Je n'arrive pas à suppromer tr/bho.czo - Page 2

Précédent
  • 1
  • 2
Réponse 21 / 23
Christian Nt
 
Bonsoir,

J'ai tout fait comme demandé avec combofix mais pendant le travail de l'application un message d'erreur est apparu à plusieurs reprises "regt.cfexe est introuvable: blablabla fichier ACLUI.dll blablabla..." Finalement j'ai réussi à terminer l'application combofix et voici le rapport qu'il m'a donné:

ComboFix 08-08-15.04 - krys 2008-08-16 23:53:31.1 - NTFSx86

Endroit: D:\Documents and Settings\krys\Bureau\ComboFix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\Documents and Settings\Hedge\Application Data\Adssite Advanced Toolbar
D:\Documents and Settings\Hedge\Application Data\Adssite Advanced Toolbar\selected.xml
D:\Documents and Settings\Hedge\Cookies\hedge@protectionconue[2].txt
D:\Documents and Settings\krys\Application Data\macromedia\Flash Player\#SharedObjects\SAGKEC5L\interclick.com
D:\Documents and Settings\krys\Application Data\macromedia\Flash Player\#SharedObjects\SAGKEC5L\interclick.com\ud.sol
D:\Documents and Settings\krys\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
D:\Documents and Settings\krys\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
D:\Program Files\Mozilla Firefox\components\nsBrowserOpt.dll
D:\WINDOWS\system32\ceudalyr.ini
D:\WINDOWS\system32\dgsfklbb.ini
D:\WINDOWS\system32\ewekypwk.ini
D:\WINDOWS\system32\fjwbrunf.ini
D:\WINDOWS\system32\ftasusan.ini
D:\WINDOWS\system32\gindwovv.ini
D:\WINDOWS\system32\hiylfjvh.ini
D:\WINDOWS\system32\hmxckulr.ini
D:\WINDOWS\system32\iwtioamg.ini
D:\WINDOWS\system32\kbhdanpj.ini
D:\WINDOWS\system32\MSINET.oca
D:\WINDOWS\system32\nsg59.dll
D:\WINDOWS\system32\pyjvwvup.ini
D:\WINDOWS\system32\qtstv.bak2
D:\WINDOWS\system32\qtstv.ini
D:\WINDOWS\system32\qyfgwvou.ini
D:\WINDOWS\system32\rhxwsjko.ini
D:\WINDOWS\system32\ucxixoxl.ini
D:\WINDOWS\system32\usnspxwv.ini
D:\WINDOWS\system32\vgxyhrgs.ini
D:\WINDOWS\system32\vivseobx.ini
D:\WINDOWS\system32\xwbagloe.ini
D:\WINDOWS\system32\ymqfitju.ini
D:\WINDOWS\system32\yrkwillx.ini

.
((((((((((((((((((((((((((((( Fichiers créés 2008-07-16 to 2008-08-16 ))))))))))))))))))))))))))))))))))))
.

2008-08-15 02:13 . 2008-08-15 02:13 664 --a------ D:\WINDOWS\system32\d3d9caps.dat
2008-08-12 20:36 . 2008-08-12 20:36 <REP> d-------- D:\Documents and Settings\krys\Application Data\Malwarebytes
2008-08-12 02:18 . 2008-08-13 02:45 <REP> d-------- D:\Program Files\Malwarebytes' Anti-Malware
2008-08-12 02:18 . 2008-08-12 02:18 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-12 02:18 . 2008-07-30 20:07 38,472 --a------ D:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-12 02:18 . 2008-07-30 20:07 17,144 --a------ D:\WINDOWS\system32\drivers\mbam.sys
2008-08-10 11:51 . 2008-08-10 11:51 <REP> d-------- D:\Program Files\Zone Labs
2008-08-10 03:02 . 2008-08-10 03:02 <REP> d-------- D:\WINDOWS\system32\fr-fr
2008-08-10 02:48 . 2008-08-10 02:48 <REP> d--h----- D:\WINDOWS\system32\GroupPolicy
2008-08-09 15:19 . 2008-08-09 15:19 0 --a------ D:\WINDOWS\~VS1C.tmp
2008-08-09 11:43 . 2008-08-09 11:43 54,156 --ah----- D:\WINDOWS\QTFont.qfn
2008-08-09 11:43 . 2008-08-09 11:43 1,409 --a------ D:\WINDOWS\QTFont.for
2008-08-01 00:20 . 2008-08-01 00:20 578,048 --a------ D:\WINDOWS\system32\DllCache\user32.dll
2008-08-01 00:12 . 2008-08-01 00:12 <REP> d-------- D:\WINDOWS\ERUNT
2008-07-31 00:04 . 2008-07-31 00:04 <REP> d-------- D:\Program Files\Avira
2008-07-28 22:53 . 2008-07-28 22:53 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-28 22:50 . 2008-07-28 22:53 <REP> d-------- D:\Program Files\Lavasoft
2008-07-28 22:50 . 2008-07-28 22:50 <REP> d-------- D:\Documents and Settings\krys\Application Data\Lavasoft
2008-07-25 01:56 . 2008-07-25 01:56 240 --a------ D:\WINDOWS\system32\drivers\vsconfig.xml

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-16 21:48 --------- d-----w D:\Program Files\Navilog1
2008-08-16 21:06 --------- d-----w D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-15 19:34 30,720 ----a-w D:\WINDOWS\Internet Logs\xDB2.tmp
2008-08-14 06:05 --------- d-----w D:\Program Files\MegauploadToolbar
2008-08-13 06:50 9,216 ----a-w D:\WINDOWS\Internet Logs\xDB1.tmp
2008-08-13 06:50 258,560 ----a-w D:\WINDOWS\Internet Logs\xDB77.tmp
2008-08-13 06:50 1,212,928 ----a-w D:\WINDOWS\Internet Logs\xDB78.tmp
2008-08-11 20:58 --------- d-----w D:\Documents and Settings\krys\Application Data\Skype
2008-08-11 06:12 9,728 ----a-w D:\WINDOWS\Internet Logs\xDBEA.tmp
2008-08-11 06:12 9,216 ----a-w D:\WINDOWS\Internet Logs\xDBEB.tmp
2008-08-11 06:11 80,384 ----a-w D:\WINDOWS\Internet Logs\xDBE8.tmp
2008-08-11 06:11 1,205,760 ----a-w D:\WINDOWS\Internet Logs\xDBE9.tmp
2008-08-09 12:26 --------- d-----w D:\Documents and Settings\krys\Application Data\BitTorrent
2008-08-08 21:09 --------- d-----w D:\Documents and Settings\krys\Application Data\MEGAUPLOADTOOLBAR
2008-08-06 20:42 --------- d-----w D:\Documents and Settings\Hedge\Application Data\MegauploadToolbar
2008-08-02 22:11 --------- d-----w D:\Program Files\CDBurnerXP Pro 3
2008-08-01 22:25 --------- d-----w D:\Program Files\Messenger Plus! Live
2008-08-01 20:49 --------- d-----w D:\Program Files\RPG Maker 2003
2008-08-01 20:49 --------- d-----w D:\Program Files\Pinnacle
2008-08-01 20:49 --------- d-----w D:\Program Files\FlashGet
2008-08-01 20:48 --------- d-----w D:\Program Files\DivX
2008-08-01 20:48 --------- d-----w D:\Program Files\BitTorrent++
2008-07-30 22:04 --------- d-----w D:\Documents and Settings\All Users\Application Data\Avira
2008-07-29 20:38 --------- d-----w D:\Documents and Settings\krys\Application Data\skypePM
2008-07-28 20:52 --------- d-----w D:\Program Files\Fichiers communs\Wise Installation Wizard
2008-07-18 17:26 --------- d-----w D:\Documents and Settings\Dani\Application Data\MEGAUPLOADTOOLBAR
2008-07-10 20:45 --------- d-----w D:\Documents and Settings\krys\Application Data\ArcSoft
2008-07-10 20:44 --------- d-----w D:\Program Files\Fichiers communs\Nikon
2008-07-10 20:42 --------- d-----w D:\Program Files\InstallShield Installation Information
2008-07-10 20:42 --------- d-----w D:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-29 21:14 717,296 ----a-w D:\WINDOWS\system32\drivers\sptd.sys
2008-06-29 21:14 --------- d-----w D:\Documents and Settings\krys\Application Data\DAEMON Tools
2008-06-11 00:04 200,704 ----a-w D:\WINDOWS\system32\ssldivx.dll
2008-06-11 00:04 1,044,480 ----a-w D:\WINDOWS\system32\libdivx.dll
2002-07-26 15:02 153,088 ----a-w D:\Program Files\UNWISE.EXE
.

------- Sigcheck -------

2004-12-10 23:44 359040 37e6643b1c4fb5de3a4fcef92909b4ad D:\WINDOWS\system32\drivers\tcpip.sys

2005-03-12 04:42 2322816 ef63ab857ca46064a559d32ca57ca53b D:\WINDOWS\system32\ntoskrnl.exe

2005-03-22 22:54 1477120 7709e0d27cb024bdc8589833b0845f41 D:\WINDOWS\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

D:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Belkin Wireless USB Utility.lnk - D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe [2005-10-28 11:23:10 1404928]
D‚marrage rapide du logiciel HP Image Zone.lnk - D:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-12 00:49:24 73728]
HP Digital Imaging Monitor.lnk - D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26 282624]
Microsoft Office.lnk - D:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-18 00:05:56 65588]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
"NoActiveDesktop"= 0 (0x0)
"ForceActiveDesktopOn"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "D:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"SfcDisable"=dword:ffffff9d

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 D:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.3iv2"= 3ivxVfWCodec.dll
"VIDC.HFYU"= huffyuv.dll
"VIDC.VP31"= vp31vfw.dll
"vidc.yv12"= yv12vfw.dll
"VIDC.MJPG"= Pvmjpg30.dll
"VIDC.PIM1"= pclepim1.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
--a------ 2006-11-16 03:35 43008 D:\Documents and Settings\Hedge\Torrent\bittorrent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"D:\\Program Files\\FlashFXP\\flashfxp.exe"=
"D:\\Program Files\\BitTorrent\\bittorrent.exe"=
"D:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"D:\\Program Files\\eMule\\emule.exe"=
"D:\\StubInstaller.exe"=
"D:\\Documents and Settings\\Hedge\\Mes documents\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\BF2.exe"=
"C:\\Documents and Settings\\Krys\\eMule\\emule.exe"=
"D:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"C:\\Program Files\\Atari\\Test Drive Unlimited\\TestDriveUnlimited.exe"=
"C:\\StubInstaller.exe"=
"D:\\Documents and Settings\\Hedge\\Mes documents\\Azureus\\Azureus.exe"=
"C:\\Documents and Settings\\Hedge\\Mes documents\\LimeWire\\LimeWire.exe"=
"C:\\Documents and Settings\\Hedge\\Mes documents\\Torrent\\bittorrent.exe"=
"D:\\Documents and Settings\\Hedge\\Torrent\\bittorrent.exe"=
"D:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"D:\\Documents and Settings\\Hedge\\Mes documents\\Shareaza\\Shareaza.exe"=
"C:\\Documents and Settings\\Hedge\\Mes documents\\Shareaza\\Shareaza.exe"=
"D:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"D:\\Program Files\\MSN Messenger\\livecall.exe"=
"D:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"=
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"=
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"=
"D:\\WINDOWS\\system32\\dplaysvr.exe"=
"D:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe"=
"D:\\Program Files\\GameSpy\\Comrade\\Comrade.exe"=
"C:\\Program Files\\CapCom\\Lost Planet Extreme Condition\\LostPlanetDx9.exe"=
"C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas\\Binaries\\R6Vegas_Game.exe"=
"C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas\\Binaries\\R6Vegas_Launcher.exe"=
"C:\\Program Files\\PPMate\\PPMate\\ppmate.exe"=
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
"D:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Ares\\Ares.exe"=

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
\Shell\AutoRun\command - setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{081266f1-0942-11dc-9c6e-c42a6c3110d8}]
\Shell\AutoRun\command - setupSNK.exe

*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

2008-08-16 D:\WINDOWS\Tasks\HPpromotions journeysoftware.job
- D:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 17:36]
.
- - - - ORPHANS REMOVED - - - -

BHO-{E845745E-AB33-4446-852A-3633EE3B05E2} - D:\WINDOWS\system32\cmsetAC.dll

.
------- Supplementary Scan -------
.
FireFox -: Profile - D:\Documents and Settings\krys\Application Data\Mozilla\Firefox\Profiles\lexro0y8.default\
FF -: plugin - D:\Program Files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - D:\Program Files\K-Lite Codec Pack\QuickTime\Plugins\npqtplugin.dll
FF -: plugin - D:\Program Files\K-Lite Codec Pack\QuickTime\Plugins\npqtplugin2.dll
FF -: plugin - D:\Program Files\K-Lite Codec Pack\QuickTime\Plugins\npqtplugin3.dll
FF -: plugin - D:\Program Files\K-Lite Codec Pack\QuickTime\Plugins\npqtplugin4.dll
FF -: plugin - D:\Program Files\K-Lite Codec Pack\QuickTime\Plugins\npqtplugin5.dll
FF -: plugin - D:\Program Files\K-Lite Codec Pack\QuickTime\Plugins\npqtplugin6.dll
FF -: plugin - D:\Program Files\K-Lite Codec Pack\real\browser\plugins\nppl3260.dll
FF -: plugin - D:\Program Files\K-Lite Codec Pack\real\browser\plugins\nprpjplug.dll
FF -: plugin - D:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
FF -: plugin - D:\Program Files\Mozilla Firefox\plugins\npmozax.dll
FF -: plugin - D:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-16 23:58:26
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\xvyuwczd]
"ImagePath"="system32\drivers\dyfnrdyf.dat"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\.NET CLR Data]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\.NET CLR Networking]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\.NET Data Provider for Oracle]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\.NET Data Provider for SqlServer]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\.NETFramework]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\a2AntiMalware]
"ImagePath"="\"C:\Program Files\a-squared Anti-Malware\a2service.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Abiosdsk]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\abp480n5]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ACPI]
"ImagePath"="system32\DRIVERS\ACPI.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ACPIEC]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Adobe LM Service]
"ImagePath"="\"D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\adpu160m]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\aec]
"ImagePath"="system32\drivers\aec.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\AFD]
"ImagePath"="\SystemRoot\System32\drivers\afd.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Aha154x]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\aic78u2]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\aic78xx]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Alerter]
"ServiceDll"="%SystemRoot%\system32\alrsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\AliIde]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\AmdK8]
"ImagePath"="system32\DRIVERS\AmdK8.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\amsint]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\AntiVirScheduler]
"ImagePath"="\"D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\AntiVirService]
"ImagePath"="\"D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\AresChatServer]
"ImagePath"="C:\Program Files\Ares\chatServer.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Arp1394]
"ImagePath"="system32\DRIVERS\arp1394.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ASAPIW2K]
"ImagePath"="System32\Drivers\ASAPIW2K.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\asc]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\asc3350p]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\asc3550]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ASP.NET]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ASP.NET_1.1.4322]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ASP.NET_2.0.50727]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Aspi32]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\AspiXNT]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\aspnet_state]
"ImagePath"="%SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\atapi]
"ImagePath"="system32\DRIVERS\atapi.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Atdisk]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Atmarpc]
"ImagePath"="system32\DRIVERS\atmarpc.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\AudioSrv]
"ServiceDll"="%SystemRoot%\System32\audiosrv.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\audstub]
"ImagePath"="system32\DRIVERS\audstub.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\avgio]
"ImagePath"="\??\D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\avgntflt]
"ImagePath"="\??\D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\avipbb]
"ImagePath"="system32\DRIVERS\avipbb.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\BattC]
"MofImagePath"="System32\Drivers\battc.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Beep]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\BITS]
"ServiceDll"="D:\WINDOWS\system32\qmgr.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\BLKWGU(Belkin)]
"ImagePath"="system32\DRIVERS\BLKWGU.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\CamDrL]
"ImagePath"="system32\DRIVERS\Camdrl.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\catchme]
"ImagePath"="\??\D:\DOCUME~1\krys\Local Settings\Temp\catchme.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\cbidf2k]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\CCDECODE]
"ImagePath"="system32\DRIVERS\CCDECODE.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ccEvtMgr]
"ImagePath"="\"D:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe\" /h ccCommon"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ccSetMgr]
"ImagePath"="\"D:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe\" /h ccCommon"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\cd20xrnt]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Cdaudio]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Cdfs]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Cdrom]
"ImagePath"="system32\DRIVERS\cdrom.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Changer]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\CiSvc]
"ImagePath"="%SystemRoot%\system32\cisvc.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ClipSrv]
"ImagePath"="%SystemRoot%\system32\clipsrv.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\clr_optimization_v2.0.50727_32]
"ImagePath"="D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\CmdIde]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\cmpci]
"ImagePath"="system32\drivers\cmaudio.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\COMSysApp]
"ImagePath"="D:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ContentFilter]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ContentIndex]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Cpqarray]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\CryptSvc]
"ServiceDll"="%SystemRoot%\System32\cryptsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\d347bus]
"ImagePath"="system32\DRIVERS\d347bus.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\d347prt]
"ImagePath"="System32\Drivers\d347prt.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\dac2w2k]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\dac960nt]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\DCamUSBEMPIA]
"ImagePath"="system32\DRIVERS\emDevice.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Dhcp]
"ServiceDll"="%SystemRoot%\System32\dhcpcsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Disk]
"ImagePath"="system32\DRIVERS\disk.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\dmadmin]
"ImagePath"="%SystemRoot%\System32\dmadmin.exe /com"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\dmboot]
"ImagePath"="System32\drivers\dmboot.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\dmio]
"ImagePath"="System32\drivers\dmio.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\dmload]
"ImagePath"="System32\drivers\dmload.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\dmserver]
"ServiceDll"="%SystemRoot%\System32\dmserver.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\DMusic]
"ImagePath"="system32\drivers\DMusic.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\dpti2o]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\emAudio]
"ImagePath"="system32\drivers\emAudio.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ERSvc]
"ServiceDll"="%SystemRoot%\System32\ersvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\es1371]
"ImagePath"="system32\drivers\es1371mp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Eventlog]
"ImagePath"="%SystemRoot%\system32\services.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\EventSystem]
"ServiceDll"="D:\WINDOWS\system32\es.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Fastfat]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\FastUserSwitchingCompatibility]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Fdc]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\FiltUSBEMPIA]
"ImagePath"="system32\DRIVERS\emFilter.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Fips]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Flpydisk]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\FltMgr]
"ImagePath"="system32\DRIVERS\fltMgr.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ForceWare Intelligent Application Manager (IAM)]
"ImagePath"="D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Fs_Rec]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Ftdisk]
"ImagePath"="system32\DRIVERS\ftdisk.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\gameenum]
"ImagePath"="system32\DRIVERS\gameenum.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Gpc]
"ImagePath"="system32\DRIVERS\msgpc.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\hcarrjarfbyt]
"ImagePath"="system32\drivers\hcarrjarfbyt.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\HDAudBus]
"ImagePath"="system32\DRIVERS\HDAudBus.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\helpsvc]
"ServiceDll"="%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\HidServ]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\hidusb]
"ImagePath"="system32\DRIVERS\hidusb.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\hpn]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\HPZid412]
"ImagePath"="system32\DRIVERS\HPZid412.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\HPZipr12]
"ImagePath"="system32\DRIVERS\HPZipr12.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\HPZius12]
"ImagePath"="system32\DRIVERS\HPZius12.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\HTTP]
"ImagePath"="System32\Drivers\HTTP.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\HTTPFilter]
"ServiceDll"="%SystemRoot%\System32\w3ssl.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\i2omgmt]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\i2omp]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\i8042prt]
"ImagePath"="system32\DRIVERS\i8042prt.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\IDriverT]
"ImagePath"="\"D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Imapi]
"ImagePath"="system32\DRIVERS\imapi.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ImapiService]
"ImagePath"="D:\WINDOWS\system32\imapi.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\inetaccs]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ini910u]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Inport]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\IntelIde]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Ip6Fw]
"ImagePath"="system32\DRIVERS\Ip6Fw.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\IpInIp]
"ImagePath"="system32\DRIVERS\ipinip.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\IpNat]
"ImagePath"="system32\DRIVERS\ipnat.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\IPSec]
"ImagePath"="system32\DRIVERS\ipsec.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\IRENUM]
"ImagePath"="system32\DRIVERS\irenum.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ISAPISearch]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\isapnp]
"ImagePath"="system32\DRIVERS\isapnp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\JGOGO]
"ImagePath"="system32\DRIVERS\JGOGO.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\JRAID]
"ImagePath"="system32\DRIVERS\jraid.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Kbdclass]
"ImagePath"="system32\DRIVERS\kbdclass.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\kmixer]
"ImagePath"="system32\drivers\kmixer.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\KSecDD]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\lanmanserver]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\lanmanworkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\lbrtfdc]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ldap]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\LicenseService]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\LiveUpdate]
"ImagePath"="\"D:\PROGRA~1\Symantec\LiveUpdate\LuComServer_3_2.EXE\""

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\LmHosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\LVUSBSta]
"ImagePath"="system32\drivers\lvusbsta.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\MDM]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Messenger]
"ServiceDll"="%SystemRoot%\System32\msgsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\mnmdd]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\mnmsrvc]
"ImagePath"="D:\WINDOWS\system32\mnmsrvc.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Modem]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Mouclass]
"ImagePath"="system32\DRIVERS\mouclass.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\mouhid]
"ImagePath"="system32\DRIVERS\mouhid.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\MountMgr]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\mraid35x]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\MRxDAV]
"ImagePath"="system32\DRIVERS\mrxdav.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\MRxSmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\MSDTC]
"ImagePath"="D:\WINDOWS\system32\msdtc.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Msfs]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\MSIServer]
"ImagePath"="D:\WINDOWS\system32\msiexec.exe /V"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\mssmbios]
"ImagePath"="system32\DRIVERS\mssmbios.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\MSTEE]
"ImagePath"="system32\drivers\MSTEE.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\MTsensor]
"ImagePath"="system32\DRIVERS\ASACPI.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Mup]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NABTSFEC]
"ImagePath"="system32\DRIVERS\NABTSFEC.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NDIS]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NdisIP]
"ImagePath"="system32\DRIVERS\NdisIP.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NdisTapi]
"ImagePath"="system32\DRIVERS\ndistapi.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Ndisuio]
"ImagePath"="system32\DRIVERS\ndisuio.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NdisWan]
"ImagePath"="system32\DRIVERS\ndiswan.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NDProxy]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NetBT]
"ImagePath"="system32\DRIVERS\netbt.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NetDDE]
"ImagePath"="%SystemRoot%\system32\netdde.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NetDDEdsdm]
"ImagePath"="%SystemRoot%\system32\netdde.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Netlogon]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NIC1394]
"ImagePath"="system32\DRIVERS\nic1394.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Nla]
"ServiceDll"="%SystemRoot%\System32\mswsock.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Npfs]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\nSvcIp]
"ImagePath"="D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\nSvcLog]
"ImagePath"="D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Ntfs]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NtLmSsp]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NtmsSvc]
"ServiceDll"="%SystemRoot%\system32\ntmssvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Null]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NULLPROTO]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\nv]
"ImagePath"="system32\DRIVERS\nv4_mini.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\nvata]
"ImagePath"="system32\DRIVERS\nvata.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NVENETFD]
"ImagePath"="system32\DRIVERS\NVENETFD.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\nvnetbus]
"ImagePath"="system32\DRIVERS\nvnetbus.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NVSvc]
"ImagePath"="%SystemRoot%\system32\nvsvc32.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NVTCP]
"ImagePath"="System32\DRIVERS\NVTcp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NwlnkFlt]
"ImagePath"="system32\DRIVERS\nwlnkflt.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NwlnkFwd]
"ImagePath"="system32\DRIVERS\nwlnkfwd.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ohci1394]
"ImagePath"="system32\DRIVERS\ohci1394.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Parport]
"ImagePath"="system32\DRIVERS\parport.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PartMgr]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ParVdm]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PCASp50]
"ImagePath"="System32\Drivers\PCASp50.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PCI]
"ImagePath"="system32\DRIVERS\pci.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PCIDump]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PCIIde]
"ImagePath"="system32\DRIVERS\pciide.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PCLEPCI]
"ImagePath"="\??\D:\WINDOWS\system32\drivers\pclepci.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Pcmcia]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PDCOMP]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PDFRAME]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PDRELI]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PDRFRAME]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\perc2]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\perc2hib]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PerfDisk]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PerfNet]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PerfOS]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PerfProc]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PfModNT]
"ImagePath"="\??\D:\WINDOWS\system32\PfModNT.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\pfsvgae]
"ImagePath"="\??\D:\DOCUME~1\Dani\Local Settings\Temp\pfsvgae.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PlugPlay]
"ImagePath"="%SystemRoot%\system32\services.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Pml Driver HPZ12]
"ImagePath"="D:\WINDOWS\system32\HPZipm12.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PnkBstrA]
"ImagePath"="D:\WINDOWS\system32\PnkBstrA.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PnkBstrB]
"ImagePath"="D:\WINDOWS\system32\PnkBstrB.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PolicyAgent]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PptpMiniport]
"ImagePath"="system32\DRIVERS\raspptp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Processor]
"ImagePath"="system32\DRIVERS\processr.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PSched]
"ImagePath"="system32\DRIVERS\psched.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Ptilink]
"ImagePath"="system32\DRIVERS\ptilink.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PxHelp20]
"ImagePath"="system32\DRIVERS\PxHelp20.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ql1080]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Ql10wnt]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ql12160]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ql1240]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ql1280]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\RasAcd]
"ImagePath"="system32\DRIVERS\rasacd.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Rasl2tp]
"ImagePath"="system32\DRIVERS\rasl2tp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\RasPppoe]
"ImagePath"="system32\DRIVERS\raspppoe.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Raspti]
"ImagePath"="system32\DRIVERS\raspti.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\RDPDD]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\rdpdr]
"ImagePath"="system32\DRIVERS\rdpdr.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\RDPNP]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\RDPWD]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\RDSessMgr]
"ImagePath"="D:\WINDOWS\system32\sessmgr.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\redbook]
"ImagePath"="system32\DRIVERS\redbook.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\RemoteAccess]
"ServiceDll"="%SystemRoot%\System32\mprdim.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\RemoteRegistry]
"ServiceDll"="%SystemRoot%\system32\regsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ROOTMODEM]
"ImagePath"="System32\Drivers\RootMdm.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\RpcSs]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\RSVP]
"ImagePath"="%SystemRoot%\system32\rsvp.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\SASDIFSV]
"ImagePath"="\??\D:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\SASENUM]
"ImagePath"="\??\D:\Program Files\SUPERAntiSpyware\SASENUM.SYS"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\SASKUTIL]
"ImagePath"="\??\D:\Program Files\SUPERAntiSpyware\SASKUTIL.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ScanUSBEMPIA]
"ImagePath"="system32\DRIVERS\emScan.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\SCardDrv]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\SCardSvr]
"ImagePath"="%SystemRoot%\System32\SCardSvr.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Schedule]
"ServiceDll"="%SystemRoot%\system32\schedsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\SDTHOOK]
"ImagePath"="System32\DRIVERS\SDTHOOK.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Secdrv]
"ImagePath"="system32\DRIVERS\secdrv.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\seclogon]
"ServiceDll"="%SystemRoot%\System32\seclogon.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\SENS]
"ServiceDll"="%SystemRoot%\system32\sens.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\serenum]
"ImagePath"="system32\DRIVERS\serenum.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Serial]
"ImagePath"="system32\DRIVERS\serial.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Sfloppy]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Simbad]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\SLIP]
"ImagePath"="system32\DRIVERS\SLIP.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\smp_lpt]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Sparrow]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\splitter]
"ImagePath"="system32\drivers\splitter.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Spooler]
"ImagePath"="%SystemRoot%\system32\spoolsv.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\sptd]
"ImagePath"="System32\Drivers\sptd.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\sr]
"ImagePath"="system32\DRIVERS\sr.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\srescan]
"ImagePath"="system32\ZoneLabs\srescan.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\srservice]
"ServiceDll"="D:\WINDOWS\system32\srsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Srv]
"ImagePath"="system32\DRIVERS\srv.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\sscdbus]
"ImagePath"="system32\DRIVERS\sscdbus.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\sscdmdfl]
"ImagePath"="system32\DRIVERS\sscdmdfl.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\sscdmdm]
"ImagePath"="system32\DRIVERS\sscdmdm.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ssmdrv]
"ImagePath"="system32\DRIVERS\ssmdrv.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\StarOpen]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\stisvc]
"ServiceDll"="%SystemRoot%\system32\wiaservc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\streamip]
"ImagePath"="system32\DRIVERS\StreamIP.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\swenum]
"ImagePath"="system32\DRIVERS\swenum.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\swmidi]
"ImagePath"="system32\drivers\swmidi.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\SwPrv]
"ImagePath"="D:\WINDOWS\system32\dllhost.exe /Processid:{6635FEB7-5681-4234-8082-47CE48AD5412}"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\symc810]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\symc8xx]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\sym_hi]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\sym_u3]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\sysaudio]
"ImagePath"="system32\drivers\sysaudio.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\SysmonLog]
"ImagePath"="%SystemRoot%\system32\smlogsvc.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Tcpip]
"ImagePath"="system32\DRIVERS\tcpip.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\TDPIPE]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\TDTCP]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\TermDD]
"ImagePath"="system32\DRIVERS\termdd.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Themes]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\TlntSvr]
"ImagePath"="D:\WINDOWS\system32\tlntsvr.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\TosIde]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\TrkWks]
"ServiceDll"="%SystemRoot%\system32\trkwks.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\TSDDD]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Udfs]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ultra]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Update]
"ImagePath"="system32\DRIVERS\update.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\uploadmgr]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\UPS]
"ImagePath"="%SystemRoot%\System32\ups.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\usbaudio]
"ImagePath"="system32\drivers\usbaudio.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\usbccgp]
"ImagePath"="system32\DRIVERS\usbccgp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\usbehci]
"ImagePath"="system32\DRIVERS\usbehci.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\usbhub]
"ImagePath"="system32\DRIVERS\usbhub.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\usbohci]
"ImagePath"="system32\DRIVERS\usbohci.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\usbprint]
"ImagePath"="system32\DRIVERS\usbprint.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\usbscan]
"ImagePath"="system32\DRIVERS\usbscan.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\usbstor]
"ImagePath"="system32\DRIVERS\USBSTOR.SYS"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\usnjsvc]
"ImagePath"="\"D:\Program Files\MSN Messenger\usnsvc.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\usprserv]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ViaIde]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Vofsmpumt-d9]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\VolSnap]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\vsdatant]
"ImagePath"="System32\vsdatant.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\vsmon]
"ImagePath"="D:\WINDOWS\system32\ZoneLabs\vsmon.exe -service"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\VSS]
"ImagePath"="%SystemRoot%\System32\vssvc.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\VxD]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\W32Time]
"ServiceDll"="D:\WINDOWS\system32\w32time.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\W3SVC]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Wanarp]
"ImagePath"="system32\DRIVERS\wanarp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\WDICA]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\wdmaud]
"ImagePath"="system32\drivers\wdmaud.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Winsock]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\WinSock2]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\WinTrust]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\WmdmPmSN]
"ServiceDll"="D:\WINDOWS\system32\MsPMSNSv.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Wmi]
"ServiceDll"="%SystemRoot%\System32\advapi32.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\WmiApRpl]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\WmiApSrv]
"ImagePath"="D:\WINDOWS\system32\wbem\wmiapsrv.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\WMPNetworkSvc]
"ImagePath"="\"D:\Program Files\Windows Media Player\WMPNetwk.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\WpdUsb]
"ImagePath"="system32\DRIVERS\wpdusb.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\WS2IFSL]
"ImagePath"="\SystemRoot\System32\drivers\ws2ifsl.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\wscsvc]
"ServiceDll"="%SYSTEMROOT%\system32\wscsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\WSTCODEC]
"ImagePath"="system32\DRIVERS\WSTCODEC.SYS"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\wuauserv]
"ServiceDll"="D:\WINDOWS\system32\wuauserv.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\WudfPf]
"ImagePath"="system32\DRIVERS\WudfPf.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\WudfRd]
"ImagePath"="system32\DRIVERS\wudfrd.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\WudfSvc]
"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\WZCSVC]
"ServiceDll"="%SystemRoot%\System32\wzcsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\xmlprov]
"ServiceDll"="%SystemRoot%\System32\xmlprov.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\xvyuwczd]
"ImagePath"="system32\drivers\dyfnrdyf.dat"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\ZDPSp50]
"ImagePath"="System32\Drivers\ZDPSp50.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\{01C11E6A-09DB-4C74-8A8F-4AF588705488}]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\{213DC0AE-334E-493A-B328-FFE24A608305}]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\{736A8DC2-D924-40CB-8DA8-493ABA0920C6}]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\{7D2177A5-2ACD-4A0B-A914-5A9F1AE8E34A}]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\{856AE575-12A9-418C-86BD-0F05D34E8680}]

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\{F1EB8025-376C-4AB5-A5D8-5049338D9EC3}]
.
Temps d'accomplissement: 2008-08-17 0:08:52
ComboFix-quarantined-files.txt 2008-08-16 22:08:48

Pre-Run: 3,805,642,752 octets libres
Post-Run: 8,481,525,760 octets libres

848
0
Réponse 22 / 23
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
 
Fais un scan en ligne :
https://www.malekal.com/scan-antivirus-ligne-nod32/#mozTocId291566
0
Réponse 23 / 23
Christian Nt
 
Voici le rapport fait par kapersky en ligne:

KASPERSKY ON-LINE SCANNER REPORT
Sunday, August 17, 2008 8:46:47 PM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 17/08/2008
Enregistrements dans la base antivirus Kaspersky : 979331
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
C:\
D:\
E:\
F:\
H:\
J:\
Statistiques de l'analyse
Total d'objets analysés 236289
Nombre de virus trouvés 3
Nombre d'objets infectés 6 / 0
Nombre d'objets suspects 0
Durée de l'analyse 06:06:02

Nom de l'objet infecté Nom du virus Dernière action
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC.zip/kernelwind32.exe Infecté : Email-Worm.Win32.Zhelatin.fp ignoré
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC.zip ZIP: infecté - 1 ignoré
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC5.zip/vedxga4me1.exe Infecté : Trojan-Proxy.Win32.Xorpix.be ignoré
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC5.zip ZIP: infecté - 1 ignoré
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SpySheriff.zip/vx3dt2.game Infecté : Packed.Win32.Tibs.ar ignoré
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SpySheriff.zip ZIP: infecté - 1 ignoré
D:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Application Data\BitTorrent\bittorrent.log L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Application Data\Microsoft\Modèles\Normal.dot L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Application Data\Mozilla\Firefox\Profiles\lexro0y8.default\cert8.db L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Application Data\Mozilla\Firefox\Profiles\lexro0y8.default\formhistory.dat L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Application Data\Mozilla\Firefox\Profiles\lexro0y8.default\history.dat L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Application Data\Mozilla\Firefox\Profiles\lexro0y8.default\key3.db L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Application Data\Mozilla\Firefox\Profiles\lexro0y8.default\parent.lock L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Application Data\Mozilla\Firefox\Profiles\lexro0y8.default\search.sqlite L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Application Data\Mozilla\Firefox\Profiles\lexro0y8.default\urlclassifier2.sqlite L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\AppLogs\SUPERANTISPYWARE-8-17-2008( 0-12-23 ).LOG L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Cookies\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Application Data\Mozilla\Firefox\Profiles\lexro0y8.default\Cache\184AC5D0d01 L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Application Data\Mozilla\Firefox\Profiles\lexro0y8.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Application Data\Mozilla\Firefox\Profiles\lexro0y8.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Application Data\Mozilla\Firefox\Profiles\lexro0y8.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Application Data\Mozilla\Firefox\Profiles\lexro0y8.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Historique\History.IE5\MSHist012008081720080818\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Temp\hpodvd09.log L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Temp\IMG91.tmp L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Temp\_hphtra07.log L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Temp\~DF5428.tmp L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Temp\~DF686.tmp L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Temp\~DFABCF.tmp L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Temp\~DFAE6D.tmp L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Temp\~WRS0854.tmp L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Mes documents\Mes fichiers reçus\dossier nanterre\personnel\Delonder la bible.doc L'objet est verrouillé ignoré
D:\Documents and Settings\krys\Mes documents\Mes fichiers reçus\dossier nanterre\personnel\~WRL0004.tmp L'objet est verrouillé ignoré
D:\Documents and Settings\krys\NTUSER.DAT L'objet est verrouillé ignoré
D:\Documents and Settings\krys\ntuser.dat.LOG L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
D:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
D:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
D:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
D:\WINDOWS\Internet Logs\fwpktlog.txt L'objet est verrouillé ignoré
D:\WINDOWS\Internet Logs\IAMDB.RDB L'objet est verrouillé ignoré
D:\WINDOWS\Internet Logs\PNX.ldb L'objet est verrouillé ignoré
D:\WINDOWS\Internet Logs\tvDebug.log L'objet est verrouillé ignoré
D:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
D:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
D:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
D:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
D:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
D:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
D:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
D:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
D:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
D:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
D:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
D:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
D:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
D:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
D:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
D:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
D:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
D:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
D:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
D:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré
D:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
D:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl L'objet est verrouillé ignoré
D:\WINDOWS\temp\ZLT00940.TMP L'objet est verrouillé ignoré
D:\WINDOWS\temp\ZLT00943.TMP L'objet est verrouillé ignoré
D:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
D:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
D:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
J:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
Analyse terminée.
0
Précédent
  • 1
  • 2

Discussions similaires

Signification des abréviations RE: et TR:
La Salamandre -
Iolose -

19 réponses
Sa veux dire koi??Subject: FW: Tr :FW: TR: TR
france22 -
ghano0666545160 -

12 réponses
casque sans fil Sennheiser TR 4200 ne fonctionne plus
jcb83400 -
DIY -

3 réponses
Problème casque sennheiser 4200
barbie35 -
Beenaxa -

1 réponse
Signification "TR"
andromeid -
matrix4422 -

3 réponses