Mon PC détecte aucun CD, appareil photo, MP3
michael jackson
-
cs-bilou Messages postés 836 Statut Membre -
cs-bilou Messages postés 836 Statut Membre -
Bonjour,
Hier j'ai essayer de mettre quelques photos graver sur un CD sur mon ordinateur, il ne ma rien mis, j'étais obliger d'aller dans poste de travail, puis mon lecteur E:
Aujourd'hui, je veux mettre des musiques sur mon MP3, je le mets dans l'USB, et il ne détecte rien ! Et même si je fais poste de travail, je trouve pas le lecteur
Aidez moi s'il vous plait !
Hier j'ai essayer de mettre quelques photos graver sur un CD sur mon ordinateur, il ne ma rien mis, j'étais obliger d'aller dans poste de travail, puis mon lecteur E:
Aujourd'hui, je veux mettre des musiques sur mon MP3, je le mets dans l'USB, et il ne détecte rien ! Et même si je fais poste de travail, je trouve pas le lecteur
Aidez moi s'il vous plait !
A voir également:
- Mon PC détecte aucun CD, appareil photo, MP3
- Télécharger musique mp3 gratuitement sur pc - Télécharger - Conversion & Extraction
- Google photo - Télécharger - Albums photo
- Mon pc est lent - Guide
- Mp3 gain - Télécharger - Édition & Montage
- Reinitialiser pc - Guide
7 réponses
A mon avis tu a du de chopper un virus.
Tien lance ComboFix
Et poste nous le rapport qui doit être dans c:\Combofix.txt
Bilou.
Tien lance ComboFix
Et poste nous le rapport qui doit être dans c:\Combofix.txt
Bilou.
Effectivement, j'ai un gros virus
un agent
Avira n'arrête pas quand je démarre l'ordinateur, j'ai changé d'antivirus, j'ai pris Nod 32, il arrive à éliminer la menace, mais ça revient quelques fois
un agent
Avira n'arrête pas quand je démarre l'ordinateur, j'ai changé d'antivirus, j'ai pris Nod 32, il arrive à éliminer la menace, mais ça revient quelques fois
Je te conseille de lancé ComboFix.
Et poste moi le rapport en suite.
PS:Avant de lancer Combofix je te conseille de couper tout tes antivirus.
Bilou.
Et poste moi le rapport en suite.
PS:Avant de lancer Combofix je te conseille de couper tout tes antivirus.
Bilou.
voici le rapport:
ComboFix 09-06-26.02 - Francesco 27/06/2009 11:21.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.247.63 [GMT 2:00]
Lancé depuis: c:\documents and settings\Francesco\Mes documents\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Un antivirus résident est actif
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Francesco\Application Data\02000000996e6c8e623C.manifest
c:\documents and settings\Francesco\Application Data\02000000996e6c8e623O.manifest
c:\documents and settings\Francesco\Application Data\02000000996e6c8e623P.manifest
c:\documents and settings\Francesco\Application Data\02000000996e6c8e623S.manifest
c:\documents and settings\Francesco\Application Data\addon.dat
c:\temp\1cb
c:\temp\1cb\syscheck.log
c:\windows\Fonts\'
c:\windows\KB8888239.log
c:\windows\system32\AutoRun.inf
c:\windows\system32\bszip.dll
c:\windows\system32\drivers\KeenSense.sys
c:\windows\system32\drivers\ksdevice.sys
c:\windows\system32\GroupPolicy000.dat
c:\windows\system32\Ijl11.dll
c:\windows\system32\iQrruvut.ini
c:\windows\system32\iQrruvut.ini2
c:\windows\system32\mcrh.tmp
c:\windows\system32\TDSSlxwp.log
c:\windows\system32\TDSSorvd.dat
c:\windows\system32\TDSSosvd.dll
c:\windows\Tasks\sgtfiifq.job
c:\windows\system32\hlp95en32.dll . . . . impossible à supprimer
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_IPRIP
-------\Service_Iprip
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-27 au 2009-06-27 ))))))))))))))))))))))))))))))))))))
.
2009-06-27 08:33 . 2009-06-27 08:35 -------- d-----w- c:\documents and settings\Francesco\Local Settings\Application Data\Google
2009-06-27 07:52 . 2009-06-27 07:52 -------- d-s---w- c:\windows\system32\%SystemDrive%
2009-06-27 07:47 . 2009-06-27 07:47 -------- d-----w- c:\documents and settings\Francesco\Application Data\FrostWire
2009-06-27 07:35 . 2009-06-27 07:35 -------- d-s---w- c:\documents and settings\Francesco\UserData
2009-06-27 07:19 . 2009-06-27 07:19 -------- d-----w- c:\documents and settings\Francesco\Application Data\HPAppData
2009-06-27 07:17 . 2009-06-27 07:17 -------- d-----w- c:\documents and settings\Francesco\Local Settings\Application Data\Mozilla
2009-06-27 07:17 . 2009-06-27 07:17 -------- d-----w- c:\documents and settings\Francesco\Local Settings\Application Data\ESET
2009-06-27 06:52 . 2009-06-27 06:52 -------- d-----w- c:\program files\ESET
2009-06-27 06:52 . 2009-06-27 06:52 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-06-26 20:58 . 2009-06-27 09:38 -------- d-sh--w- c:\windows\system32\SystemX86
2009-06-26 20:57 . 2009-06-27 09:35 143360 ------w- c:\windows\system32\hlp95en32.dll
2009-06-26 19:58 . 2009-06-27 07:47 -------- d-----w- c:\program files\FrostWire
2009-06-26 19:58 . 2009-06-26 19:58 -------- d-----w- c:\program files\AskSearch
2009-06-26 19:58 . 2009-06-26 19:58 -------- d-----w- c:\program files\AskBarDis
2009-06-26 19:55 . 2009-06-26 19:57 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2009-06-26 19:55 . 2009-06-26 19:57 262144 ----a-w- c:\windows\system32\wrap_oal.dll
2009-06-26 14:56 . 2009-06-26 14:56 -------- d-----w- c:\windows\system32\wbem\Repository
2009-06-25 10:43 . 2009-06-26 11:16 30958 ----a-w- c:\windows\k_urlmon.dll
2009-06-25 06:07 . 2009-06-25 06:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon
2009-06-25 05:46 . 2009-06-26 20:53 -------- d-----w- c:\program files\Metin2_France
2009-06-24 18:33 . 2004-02-16 23:00 434252 ----a-w- c:\windows\system32\Msvcrtd.dll
2009-06-24 18:33 . 2009-06-25 06:20 -------- d-----w- c:\program files\Zapu
2009-06-24 13:01 . 2009-06-24 13:01 -------- d-----w- c:\program files\Compil Games
2009-06-24 12:10 . 2009-06-24 12:10 -------- d-----w- c:\program files\FDRLab
2009-06-23 23:16 . 2009-06-23 23:16 -------- d-----w- c:\program files\win32a
2009-06-23 16:14 . 2009-06-23 23:38 99254 ----a-w- c:\windows\system32\winkc.dll
2009-06-22 20:57 . 2009-06-22 20:57 -------- d-----w- c:\documents and settings\All Users\Application Data\001
2009-06-22 19:51 . 2009-06-24 12:16 -------- d-----w- c:\program files\SlySoft
2009-06-21 14:03 . 2009-06-22 20:56 -------- d-----w- c:\program files\001
2009-06-20 16:31 . 2009-06-20 16:31 65536 ----a-w- c:\windows\system32\VDPersns.dat
2009-06-20 16:29 . 2004-09-22 09:46 37409 ----a-w- c:\windows\system32\drivers\fsRamDsk.sys
2009-06-20 16:23 . 2004-09-22 09:46 77824 ------w- c:\windows\system32\RDrv2KInterface.dll
2009-06-20 16:23 . 2004-07-17 06:33 32768 ------w- c:\windows\system32\RDrv9xInterface.dll
2009-06-20 16:23 . 2004-06-29 07:03 28672 ------w- c:\windows\system32\RDrvInterface.dll
2009-06-20 16:23 . 2004-03-12 05:44 36864 ------w- c:\windows\system32\unVHDDrvExe.exe
2009-06-20 16:23 . 2004-03-12 05:44 36864 ------w- c:\windows\system32\inVHDDrvExe.exe
2009-06-20 16:23 . 2004-01-13 02:51 53248 ------w- c:\windows\system32\RDrvNTInterface.dll
2009-06-20 15:23 . 2009-06-20 15:23 -------- d-----w- c:\program files\Notepad++
2009-06-20 13:21 . 2004-06-18 12:07 656542 ----a-w- C:\218_icol.dll
2009-06-20 13:15 . 2009-06-20 13:15 51276 ---ha-w- c:\windows\system32\mlfcache.dat
2009-06-20 13:10 . 2009-06-20 13:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-06-20 12:14 . 2009-06-20 14:17 -------- d-----w- c:\program files\eMule
2009-06-20 07:38 . 2009-06-20 13:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-06-19 19:12 . 2009-06-20 09:31 -------- d-----w- c:\documents and settings\All Users\Application Data\flag ace stupid data
2009-06-19 19:09 . 2009-06-19 19:27 -------- d-----w- c:\program files\Messenger Plus! Live
2009-06-18 16:20 . 2007-01-18 12:00 3968 ----a-w- c:\windows\system32\drivers\AvgArCln.sys
2009-06-18 16:16 . 2009-06-18 16:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-13 15:38 . 2009-06-13 15:48 2680 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2009-06-13 13:46 . 2005-01-01 00:43 4682 ----a-w- c:\windows\system32\npptNT2.sys
2009-06-12 17:02 . 2009-06-12 17:02 796672 ----a-w- c:\windows\GPInstall.exe
2009-06-10 11:08 . 2009-06-10 11:08 -------- d-----w- c:\windows\system32\HPAppData
2009-06-07 19:35 . 2009-06-07 19:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard
2009-06-05 18:26 . 2009-06-13 16:55 -------- d-----w- c:\program files\PhotoFiltre
2009-06-01 18:03 . 2009-06-01 18:17 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-05-30 15:03 . 2009-05-30 15:03 -------- d-----w- c:\program files\Pivot Stickfigure Animator
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-27 07:14 . 2009-06-27 07:14 81352 ----a-w- c:\documents and settings\Francesco\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-26 16:32 . 2003-01-02 05:09 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-22 19:52 . 2009-06-22 19:52 24 --sh--w- c:\windows\S3E9D5E0E.tmp
2009-06-22 18:20 . 2003-01-02 05:09 -------- d---a-w- c:\program files\Fichiers communs\InstallShield
2009-06-13 15:48 . 2009-03-31 18:38 83422 ----a-w- c:\windows\BricoPackUninst.cmd
2009-06-13 13:45 . 2009-05-23 17:52 -------- d-----w- c:\program files\Common Files
2009-05-26 05:12 . 2009-04-03 19:35 160346 ----a-w- c:\windows\hpoins14.dat
2009-05-26 05:12 . 2009-05-26 05:12 -------- d-----w- c:\documents and settings\All Users\Application Data\WEBREG
2009-05-25 19:10 . 2009-05-25 19:10 -------- d-----w- c:\program files\CDBurnerXP Pro 3
2009-05-25 07:16 . 2009-05-25 07:16 339968 ----a-w- c:\windows\system32\pythoncom25.dll
2009-05-25 07:16 . 2009-05-25 07:16 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-05-25 07:16 . 2009-05-25 07:16 2117632 ----a-w- c:\windows\system32\python25.dll
2009-05-25 07:16 . 2009-05-25 07:16 114688 ----a-w- c:\windows\system32\pywintypes25.dll
2009-05-25 07:15 . 2009-05-25 07:15 -------- d-----w- c:\program files\AGI
2009-05-23 17:59 . 2009-05-23 17:59 -------- d-----w- c:\program files\HyCam2
2009-05-23 17:23 . 2009-05-23 17:23 1457917 ----a-w- c:\windows\system32\50 Cent.scr
2009-05-23 17:21 . 2009-05-23 17:21 201728 ----a-w- c:\windows\system32\hfd_ss_coco.scr
2009-05-23 17:16 . 2009-05-23 17:16 398539 ----a-w- c:\windows\system32\humour_003.scr
2009-05-23 13:10 . 2009-05-23 13:10 -------- d-----w- c:\program files\Capturino V2
2009-05-15 13:04 . 2009-05-15 13:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-05-15 13:00 . 2009-05-15 13:00 -------- d-----w- c:\program files\Windows Media Connect 2
2009-05-14 13:49 . 2009-05-14 13:49 94360 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2009-05-14 13:47 . 2009-05-14 13:47 107256 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-05-14 13:41 . 2009-05-14 13:41 114472 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-05-12 11:07 . 2009-01-28 07:47 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-05-12 11:07 . 2009-05-12 11:07 -------- d-----w- c:\program files\Java
2009-05-09 12:03 . 2003-01-02 05:26 -------- d---a-w- c:\program files\InterVideo
2009-05-08 15:51 . 2009-05-08 15:50 -------- d-----w- c:\program files\Windows Live
2009-05-02 22:01 . 2003-01-02 12:25 55612 ----a-w- c:\windows\system32\perfc00C.dat
2009-05-02 22:01 . 2003-01-02 12:25 427826 ----a-w- c:\windows\system32\perfh00C.dat
2009-05-02 18:21 . 2003-03-18 18:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-04-26 16:31 . 2009-04-26 16:31 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstCCD.exe
2009-04-26 16:31 . 2009-04-26 16:31 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCSFEMsi.exe
2009-04-26 16:31 . 2009-04-26 16:31 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCS.exe
2009-04-03 18:27 . 2009-04-03 18:21 114517 ----a-w- c:\windows\hpqins11.dat
2009-03-31 18:38 . 2003-01-01 16:55 219648 ----a-w- c:\windows\system32\uxtheme.dll
2009-03-29 21:26 . 2009-03-29 21:26 3339684 ----a-w- c:\windows\system32\Numanumaye.scr
2008-10-15 21:08 . 2008-10-15 12:08 0 -csha-w- c:\windows\SMINST\HPCD.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-09-08 20:08 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\b46c05c8623]
2009-06-27 09:35 143360 ------w- c:\windows\system32\hlp95en32.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\FrostWire\\FrostWire.exe"=
"c:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"=
"c:\\Documents and Settings\\Propriétaire.TILL-LINDEMANN\\Bureau\\samp01b-server\\samp-server.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Shareaza Applications\\Shareaza\\Shareaza.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Metin2_France\\metin2.bin"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Zapu\\Zapu\\wDivi.exe"=
"c:\\Documents and Settings\\Propriétaire.TILL-LINDEMANN\\Local Settings\\Temp\\Msn Messenger Hack X..exe"=
"c:\\WINDOWS\\explorer.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:*:Disabled:Groupement homologue Windows
"3540:UDP"= 3540:UDP:*:Disabled:Protocole PNRP (Peer Name Resolution Protocol)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14/05/2009 15:47 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14/05/2009 15:49 94360]
R3 PAC207;SoC PC-Camer@;c:\windows\system32\drivers\PFC027.sys [24/02/2005 13:29 162176]
S0 FVDSCSI;FVDSCSI;c:\windows\system32\DRIVERS\fvdscsi.sys --> c:\windows\system32\DRIVERS\fvdscsi.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{649ECE67-BA10-F963-8F75-09FD492F0283}]
c:\program files\win32a\msnger.exe s
.
Contenu du dossier 'Tâches planifiées'
2009-06-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3142793328-944690519-675105539-1006.job
- c:\documents and settings\Francesco\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-27 08:33]
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{6C604C5C-0201-145A-7B33-406A110DBC72} - (no file)
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
mDefault_Page_URL = hxxp://fr8.hpwis.com/
mDefault_Search_URL = hxxp://srch-fr8.hpwis.com/
mSearch Page = hxxp://srch-fr8.hpwis.com/
mStart Page = hxxp://www.cooxer.com/
mSearch Bar = hxxp://srch-fr8.hpwis.com/
TCP: {DFEE8871-0EDC-44A1-8739-9F36FD6D6A42} = 212.216.212.122
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-27 11:36
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
c:\windows\system32\GroupPolicy000.dat 1933 bytes
Scan terminé avec succès
Fichiers cachés: 1
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET CLR Data]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET CLR Networking]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NETFramework]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\6to4]
"ServiceDll"="%SystemRoot%\System32\6to4svc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Abiosdsk]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\abp480n5]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ACPI]
"ImagePath"="System32\DRIVERS\ACPI.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ACPIEC]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\adpu160m]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aec]
"ImagePath"="system32\drivers\aec.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AFD]
"ImagePath"="\SystemRoot\System32\drivers\afd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Aha154x]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aic78u2]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aic78xx]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALCXWDM]
"ImagePath"="system32\drivers\ALCXWDM.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Alerter]
"ServiceDll"="%SystemRoot%\system32\alrsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AliIde]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AmdK7]
"ImagePath"="System32\DRIVERS\amdk7.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\amsint]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Arp1394]
"ImagePath"="System32\DRIVERS\arp1394.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc3350p]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc3550]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswTdi]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AsyncMac]
"ImagePath"="System32\DRIVERS\asyncmac.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\atapi]
"ImagePath"="System32\DRIVERS\atapi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Atdisk]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ati2mtag]
"ImagePath"="System32\DRIVERS\ati2mtag.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Atmarpc]
"ImagePath"="System32\DRIVERS\atmarpc.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AudioSrv]
"ServiceDll"="%SystemRoot%\System32\audiosrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\audstub]
"ImagePath"="System32\DRIVERS\audstub.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AVG Anti-Rootkit]
"ImagePath"="System32\DRIVERS\avgarkt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AvgArCln]
"ImagePath"="System32\DRIVERS\AvgArCln.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BattC]
"MofImagePath"="System32\Drivers\battc.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Beep]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BITS]
"ServiceDll"="c:\windows\system32\qmgr.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme]
"ImagePath"="\??\c:\docume~1\FRANCE~1\LOCALS~1\Temp\catchme.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cbidf2k]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CCDECODE]
"ImagePath"="System32\DRIVERS\CCDECODE.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cd20xrnt]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdaudio]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdfs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdrom]
"ImagePath"="System32\DRIVERS\cdrom.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Changer]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cisvc]
"ImagePath"="%SystemRoot%\system32\cisvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ClipSrv]
"ImagePath"="%SystemRoot%\system32\clipsrv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmdIde]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\COMSysApp]
"ImagePath"="c:\windows\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ContentFilter]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ContentIndex]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cpqarray]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CryptSvc]
"ServiceDll"="%SystemRoot%\System32\cryptsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dac2w2k]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dac960nt]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dhcp]
"ServiceDll"="%SystemRoot%\System32\dhcpcsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Disk]
"ImagePath"="System32\DRIVERS\disk.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmadmin]
"ImagePath"="%SystemRoot%\System32\dmadmin.exe /com"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmboot]
"ImagePath"="System32\drivers\dmboot.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmio]
"ImagePath"="System32\drivers\dmio.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmload]
"ImagePath"="System32\drivers\dmload.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmserver]
"ServiceDll"="%SystemRoot%\System32\dmserver.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DMusic]
"ImagePath"="system32\drivers\DMusic.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dot3svc]
"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dpti2o]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\eamon]
"ImagePath"="system32\DRIVERS\eamon.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EapHost]
"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ehdrv]
"ImagePath"="system32\DRIVERS\ehdrv.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EhttpSrv]
"ImagePath"="\"c:\program files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ekrn]
"ImagePath"="\"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EL90XBC]
"ImagePath"="System32\DRIVERS\el90xbc5.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\epfwtdir]
"ImagePath"="system32\DRIVERS\epfwtdir.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ERSvc]
"ServiceDll"="%SystemRoot%\System32\ersvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog]
"ImagePath"="%SystemRoot%\system32\services.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EventSystem]
"ServiceDll"="c:\windows\System32\es.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fastfat]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FastUserSwitchingCompatibility]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\fcdabus]
"ImagePath"="system32\DRIVERS\fcdabus.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fdc]
"ImagePath"="System32\DRIVERS\fdc.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fips]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Flpydisk]
"ImagePath"="System32\DRIVERS\flpydisk.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FltMgr]
"ImagePath"="system32\drivers\fltmgr.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\fsRamDsk]
"ImagePath"="System32\Drivers\fsRamDsk.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fs_Rec]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ftdisk]
"ImagePath"="System32\DRIVERS\ftdisk.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FVDSCSI]
"ImagePath"="system32\DRIVERS\fvdscsi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Gpc]
"ImagePath"="System32\DRIVERS\msgpc.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\helpsvc]
"ServiceDll"="%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HidServ]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hkmsvc]
"ServiceDll"="%SystemRoot%\System32\kmsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hpn]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hpqcxs08]
"ServiceDll"="c:\program files\HP\Digital Imaging\bin\hpqcxs08.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hpqddsvc]
"ServiceDll"="c:\program files\HP\Digital Imaging\bin\hpqddsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HPZid412]
"ImagePath"="System32\DRIVERS\HPZid412.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HPZipr12]
"ImagePath"="System32\DRIVERS\HPZipr12.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HPZius12]
"ImagePath"="System32\DRIVERS\HPZius12.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HSFHWBS2]
"ImagePath"="System32\DRIVERS\HSFHWBS2.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HSF_DPV]
"ImagePath"="System32\DRIVERS\HSF_DPV.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HTTP]
"ImagePath"="System32\Drivers\HTTP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HTTPFilter]
"ServiceDll"="%SystemRoot%\System32\w3ssl.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i2omgmt]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i2omp]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i8042prt]
"ImagePath"="System32\DRIVERS\i8042prt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ialm]
"ImagePath"="System32\DRIVERS\ialmnt5.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Imapi]
"ImagePath"="System32\DRIVERS\imapi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ImapiService]
"ImagePath"="%systemroot%\system32\imapi.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\inetaccs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ini910u]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Inport]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IntelIde]
"ImagePath"="System32\DRIVERS\intelide.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ip6fw]
"ImagePath"="system32\drivers\ip6fw.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpFilterDriver]
"ImagePath"="System32\DRIVERS\ipfltdrv.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpInIp]
"ImagePath"="System32\DRIVERS\ipinip.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpNat]
"ImagePath"="System32\DRIVERS\ipnat.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Iprip]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IPSec]
"ImagePath"="System32\DRIVERS\ipsec.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IRENUM]
"ImagePath"="System32\DRIVERS\irenum.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ISAPISearch]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\isapnp]
"ImagePath"="System32\DRIVERS\isapnp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\JavaQuickStarterService]
"ImagePath"="\"c:\program files\Java\jre6\bin\jqs.exe\" -service -config \"c:\program files\Java\jre6\lib\deploy\jqs\jqs.conf\""
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Kbdclass]
"ImagePath"="System32\DRIVERS\kbdclass.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\kmixer]
"ImagePath"="system32\drivers\kmixer.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\KSecDD]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lanmanserver]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lanmanworkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lbrtfdc]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ldap]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LicenseService]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LmHosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LPDSVC]
"ImagePath"="%SystemRoot%\System32\tcpsvcs.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Messenger]
"ServiceDll"="%SystemRoot%\System32\msgsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mnmdd]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mnmsrvc]
"ImagePath"="c:\windows\System32\mnmsrvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Modem]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Mouclass]
"ImagePath"="System32\DRIVERS\mouclass.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MountMgr]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mraid35x]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MRxDAV]
"ImagePath"="System32\DRIVERS\mrxdav.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MRxSmb]
"ImagePath"="System32\DRIVERS\mrxsmb.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSDTC]
"ImagePath"="c:\windows\System32\msdtc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Msfs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSIServer]
"ImagePath"="c:\windows\System32\msiexec.exe /V"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mssmbios]
"ImagePath"="System32\DRIVERS\mssmbios.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSTEE]
"ImagePath"="system32\drivers\MSTEE.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Mup]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NABTSFEC]
"ImagePath"="system32\DRIVERS\NABTSFEC.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\napagent]
"ServiceDll"="%SystemRoot%\System32\qagentrt.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NDIS]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisIP]
"ImagePath"="system32\DRIVERS\NdisIP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ndisrd]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisTapi]
"ImagePath"="System32\DRIVERS\ndistapi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ndisuio]
"ImagePath"="System32\DRIVERS\ndisuio.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisWan]
"ImagePath"="System32\DRIVERS\ndiswan.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NDProxy]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Net Driver HPZ12]
"ServiceDll"="c:\windows\System32\HPZinw12.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetBIOS]
"ImagePath"="System32\DRIVERS\netbios.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetBT]
"ImagePath"="System32\DRIVERS\netbt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetDDE]
"ImagePath"="%SystemRoot%\system32\netdde.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetDDEdsdm]
"ImagePath"="%SystemRoot%\system32\netdde.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Netlogon]
"ImagePath"="%SystemRoot%\System32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIC1394]
"ImagePath"="System32\DRIVERS\nic1394.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Nla]
"ServiceDll"="%SystemRoot%\System32\mswsock.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Npfs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ntfs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtLmSsp]
"ImagePath"="%SystemRoot%\System32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc]
"ServiceDll"="%SystemRoot%\system32\ntmssvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Null]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\nv]
"ImagePath"="System32\DRIVERS\nv4_mini.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NVSvc]
"ImagePath"="%SystemRoot%\System32\nvsvc32.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\nv_agp]
"ImagePath"="System32\DRIVERS\nv_agp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NwlnkFlt]
"ImagePath"="System32\DRIVERS\nwlnkflt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NwlnkFwd]
"ImagePath"="System32\DRIVERS\nwlnkfwd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ohci1394]
"ImagePath"="System32\DRIVERS\ohci1394.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\p2pgasvc]
"ServiceDll"="%SystemRoot%\system32\p2pgasvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\p2pimsvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\p2psvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PAC207]
"ImagePath"="system32\DRIVERS\pfc027.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Parport]
"ImagePath"="System32\DRIVERS\parport.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PartMgr]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ParVdm]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCI]
"ImagePath"="System32\DRIVERS\pci.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCIDump]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCIIde]
"ImagePath"="\SystemRoot\System32\DRIVERS\pciide.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Pcmcia]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDCOMP]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDFRAME]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDRELI]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDRFRAME]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\perc2]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\perc2hib]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfDisk]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfNet]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfOS]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfProc]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pfc]
"ImagePath"="system32\drivers\pfc.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PlugPlay]
"ImagePath"="%SystemRoot%\system32\services.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Pml Driver HPZ12]
"ServiceDll"="c:\windows\System32\HPZipm12.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PNRPSvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PolicyAgent]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PortProxy]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PptpMiniport]
"ImagePath"="System32\DRIVERS\raspptp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Processor]
"ImagePath"="System32\DRIVERS\processr.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ps2]
"ImagePath"="System32\DRIVERS\PS2.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PSched]
"ImagePath"="System32\DRIVERS\psched.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ptilink]
"ImagePath"="System32\DRIVERS\ptilink.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1080]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ql10wnt]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql12160]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1240]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1280]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasAcd]
"ImagePath"="System32\DRIVERS\rasacd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Rasl2tp]
"ImagePath"="System32\DRIVERS\rasl2tp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasPppoe]
"ImagePath"="System32\DRIVERS\raspppoe.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Raspti]
"ImagePath"="System32\DRIVERS\raspti.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Rdbss]
"ImagePath"="System32\DRIVERS\rdbss.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPDD]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPNP]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPWD]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDSessMgr]
"ImagePath"="c:\windows\system32\sessmgr.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\redbook]
"ImagePath"="System32\DRIVERS\redbook.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RemoteAccess]
"ServiceDll"="%SystemRoot%\System32\mprdim.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RpcLocator]
"ImagePath"="%SystemRoot%\System32\locator.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RpcSs]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RSVP]
"ImagePath"="%SystemRoot%\System32\rsvp.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rtl8139]
"ImagePath"="System32\DRIVERS\RTL8139.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S3Psddr]
"ImagePath"="System32\DRIVERS\s3gnbm.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SCardSvr]
"ImagePath"="%SystemRoot%\System32\SCardSvr.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Schedule]
"ServiceDll"="%SystemRoot%\system32\schedsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ScsiPort]
"ImagePath"="%SystemRoot%\system32\drivers\scsiport.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SeaPort]
"ImagePath"="\"c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Secdrv]
"ImagePath"="System32\DRIVERS\secdrv.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\seclogon]
"ServiceDll"="%SystemRoot%\System32\seclogon.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SENS]
"ServiceDll"="%SystemRoot%\system32\sens.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\serenum]
"ImagePath"="System32\DRIVERS\serenum.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Serial]
"ImagePath"="System32\DRIVERS\serial.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sfdrv01]
"ImagePath"="System32\drivers\sfdrv01.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sfhlp02]
"ImagePath"="System32\drivers\sfhlp02.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Sfloppy]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Simbad]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SimpTcp]
"ImagePath"="%SystemRoot%\System32\tcpsvcs.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SiS315]
"ImagePath"="System32\DRIVERS\sisgrp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SISAGP]
"ImagePath"="System32\DRIVERS\SISAGPX.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SLIP]
"ImagePath"="system32\DRIVERS\SLIP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Sparrow]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\splitter]
"ImagePath"="system32\drivers\splitter.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Spooler]
"ImagePath"="%SystemRoot%\system32\spoolsv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sr]
"ImagePath"="system32\DRIVERS\sr.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\srservice]
"ServiceDll"="c:\windows\System32\srsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Srv]
"ImagePath"="System32\DRIVERS\srv.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\STI Simulator]
"ImagePath"="c:\windows\System32\PAStiSvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\stisvc]
"ServiceDll"="%SystemRoot%\system32\wiaservc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\streamip]
"ImagePath"="system32\DRIVERS\StreamIP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swenum]
"ImagePath"="System32\DRIVERS\swenum.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swmidi]
"ImagePath"="system32\drivers\swmidi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SwPrv]
"ImagePath"="c:\windows\System32\dllhost.exe /Processid:{3BA59150-CF3B-44C7-8AFA-DE5CF886C40A}"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swwd]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\symc810]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\symc8xx]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sym_hi]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sym_u3]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sysaudio]
"ImagePath"="system32\drivers\sysaudio.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SysmonLog]
"ImagePath"="%SystemRoot%\system32\smlogsvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip]
"ImagePath"="System32\DRIVERS\tcpip.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip6]
"ImagePath"="system32\DRIVERS\tcpip6.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TDPIPE]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TDTCP]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TermDD]
"ImagePath"="System32\DRIVERS\termdd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Themes]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TosIde]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TrkWks]
"ServiceDll"="%SystemRoot%\system32\trkwks.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TSDDD]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\tunmp]
"ImagePath"="system32\DRIVERS\tunmp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Udfs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ultra]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Update]
"ImagePath"="System32\DRIVERS\update.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UPS]
"ImagePath"="%SystemRoot%\System32\ups.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usb]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbccgp]
"ImagePath"="System32\DRIVERS\usbccgp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbehci]
"ImagePath"="System32\DRIVERS\usbehci.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbhub]
"ImagePath"="System32\DRIVERS\usbhub.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbohci]
"ImagePath"="System32\DRIVERS\usbohci.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbprint]
"ImagePath"="System32\DRIVERS\usbprint.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbscan]
"ImagePath"="System32\DRIVERS\usbscan.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\USBSTOR]
"ImagePath"="System32\DRIVERS\USBSTOR.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbuhci]
"ImagePath"="System32\DRIVERS\usbuhci.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\viaagp1]
"ImagePath"="System32\DRIVERS\viaagp1.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ViaIde]
"ImagePath"="\SystemRoot\System32\DRIVERS\viaide.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VolSnap]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VSS]
"ImagePath"="%SystemRoot%\System32\vssvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\W32Time]
"ServiceDll"="%systemroot%\system32\w32time.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\W3SVC]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wanarp]
"ImagePath"="System32\DRIVERS\wanarp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WDICA]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wdmaud]
"ImagePath"="system32\drivers\wdmaud.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\winachsf]
"ImagePath"="System32\DRIVERS\HSF_CNXT.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Winsock]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinSock2]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinTrust]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmdmPmSN]
"ServiceDll"="c:\windows\system32\MsPMSNSv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wmi]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmiApRpl]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmiApSrv]
"ImagePath"="c:\windows\System32\wbem\wmiapsrv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WMPNetworkSvc]
"ImagePath"="\"c:\program files\Windows Media Player\wmpnetwk.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WS2IFSL]
"ImagePath"="\SystemRoot\System32\drivers\ws2ifsl.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wscsvc]
"ServiceDll"="%SYSTEMROOT%\system32\wscsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WSTCODEC]
"ImagePath"="system32\DRIVERS\WSTCODEC.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wuauserv]
"ServiceDll"="C1\WINDOWS\system32\wuauserv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WudfPf]
"ImagePath"="system32\DRIVERS\WudfPf.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WudfRd]
"ImagePath"="system32\DRIVERS\wudfrd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WudfSvc]
"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WZCSVC]
"ServiceDll"="%SystemRoot%\System32\wzcsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\xmlprov]
"ServiceDll"="%SystemRoot%\System32\xmlprov.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1162BA22-FE87-4F7A-85E2-50C790BA8CB9}]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{6080A529-897E-4629-A488-ABA0C29B635E}]
"ImagePath"="system32\drivers\ialmsbw.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{66471B98-D3EF-4EC2-9CB0-5A6160D49B41}]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{D31A0762-0CEB-444e-ACFF-B049A1F6FE91}]
"ImagePath"="system32\drivers\ialmkchw.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{DFEE8871-0EDC-44A1-8739-9F36FD6D6A42}]
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(616)
c:\windows\System32\hlp95en32.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\tcpsvcs.exe
c:\program files\ESET\ESET NOD32 Antivirus\egui.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
.
**************************************************************************
.
Heure de fin: 2009-06-27 11:44 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-27 09:44
Avant-CF: 7 025 909 760 octets libres
Après-CF: 8 025 538 560 octets libres
820
ComboFix 09-06-26.02 - Francesco 27/06/2009 11:21.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.247.63 [GMT 2:00]
Lancé depuis: c:\documents and settings\Francesco\Mes documents\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Un antivirus résident est actif
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Francesco\Application Data\02000000996e6c8e623C.manifest
c:\documents and settings\Francesco\Application Data\02000000996e6c8e623O.manifest
c:\documents and settings\Francesco\Application Data\02000000996e6c8e623P.manifest
c:\documents and settings\Francesco\Application Data\02000000996e6c8e623S.manifest
c:\documents and settings\Francesco\Application Data\addon.dat
c:\temp\1cb
c:\temp\1cb\syscheck.log
c:\windows\Fonts\'
c:\windows\KB8888239.log
c:\windows\system32\AutoRun.inf
c:\windows\system32\bszip.dll
c:\windows\system32\drivers\KeenSense.sys
c:\windows\system32\drivers\ksdevice.sys
c:\windows\system32\GroupPolicy000.dat
c:\windows\system32\Ijl11.dll
c:\windows\system32\iQrruvut.ini
c:\windows\system32\iQrruvut.ini2
c:\windows\system32\mcrh.tmp
c:\windows\system32\TDSSlxwp.log
c:\windows\system32\TDSSorvd.dat
c:\windows\system32\TDSSosvd.dll
c:\windows\Tasks\sgtfiifq.job
c:\windows\system32\hlp95en32.dll . . . . impossible à supprimer
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_IPRIP
-------\Service_Iprip
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-27 au 2009-06-27 ))))))))))))))))))))))))))))))))))))
.
2009-06-27 08:33 . 2009-06-27 08:35 -------- d-----w- c:\documents and settings\Francesco\Local Settings\Application Data\Google
2009-06-27 07:52 . 2009-06-27 07:52 -------- d-s---w- c:\windows\system32\%SystemDrive%
2009-06-27 07:47 . 2009-06-27 07:47 -------- d-----w- c:\documents and settings\Francesco\Application Data\FrostWire
2009-06-27 07:35 . 2009-06-27 07:35 -------- d-s---w- c:\documents and settings\Francesco\UserData
2009-06-27 07:19 . 2009-06-27 07:19 -------- d-----w- c:\documents and settings\Francesco\Application Data\HPAppData
2009-06-27 07:17 . 2009-06-27 07:17 -------- d-----w- c:\documents and settings\Francesco\Local Settings\Application Data\Mozilla
2009-06-27 07:17 . 2009-06-27 07:17 -------- d-----w- c:\documents and settings\Francesco\Local Settings\Application Data\ESET
2009-06-27 06:52 . 2009-06-27 06:52 -------- d-----w- c:\program files\ESET
2009-06-27 06:52 . 2009-06-27 06:52 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-06-26 20:58 . 2009-06-27 09:38 -------- d-sh--w- c:\windows\system32\SystemX86
2009-06-26 20:57 . 2009-06-27 09:35 143360 ------w- c:\windows\system32\hlp95en32.dll
2009-06-26 19:58 . 2009-06-27 07:47 -------- d-----w- c:\program files\FrostWire
2009-06-26 19:58 . 2009-06-26 19:58 -------- d-----w- c:\program files\AskSearch
2009-06-26 19:58 . 2009-06-26 19:58 -------- d-----w- c:\program files\AskBarDis
2009-06-26 19:55 . 2009-06-26 19:57 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2009-06-26 19:55 . 2009-06-26 19:57 262144 ----a-w- c:\windows\system32\wrap_oal.dll
2009-06-26 14:56 . 2009-06-26 14:56 -------- d-----w- c:\windows\system32\wbem\Repository
2009-06-25 10:43 . 2009-06-26 11:16 30958 ----a-w- c:\windows\k_urlmon.dll
2009-06-25 06:07 . 2009-06-25 06:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon
2009-06-25 05:46 . 2009-06-26 20:53 -------- d-----w- c:\program files\Metin2_France
2009-06-24 18:33 . 2004-02-16 23:00 434252 ----a-w- c:\windows\system32\Msvcrtd.dll
2009-06-24 18:33 . 2009-06-25 06:20 -------- d-----w- c:\program files\Zapu
2009-06-24 13:01 . 2009-06-24 13:01 -------- d-----w- c:\program files\Compil Games
2009-06-24 12:10 . 2009-06-24 12:10 -------- d-----w- c:\program files\FDRLab
2009-06-23 23:16 . 2009-06-23 23:16 -------- d-----w- c:\program files\win32a
2009-06-23 16:14 . 2009-06-23 23:38 99254 ----a-w- c:\windows\system32\winkc.dll
2009-06-22 20:57 . 2009-06-22 20:57 -------- d-----w- c:\documents and settings\All Users\Application Data\001
2009-06-22 19:51 . 2009-06-24 12:16 -------- d-----w- c:\program files\SlySoft
2009-06-21 14:03 . 2009-06-22 20:56 -------- d-----w- c:\program files\001
2009-06-20 16:31 . 2009-06-20 16:31 65536 ----a-w- c:\windows\system32\VDPersns.dat
2009-06-20 16:29 . 2004-09-22 09:46 37409 ----a-w- c:\windows\system32\drivers\fsRamDsk.sys
2009-06-20 16:23 . 2004-09-22 09:46 77824 ------w- c:\windows\system32\RDrv2KInterface.dll
2009-06-20 16:23 . 2004-07-17 06:33 32768 ------w- c:\windows\system32\RDrv9xInterface.dll
2009-06-20 16:23 . 2004-06-29 07:03 28672 ------w- c:\windows\system32\RDrvInterface.dll
2009-06-20 16:23 . 2004-03-12 05:44 36864 ------w- c:\windows\system32\unVHDDrvExe.exe
2009-06-20 16:23 . 2004-03-12 05:44 36864 ------w- c:\windows\system32\inVHDDrvExe.exe
2009-06-20 16:23 . 2004-01-13 02:51 53248 ------w- c:\windows\system32\RDrvNTInterface.dll
2009-06-20 15:23 . 2009-06-20 15:23 -------- d-----w- c:\program files\Notepad++
2009-06-20 13:21 . 2004-06-18 12:07 656542 ----a-w- C:\218_icol.dll
2009-06-20 13:15 . 2009-06-20 13:15 51276 ---ha-w- c:\windows\system32\mlfcache.dat
2009-06-20 13:10 . 2009-06-20 13:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-06-20 12:14 . 2009-06-20 14:17 -------- d-----w- c:\program files\eMule
2009-06-20 07:38 . 2009-06-20 13:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-06-19 19:12 . 2009-06-20 09:31 -------- d-----w- c:\documents and settings\All Users\Application Data\flag ace stupid data
2009-06-19 19:09 . 2009-06-19 19:27 -------- d-----w- c:\program files\Messenger Plus! Live
2009-06-18 16:20 . 2007-01-18 12:00 3968 ----a-w- c:\windows\system32\drivers\AvgArCln.sys
2009-06-18 16:16 . 2009-06-18 16:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-13 15:38 . 2009-06-13 15:48 2680 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2009-06-13 13:46 . 2005-01-01 00:43 4682 ----a-w- c:\windows\system32\npptNT2.sys
2009-06-12 17:02 . 2009-06-12 17:02 796672 ----a-w- c:\windows\GPInstall.exe
2009-06-10 11:08 . 2009-06-10 11:08 -------- d-----w- c:\windows\system32\HPAppData
2009-06-07 19:35 . 2009-06-07 19:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard
2009-06-05 18:26 . 2009-06-13 16:55 -------- d-----w- c:\program files\PhotoFiltre
2009-06-01 18:03 . 2009-06-01 18:17 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-05-30 15:03 . 2009-05-30 15:03 -------- d-----w- c:\program files\Pivot Stickfigure Animator
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-27 07:14 . 2009-06-27 07:14 81352 ----a-w- c:\documents and settings\Francesco\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-26 16:32 . 2003-01-02 05:09 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-22 19:52 . 2009-06-22 19:52 24 --sh--w- c:\windows\S3E9D5E0E.tmp
2009-06-22 18:20 . 2003-01-02 05:09 -------- d---a-w- c:\program files\Fichiers communs\InstallShield
2009-06-13 15:48 . 2009-03-31 18:38 83422 ----a-w- c:\windows\BricoPackUninst.cmd
2009-06-13 13:45 . 2009-05-23 17:52 -------- d-----w- c:\program files\Common Files
2009-05-26 05:12 . 2009-04-03 19:35 160346 ----a-w- c:\windows\hpoins14.dat
2009-05-26 05:12 . 2009-05-26 05:12 -------- d-----w- c:\documents and settings\All Users\Application Data\WEBREG
2009-05-25 19:10 . 2009-05-25 19:10 -------- d-----w- c:\program files\CDBurnerXP Pro 3
2009-05-25 07:16 . 2009-05-25 07:16 339968 ----a-w- c:\windows\system32\pythoncom25.dll
2009-05-25 07:16 . 2009-05-25 07:16 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-05-25 07:16 . 2009-05-25 07:16 2117632 ----a-w- c:\windows\system32\python25.dll
2009-05-25 07:16 . 2009-05-25 07:16 114688 ----a-w- c:\windows\system32\pywintypes25.dll
2009-05-25 07:15 . 2009-05-25 07:15 -------- d-----w- c:\program files\AGI
2009-05-23 17:59 . 2009-05-23 17:59 -------- d-----w- c:\program files\HyCam2
2009-05-23 17:23 . 2009-05-23 17:23 1457917 ----a-w- c:\windows\system32\50 Cent.scr
2009-05-23 17:21 . 2009-05-23 17:21 201728 ----a-w- c:\windows\system32\hfd_ss_coco.scr
2009-05-23 17:16 . 2009-05-23 17:16 398539 ----a-w- c:\windows\system32\humour_003.scr
2009-05-23 13:10 . 2009-05-23 13:10 -------- d-----w- c:\program files\Capturino V2
2009-05-15 13:04 . 2009-05-15 13:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-05-15 13:00 . 2009-05-15 13:00 -------- d-----w- c:\program files\Windows Media Connect 2
2009-05-14 13:49 . 2009-05-14 13:49 94360 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2009-05-14 13:47 . 2009-05-14 13:47 107256 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-05-14 13:41 . 2009-05-14 13:41 114472 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-05-12 11:07 . 2009-01-28 07:47 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-05-12 11:07 . 2009-05-12 11:07 -------- d-----w- c:\program files\Java
2009-05-09 12:03 . 2003-01-02 05:26 -------- d---a-w- c:\program files\InterVideo
2009-05-08 15:51 . 2009-05-08 15:50 -------- d-----w- c:\program files\Windows Live
2009-05-02 22:01 . 2003-01-02 12:25 55612 ----a-w- c:\windows\system32\perfc00C.dat
2009-05-02 22:01 . 2003-01-02 12:25 427826 ----a-w- c:\windows\system32\perfh00C.dat
2009-05-02 18:21 . 2003-03-18 18:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-04-26 16:31 . 2009-04-26 16:31 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstCCD.exe
2009-04-26 16:31 . 2009-04-26 16:31 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCSFEMsi.exe
2009-04-26 16:31 . 2009-04-26 16:31 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCS.exe
2009-04-03 18:27 . 2009-04-03 18:21 114517 ----a-w- c:\windows\hpqins11.dat
2009-03-31 18:38 . 2003-01-01 16:55 219648 ----a-w- c:\windows\system32\uxtheme.dll
2009-03-29 21:26 . 2009-03-29 21:26 3339684 ----a-w- c:\windows\system32\Numanumaye.scr
2008-10-15 21:08 . 2008-10-15 12:08 0 -csha-w- c:\windows\SMINST\HPCD.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-09-08 20:08 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\b46c05c8623]
2009-06-27 09:35 143360 ------w- c:\windows\system32\hlp95en32.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\FrostWire\\FrostWire.exe"=
"c:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"=
"c:\\Documents and Settings\\Propriétaire.TILL-LINDEMANN\\Bureau\\samp01b-server\\samp-server.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Shareaza Applications\\Shareaza\\Shareaza.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Metin2_France\\metin2.bin"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Zapu\\Zapu\\wDivi.exe"=
"c:\\Documents and Settings\\Propriétaire.TILL-LINDEMANN\\Local Settings\\Temp\\Msn Messenger Hack X..exe"=
"c:\\WINDOWS\\explorer.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:*:Disabled:Groupement homologue Windows
"3540:UDP"= 3540:UDP:*:Disabled:Protocole PNRP (Peer Name Resolution Protocol)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14/05/2009 15:47 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14/05/2009 15:49 94360]
R3 PAC207;SoC PC-Camer@;c:\windows\system32\drivers\PFC027.sys [24/02/2005 13:29 162176]
S0 FVDSCSI;FVDSCSI;c:\windows\system32\DRIVERS\fvdscsi.sys --> c:\windows\system32\DRIVERS\fvdscsi.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{649ECE67-BA10-F963-8F75-09FD492F0283}]
c:\program files\win32a\msnger.exe s
.
Contenu du dossier 'Tâches planifiées'
2009-06-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3142793328-944690519-675105539-1006.job
- c:\documents and settings\Francesco\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-27 08:33]
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{6C604C5C-0201-145A-7B33-406A110DBC72} - (no file)
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
mDefault_Page_URL = hxxp://fr8.hpwis.com/
mDefault_Search_URL = hxxp://srch-fr8.hpwis.com/
mSearch Page = hxxp://srch-fr8.hpwis.com/
mStart Page = hxxp://www.cooxer.com/
mSearch Bar = hxxp://srch-fr8.hpwis.com/
TCP: {DFEE8871-0EDC-44A1-8739-9F36FD6D6A42} = 212.216.212.122
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-27 11:36
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
c:\windows\system32\GroupPolicy000.dat 1933 bytes
Scan terminé avec succès
Fichiers cachés: 1
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET CLR Data]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET CLR Networking]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NETFramework]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\6to4]
"ServiceDll"="%SystemRoot%\System32\6to4svc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Abiosdsk]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\abp480n5]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ACPI]
"ImagePath"="System32\DRIVERS\ACPI.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ACPIEC]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\adpu160m]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aec]
"ImagePath"="system32\drivers\aec.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AFD]
"ImagePath"="\SystemRoot\System32\drivers\afd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Aha154x]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aic78u2]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aic78xx]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALCXWDM]
"ImagePath"="system32\drivers\ALCXWDM.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Alerter]
"ServiceDll"="%SystemRoot%\system32\alrsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AliIde]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AmdK7]
"ImagePath"="System32\DRIVERS\amdk7.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\amsint]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Arp1394]
"ImagePath"="System32\DRIVERS\arp1394.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc3350p]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc3550]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswTdi]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AsyncMac]
"ImagePath"="System32\DRIVERS\asyncmac.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\atapi]
"ImagePath"="System32\DRIVERS\atapi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Atdisk]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ati2mtag]
"ImagePath"="System32\DRIVERS\ati2mtag.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Atmarpc]
"ImagePath"="System32\DRIVERS\atmarpc.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AudioSrv]
"ServiceDll"="%SystemRoot%\System32\audiosrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\audstub]
"ImagePath"="System32\DRIVERS\audstub.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AVG Anti-Rootkit]
"ImagePath"="System32\DRIVERS\avgarkt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AvgArCln]
"ImagePath"="System32\DRIVERS\AvgArCln.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BattC]
"MofImagePath"="System32\Drivers\battc.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Beep]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BITS]
"ServiceDll"="c:\windows\system32\qmgr.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme]
"ImagePath"="\??\c:\docume~1\FRANCE~1\LOCALS~1\Temp\catchme.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cbidf2k]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CCDECODE]
"ImagePath"="System32\DRIVERS\CCDECODE.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cd20xrnt]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdaudio]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdfs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdrom]
"ImagePath"="System32\DRIVERS\cdrom.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Changer]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cisvc]
"ImagePath"="%SystemRoot%\system32\cisvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ClipSrv]
"ImagePath"="%SystemRoot%\system32\clipsrv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmdIde]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\COMSysApp]
"ImagePath"="c:\windows\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ContentFilter]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ContentIndex]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cpqarray]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CryptSvc]
"ServiceDll"="%SystemRoot%\System32\cryptsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dac2w2k]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dac960nt]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dhcp]
"ServiceDll"="%SystemRoot%\System32\dhcpcsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Disk]
"ImagePath"="System32\DRIVERS\disk.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmadmin]
"ImagePath"="%SystemRoot%\System32\dmadmin.exe /com"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmboot]
"ImagePath"="System32\drivers\dmboot.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmio]
"ImagePath"="System32\drivers\dmio.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmload]
"ImagePath"="System32\drivers\dmload.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmserver]
"ServiceDll"="%SystemRoot%\System32\dmserver.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DMusic]
"ImagePath"="system32\drivers\DMusic.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dot3svc]
"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dpti2o]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\eamon]
"ImagePath"="system32\DRIVERS\eamon.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EapHost]
"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ehdrv]
"ImagePath"="system32\DRIVERS\ehdrv.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EhttpSrv]
"ImagePath"="\"c:\program files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ekrn]
"ImagePath"="\"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EL90XBC]
"ImagePath"="System32\DRIVERS\el90xbc5.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\epfwtdir]
"ImagePath"="system32\DRIVERS\epfwtdir.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ERSvc]
"ServiceDll"="%SystemRoot%\System32\ersvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog]
"ImagePath"="%SystemRoot%\system32\services.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EventSystem]
"ServiceDll"="c:\windows\System32\es.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fastfat]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FastUserSwitchingCompatibility]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\fcdabus]
"ImagePath"="system32\DRIVERS\fcdabus.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fdc]
"ImagePath"="System32\DRIVERS\fdc.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fips]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Flpydisk]
"ImagePath"="System32\DRIVERS\flpydisk.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FltMgr]
"ImagePath"="system32\drivers\fltmgr.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\fsRamDsk]
"ImagePath"="System32\Drivers\fsRamDsk.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fs_Rec]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ftdisk]
"ImagePath"="System32\DRIVERS\ftdisk.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FVDSCSI]
"ImagePath"="system32\DRIVERS\fvdscsi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Gpc]
"ImagePath"="System32\DRIVERS\msgpc.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\helpsvc]
"ServiceDll"="%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HidServ]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hkmsvc]
"ServiceDll"="%SystemRoot%\System32\kmsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hpn]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hpqcxs08]
"ServiceDll"="c:\program files\HP\Digital Imaging\bin\hpqcxs08.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hpqddsvc]
"ServiceDll"="c:\program files\HP\Digital Imaging\bin\hpqddsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HPZid412]
"ImagePath"="System32\DRIVERS\HPZid412.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HPZipr12]
"ImagePath"="System32\DRIVERS\HPZipr12.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HPZius12]
"ImagePath"="System32\DRIVERS\HPZius12.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HSFHWBS2]
"ImagePath"="System32\DRIVERS\HSFHWBS2.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HSF_DPV]
"ImagePath"="System32\DRIVERS\HSF_DPV.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HTTP]
"ImagePath"="System32\Drivers\HTTP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HTTPFilter]
"ServiceDll"="%SystemRoot%\System32\w3ssl.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i2omgmt]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i2omp]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i8042prt]
"ImagePath"="System32\DRIVERS\i8042prt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ialm]
"ImagePath"="System32\DRIVERS\ialmnt5.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Imapi]
"ImagePath"="System32\DRIVERS\imapi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ImapiService]
"ImagePath"="%systemroot%\system32\imapi.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\inetaccs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ini910u]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Inport]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IntelIde]
"ImagePath"="System32\DRIVERS\intelide.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ip6fw]
"ImagePath"="system32\drivers\ip6fw.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpFilterDriver]
"ImagePath"="System32\DRIVERS\ipfltdrv.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpInIp]
"ImagePath"="System32\DRIVERS\ipinip.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpNat]
"ImagePath"="System32\DRIVERS\ipnat.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Iprip]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IPSec]
"ImagePath"="System32\DRIVERS\ipsec.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IRENUM]
"ImagePath"="System32\DRIVERS\irenum.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ISAPISearch]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\isapnp]
"ImagePath"="System32\DRIVERS\isapnp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\JavaQuickStarterService]
"ImagePath"="\"c:\program files\Java\jre6\bin\jqs.exe\" -service -config \"c:\program files\Java\jre6\lib\deploy\jqs\jqs.conf\""
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Kbdclass]
"ImagePath"="System32\DRIVERS\kbdclass.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\kmixer]
"ImagePath"="system32\drivers\kmixer.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\KSecDD]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lanmanserver]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lanmanworkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lbrtfdc]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ldap]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LicenseService]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LmHosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LPDSVC]
"ImagePath"="%SystemRoot%\System32\tcpsvcs.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Messenger]
"ServiceDll"="%SystemRoot%\System32\msgsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mnmdd]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mnmsrvc]
"ImagePath"="c:\windows\System32\mnmsrvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Modem]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Mouclass]
"ImagePath"="System32\DRIVERS\mouclass.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MountMgr]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mraid35x]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MRxDAV]
"ImagePath"="System32\DRIVERS\mrxdav.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MRxSmb]
"ImagePath"="System32\DRIVERS\mrxsmb.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSDTC]
"ImagePath"="c:\windows\System32\msdtc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Msfs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSIServer]
"ImagePath"="c:\windows\System32\msiexec.exe /V"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mssmbios]
"ImagePath"="System32\DRIVERS\mssmbios.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSTEE]
"ImagePath"="system32\drivers\MSTEE.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Mup]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NABTSFEC]
"ImagePath"="system32\DRIVERS\NABTSFEC.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\napagent]
"ServiceDll"="%SystemRoot%\System32\qagentrt.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NDIS]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisIP]
"ImagePath"="system32\DRIVERS\NdisIP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ndisrd]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisTapi]
"ImagePath"="System32\DRIVERS\ndistapi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ndisuio]
"ImagePath"="System32\DRIVERS\ndisuio.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisWan]
"ImagePath"="System32\DRIVERS\ndiswan.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NDProxy]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Net Driver HPZ12]
"ServiceDll"="c:\windows\System32\HPZinw12.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetBIOS]
"ImagePath"="System32\DRIVERS\netbios.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetBT]
"ImagePath"="System32\DRIVERS\netbt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetDDE]
"ImagePath"="%SystemRoot%\system32\netdde.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetDDEdsdm]
"ImagePath"="%SystemRoot%\system32\netdde.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Netlogon]
"ImagePath"="%SystemRoot%\System32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIC1394]
"ImagePath"="System32\DRIVERS\nic1394.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Nla]
"ServiceDll"="%SystemRoot%\System32\mswsock.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Npfs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ntfs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtLmSsp]
"ImagePath"="%SystemRoot%\System32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc]
"ServiceDll"="%SystemRoot%\system32\ntmssvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Null]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\nv]
"ImagePath"="System32\DRIVERS\nv4_mini.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NVSvc]
"ImagePath"="%SystemRoot%\System32\nvsvc32.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\nv_agp]
"ImagePath"="System32\DRIVERS\nv_agp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NwlnkFlt]
"ImagePath"="System32\DRIVERS\nwlnkflt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NwlnkFwd]
"ImagePath"="System32\DRIVERS\nwlnkfwd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ohci1394]
"ImagePath"="System32\DRIVERS\ohci1394.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\p2pgasvc]
"ServiceDll"="%SystemRoot%\system32\p2pgasvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\p2pimsvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\p2psvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PAC207]
"ImagePath"="system32\DRIVERS\pfc027.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Parport]
"ImagePath"="System32\DRIVERS\parport.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PartMgr]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ParVdm]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCI]
"ImagePath"="System32\DRIVERS\pci.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCIDump]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCIIde]
"ImagePath"="\SystemRoot\System32\DRIVERS\pciide.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Pcmcia]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDCOMP]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDFRAME]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDRELI]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDRFRAME]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\perc2]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\perc2hib]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfDisk]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfNet]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfOS]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfProc]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pfc]
"ImagePath"="system32\drivers\pfc.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PlugPlay]
"ImagePath"="%SystemRoot%\system32\services.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Pml Driver HPZ12]
"ServiceDll"="c:\windows\System32\HPZipm12.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PNRPSvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PolicyAgent]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PortProxy]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PptpMiniport]
"ImagePath"="System32\DRIVERS\raspptp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Processor]
"ImagePath"="System32\DRIVERS\processr.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ps2]
"ImagePath"="System32\DRIVERS\PS2.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PSched]
"ImagePath"="System32\DRIVERS\psched.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ptilink]
"ImagePath"="System32\DRIVERS\ptilink.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1080]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ql10wnt]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql12160]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1240]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1280]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasAcd]
"ImagePath"="System32\DRIVERS\rasacd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Rasl2tp]
"ImagePath"="System32\DRIVERS\rasl2tp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasPppoe]
"ImagePath"="System32\DRIVERS\raspppoe.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Raspti]
"ImagePath"="System32\DRIVERS\raspti.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Rdbss]
"ImagePath"="System32\DRIVERS\rdbss.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPDD]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPNP]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPWD]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDSessMgr]
"ImagePath"="c:\windows\system32\sessmgr.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\redbook]
"ImagePath"="System32\DRIVERS\redbook.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RemoteAccess]
"ServiceDll"="%SystemRoot%\System32\mprdim.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RpcLocator]
"ImagePath"="%SystemRoot%\System32\locator.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RpcSs]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RSVP]
"ImagePath"="%SystemRoot%\System32\rsvp.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rtl8139]
"ImagePath"="System32\DRIVERS\RTL8139.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S3Psddr]
"ImagePath"="System32\DRIVERS\s3gnbm.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SCardSvr]
"ImagePath"="%SystemRoot%\System32\SCardSvr.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Schedule]
"ServiceDll"="%SystemRoot%\system32\schedsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ScsiPort]
"ImagePath"="%SystemRoot%\system32\drivers\scsiport.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SeaPort]
"ImagePath"="\"c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Secdrv]
"ImagePath"="System32\DRIVERS\secdrv.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\seclogon]
"ServiceDll"="%SystemRoot%\System32\seclogon.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SENS]
"ServiceDll"="%SystemRoot%\system32\sens.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\serenum]
"ImagePath"="System32\DRIVERS\serenum.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Serial]
"ImagePath"="System32\DRIVERS\serial.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sfdrv01]
"ImagePath"="System32\drivers\sfdrv01.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sfhlp02]
"ImagePath"="System32\drivers\sfhlp02.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Sfloppy]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Simbad]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SimpTcp]
"ImagePath"="%SystemRoot%\System32\tcpsvcs.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SiS315]
"ImagePath"="System32\DRIVERS\sisgrp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SISAGP]
"ImagePath"="System32\DRIVERS\SISAGPX.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SLIP]
"ImagePath"="system32\DRIVERS\SLIP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Sparrow]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\splitter]
"ImagePath"="system32\drivers\splitter.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Spooler]
"ImagePath"="%SystemRoot%\system32\spoolsv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sr]
"ImagePath"="system32\DRIVERS\sr.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\srservice]
"ServiceDll"="c:\windows\System32\srsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Srv]
"ImagePath"="System32\DRIVERS\srv.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\STI Simulator]
"ImagePath"="c:\windows\System32\PAStiSvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\stisvc]
"ServiceDll"="%SystemRoot%\system32\wiaservc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\streamip]
"ImagePath"="system32\DRIVERS\StreamIP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swenum]
"ImagePath"="System32\DRIVERS\swenum.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swmidi]
"ImagePath"="system32\drivers\swmidi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SwPrv]
"ImagePath"="c:\windows\System32\dllhost.exe /Processid:{3BA59150-CF3B-44C7-8AFA-DE5CF886C40A}"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swwd]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\symc810]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\symc8xx]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sym_hi]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sym_u3]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sysaudio]
"ImagePath"="system32\drivers\sysaudio.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SysmonLog]
"ImagePath"="%SystemRoot%\system32\smlogsvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip]
"ImagePath"="System32\DRIVERS\tcpip.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip6]
"ImagePath"="system32\DRIVERS\tcpip6.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TDPIPE]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TDTCP]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TermDD]
"ImagePath"="System32\DRIVERS\termdd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Themes]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TosIde]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TrkWks]
"ServiceDll"="%SystemRoot%\system32\trkwks.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TSDDD]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\tunmp]
"ImagePath"="system32\DRIVERS\tunmp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Udfs]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ultra]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Update]
"ImagePath"="System32\DRIVERS\update.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UPS]
"ImagePath"="%SystemRoot%\System32\ups.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usb]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbccgp]
"ImagePath"="System32\DRIVERS\usbccgp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbehci]
"ImagePath"="System32\DRIVERS\usbehci.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbhub]
"ImagePath"="System32\DRIVERS\usbhub.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbohci]
"ImagePath"="System32\DRIVERS\usbohci.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbprint]
"ImagePath"="System32\DRIVERS\usbprint.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbscan]
"ImagePath"="System32\DRIVERS\usbscan.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\USBSTOR]
"ImagePath"="System32\DRIVERS\USBSTOR.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbuhci]
"ImagePath"="System32\DRIVERS\usbuhci.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\viaagp1]
"ImagePath"="System32\DRIVERS\viaagp1.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ViaIde]
"ImagePath"="\SystemRoot\System32\DRIVERS\viaide.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VolSnap]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VSS]
"ImagePath"="%SystemRoot%\System32\vssvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\W32Time]
"ServiceDll"="%systemroot%\system32\w32time.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\W3SVC]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wanarp]
"ImagePath"="System32\DRIVERS\wanarp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WDICA]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wdmaud]
"ImagePath"="system32\drivers\wdmaud.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\winachsf]
"ImagePath"="System32\DRIVERS\HSF_CNXT.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Winsock]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinSock2]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinTrust]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmdmPmSN]
"ServiceDll"="c:\windows\system32\MsPMSNSv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wmi]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmiApRpl]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmiApSrv]
"ImagePath"="c:\windows\System32\wbem\wmiapsrv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WMPNetworkSvc]
"ImagePath"="\"c:\program files\Windows Media Player\wmpnetwk.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WS2IFSL]
"ImagePath"="\SystemRoot\System32\drivers\ws2ifsl.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wscsvc]
"ServiceDll"="%SYSTEMROOT%\system32\wscsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WSTCODEC]
"ImagePath"="system32\DRIVERS\WSTCODEC.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wuauserv]
"ServiceDll"="C1\WINDOWS\system32\wuauserv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WudfPf]
"ImagePath"="system32\DRIVERS\WudfPf.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WudfRd]
"ImagePath"="system32\DRIVERS\wudfrd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WudfSvc]
"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WZCSVC]
"ServiceDll"="%SystemRoot%\System32\wzcsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\xmlprov]
"ServiceDll"="%SystemRoot%\System32\xmlprov.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1162BA22-FE87-4F7A-85E2-50C790BA8CB9}]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{6080A529-897E-4629-A488-ABA0C29B635E}]
"ImagePath"="system32\drivers\ialmsbw.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{66471B98-D3EF-4EC2-9CB0-5A6160D49B41}]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{D31A0762-0CEB-444e-ACFF-B049A1F6FE91}]
"ImagePath"="system32\drivers\ialmkchw.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{DFEE8871-0EDC-44A1-8739-9F36FD6D6A42}]
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(616)
c:\windows\System32\hlp95en32.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\tcpsvcs.exe
c:\program files\ESET\ESET NOD32 Antivirus\egui.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
.
**************************************************************************
.
Heure de fin: 2009-06-27 11:44 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-27 09:44
Avant-CF: 7 025 909 760 octets libres
Après-CF: 8 025 538 560 octets libres
820
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Apparement il a virer plutôt beaucoup de virus.
Comme tu peut le voir:
Je te conseille de faire un scan avec Malwarebytes'.
Tu l'installe tu fait les mise a jour et fait un scan complet.
Et tu nous poste le rapport.
Bilou.
Comme tu peut le voir:
c:\documents and settings\Francesco\Application Data\02000000996e6c8e623C.manifest c:\documents and settings\Francesco\Application Data\02000000996e6c8e623O.manifest c:\documents and settings\Francesco\Application Data\02000000996e6c8e623P.manifest c:\documents and settings\Francesco\Application Data\02000000996e6c8e623S.manifest c:\documents and settings\Francesco\Application Data\addon.dat c:\temp\1cb c:\temp\1cb\syscheck.log c:\windows\Fonts\' c:\windows\KB8888239.log c:\windows\system32\AutoRun.inf c:\windows\system32\bszip.dll c:\windows\system32\drivers\KeenSense.sys c:\windows\system32\drivers\ksdevice.sys c:\windows\system32\GroupPolicy000.dat c:\windows\system32\Ijl11.dll c:\windows\system32\iQrruvut.ini c:\windows\system32\iQrruvut.ini2 c:\windows\system32\mcrh.tmp c:\windows\system32\TDSSlxwp.log c:\windows\system32\TDSSorvd.dat c:\windows\system32\TDSSosvd.dll c:\windows\Tasks\sgtfiifq.job c:\windows\system32\hlp95en32.dll . . . . impossible à supprimer
Je te conseille de faire un scan avec Malwarebytes'.
Tu l'installe tu fait les mise a jour et fait un scan complet.
Et tu nous poste le rapport.
Bilou.
