Help - Virus Police Belge - Log ComboFIxRésolu/Fermé

Question

Bonjour, 

Configuration: Windows XP / Firefox 17.0

Mon portable VAIO a été infecté par le virus de la police belge (ordinateur bloqué et demande de paiement de 100 EUR)

Après avoir pu reprendre le contrôle de mon portable, j'ai effectué un scan avec ComboFix.

Celui-ci me signale qu'un rootkit (rootkit.zeroAccess!) est présent dans la pile tcp/ip.

Voici le log comboFix  ci-dessous.

Quelqu'un peut-il m'aider pour l'analyse du log ? Est-ce qu'il y a encore des infections ?
Si oui, quelle est la procédure à suivre pour toutes les supprimer ?

Merci d'avance de votre aide 


ComboFix 12-12-25.02 - X 25/12/2012  19:10:48.1.1 - x86
Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.2046.1672 [GMT 1:00]
Lancé depuis: c:\documents and settings\X\Bureau\ComboFix.exe
.
[i] ADS - explorer.exe: deleted 26 bytes in 1 streams. /i
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
C:\explorer.exe
c:\windows\$NtUninstallKB58345$
c:\windows\$NtUninstallKB58345$\1777109509\@
c:\windows\$NtUninstallKB58345$\1777109509\Desktop.ini
c:\windows\$NtUninstallKB58345$\1777109509\L\00000004.@
c:\windows\$NtUninstallKB58345$\1777109509\L\201d3dde
c:\windows\$NtUninstallKB58345$\1777109509\L\qeafzoax
c:\windows\$NtUninstallKB58345$\1777109509\U\00000004.@
c:\windows\$NtUninstallKB58345$\1777109509\U\00000008.@
c:\windows\$NtUninstallKB58345$\1777109509\U\000000cb.@
c:\windows\$NtUninstallKB58345$\1777109509\U\80000000.@
c:\windows\$NtUninstallKB58345$\1777109509\U\80000032.@
c:\windows\$NtUninstallKB58345$\4139392086
c:\windows\system32\PowerToyReadme.htm
c:\windows\system32\SET10.tmp
c:\windows\system32\SET11.tmp
c:\windows\system32\SET12.tmp
c:\windows\system32\SET13.tmp
c:\windows\system32\SET19.tmp
c:\windows\system32\SET1A.tmp
c:\windows\system32\SET1B.tmp
c:\windows\system32\SET1F.tmp
c:\windows\system32\SET22.tmp
c:\windows\system32\SET23.tmp
c:\windows\system32\SET25.tmp
c:\windows\system32\SET26.tmp
c:\windows\system32\SET2B.tmp
c:\windows\system32\SET31.tmp
c:\windows\system32\SET74D.tmp
c:\windows\system32\SET74F.tmp
c:\windows\system32\SET75B.tmp
c:\windows\system32\SETA0.tmp
c:\windows\UA000082.DLL
.
.
(((((((((((((((((((((((((((((((((((((((   Pilotes/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2012-11-25 au 2012-12-25  ))))))))))))))))))))))))))))))))))))
.
.
2012-12-25 01:54 . 2011-05-10 13:03	307928	------w-	c:\windows\system32\drivers\aswSP.sys
2012-12-25 01:54 . 2011-05-10 12:59	19544	------w-	c:\windows\system32\drivers\aswFsBlk.sys
2012-12-25 01:54 . 2011-05-10 13:02	49240	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2012-12-25 01:54 . 2011-05-10 12:59	25432	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2012-12-25 01:54 . 2011-05-10 13:03	441176	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2012-12-25 01:54 . 2011-05-10 13:02	102616	----a-w-	c:\windows\system32\drivers\aswmon2.sys
2012-12-25 01:54 . 2011-05-10 13:02	96344	----a-w-	c:\windows\system32\drivers\aswmon.sys
2012-12-25 01:54 . 2011-05-10 12:59	30808	----a-w-	c:\windows\system32\drivers\aavmker4.sys
2012-12-25 01:54 . 2011-05-10 13:10	199304	------w-	c:\windows\system32\aswBoot.exe
2012-12-25 01:54 . 2012-12-25 01:54	--------	d-----w-	c:\program files\AVAST Software
2012-12-25 01:43 . 2012-12-25 01:43	--------	d-----w-	c:\documents and settings\X\Application Data\Apple Computer
2012-12-24 16:39 . 2012-12-24 16:39	--------	d-----w-	c:\windows\system32\config\systemprofile\Local Settings\Application Data\ESET
2012-12-24 15:18 . 2012-12-24 15:18	--------	d-----w-	c:\documents and settings\X\Application Data\VadeRetro
2012-12-24 04:36 . 2012-12-19 15:55	11101152	----a-w-	C:\mseinstall.exe
2012-12-24 04:34 . 2012-12-24 04:34	--------	d-----w-	c:\documents and settings\X\Application Data\2BrightSparks
2012-12-24 04:33 . 2012-12-24 04:34	--------	d-----w-	c:\documents and settings\X\Local Settings\Application Data\2BrightSparks
2012-12-24 04:20 . 2012-12-24 04:20	896016	----a-w-	C:\jxpiinstall.exe
2012-12-24 04:17 . 2012-12-24 04:17	--------	d-----w-	c:\program files\Disk1
2012-12-24 03:47 . 2012-12-24 03:50	--------	d-----w-	c:\program files\Microsoft Security Client
2012-12-24 02:54 . 2012-12-24 02:54	--------	d-----w-	c:\documents and settings\X\Local Settings\Application Data\ESET
2012-12-24 01:36 . 2012-05-31 10:25	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-12-23 23:24 . 2012-12-23 23:25	11476952	----a-w-	C:\SyncBack_Setup.exe
2012-12-22 22:28 . 2012-12-24 15:43	--------	d-----w-	c:\documents and settings\X\Application Data\IObit
2012-12-22 20:50 . 2012-12-22 20:50	--------	d-----w-	C:\_OTL
2012-12-22 04:58 . 2012-12-22 22:33	--------	d-----w-	c:\documents and settings\All Users\Application Data\IObit
2012-12-22 04:57 . 2012-12-22 04:58	--------	d-----w-	c:\documents and settings\Administrateur\Application Data\IObit
2012-12-22 04:57 . 2012-12-24 15:43	--------	d-----w-	c:\program files\IObit
2012-12-22 01:44 . 2012-12-22 01:44	--------	d-----w-	c:\documents and settings\Administrateur\Application Data\Malwarebytes
2012-12-22 01:03 . 2012-12-22 01:03	--------	d-----w-	c:\program files\Acronis
2012-12-20 17:43 . 2012-12-20 17:43	--------	d---a-w-	C:\.Trashes
2012-12-19 15:49 . 2012-12-19 15:49	711168	----a-w-	c:\windows\is-JI27F.exe
2012-12-19 03:23 . 2012-12-19 03:23	--------	d-----w-	c:\windows\system32\wbem\Repository
2012-12-19 03:03 . 2012-12-19 03:03	--------	d-----w-	c:\documents and settings\Administrateur\Local Settings\Application Data\Mozilla
2012-12-02 17:52 . 2012-12-02 17:52	--------	d-----w-	c:\program files\Fichiers communs\Adobe AIR
2012-11-30 12:45 . 2012-12-16 07:12	73656	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-30 12:45 . 2012-12-16 07:12	697272	----a-w-	c:\windows\system32\FlashPlayerApp.exe
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-25 03:58 . 2005-08-09 03:48	1037824	----a-w-	c:\windows\explorer.exe
2012-10-18 15:23 . 2012-10-18 15:23	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2012-10-18 15:23 . 2012-03-31 11:31	143872	----a-w-	c:\windows\system32\javacpl.cpl
2012-10-18 15:23 . 2011-11-15 01:42	746984	----a-w-	c:\windows\system32\deployJava1.dll
2012-09-29 18:54 . 2012-10-21 08:40	22856	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-12-06 22:31 . 2012-12-06 22:31	262112	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-05-27 6746112]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2003-11-07 114688]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-05-20 57344]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
"SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2005-10-19 184320]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"beidsccertprop"="c:\program files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe" [2012-02-21 31768]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"MP3 Skype Recorder"="c:\program files\MP3 Skype Recorder\MP3 Skype Recorder.exe" [2011-11-17 1975296]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	\0
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mouse Suite 98 Daemon]
2002-03-14 14:46	45056	----a-w-	c:\windows\system32\ico.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [25/12/2012 02:54 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25/12/2012 02:54 307928]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25/12/2012 02:54 19544]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [09/11/2012 11:21 160944]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [09/08/2005 04:49 71961]
S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [25/07/2012 01:09 33536]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [16/08/2011 00:31 47360]
S3 PID_400C;Video Blaster WebCam 5 (WDM);c:\windows\system32\drivers\Pd100Vid.sys [15/06/2011 01:29 335980]
S4 TomTomHOMEService;TomTomHOMEService; [x]
S4 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [27/10/2011 17:10 1086568]
.
Contenu du dossier 'Tâches planifiées'
.
2012-12-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-30 07:12]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Ajouter la cible du lien à un fichier PDF existant
IE: Ajouter à un fichier PDF existant
IE: Convertir au format Adobe PDF
IE: Convertir la cible du lien au format Adobe PDF
IE: E&xporter vers Microsoft Excel
TCP: DhcpNameServer = 192.168.36.1
FF - ProfilePath - c:\documents and settings\X\Application Data\Mozilla\Firefox\Profiles\ecnyfqvz.default-1351616813921\
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: 2012-10-27 14:15; belgiumeid@eid.belgium.be; c:\program files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
FF - ExtSQL: 2012-12-02 19:05; web2pdfextension@web2pdf.adobedotcom; c:\program files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF - ExtSQL: 2012-12-15 18:32; en-gb@flyingtophat.co.uk; c:\documents and settings\X\Application Data\Mozilla\Firefox\Profiles\ecnyfqvz.default-1351616813921\extensions\en-gb@flyingtophat.co.uk
FF - ExtSQL: 2012-12-19 16:43; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\documents and settings\X\Application Data\Mozilla\Firefox\Profiles\ecnyfqvz.default-1351616813921\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - ExtSQL: !HIDDEN! 2012-10-27 14:15; belgiumeid@eid.belgium.be; c:\program files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHELINS SUPPRIMES - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
MSConfigStartUp-UVS11 Preload - c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
AddRemove-Creative Video Blaster WebCam 5 - c:\windows\CtDrvIns.exe -uninstall usb\vid_041E&pid_400C&MI_00 -plugin pd100pin.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-25 19:29
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ... 
.
Recherche d'éléments en démarrage automatique cachés ... 
.
Recherche de fichiers cachés ... 
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-2831647132-4134117731-276175365-1006\Software\InterVideo\Common]
@DACL=(02 0000)
@SACL=
.
[HKEY_USERS\S-1-5-21-2831647132-4134117731-276175365-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"TIFImage.Document"=hex(0):
"MSPaper.Document"=hex(0):
"OmniPage.tifImage"=hex(0):
.
[HKEY_USERS\S-1-5-21-2831647132-4134117731-276175365-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"TIFImage.Document"=hex(0):
"MSPaper.Document"=hex(0):
"OmniPage.tiffImage"=hex(0):
.
[HKEY_USERS\S-1-5-21-2831647132-4134117731-276175365-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{670E64DA-152B-386A-A5E2-B39F5DD4E19D}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Adobe\CommonFiles]
@DACL=(02 0000)
@SACL=
"UsageCount"=dword:00000001
@=""
"AdobeHome"="C:"
.
[HKEY_LOCAL_MACHINE\software\AVAST Software\Avast]
@DACL=(02 0000)
"DataFolder"="c:\Documents and Settings\All Users\Application Data\AVAST Software\Avast"
"Version"="7.0"
"VersionShort"="7.0"
"SetupVersion"=dword:000005c2
"ProgramFolder"="c:\Program Files\AVAST Software\Avast"
"Product"="ais"
"OSPlatform"=dword:00000002
"OSVersion"=dword:00050001
"RegData"=hex:a3,8e,9c,54,c9,8e,9c,54,c9,8e,9c,54,c9,8e,9c,54,a4,8e,9c,54,c9,
   8e,95,54,c1,8e,e4,54,c1,8e,94,54,c0,8e,93,54,dd,8e,f0,54,c1,8e,eb,54,c7,8e,\
"Registration"=hex:ba,ff,c6,ff,ce,ff,cd,ff,ba,ff,bd,ff,cf,ff,c9,ff,d2,ff,c8,ff,
   ba,ff,cd,ff,ca,ff,d2,ff,cb,ff,bb,ff,c9,ff,cd,ff,d2,ff,c7,ff,b9,ff,c9,ff,ba,\
"UpdateReady"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\.m2t]
@DACL=(02 0000)
@SACL=
@="VLC.m2t"
"VLC.backup"="SonyMPEG2TS"
.
[HKEY_LOCAL_MACHINE\software\Classes\.mmv]
@DACL=(02 0000)
@SACL=
@="SonyMicroMV"
.
[HKEY_LOCAL_MACHINE\software\Classes\.mp4]
@DACL=(02 0000)
@SACL=
@="VLC.mp4"
"PerceivedType"="video"
"VLC.backup"="Mpeg4Files"
.
[HKEY_LOCAL_MACHINE\software\Classes\AMOVIE.ActiveMovie Control]
@DACL=(02 0000)
@SACL=
@="ActiveMovie Control Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\AMOVIE.ActiveMovie Control.2]
@DACL=(02 0000)
@SACL=
@="ActiveMovie Control Object"
"EditFlags"=dword:00010000
.
[HKEY_LOCAL_MACHINE\software\Classes\AMOVIE.ActiveMovieControl]
@DACL=(02 0000)
@SACL=
@="ActiveMovie Control Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\AMOVIE.ActiveMovieControl.2]
@DACL=(02 0000)
@SACL=
@="ActiveMovie Control Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\AMtoolbar.AMtoolbar]
@DACL=(02 0000)
@SACL=
@="AMtoolbar Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\AMtoolbar.AMtoolbar.1]
@DACL=(02 0000)
@SACL=
@="AMtoolbar Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\1XConfig.EXE]
@DACL=(02 0000)
@SACL=
"AppID"="{6AE5E02E-2DCA-4EAF-9D58-02D883362973}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\EvtEng.EXE]
@DACL=(02 0000)
@SACL=
"AppID"="{E7DCA9D7-1577-45DA-BF99-8BD6184ACF99}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\RegSrvc.EXE]
@DACL=(02 0000)
@SACL=
"AppID"="{6EF8E539-12E9-4595-A7C6-3DDA8A4069B2}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VESAutoDimmer.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{C27DECC7-D15F-41E4-8CDE-A76D503768CB}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VESFnLock.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{B6EC9B2D-462F-4819-B772-D43E90549D66}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VESHardwareMixer.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{15DA320D-1DDD-46E0-9390-EA9AF8295DF1}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VESHKWndCommon.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{B2E5C5AD-1EAF-4A7E-BCFF-F0FF3A910CE3}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VESKBDCoverPoll.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{4325C26E-8640-4886-99C4-1FAC365F6304}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VESPerform.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{A038D2EA-13D1-416C-9DDE-BBCA1EB8F3D5}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VESSemiPnP.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{2A24449C-E587-4C6E-802C-EC67C02AFABF}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VESService.exe]
@DACL=(02 0000)
@SACL=
"AppID"="{BC52BC95-F40A-47AA-8EBC-B5B3A5AD579F}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VESSuEvent.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{B2E78F5A-2B15-44C0-93C2-684E9A4A0907}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VESSuPerform.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{91F505D6-8E7F-4F2D-9EA7-4DD60CF014B2}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VESTransform.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{AB9B31F4-1D0E-4B23-A9FF-18E402266DCB}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VESUSBKeyboard.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{3E404DAD-05A9-4B2E-8B79-122DD99C2FFE}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VESVideo.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{EDE8839D-6600-4F91-91B6-50A6E2529E53}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VESWndMsg.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{BECDEC11-00A3-495E-876F-C92D71ABB8E1}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VzCdbCtrl.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{80E5EAFA-51C4-4756-A6D1-253BB72EC6C5}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VzCdbLocalDB.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{8428429C-C2BC-4EF6-8228-8CF800B3BEB2}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VzCdbSsDB.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{EE390213-FDF7-4D40-81C3-FAF62293F0B1}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VzCdbSvc.EXE]
@DACL=(02 0000)
@SACL=
"AppID"="{65CBF74E-9F75-4E2E-BBA7-BB14BE9EE689}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VzCdbVcds.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{33196F51-1808-4830-AAA6-E0CE1408D637}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VzCsIp.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{F72A3A26-8981-4E63-A0E5-2B09EA4B9819}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VzFw.EXE]
@DACL=(02 0000)
@SACL=
"AppID"="{0686B8F3-3FA7-4048-B22D-E6DF61BE3B4D}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\VzHardwareResourceManager.EXE]
@DACL=(02 0000)
@SACL=
"AppID"="{34A6B42D-C904-49BB-A3D0-625002CDF938}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\WPDSp.DLL]
@DACL=(02 0000)
@SACL=
"AppID"="{D455FA37-74F9-4A75-BD79-48659B12A1D6}"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{0686B8F3-3FA7-4048-B22D-E6DF61BE3B4D}]
@DACL=(02 0000)
@SACL=
@="VzFw"
"LocalService"="VzFw"
"ServiceParameters"="-Service"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{15DA320D-1DDD-46E0-9390-EA9AF8295DF1}]
@DACL=(02 0000)
@SACL=
@="VESHardwareMixer"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{2A24449C-E587-4C6E-802C-EC67C02AFABF}]
@DACL=(02 0000)
@SACL=
@="VESSemiPnP"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{33196F51-1808-4830-AAA6-E0CE1408D637}]
@DACL=(02 0000)
@SACL=
@="VzCdbVcds"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{34A6B42D-C904-49BB-A3D0-625002CDF938}]
@DACL=(02 0000)
@SACL=
@="VzHardwareResourceManager"
"LocalService"="VAIO Entertainment TV Device Arbitration Service"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{3E404DAD-05A9-4B2E-8B79-122DD99C2FFE}]
@DACL=(02 0000)
@SACL=
@="VESUSBKeyboard"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{4325C26E-8640-4886-99C4-1FAC365F6304}]
@DACL=(02 0000)
@SACL=
@="VESKBDCoverPoll"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{4A4F8AC6-CC99-4e12-8922-5B918BF0C269}]
@DACL=(02 0000)
@SACL=
@="DeviceManagerClass"
"LocalService"="Vcsw"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{65CBF74E-9F75-4E2E-BBA7-BB14BE9EE689}]
@DACL=(02 0000)
@SACL=
@="VzCdbSvc"
"LocalService"="VzCdbSvc"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{6AE5E02E-2DCA-4EAF-9D58-02D883362973}]
@DACL=(02 0000)
@SACL=
@="8021XConfig"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{6EF8E539-12E9-4595-A7C6-3DDA8A4069B2}]
@DACL=(02 0000)
@SACL=
@="RegSrvc"
"LocalService"="RegSrvc"
"ServiceParameters"="-Service"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{80E5EAFA-51C4-4756-A6D1-253BB72EC6C5}]
@DACL=(02 0000)
@SACL=
@="VzCdbCtrl"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{8428429C-C2BC-4EF6-8228-8CF800B3BEB2}]
@DACL=(02 0000)
@SACL=
@="VzCdbLocalDB"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{91F505D6-8E7F-4F2D-9EA7-4DD60CF014B2}]
@DACL=(02 0000)
@SACL=
@="VESSuPerform"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{A038D2EA-13D1-416C-9DDE-BBCA1EB8F3D5}]
@DACL=(02 0000)
@SACL=
@="VESPerform"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{AB9B31F4-1D0E-4B23-A9FF-18E402266DCB}]
@DACL=(02 0000)
@SACL=
@="VESTransform"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{B2E5C5AD-1EAF-4A7E-BCFF-F0FF3A910CE3}]
@DACL=(02 0000)
@SACL=
@="VESHKWndCommon"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{B2E78F5A-2B15-44C0-93C2-684E9A4A0907}]
@DACL=(02 0000)
@SACL=
@="VESSuEvent"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{B6EC9B2D-462F-4819-B772-D43E90549D66}]
@DACL=(02 0000)
@SACL=
@="VESFnLock"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{BC52BC95-F40A-47AA-8EBC-B5B3A5AD579F}]
@DACL=(02 0000)
@SACL=
@="VESService"
"LocalService"="VAIO Event Service"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{BECDEC11-00A3-495E-876F-C92D71ABB8E1}]
@DACL=(02 0000)
@SACL=
@="VESWndMsg"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{C27DECC7-D15F-41E4-8CDE-A76D503768CB}]
@DACL=(02 0000)
@SACL=
@="VESAutoDimmer"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{D455FA37-74F9-4A75-BD79-48659B12A1D6}]
@DACL=(02 0000)
@SACL=
@="WPDSp"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{E7DCA9D7-1577-45DA-BF99-8BD6184ACF99}]
@DACL=(02 0000)
@SACL=
@="EvtEng"
"LocalService"="EvtEng"
"ServiceParameters"="-Service"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{ED6BB178-B06A-47ad-98B3-6066E0CF0147}]
@DACL=(02 0000)
@SACL=
@="Windows Media Player Launch"
"RunAs"="Interactive User"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{EDE8839D-6600-4F91-91B6-50A6E2529E53}]
@DACL=(02 0000)
@SACL=
@="VESVideo"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{EE390213-FDF7-4D40-81C3-FAF62293F0B1}]
@DACL=(02 0000)
@SACL=
@="VzCdbSsDB"
.
[HKEY_LOCAL_MACHINE\software\Classes\AppID\{F72A3A26-8981-4E63-A0E5-2B09EA4B9819}]
@DACL=(02 0000)
@SACL=
@="VzCsIp"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Attribute]
@DACL=(02 0000)
@SACL=
@="Attribute Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Attribute.1]
@DACL=(02 0000)
@SACL=
@="Attribute Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Certificate]
@DACL=(02 0000)
@SACL=
@="Certificate Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Certificate.1]
@DACL=(02 0000)
@SACL=
@="Certificate Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Certificate.2]
@DACL=(02 0000)
@SACL=
@="Certificate Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Certificates]
@DACL=(02 0000)
@SACL=
@="Certificates Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Certificates.1]
@DACL=(02 0000)
@SACL=
@="Certificates Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Certificates.2]
@DACL=(02 0000)
@SACL=
@="Certificates Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Chain]
@DACL=(02 0000)
@SACL=
@="Chain Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Chain.1]
@DACL=(02 0000)
@SACL=
@="Chain Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Chain.2]
@DACL=(02 0000)
@SACL=
@="Chain Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.EncryptedData]
@DACL=(02 0000)
@SACL=
@="EncryptedData Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.EncryptedData.1]
@DACL=(02 0000)
@SACL=
@="EncryptedData Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.EnvelopedData]
@DACL=(02 0000)
@SACL=
@="EnvelopedData Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.EnvelopedData.1]
@DACL=(02 0000)
@SACL=
@="EnvelopedData Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.ExtendedProperty]
@DACL=(02 0000)
@SACL=
@="ExtendedProperty Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.ExtendedProperty.1]
@DACL=(02 0000)
@SACL=
@="ExtendedProperty Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.HashedData]
@DACL=(02 0000)
@SACL=
@="HashedData Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.HashedData.1]
@DACL=(02 0000)
@SACL=
@="HashedData Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.OID]
@DACL=(02 0000)
@SACL=
@="OID Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.OID.1]
@DACL=(02 0000)
@SACL=
@="OID Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.PrivateKey]
@DACL=(02 0000)
@SACL=
@="PrivateKey Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.PrivateKey.1]
@DACL=(02 0000)
@SACL=
@="PrivateKey Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Settings]
@DACL=(02 0000)
@SACL=
@="Settings Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Settings.1]
@DACL=(02 0000)
@SACL=
@="Settings Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.SignedCode]
@DACL=(02 0000)
@SACL=
@="SignedCode Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.SignedCode.1]
@DACL=(02 0000)
@SACL=
@="SignedCode Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.SignedData]
@DACL=(02 0000)
@SACL=
@="SignedData Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.SignedData.1]
@DACL=(02 0000)
@SACL=
@="SignedData Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Signer]
@DACL=(02 0000)
@SACL=
@="Signer Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Signer.1]
@DACL=(02 0000)
@SACL=
@="Signer Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Signer.2]
@DACL=(02 0000)
@SACL=
@="Signer Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Store]
@DACL=(02 0000)
@SACL=
@="Store Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Store.1]
@DACL=(02 0000)
@SACL=
@="Store Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Store.2]
@DACL=(02 0000)
@SACL=
@="Store Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Utilities]
@DACL=(02 0000)
@SACL=
@="Utilities Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CAPICOM.Utilities.1]
@DACL=(02 0000)
@SACL=
@="Utilities Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{00ACDE00-082B-11D1-8E21-444553540000}]
@DACL=(02 0000)
@SACL=
@="SONY DV Video Decoder"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}]
@DACL=(02 0000)
@SACL=
@="MX XML Reader 4.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{01BF1507-948F-4DF6-9A83-FDC43ACB81EC}]
@Class="REG_SZ"
@DACL=(02 0000)
@SACL=
@="PSFactoryBuffer"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{02442C40-813F-11D1-BFA2-00A024EC9DA6}]
@DACL=(02 0000)
@SACL=
@="MPEG Audio Properties"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{0368BFF0-9870-11D0-94AB-0080C74C7E95}]
@DACL=(02 0000)
@SACL=
@="AMtoolbar Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{03be3ac4-84b7-4e0e-a78d-d3524e60395a}]
@DACL=(02 0000)
@SACL=
@="WMVideo Advanced Decoder DMO"
"Merit"=dword:00800001
"WMSDKMerit"=dword:00000100
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{04DA8599-8F8C-458D-AB2A-A571F87204A3}]
@DACL=(02 0000)
@SACL=
@="SONY MPEG Video Decoder"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{00ACDE00-082B-11D1-8E21-444553540000}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="SONY DV Video Decoder"
"CLSID"="{00ACDE00-082B-11D1-8E21-444553540000}"
"FilterData"=hex:02,00,00,00,00,00,40,00,02,00,00,00,00,00,00,00,30,70,69,33,
   00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,30,74,79,33,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{04DA8599-8F8C-458D-AB2A-A571F87204A3}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Sony MPEG4 Video Decoder"
"CLSID"="{04DA8599-8F8C-458D-AB2A-A571F87204A3}"
"FilterData"=hex:02,00,00,00,00,00,40,00,02,00,00,00,00,00,00,00,30,70,69,33,
   00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,30,74,79,33,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{1A56451B-1315-4012-861E-8587333DD631}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Screen Capture filter"
"CLSID"="{1A56451B-1315-4012-861E-8587333DD631}"
"FilterData"=hex:02,00,00,00,00,00,20,00,01,00,00,00,00,00,00,00,30,70,69,33,
   08,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,30,74,79,33,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{30146000-87BF-11D1-BE74-C94E44925F69}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Sony MPEG Video Decoder"
"CLSID"="{30146000-87BF-11D1-BE74-C94E44925F69}"
"FilterData"=hex:02,00,00,00,00,00,10,00,03,00,00,00,00,00,00,00,30,70,69,33,
   00,00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,30,74,79,33,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{6CEB7408-B7F6-4983-888A-DAFA3E816A72}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Sony MPEG4 AAC Decoder"
"CLSID"="{6CEB7408-B7F6-4983-888A-DAFA3E816A72}"
"FilterData"=hex:02,00,00,00,00,00,60,00,02,00,00,00,00,00,00,00,30,70,69,33,
   00,00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,30,74,79,33,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{D30638B7-2CC2-4D05-A39F-7EE99E015604}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Sony MP4 File Source"
"CLSID"="{D30638B7-2CC2-4D05-A39F-7EE99E015604}"
"FilterData"=hex:02,00,00,00,00,00,80,00,01,00,00,00,00,00,00,00,30,70,69,33,
   0c,00,00,00,00,00,00,00,06,00,00,00,00,00,00,00,00,00,00,00,30,74,79,33,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{E1F79440-812F-11D1-BFA2-00A024EC9DA6}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Sony MPEG Audio Decoder"
"CLSID"="{E1F79440-812F-11D1-BFA2-00A024EC9DA6}"
"FilterData"=hex:02,00,00,00,00,00,10,00,02,00,00,00,00,00,00,00,30,70,69,33,
   00,00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,00,00,00,00,30,74,79,33,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{0AA02E8D-F851-4CB0-9F64-BBA9BE7A983D}]
@DACL=(02 0000)
@SACL=
@="AlchemyVis Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{0AE89F03-C538-4471-9B12-A8E8EF246A0D}]
@Class="REG_SZ"
@DACL=(02 0000)
@SACL=
@="PSFactoryBuffer"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{0C23C74A-4BDB-4067-AAF5-4842979B969F}]
@DACL=(02 0000)
@SACL=
@="Dot1XPEAPCredentials Class"
"AppID"="{6AE5E02E-2DCA-4EAF-9D58-02D883362973}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{0D458BE8-D99D-11D3-A92B-00105A088FAC}]
@DACL=(02 0000)
@SACL=
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{14918656-7B3C-4528-933B-47CB4EDEE8CA}]
@DACL=(02 0000)
@SACL=
@="VzCdbSvcCore Class"
"AppID"="{65CBF74E-9F75-4E2E-BBA7-BB14BE9EE689}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{16FB0402-07F0-4FE5-A61F-B183A44B7EE6}]
@Class="REG_SZ"
@DACL=(02 0000)
@SACL=
@="PSFactoryBuffer"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{17CCA71B-ECD7-11D0-B908-00A0C9223196}]
@DACL=(02 0000)
@SACL=
@="Proxy de filtre générique WDM"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1A56451B-1315-4012-861E-8587333DD631}]
@DACL=(02 0000)
@SACL=
@="WMEnc Screen Capture Filter"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1A8766A0-62CE-11CF-A5D6-28DB04C10000}]
@DACL=(02 0000)
@SACL=
@="Gestionnaire de répartition WDM pour interface standard"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1BF18D30-223C-4E0F-9074-C78C1256FD43}]
@DACL=(02 0000)
@SACL=
@="Windows Media Player WMEncAdvancedStreamEdit Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1D1237A0-6CD6-11d2-96BA-00104B242E64}]
@DACL=(02 0000)
@SACL=
@="ppDSFile Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{21E7C720-3A33-11D7-A4E5-00E02921EA26}]
@DACL=(02 0000)
@SACL=
@="Sony MPEG2 TS Splitter Ex"
"Merit"=dword:0060000f
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{21E7C721-3A33-11D7-A4E5-00E02921EA26}]
@DACL=(02 0000)
@SACL=
@="TsSplt Property Page"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{21E7C722-3A33-11D7-A4E5-00E02921EA26}]
@DACL=(02 0000)
@SACL=
@="Video Property Page"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{21E7C723-3A33-11D7-A4E5-00E02921EA26}]
@DACL=(02 0000)
@SACL=
@="Audio Property Page"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{22D84EC7-E201-4432-B3ED-A9DCA3604594}]
@DACL=(02 0000)
@SACL=
@="SetupLogServices Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2559a1f6-21d7-11d4-bdaf-00c04f60b9f0}\DefaultIcon]
@DACL=(02 0000)
@SACL=
@=expand:"c:\Program Files\sony\Prepare your VAIO\FrontFlow.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2A2699C5-775A-42e9-BF4A-A36FE41BA4CB}]
@DACL=(02 0000)
@SACL=
@="TCPIProp Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AFA62E2-5548-11D1-A6E1-006097C4E476}]
@DACL=(02 0000)
@SACL=
@="ppDSApp Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2C676B7B-796E-4C59-8209-4D0473E32A17}]
@DACL=(02 0000)
@SACL=
@="WMEncSourceSink"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2eeb4adf-4578-4d10-bca7-bb955f56320a}]
@DACL=(02 0000)
@SACL=
@="WMAudio Decoder DMO"
"Merit"=dword:00800800
"WMSDKMerit"=dword:00000100
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2FEB9591-50CF-11D1-A6DF-006097C4E476}]
@DACL=(02 0000)
@SACL=
@="ppDSMeta Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{30146000-87BF-11D1-BE74-C94E44925F69}]
@DACL=(02 0000)
@SACL=
@="SONY MPEG Video Decoder"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{31C48C31-70B0-11d1-A708-006097C4E476}]
@DACL=(02 0000)
@SACL=
@="ppDSClip Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{31C48C32-70B0-11d1-A708-006097C4E476}]
@DACL=(02 0000)
@SACL=
@="ppDSDetl Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{31DCBC0C-20D8-40b0-A409-F4474A942358}]
@DACL=(02 0000)
@SACL=
@="TcpiObj Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{34A09F03-DFC0-470E-A8B9-F2255883327C}]
@Class="REG_SZ"
@DACL=(02 0000)
@SACL=
@="PSFactoryBuffer"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{35BA6629-73F8-49C8-B2C1-FACE5241FCEC}]
@Class="REG_SZ"
@DACL=(02 0000)
@SACL=
@="PSFactoryBuffer"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{39A2C2A6-4778-11D2-9BDB-204C4F4F5020}]
@DACL=(02 0000)
@SACL=
@="DirectControl Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{39A2C2A9-4778-11D2-9BDB-204C4F4F5020}]
@DACL=(02 0000)
@SACL=
@="DirectContainer Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3D96ED94-5D75-4165-9E1F-1A642C7BA316}]
@DACL=(02 0000)
@SACL=
@="Windows Media Player WMEncTextInputSource Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3DA2AA3E-3D96-11D2-9BD2-204C4F4F5020}]
@DACL=(02 0000)
@SACL=
@="AsyncMHandler Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{42F65E5C-D380-428e-ADF7-EA07C822D6D2}]
@DACL=(02 0000)
@SACL=
@="IviMovieEffectDMO Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{44234020-7F7A-4419-A3AE-1BE1A87A935C}]
@DACL=(02 0000)
@SACL=
@="OpeningPerformer Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{45C6AFA5-2C13-402f-BC5D-45CC8172EF6B}]
@DACL=(02 0000)
@SACL=
@="Bluetooth Information Exchanger"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{48512A59-C8A5-4805-9048-23C9E4194BFA}]
@DACL=(02 0000)
@SACL=
@="VzCdbVcdsCore Class"
"AppID"="{33196F51-1808-4830-AAA6-E0CE1408D637}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{49FC0185-4B32-11d1-A40E-00600831F336}]
@DACL=(02 0000)
@SACL=
@="DSDisplayPanel Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{4AA09B81-933A-4ECF-A034-5C6CD5D48AB8}]
@DACL=(02 0000)
@SACL=
@="Dot1XTTLSCredentials Class"
"AppID"="{6AE5E02E-2DCA-4EAF-9D58-02D883362973}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{4BEE36D7-DF28-49C1-8B85-1F3AED830E66}]
@DACL=(02 0000)
@SACL=
@="Dot1XConfig Class"
"AppID"="{6AE5E02E-2DCA-4EAF-9D58-02D883362973}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{4F695794-BFCF-48B0-A323-F874F9BD45F2}]
@DACL=(02 0000)
@SACL=
@="Windows Media Player WMEncFileTransferSource Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{51014E27-3976-4E76-A7EF-9F37E39915ED}]
@Class="REG_SZ"
@DACL=(02 0000)
@SACL=
@="PSFactoryBuffer"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5210f8e4-b0bb-47c3-a8d9-7b2282cc79ed}]
@DACL=(02 0000)
@SACL=
@="WMAPro over S/PDIF DMO"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{52a2aaae-085d-4187-97ea-8c30db990436}]
@DACL=(02 0000)
@SACL=
@="HHCtrl Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{52e4e90a-f4af-460a-9e60-fdfb86c9dd5d}]
@DACL=(02 0000)
@SACL=
@="Windows Media Player WMEncoder Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{569095B8-57D5-4EA4-84F3-37BCDC81D72F}]
@DACL=(02 0000)
@SACL=
@="VzCsIpMedia Class"
"AppID"="{F72A3A26-8981-4E63-A0E5-2B09EA4B9819}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{56F9312C-C989-4E04-8C23-299DEE3A36F5}]
@DACL=(02 0000)
@SACL=
@="VzCdbSsCore Class"
"AppID"="{EE390213-FDF7-4D40-81C3-FAF62293F0B1}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5A41EFA3-6C01-43DC-8C49-110151B36C70}]
@DACL=(02 0000)
@SACL=
@="Line 21 Decoder Text Output"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5B0FADCD-FD70-490F-A262-11605AC9C2BC}]
@DACL=(02 0000)
@SACL=
@="FileImporter Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5C85DCB0-F967-11D0-81ED-00C04FC99D4C}]
@DACL=(02 0000)
@SACL=
@="ppDShowNet Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{67841b03-c689-4188-ad3f-4c9ebeec710b}]
@DACL=(02 0000)
@SACL=
@="WM Speech Encoder DMO"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{67B65B9A-B102-4E99-8545-B578330B3B4F}]
@DACL=(02 0000)
@SACL=
@="VzCsIpMediaList Class"
"AppID"="{F72A3A26-8981-4E63-A0E5-2B09EA4B9819}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{6BEF3D0B-53F0-4b0d-B91C-C19ED3D4C9D1}]
@DACL=(02 0000)
@SACL=
@="Bluetooth File Extenstion"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{6CEB7408-B7F6-4983-888A-DAFA3E816A72}]
@DACL=(02 0000)
@SACL=
@="VaioAacDecFilter"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{6efeae9e-014c-436a-8aac-35da9535adc0}]
@DACL=(02 0000)
@SACL=
@="Windows Media Player InputCollection Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{6F8DAE82-43A2-47AA-B0E7-47B7E82F705F}]
@DACL=(02 0000)
@SACL=
@="WMEncSourcePluginWrapper"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{70f598e9-f4ab-495a-99e2-a7c4d3d89abf}]
@DACL=(02 0000)
@SACL=
@="WMAudio Encoder DMO"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7122A82D-E722-4AFC-AA87-EAA77D8CFCE1}]
@DACL=(02 0000)
@SACL=
@="Windows Media Player WMEnc5PointWavSource Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73647561-0000-0010-8000-00aa00389b71}]
@DACL=(02 0000)
@SACL=
@="Gestionnaire de répartition WDM pour types de données standard"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7bafb3b1-d8f4-4279-9253-27da423108de}]
@DACL=(02 0000)
@SACL=
@="WMV Screen decoder DMO"
"Merit"=dword:00800001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}]
@DACL=(02 0000)
@SACL=
@="SAX XML Reader 4.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{82d353df-90bd-4382-8bc2-3f6192b76e34}]
@DACL=(02 0000)
@SACL=
@="WMVideo Decoder DMO"
"Merit"=dword:00800001
"WMSDKMerit"=dword:00000100
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{847B4DF5-4B61-11D2-9BDB-204C4F4F5020}]
@DACL=(02 0000)
@SACL=
@="RadioView Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{874131cb-4ecc-443b-8948-746b89595d20}]
@DACL=(02 0000)
@SACL=
@="WMA Voice Decoder DMO"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{877E4351-6FEA-11d0-B863-00AA00A216A1}]
@DACL=(02 0000)
@SACL=
@="Distributeur à brancher : IKsClock"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}]
@DACL=(02 0000)
@SACL=
@="XML DOM Document 4.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}]
@DACL=(02 0000)
@SACL=
@="Free Threaded XML DOM Document 4.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}]
@DACL=(02 0000)
@SACL=
@="XML Schema Cache 4.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}]
@DACL=(02 0000)
@SACL=
@="XSL Template 4.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}]
@DACL=(02 0000)
@SACL=
@="XML Data Source Object 4.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}]
@DACL=(02 0000)
@SACL=
@="XML HTTP 4.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}]
@DACL=(02 0000)
@SACL=
@="Server XML HTTP 4.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}]
@DACL=(02 0000)
@SACL=
@="MXXMLWriter 4.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}]
@DACL=(02 0000)
@SACL=
@="MXHTMLWriter 4.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}]
@DACL=(02 0000)
@SACL=
@="SAXAttributes 4.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}]
@DACL=(02 0000)
@SACL=
@="MXNamespaceManager 4.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{89643D21-7B2A-11d1-8271-00A0C91F9CA0}]
@DACL=(02 0000)
@SACL=
@="adbanner Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8A3F59E1-4994-11D1-A40D-00600831F336}]
@DACL=(02 0000)
@SACL=
@="DSStatusBar Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8c3c1b17-e59d-11d2-b40b-00a024b9dddd}]
@DACL=(02 0000)
@SACL=
@="SetupLogServices Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8C4EB103-516F-11D1-A6DF-006097C4E476}]
@DACL=(02 0000)
@SACL=
@="ppDSPropAdv Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8CBEED49-18A6-4D9C-8EF5-E4DD9AB04A83}]
@DACL=(02 0000)
@SACL=
@="Windows Media Player WMEncSourcePluginCommunicator Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8E718888-423F-11D2-876E-00A0C9082467}]
@DACL=(02 0000)
@SACL=
@="Radio"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8E71888A-423F-11D2-876E-00A0C9082467}]
@DACL=(02 0000)
@SACL=
@="RadioServer Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{91814EC0-B5F0-11D2-80B9-00104B1F6CEA}]
@DACL=(02 0000)
@SACL=
@="InstallShield setup kernel"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{93126582-5402-4DB1-A102-33D330BC9B69}]
@DACL=(02 0000)
@SACL=
@="Windows Media Player WMEnc5Point1WavSourcePropertyPage Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{94E03510-31B9-47a0-A44E-E932AC86BB17}]
@DACL=(02 0000)
@SACL=
@="Windows Media Player Device Autoplay"
"AppID"="{ED6BB178-B06A-47ad-98B3-6066E0CF0147}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{96E1A653-CBCA-435D-A162-D147106AE95C}]
@DACL=(02 0000)
@SACL=
@="VaioAacDecPropertyPage"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{97103AE5-6248-4E04-97B5-36663159967C}]
@DACL=(02 0000)
@SACL=
@="Windows Media Player WMEncTunerPropPage Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{97952D20-B180-11CF-8410-00A024EC9DA6}]
@DACL=(02 0000)
@SACL=
@="Post Properties"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{987BBF42-5500-46D6-BAF0-A825828BC4EF}]
@DACL=(02 0000)
@SACL=
@="Windows Media Player WMEncFileSource Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{997B7877-EB34-465B-BD05-E6A15EB69A96}]
@Class="REG_SZ"
@DACL=(02 0000)
@SACL=
@="PSFactoryBuffer"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9C2263B0-3E3C-11D2-9BD3-204C4F4F5020}]
@DACL=(02 0000)
@SACL=
@="RadioPlayer Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9F4D2FA2-54A1-11d1-8267-00A0C91F9CA0}]
@DACL=(02 0000)
@SACL=
@="gotobar Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A0A8001E-8588-41C9-B392-14F099ADF718}]
@DACL=(02 0000)
@SACL=
@="Dot1XTLSCredentials Class"
"AppID"="{6AE5E02E-2DCA-4EAF-9D58-02D883362973}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A1060A0A-8F2B-4AAF-AC98-FEBFA2B88F22}]
@Class="REG_SZ"
@DACL=(02 0000)
@SACL=
@="PSFactoryBuffer"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A4199E55-EBB9-49E5-AF1A-7A5408B2E206}]
@DACL=(02 0000)
@SACL=
@="Registry Class"
"AppID"="{6EF8E539-12E9-4595-A7C6-3DDA8A4069B2}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A51BE8E5-1A25-4802-A5B7-E9DB483A3DEB}]
@DACL=(02 0000)
@SACL=
@="Dot1XMD5Credentials Class"
"AppID"="{6AE5E02E-2DCA-4EAF-9D58-02D883362973}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A9C2CEBF-36DC-40A3-92E6-ED59FDD9D20D}]
@DACL=(02 0000)
@SACL=
@="SONY Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AA7E2086-CB55-11D2-8094-00104B1F9838}]
@DACL=(02 0000)
@SACL=
@="InstallShield setup object wrapper"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AA7E2087-CB55-11D2-8094-00104B1F9838}]
@DACL=(02 0000)
@SACL=
@="InstallShield setup object wrapper"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AD824619-9A64-4dff-9426-4111B582A967}]
@DACL=(02 0000)
@SACL=
@="DeviceManagerClass"
"AppID"="{4A4F8AC6-CC99-4e12-8922-5B918BF0C269}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AE1A5812-5230-11D1-A6E0-006097C4E476}]
@DACL=(02 0000)
@SACL=
@="ppDSView Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AE1A5813-5230-11D1-A6E0-006097C4E476}]
@DACL=(02 0000)
@SACL=
@="ppDSOAdv Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AEE10E69-7C97-4F4E-9A43-1FC68B36CF08}]
@DACL=(02 0000)
@SACL=
@="VzHardwareResource Class"
"AppID"="{34A6B42D-C904-49BB-A3D0-625002CDF938}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AEE3E4A8-EF01-4024-A0F1-809D9B096E14}]
@DACL=(02 0000)
@SACL=
@="Windows Media Player Encoder Helper Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B01FEB50-45ED-11D3-B444-00104B261643}]
@DACL=(02 0000)
@SACL=
@="InstallShield for Windows Installer ScriptWrapper"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B4D85BBD-C1E6-4F2B-BF43-75CB28500A08}]
@DACL=(02 0000)
@SACL=
@="Windows Media Player TunerHelper Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B9A7E591-6C9C-11D3-B452-00104B261643}]
@DACL=(02 0000)
@SACL=
@="InstallShield for Windows Installer String Table"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{b9f8ac3e-0f71-11d2-b72c-00c04fb6bd3d}]
@DACL=(02 0000)
@SACL=
@="%PlugIn_IBasicAudio%"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BAA94581-C092-425C-B4D3-7B5EE0BAC3C4}]
@DACL=(02 0000)
@SACL=
@="Windows Media Player WMEncProfile2 Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BB314F91-A010-11d1-A75A-006097C4E476}]
@DACL=(02 0000)
@SACL=
@="ppDSMeta Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BC29A660-30E3-11d0-9E69-00C04FD7C15B}]
@DACL=(02 0000)
@SACL=
@="Gestionnaire de répartition WDM pour interface de réglage de propriétés VPE"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BDF5355D-8A9A-439C-801E-31F240E2974D}]
@DACL=(02 0000)
@SACL=
@="Sony File Source Property Page"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BF27441E-CDCD-4659-AEBE-06F6E069714E}]
@DACL=(02 0000)
@SACL=
@="Screen Capture Filter Task Page"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C0CD59AE-020D-11d1-81F2-00C04FC99D4C}]
@DACL=(02 0000)
@SACL=
@="ppDShowPlay Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C27BB47A-8823-4613-8C32-ADEBB5959985}]
@Class="REG_SZ"
@DACL=(02 0000)
@SACL=
@="PSFactoryBuffer"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C39E156D-F621-48CF-B0EE-9C47C430543B}]
@DACL=(02 0000)
@SACL=
@="Windows Media Player WMEncFileTransferSourcePropertyPage Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C447080C-D0C3-48AE-B31E-BB3E93591C69}]
@DACL=(02 0000)
@SACL=
@="WMEnc DV Timecode Reader"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C6606CA5-2108-4CAF-8E52-1953F2DBF716}]
@DACL=(02 0000)
@SACL=
@="PropSet Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C90D7607-0BE2-4C0E-963A-4FE65880E99B}]
@Class="REG_SZ"
@DACL=(02 0000)
@SACL=
@="PSFactoryBuffer"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C9CD1A93-D7B4-11D2-80C5-00104B1F6CEA}]
@DACL=(02 0000)
@SACL=
@="InstallShield setup user interafce"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{CA0A025B-D758-4964-9A08-E9A416EE1D2C}]
@DACL=(02 0000)
@SACL=
@="Dot1XLeapCredentials Class"
"AppID"="{6AE5E02E-2DCA-4EAF-9D58-02D883362973}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{CA81B096-1D6F-4635-956E-F08C0B2EC342}]
@DACL=(02 0000)
@SACL=
@="Windows Media Player WMEncImageSource Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{CC0CA09A-5B84-43F2-BE5C-9169C192565F}]
@DACL=(02 0000)
@SACL=
@="RTLCSSAPI Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{d23b90d0-144f-46bd-841d-59e4eb19dc59}]
@DACL=(02 0000)
@SACL=
@="WMVideo9 Encoder DMO"
"WMSDKMerit"=dword:00000100
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D30638B7-2CC2-4D05-A39F-7EE99E015604}]
@DACL=(02 0000)
@SACL=
@="Sony MP4 File Source"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3984C13-C3CB-48E2-8BE5-5168340B4F35}]
@Class="REG_SZ"
@DACL=(02 0000)
@SACL=
@="PSFactoryBuffer"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D7347882-4BA4-48BC-93F0-B957413A50F6}]
@DACL=(02 0000)
@SACL=
@="FolderWatcher Class"
"AppID"="{0686B8F3-3FA7-4048-B22D-E6DF61BE3B4D}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DA126297-0CB3-4CB8-AF32-F43BDBFF5BC8}]
@DACL=(02 0000)
@SACL=
@="VzCdbControler Class"
"AppID"="{80E5EAFA-51C4-4756-A6D1-253BB72EC6C5}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DC81A76D-4757-4985-9084-08D0EB0855EA}]
@DACL=(02 0000)
@SACL=
@="VzCdbIntegratedDB Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE6E1660-1B08-11D1-BFA2-00A024EC9DA6}]
@DACL=(02 0000)
@SACL=
@="Display"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E05592E4-C0B5-11D0-A439-00A0C9223196}]
@DACL=(02 0000)
@SACL=
@="Distributeur à brancher : IKsQualityForwarder"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLS

g3n-h@ckm@n · Answer

salut c'est vraiment "X" ton nom de session ou c'est toi qui a mis ca ?

Utilisateur anonyme · Answer

salut,
"X" est mon nom de session

g3n-h@ckm@n · Answer

re

bien :)

heberge le rapport Combofix sur https://www.cjoint.com/ et donne le lien obtenu , ton rapport est trop long pour rentrer sur le forum

Utilisateur anonyme · Answer

et voilà qui est fait https://www.cjoint.com/?BLAkYvLcMUX

une info supplémentaire, je n'arrive pas à lancer certains fchiers exécutables tels que avast.exe, mon programme de messagerie, etc

g3n-h@ckm@n · Answer

redemarre la machine

Utilisateur anonyme · Answer

???????????

g3n-h@ckm@n · Answer

ben quand tu essaies de demarrer tes application , ca te dit : "clé marquée pour suppression" non ?

Utilisateur anonyme · Answer

non aucun message d'erreur n'apparaît
l'application ne se lance pas tout simplement ;)

g3n-h@ckm@n · Answer

ok

 &#9654 Téléchargez UsbFix (créé par El Desaparecido) sur votre Bureau.

&#9654 Si votre antivirus affiche une alerte, ignorez-la et désactivez l'antivirus temporairement.
&#9654 Branchez toutes vos sources de données externes à votre PC (clé USB, disque dur externe, etc...) sans les ouvrir.
&#9654 Double cliquez sur UsbFix.exe. (pour les utilisateurs de windows Vista , windows 7 , windows 8 , clique droit => executer en tant qu'administrateur" 

&#9654 Cliquez sur Suppression.
&#9654 Laissez travailler l'outil. 

&#9654 À la fin du scan, un rapport va s'afficher, postez-le dans votre prochaine réponse sur le forum.

&#9654 Le rapport est aussi sauvegardé à la racine du disque système ( C:\UsbFix.txt ).
&#9654 Tutoriel vidéo

Utilisateur anonyme · Answer

voici le rapport USBFix

############################## | UsbFix V 7.102 | [Suppression]

Utilisateur: X (Administrateur) # NOM-85BA1119ED5
Mis à jour le 20/12/2012 par El Desaparecido
Lancé à 11:34:49 | 26/12/2012

Site Web: https://www.sosvirus.net/
Contact: contact@eldesaparecido.com

PC: Sony Corporation (VGN-S5M_S) (X86-based PC
CPU:         Intel(R) Pentium(R) M processor 1.73GHz (1728)
RAM -> [Total : 2046 | Free : 1375]
BIOS: Ver 1.00PARTTBLL
BOOT: Normal boot

OS: Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 7.0.5730.13

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 33 Go (9 Go libre(s) - 29%) [Disque C] # NTFS
D:\ -> Disque fixe # 35 Go (30 Go libre(s) - 85%) [DATA] # NTFS
F:\ -> CD-ROM
H:\ -> Disque fixe # 736 Go (29 Go libre(s) - 4%) [MEDIA - HD EXTERNE] # NTFS
I:\ -> Disque fixe # 98 Go (58 Go libre(s) - 60%) [DATA - HD EXTERNE ] # NTFS
J:\ -> Disque fixe # 98 Go (82 Go libre(s) - 84%) [BACKUP - HD EXTERNE] # NTFS

################## | Processus Actif |

C:\WINDOWS\System32\smss.exe (868)
C:\WINDOWS\system32\winlogon.exe (968)
C:\WINDOWS\system32\services.exe (1012)
C:\WINDOWS\system32\lsass.exe (1024)
C:\WINDOWS\system32\svchost.exe (1184)
C:\WINDOWS\System32\svchost.exe (1332)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1788)
C:\WINDOWS\Explorer.EXE (1912)
C:\WINDOWS\System32\svchost.exe (588)
C:\WINDOWS\system32\spoolsv.exe (660)
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe (764)
C:\Program Files\Java\jre7\bin\jqs.exe (1216)
C:\Program Files\CDBurnerXP\NMSAccessU.exe (1388)
C:\WINDOWS\system32
vsvc32.exe (1488)
C:\WINDOWS\system32\svchost.exe (1724)
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (2044)
C:\WINDOWS\system32\MsPMSPSv.exe (240)
C:\WINDOWS\system32\wbem\wmiapsrv.exe (2416)
C:\WINDOWS\system32\wscntfy.exe (2608)
C:\Program Files\Apoint\Apoint.exe (3416)
C:\Program Files\Sony\ISB Utility\ISBMgr.exe (3432)
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (3440)
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (3620)
C:\Program Files\Apoint\Apntex.exe (3664)
C:\8yh1oiyt.exe (928)
C:\WINDOWS\system32\msiexec.exe (3960)
C:\UsbFix\Go.exe (4072)

################## | Processus Stoppés |

Stoppé! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1788)
Stoppé! C:\WINDOWS\Explorer.EXE (1912)
Stoppé! C:\WINDOWS\system32\spoolsv.exe (660)
Stoppé! C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe (764)
Stoppé! C:\Program Files\Java\jre7\bin\jqs.exe (1216)
Stoppé! C:\Program Files\CDBurnerXP\NMSAccessU.exe (1388)
Stoppé! C:\WINDOWS\system32
vsvc32.exe (1488)
Stoppé! C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (2044)
Stoppé! C:\WINDOWS\system32\MsPMSPSv.exe (240)
Stoppé! C:\WINDOWS\system32\wbem\wmiapsrv.exe (2416)
Stoppé! C:\WINDOWS\system32\wscntfy.exe (2608)
Stoppé! C:\Program Files\Apoint\Apoint.exe (3416)
Stoppé! C:\Program Files\Sony\ISB Utility\ISBMgr.exe (3432)
Stoppé! C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (3440)
Stoppé! C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (3620)
Stoppé! C:\Program Files\Apoint\Apntex.exe (3664)
Stoppé! C:\8yh1oiyt.exe (928)
Stoppé! C:\WINDOWS\system32\msiexec.exe (3960)

################## | Éléments infectieux |

Supprimé! C:\Recycler\S-1-5-21-2831647132-4134117731-276175365-500
Supprimé! D:\Recycler\S-1-5-21-2831647132-4134117731-276175365-1006
Supprimé! D:\Recycler\S-1-5-21-2831647132-4134117731-276175365-500
Supprimé! H:\Recycler\S-1-5-21-1021817841-2974146706-1453689397-1005
Supprimé! H:\Recycler\S-1-5-21-1275210071-1647877149-682003330-1003
Supprimé! H:\Recycler\S-1-5-21-2831647132-4134117731-276175365-1006
Supprimé! H:\Recycler\S-1-5-21-2831647132-4134117731-276175365-500
Supprimé! H:\Recycler\S-1-5-21-329068152-1123561945-1801674531-1003
Supprimé! H:\Recycler\S-1-5-21-329068152-1123561945-1801674531-500
Supprimé! H:\Recycler\S-1-5-21-3526554479-2618365348-1451069382-1005
Supprimé! H:\Recycler\S-1-5-21-3526554479-2618365348-1451069382-501
Supprimé! I:\Recycler\S-1-5-21-1275210071-1647877149-682003330-1003
Supprimé! I:\Recycler\S-1-5-21-2831647132-4134117731-276175365-1006
Supprimé! I:\Recycler\S-1-5-21-2831647132-4134117731-276175365-500
Supprimé! I:\Recycler\S-1-5-21-329068152-1123561945-1801674531-1003
Supprimé! J:\Recycler\S-1-5-21-1275210071-1647877149-682003330-1003
Supprimé! J:\Recycler\S-1-5-21-2831647132-4134117731-276175365-1006
Supprimé! J:\Recycler\S-1-5-21-2831647132-4134117731-276175365-500
Supprimé! J:\Recycler\S-1-5-21-329068152-1123561945-1801674531-1003
Supprimé! C:\ComboFix.exe
Supprimé! C:\UsbFix.exe
Supprimé! H:\._autorun.inf

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |


################## | Listing |

[20/12/2012 - 18:44:22 | N | 308] 	C:\.apdisk
[20/12/2012 - 18:44:57 | N | 6148] 	C:\.DS_Store
[20/12/2012 - 18:43:28 | AD ] 	C:\.Trashes
[26/12/2012 - 10:38:05 | N | 302592] 	C:\8yh1oiyt.exe
[09/08/2005 - 12:02:35 | N | 0] 	C:\AUTOEXEC.BAT
[28/11/2011 - 14:44:50 | N | 216] 	C:\Boot.bak
[25/12/2012 - 18:58:09 | N | 332] 	C:\boot.ini
[05/08/2004 - 13:00:00 | N | 4952] 	C:\Bootfont.bin
[25/12/2012 - 18:58:08 | D ] 	C:\cmdcons
[03/08/2004 - 23:00:08 | N | 263488] 	C:\cmldr
[09/08/2005 - 12:02:35 | N | 0] 	C:\CONFIG.SYS
[02/11/2012 - 01:34:16 | D ] 	C:\Documents and Settings
[04/08/2012 - 13:22:30 | D ] 	C:\drivers
[26/12/2012 - 10:14:08 | ASH | 2145570816] 	C:\hiberfil.sys
[09/08/2005 - 12:02:35 | N | 0] 	C:\IO.SYS
[15/06/2011 - 11:11:52 | D ] 	C:\JB2Driver
[24/12/2012 - 05:20:35 | N | 896016] 	C:\jxpiinstall.exe
[09/08/2005 - 12:02:35 | N | 0] 	C:\MSDOS.SYS
[19/12/2012 - 16:55:23 | N | 11101152] 	C:\mseinstall.exe
[13/06/2011 - 15:27:26 | RD ] 	C:\MSOCache
[05/08/2004 - 13:00:00 | N | 47564] 	C:\NTDETECT.COM
[24/07/2011 - 19:30:34 | N | 252240] 	C:
tldr
[05/09/2012 - 13:07:07 | D ] 	C:\Output Files
[26/12/2012 - 10:13:58 | ASH | 3221225472] 	C:\pagefile.sys
[26/12/2012 - 10:57:59 | D ] 	C:\Program Files
[26/12/2012 - 03:01:51 | D ] 	C:\Qoobox
[26/12/2012 - 11:38:44 | SHD ] 	C:\RECYCLER
[24/12/2012 - 00:25:48 | N | 11476952] 	C:\SyncBack_Setup.exe
[13/06/2011 - 15:07:08 | SHD ] 	C:\System Volume Information
[02/04/2012 - 12:43:53 | D ] 	C:\Update
[26/12/2012 - 11:38:45 | D ] 	C:\UsbFix
[26/12/2012 - 11:40:47 | A | 5242] 	C:\UsbFix.txt
[26/12/2012 - 03:25:57 | N | 178831] 	C:\Vaio Mode Sans Echec Combo Fix Log.txt
[26/12/2012 - 03:01:50 | D ] 	C:\WINDOWS
[22/12/2012 - 21:50:16 | D ] 	C:\_OTL
[27/05/2012 - 15:18:35 | D ] 	D:\!!! BACK UP
[20/12/2012 - 18:44:21 | N | 304] 	D:\.apdisk
[20/12/2012 - 18:56:22 | N | 6148] 	D:\.DS_Store
[20/12/2012 - 18:55:07 | D ] 	D:\.fseventsd
[20/12/2012 - 18:43:27 | AD ] 	D:\.Trashes
[26/12/2012 - 11:38:44 | SHD ] 	D:\RECYCLER
[21/11/2011 - 17:19:43 | SHD ] 	D:\System Volume Information
[25/08/2012 - 14:36:15 | ASH | 75776] 	D:\Thumbs.db
[24/12/2012 - 15:09:28 | D ] 	D:\WINDOWS LIVE MAIL
[22/02/2009 - 17:12:59 | N | 29018] 	H:\.VolumeIcon.icns
[22/02/2009 - 17:12:59 | N | 25214] 	H:\.VolumeIcon.ico
[06/01/2011 - 18:11:29 | N | 627712] 	H:\ehthumbs.db
[13/05/2012 - 14:02:46 | D ] 	H:\ITunes
[22/02/2009 - 17:12:49 | N | 391] 	H:\LaCie.ini
[21/09/2012 - 11:57:41 | D ] 	H:\Mes Films
[16/10/2012 - 11:28:46 | D ] 	H:\Musique
[16/12/2012 - 23:28:13 | D ] 	H:\Photos
[26/12/2012 - 11:38:45 | SHD ] 	H:\RECYCLER
[12/02/2011 - 23:42:44 | SHD ] 	H:\System Volume Information
[15/07/2011 - 00:21:51 | ASH | 373760] 	H:\Thumbs.db
[15/05/2011 - 15:46:41 | N | 58884] 	H:\ZbThumbnail.info
[25/09/2012 - 13:03:48 | D ] 	I:\!!! A TRAITER
[06/09/2012 - 02:07:11 | D ] 	I:\A CONTROLER
[27/11/2012 - 12:14:43 | D ] 	I:\BUSINESS
[22/12/2012 - 01:13:57 | D ] 	I:\LOGICIELS
[24/12/2012 - 00:45:25 | D ] 	I:\Program Files
[26/12/2012 - 11:38:45 | SHD ] 	I:\RECYCLER
[21/12/2012 - 01:50:33 | N | 67] 	I:\Redcorp.com Hard drive, Flash, Sd Card.URL
[16/10/2012 - 02:51:02 | D ] 	I:\REPERTOIRE
[27/07/2012 - 17:20:39 | SHD ] 	I:\System Volume Information
[19/09/2012 - 11:58:22 | D ] 	I:\WEBSITE
[22/12/2012 - 01:46:39 | D ] 	J:\28c4c5fc27adc3e263
[30/11/2011 - 11:35:53 | D ] 	J:\A traiter
[23/07/2012 - 02:02:46 | D ] 	J:\Autos
[30/07/2012 - 16:46:46 | D ] 	J:\Business
[11/09/2010 - 00:32:31 | ASH | 172] 	J:\Desktop.ini
[30/11/2011 - 10:31:26 | D ] 	J:\Documents & Settings
[06/05/2012 - 04:49:54 | D ] 	J:\Mes Documents - BackUp
[03/05/2012 - 12:38:11 | D ] 	J:\Mes Photos - BackUp
[25/12/2012 - 19:18:42 | D ] 	J:\Recycled
[26/12/2012 - 11:38:45 | SHD ] 	J:\RECYCLER
[30/11/2011 - 11:28:59 | D ] 	J:\Repertoire
[27/07/2012 - 17:44:33 | SHD ] 	J:\System Volume Information
[29/06/2011 - 23:39:13 | ASH | 366080] 	J:\Thumbs.db
[13/08/2012 - 14:40:50 | D ] 	J:\Website
[02/04/2012 - 13:11:38 | D ] 	J:\Windows Live Mail
[29/08/2010 - 21:09:35 | N | 3188] 	J:\ZbThumbnail.info

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
J:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | Upload |

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_NOM-85BA1119ED5.zip
http://eldesaparecido.com/upload.php
Merci de votre contribution.

################## | E.O.F |

g3n-h@ckm@n · Answer

on va faire avec ca pour le lancement de tes applications je soupconne une clé particulière

Attention !!! : Seuls ces liens sont officiels ne pas telecharger l'outil sur d'autres liens !!
Attention !!! : cet outil peut etre détecté à tort comme virus
Attention !!! : cet outil est puissant suivre scrupuleusement les instructions ci-dessous

tous les processus "non vitaux de windows" vont être coupés , enregistre ton travail. Il y aura une extinction du bureau pendant le scan --> pas de panique.

Désactive toutes tes protections si possible , antivirus , sandbox , pare-feux , etc....: https://forum.pcastuces.com/default.asp

telecharge et enregistre Pre_Scan sur ton bureau :

https://forums-fec.be/gen-hackman/Pre_Scan.exe

si le lien ne fonctionne pas :

http://www.archive-host.com

si l'outil est relancé plusieurs fois , il te proposera un menu et qu'aucune option n'est demandée, lance l'option "Scan|Kill"

si l'outil est bloqué par l'infection utilise cette version avec extension .pif :

https://forums-fec.be/gen-hackman/Pre_Scan.pif

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

Il se peut que des fenêtres noires clignotent , laisse-le travailler.

Laisse l'outil redemarrer ton pc.

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra à la racine de ton disque système ( généralement C:\ )

NE LE POSTE PAS SUR LE FORUM !!! (il est trop long)

Heberge le rapport sur https://www.cjoint.com/ puis donne le lien obtenu en echange sur le forum où tu te fais aider

Utilisateur anonyme · Answer

lorsque je clique sur le lien 
https://forums-fec.be/gen-hackman/Pre_Scan.exe
c'est le fichier winlogon.exe qui se télécharge 
idem pour l'autre lien 
c'est normal ?

g3n-h@ckm@n · Answer

oui oui

buckhulk · Answer

excuse moi gen mais j'ai du mal à comprendre pourquoi et comment on fait un "combofix" comme ça sans rien connaître !!
ça me dépasse que tu n'es pas fait la remarque !!
a +

g3n-h@ckm@n · Answer

bah tant qu'on scripte pas y'a autant de danger qu'avec un autre tool :)

si ca doit planter ca plantera , que ce soit avec combo , pre_scan ou autre

buckhulk · Answer

oui je sais mais si LUCKYLUKE123 commence comme ça .....!!

Utilisateur anonyme · Answer

Bonsoir,
j'ai suivi vos instructions à la lettre :)
voici les erreurs 

1/ en voulant désinstaller combo fix un message d'erreur du style:" impossible de trouver le fichier c:\combofixCF9273.3xe" est apparu 

2/ j'ai lancé Préscan et un message d'erreur apparaît "AutoIt Error Allocating Memory"

Gloups.... et que dois-je faire maintenant ? 

merci d'avance

g3n-h@ckm@n · Answer

mets à jour windows XP

Utilisateur anonyme · Answer

ok c'est lancé
je reviens dès que c'est terminé :)
d'ici là .... bon ap :)

g3n-h@ckm@n · Answer

essaie de preciser un maximum les soucis , msg d'erreur ou autre....

Utilisateur anonyme · Answer

1/ en voulant désinstaller combo fix un message d'erreur du style:" impossible de trouver le fichier c:\combofixCF9273.3xe" est apparu

2/ j'ai lancé Préscan et un message d'erreur apparaît "AutoIt Error Allocating Memory"

3/ combofix a donné l'indic suivante:"un rootkit zero access se trouve dans la pile tcp/ip..."

4/ je ne sais pas booter avec le cd kaspersky à partir de mon lecteur

je sens que ce VAio va passer à la poubelle :)

g3n-h@ckm@n · Answer

je parlais de ca :

malgré plusieures tentatives pour charger les mise à jour XP normalement ou en mode sans échec,

g3n-h@ckm@n · Answer

? le rootkit a été dégagé par combofix dès le premier scan....


c:\windows\$NtUninstallKB58345$
c:\windows\$NtUninstallKB58345$\1777109509\@
c:\windows\$NtUninstallKB58345$\1777109509\Desktop.ini
c:\windows\$NtUninstallKB58345$\1777109509\L\00000004.@
c:\windows\$NtUninstallKB58345$\1777109509\L\201d3dde
c:\windows\$NtUninstallKB58345$\1777109509\L\qeafzoax
c:\windows\$NtUninstallKB58345$\1777109509\U\00000004.@
c:\windows\$NtUninstallKB58345$\1777109509\U\00000008.@
c:\windows\$NtUninstallKB58345$\1777109509\U\000000cb.@
c:\windows\$NtUninstallKB58345$\1777109509\U\80000000.@
c:\windows\$NtUninstallKB58345$\1777109509\U\80000032.@
c:\windows\$NtUninstallKB58345$\4139392086

g3n-h@ckm@n · Answer

fais l'option "diag de pre_scan , heberge le rapport pre_diag et donne le lien

Utilisateur anonyme · Answer

ok ok 
je ne supprime rien :) 
je ne bouge plus :) 


voici le rapport pé_diag
http://cjoint.com/data3/3LCshxXhrFG.htm

et le rapport pre_scan
https://www.cjoint.com/?BLCsBYDGP2d

dans l'attente de vos remarques et précieux conseils

merci

g3n-h@ckm@n · Answer

il date de quand tdsskiller ?

g3n-h@ckm@n · Answer

ton rapport date du 31.10.2012

TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

Help - Virus Police Belge - Log ComboFIx

27 réponses

Discussions similaires

Newsletters