exe (autostart) Panda Network Manager: "c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE" (autostart) Services IPSEC: %SystemRoot%\System32\lsass.exe (autostart) Miniport réseau étendu (PPTP): System32\DRIVERS\raspptp.sys (manual start) Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart) Planificateur de paquets QoS: System32\DRIVERS\psched.sys (manual start) Panda IManager Service: "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe" (autostart) Pilote de liaison parallèle directe: System32\DRIVERS\ptilink.sys (manual start) Pilote de connexion automatique d'accès distant: System32\DRIVERS\rasacd.sys (system) Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Miniport réseau étendu (L2TP): System32\DRIVERS\rasl2tp.sys (manual start) Gestionnaire de connexions d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote PPPOE d'accès à distance: System32\DRIVERS\raspppoe.sys (manual start) Parallèle direct: System32\DRIVERS\raspti.sys (manual start) Rdbss: System32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Pilote de redirecteur de périphérique Terminal Server: System32\DRIVERS\rdpdr.sys (manual start) Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start) Pilote de filtre de lecture digitale de CD audio: System32\DRIVERS\redbook.sys (system) Routage et accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Accès à distance au Registre: %SystemRoot%\system32\svchost.exe -k LocalService (disabled) Rksample: System32\DRIVERS\HSF_SAMP.sys (manual start) Localisateur d'appels de procédure distante (RPC): %SystemRoot%\System32\locator.exe (manual start) Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start) Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart) Prise en charge des cartes à puces: %SystemRoot%\System32\SCardSvr.exe (manual start) Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start) Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: System32\DRIVERS\secdrv.sys (manual start) Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de filtre Serenum: System32\DRIVERS\serenum.sys (manual start) Pilote de port série: System32\DRIVERS\serial.sys (system) Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) SMS Filter Plugin: \??\C:\WINDOWS\System32\Drivers\SMSFLT.SYS (system) SoftFax: System32\DRIVERS\HSF_FAXX.sys (autostart) SpeakerPhone: System32\DRIVERS\HSF_SPKP.sys (autostart) Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start) Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart) Pilote de filtre de restauration système: System32\DRIVERS\sr.sys (system) Service de restauration système: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Srv: System32\DRIVERS\srv.sys (manual start) Service de découvertes SSDP: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Acquisition d'image Windows (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart) Pilote de bus logiciel: System32\DRIVERS\swenum.sys (manual start) Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{4D9D1DF9-0C0A-4344-A86C-173CEB27F752} (manual start) Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start) Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start) Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote du protocole TCP/IP: System32\DRIVERS\tcpip.sys (system) Pilote de périphérique terminal: System32\DRIVERS\termdd.sys (system) Services Terminal Server: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Telnet: C:\WINDOWS\System32\tlntsvr.exe (disabled) Tones: System32\DRIVERS\HSF_TONE.sys (autostart) Panda TPSrv: "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe" (autostart) Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de mise à jour microcode: System32\DRIVERS\update.sys (manual start) Gestionnaire de téléchargement: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Hôte de périphérique universel Plug-and-Play: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Onduleur: %SystemRoot%\System32\ups.exe (manual start) Pilote de concentrateur standard USB Microsoft: System32\DRIVERS\usbhub.sys (manual start) Pilote de scanneur USB: System32\DRIVERS\usbscan.sys (manual start) Pilote miniport de contrôleur hôte universel USB Microsoft: System32\DRIVERS\usbuhci.sys (manual start) V124: System32\DRIVERS\HSF_V124.sys (autostart) VgaSave: \SystemRoot\System32\drivers\vga.sys (system) Filtre de bus AGP VIA: System32\DRIVERS\viaagp.sys (system) ViaIde: System32\DRIVERS\viaide.sys (system) Contrôleur audio VIA AC'97 (WDM): system32\drivers\ac97via.sys (manual start) Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start) Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote ARP IP d'accès distant: System32\DRIVERS\wanarp.sys (manual start) Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart) wins(WINS): "C:\WINDOWS\system32\winscntrl.exe" (autostart) Numéro de série du média portable: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Extensions du pilote WMI: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Carte de performance WMI: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start) Wifi Monitor Filter Plugin: \??\C:\WINDOWS\System32\Drivers\WNMFLT.SYS (system) Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0: \SystemRoot\System32\drivers\ws2ifsl.sys (manual start) Mises à jour automatiques: %systemroot%\system32\svchost.exe -k netsvcs (disabled) Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: *Registry value not found* -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\System32\webcheck.dll SysTray: C:\WINDOWS\System32\stobject.dll SysTray.Exbr: *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *No values found* -------------------------------------------------- End of report, 34 691 bytes Report generated in 1,452 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
Salut l'ami, Ce n'est pas sans peine que j'ai réussi a exécuter tes conseils ( chargement ultra lent, déconnexion, même impossibilité de me connecter ...j'ai du réinstaller ma connexion au net...) enfin j'y suis parvenu...ouf Voici les rapports que tu m'as demandés...ne pouvant scanner en ligne j'ai télécharger la version d'évaluation de panda titanium...ça a l'air puissant... Un grand merci...à bientôt --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 22:48:05, 21/04/2006 + Somme de contrôle: 98829DE4 + Résultats du scan: C:\Documents and Settings\fabrice\Cookies\fabrice@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder C:\Documents and Settings\fabrice\Cookies\fabrice@advertising[1].txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder C:\Documents and Settings\fabrice\Cookies\fabrice@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder C:\Documents and Settings\fabrice\Cookies\fabrice@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder C:\Documents and Settings\fabrice\Cookies\fabrice@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder C:\Documents and Settings\fabrice\Cookies\fabrice@ehg-ads.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\fabrice\Cookies\fabrice@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\fabrice\Cookies\fabrice@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\fabrice\Cookies\fabrice@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\fabrice\Cookies\fabrice@project2.realtracker[1].txt -> TrackingCookie.Realtracker : Nettoyer et sauvegarder C:\Documents and Settings\fabrice\Cookies\fabrice@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder C:\Documents and Settings\fabrice\Cookies\fabrice@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder C:\Documents and Settings\fabrice\Cookies\fabrice@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\4X6VKLQB\gsaczjt[1].txt -> Trojan.Small.ev : Nettoyer et sauvegarder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\4X6VKLQB\tdrfwbp[1].txt -> Trojan.Sinowal.d : Nettoyer et sauvegarder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\4X6VKLQB\tdrfwbp[2].txt -> Trojan.Sinowal.d : Nettoyer et sauvegarder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\ER8JQVIN\ozhsliscr[1].txt -> Trojan.Sinowal.d : Nettoyer et sauvegarder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\ER8JQVIN\qwtdvqmdcs[1].txt -> Downloader.Tiny.al : Nettoyer et sauvegarder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\ER8JQVIN\rfqtp[1].txt -> Hijacker.Small.kr : Nettoyer et sauvegarder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\KPURW1EB\dytis[1].txt -> Trojan.Sinowal.d : Nettoyer et sauvegarder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\KPURW1EB\mrmolvffhi[1].txt -> Hijacker.Small.kr : Nettoyer et sauvegarder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\KPURW1EB\zuopthm[1].txt -> Hijacker.Small.kr : Nettoyer et sauvegarder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MPEH0PKJ\3338[1].exe -> Dropper.Agent.ail : Nettoyer et sauvegarder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MPEH0PKJ\dhcbskq[1].txt -> Trojan.Sinowal.d : Nettoyer et sauvegarder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MPEH0PKJ\owatqjgqw[1].txt -> Not-A-Virus.Hoax.Win32.Renos.bw : Nettoyer et sauvegarder C:\Program Files\ashc\tseh.exe -> Adware.MediaTickets : Nettoyer et sauvegarder C:\Program Files\Dialer\Dialer.exe -> Heuristic.Win32.Dialer : Nettoyer et sauvegarder C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00018.dll -> Trojan.Sinowal.d : Nettoyer et sauvegarder C:\Program Files\whInstall -> Adware.Webhancer : Nettoyer et sauvegarder C:\Program Files\whInstall\license.txt -> Adware.Webhancer : Nettoyer et sauvegarder C:\Program Files\whInstall\readme.txt -> Adware.Webhancer : Nettoyer et sauvegarder C:\Program Files\whInstall\whAgent.ini -> Adware.Webhancer : Nettoyer et sauvegarder C:\WINDOWS\mousepad12.exe -> Hijacker.VB.mo : Nettoyer et sauvegarder C:\WINDOWS\newname12.exe -> Downloader.VB.aaf : Nettoyer et sauvegarder C:\WINDOWS\system32\explore.exe -> Backdoor.Rbot : Nettoyer et sauvegarder C:\WINDOWS\system32\ntsec.exe -> Backdoor.SdBot.apr : Nettoyer et sauvegarder ::Fin du rapport Rapport des incidents de Panda Titanium 2006 Antivirus + Antispyware EVENEMENT DATE RESULTAT INFORMATIONS SUPPLEMENTAIRES ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Fin de l'analyse 22/04/06 20:35:59 Analyse : Tout Mon PC Logiciel publicitaire détecté : Adware/Yazzle 22/04/06 20:30:26 Eliminé Emplacement : C:\SnowballWarsInstaller.exe Logiciel publicitaire détecté : Adware/Deskwizz 22/04/06 20:30:26 Eliminé Emplacement : C:\sk02.exe Logiciel publicitaire détecté : Adware/PurityScan 22/04/06 20:30:14 Eliminé Emplacement : C:\Program Files\Yazzle Snowball Wars\SnowballWars.exe Logiciel publicitaire détecté : Adware/Adsmart 22/04/06 20:26:25 Eliminé Emplacement : C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\KPURW1EB\z[1].jpg Logiciel publicitaire détecté : Adware/Adsmart 22/04/06 20:26:25 Eliminé Emplacement : C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\ER8JQVIN\z[1].jpg Logiciel publicitaire détecté : Adware/Adsmart 22/04/06 20:26:24 Eliminé Emplacement : C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\4X6VKLQB\z[1].jpg Début de l'analyse 22/04/06 20:24:01 Analyse : Tout Mon PC Spyware détecté : Cookie/Xiti 22/04/06 20:22:18 Eliminé Emplacement : c:\documents and settings\fabrice\cookies\fabrice@xiti[1].txt Spyware détecté : Cookie/Xiti 22/04/06 20:21:56 Eliminé Emplacement : c:\documents and settings\fabrice\cookies\fabrice@xiti[1].txt Spyware détecté : Cookie/Advertising 22/04/06 20:21:52 Eliminé Emplacement : c:\documents and settings\fabrice\cookies\fabrice@advertising[1].txt Tentative de connexion 22/04/06 20:21:49 Bloqué Ad. IP source : 83.156.157.231 Tentative de connexion 22/04/06 20:21:45 Bloqué Ad. IP source : 83.156.30.184 Spyware détecté : Cookie/Bluestreak 22/04/06 20:21:21 Eliminé Emplacement : c:\documents and settings\fabrice\cookies\fabrice@bluestreak[1].txt Tentative de connexion 22/04/06 20:19:21 Bloqué Ad. IP source : 83.156.181.44 Spyware détecté : Cookie/Bluestreak 22/04/06 20:19:20 Eliminé Emplacement : c:\documents and settings\fabrice\cookies\fabrice@bluestreak[1].txt Mise à jour 22/04/06 20:19:17 Correcte Nouvelles signatures de menaces : 1343 Tentative de connexion 22/04/06 20:18:46 Bloqué Ad. IP source : 83.156.228.191 Spyware détecté : Cookie/Doubleclick 22/04/06 20:18:19 Eliminé Emplacement : c:\documents and settings\fabrice\cookies\fabrice@doubleclick[2].txt Spyware détecté : Cookie/Doubleclick 22/04/06 20:18:19 Eliminé Emplacement : c:\documents and settings\fabrice\cookies\fabrice@doubleclick[1].txt Tentative de connexion 22/04/06 20:18:12 Bloqué Ad. IP source : 83.156.196.115 Spyware détecté : Cookie/Doubleclick 22/04/06 20:17:27 Eliminé Emplacement : c:\documents and settings\fabrice\cookies\fabrice@doubleclick[1].txt Fin de l'analyse 22/04/06 10:05:24 Analyse : Tout Mon PC Début de l'analyse 22/04/06 09:53:37 Analyse : Tout Mon PC Fin de l'analyse 22/04/06 09:53:17 Analyse : Tout Mon PC Début de l'analyse 22/04/06 09:46:26 Analyse : Tout Mon PC Tentative de connexion 22/04/06 09:00:14 Bloqué Ad. IP source : 61.208.234.202 Fin de l'analyse 22/04/06 08:54:20 Analyse : Tout Mon PC Programme de surveillance détecté 22/04/06 08:53:48 Eliminé Emplacement : C:\WINDOWS\system32\Process.exe Programme de surveillance détecté 22/04/06 08:53:15 Eliminé Emplacement : c:\windows\system32\process.exe Virus détecté : W32/Sdbot.ftp 22/04/06 08:41:39 Désinfecté Emplacement : C:\WINDOWS\system32\i Programme de surveillance détecté 22/04/06 08:37:01 Eliminé Emplacement : C:\RECYCLER\S-1-...\Dc4.zip[Process.exe] Programme de surveillance détecté 22/04/06 08:29:53 Eliminé Emplacement : C:\Documents and Settings...\Process.exe Tentative de connexion 22/04/06 08:28:51 Bloqué Ad. IP source : 204.221.243.189 Logiciel publicitaire détecté : adware/dollarrevenue 22/04/06 08:28:07 Eliminé Emplacement : C:\WINDOWS\newname.dat Début de l'analyse 22/04/06 08:27:41 Analyse : Tout Mon PC Mise à jour 22/04/06 08:26:56 Incorrecte Erreur : Erreur survenue lors de l'accès au serveur de mises à jour Tentative de connexion 22/04/06 08:24:16 Bloqué Ad. IP source : 83.155.196.241 Tentative de connexion 21/04/06 23:31:11 Bloqué Ad. IP source : 83.156.88.205 Tentative de connexion 21/04/06 23:31:06 Bloqué Ad. IP source : 204.16.208.110 Tentative de connexion 21/04/06 23:30:59 Bloqué Ad. IP source : 83.156.217.53 Mise à jour 21/04/06 23:30:32 Incorrecte Erreur : Erreur survenue lors de l'accès au serveur de mises à jour Tentative de connexion 21/04/06 23:30:03 Bloqué Ad. IP source : 83.156.95.183 Tentative de connexion 21/04/06 23:29:41 Bloqué Ad. IP source : 83.157.251.28 Mise à jour 21/04/06 23:29:40 Incorrecte Erreur : Erreur survenue lors de l'accès au serveur de mises à jour Mise à jour 21/04/06 23:29:35 Incorrecte Erreur : Erreur survenue lors de l'accès au serveur de mises à jour Mise à jour 21/04/06 23:29:32 Incorrecte Erreur : Erreur survenue lors de l'accès au serveur de mises à jour Tentative de connexion 21/04/06 23:29:26 Bloqué Ad. IP source : 83.156.180.203 Mise à jour 21/04/06 23:29:16 Incorrecte Erreur : Erreur survenue lors de l'accès au serveur de mises à jour Logfile of HijackThis v1.99.1 Scan saved at 20:42:05, on 22/04/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\AVENGINE.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.EXE C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\WebProxy.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\HijackThis\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00017.exe" O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [1337 virus] explore.exe O4 - HKLM\..\Run: [drwtsn64] C:\WINDOWS\System32\drwtsn64.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [AdobeReaderPro] winzip.exe O4 - HKLM\..\RunServices: [drwtsn64] C:\WINDOWS\System32\drwtsn64.exe O4 - HKLM\..\RunServices: [Windows Configuration GUI] systemconfig32.exe O4 - HKLM\..\RunServices: [AdobeReaderPro] winzip.exe O4 - HKCU\..\Run: [Windows Configuration GUI] systemconfig32.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Lseu] "C:\Program Files\ashc\tseh.exe" -vt yazr O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\RunServices: [Windows Configuration GUI] systemconfig32.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll O20 - Winlogon Notify: directpt - directpt.dll (file missing) O21 - SSODL: SysTray.Exbr - {6368D1FC-6F5C-4f1b-B164-E67214F678E9} - (no file) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: fwnet64 (fwnet) - Unknown owner - C:\WINDOWS\fwnet64.exe (file missing) O23 - Service: NTSec(ntsec) (NTSec) - Unknown owner - C:\WINDOWS\system32\ntsec.exe (file missing) O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe O23 - Service: Panda Network Manager (PNMSRV) - Panda Software - c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe O23 - Service: wins(WINS) (wins) - Unknown owner - C:\WINDOWS\system32\winscntrl.exe (file missing) -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
pare-feu kerio: installé antivir : desinstallé! MERCI L'AMI SmitFraudFix v2.33b Rapport fait à 16:27:30,78, 21/04/2006 Executé à partir de C:\Documents and Settings\fabrice\Bureau\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\fabrice\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\fabrice\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" [HKEY_CLASSES_ROOT\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" [HKEY_CLASSES_ROOT\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
Cher TORNADO, Voici mon dernier rapport après exécution de la méthode de prénettoyage... Un grand merci! J'attends ton analyse avec impatience! Logfile of HijackThis v1.99.1 Scan saved at 22:08:55, on 20/04/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\explorer.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\windows\mousepad12.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\ashc\tseh.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\ntsec.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\HijackThis\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00017.exe" O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [drwtsn64] C:\WINDOWS\System32\drwtsn64.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [AdobeReaderPro] winzip.exe O4 - HKLM\..\Run: [mousepad] C:\windows\mousepad12.exe O4 - HKLM\..\Run: [newname] C:\windows\newname12.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\RunServices: [drwtsn64] C:\WINDOWS\System32\drwtsn64.exe O4 - HKLM\..\RunServices: [Windows Configuration GUI] systemconfig32.exe O4 - HKLM\..\RunServices: [AdobeReaderPro] winzip.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [drwtsn64] C:\WINDOWS\System32\drwtsn64.exe O4 - HKCU\..\Run: [Windows Configuration GUI] systemconfig32.exe O4 - HKCU\..\Run: [Lseu] "C:\Program Files\ashc\tseh.exe" -vt yazr O4 - HKCU\..\RunServices: [Windows Configuration GUI] systemconfig32.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O20 - Winlogon Notify: directpt - directpt.dll (file missing) O21 - SSODL: SysTray.Exbr - {6368D1FC-6F5C-4f1b-B164-E67214F678E9} - (no file) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: fwnet64 (fwnet) - Unknown owner - C:\WINDOWS\fwnet64.exe (file missing) O23 - Service: wins(WINS) (wins) - Unknown owner - C:\WINDOWS\system32\winscntrl.exe (file missing) -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
Cher TORNADO, Voici mon dernier rapport après exécution de la méthode de prénettoyage... Un grand merci! J'attends ton analyse avec impatience! -
Win32 trojano et gen
thebear a répondu à un(e) sujet de thebear dans Analyses et éradication malwares
-
[RESOLU]