Anayse rapport ZHPDiag

[Difanel]

Pardon pour cet oubli

 

toujours impossible de passer en mode sans echec

[pear]

Les rapports de Virus total sont tronqués:

 

En l'état je ne peux pas savoir de quoi il s'agit.

[Difanel]

Bonjour

 

veuillez m excuser, voici l'intégralité des rapports

 

Fichier Domino.exe reçu le 2009.07.24 00:00:37 (UTC)

Situation actuelle: terminé

Résultat: 0/41 (0.00%)

Formaté Formaté

Impression des résultats Impression des résultats

Antivirus Version Dernière mise à jour Résultat

a-squared 4.5.0.24 2009.07.23 -

AhnLab-V3 5.0.0.2 2009.07.23 -

AntiVir 7.9.0.228 2009.07.23 -

Antiy-AVL 2.0.3.7 2009.07.23 -

Authentium 5.1.2.4 2009.07.24 -

Avast 4.8.1335.0 2009.07.23 -

AVG 8.5.0.387 2009.07.23 -

BitDefender 7.2 2009.07.24 -

CAT-QuickHeal 10.00 2009.07.23 -

ClamAV 0.94.1 2009.07.23 -

Comodo 1748 2009.07.24 -

DrWeb 5.0.0.12182 2009.07.24 -

eSafe 7.0.17.0 2009.07.23 -

eTrust-Vet 31.6.6635 2009.07.23 -

F-Prot 4.4.4.56 2009.07.23 -

F-Secure 8.0.14470.0 2009.07.23 -

Fortinet 3.120.0.0 2009.07.23 -

GData 19 2009.07.24 -

Ikarus T3.1.1.64.0 2009.07.23 -

Jiangmin 11.0.800 2009.07.23 -

K7AntiVirus 7.10.800 2009.07.23 -

Kaspersky 7.0.0.125 2009.07.24 -

McAfee 5686 2009.07.23 -

McAfee+Artemis 5686 2009.07.23 -

McAfee-GW-Edition 6.8.5 2009.07.24 -

Microsoft 1.4903 2009.07.23 -

NOD32 4271 2009.07.23 -

Norman 6.01.09 2009.07.22 -

nProtect 2009.1.8.0 2009.07.23 -

Panda 10.0.0.14 2009.07.23 -

PCTools 4.4.2.0 2009.07.23 -

Prevx 3.0 2009.07.24 -

Rising 21.39.34.00 2009.07.23 -

Sophos 4.44.0 2009.07.24 -

Sunbelt 3.2.1858.2 2009.07.23 -

Symantec 1.4.4.12 2009.07.24 -

TheHacker 6.3.4.3.372 2009.07.23 -

TrendMicro 8.950.0.1094 2009.07.23 -

VBA32 3.12.10.9 2009.07.23 -

ViRobot 2009.7.23.1849 2009.07.23 -

VirusBuster 4.6.5.0 2009.07.23 -

Information additionnelle

File size: 49152 bytes

MD5 : 5603c2c8940f5e43864d4000304ab175

SHA1 : f22234ed04ad1220b28cacaabc2ab0361ce6fe11

SHA256: aea3c84d561c605bb42968e98c6024909b6ad8cba64c45aed6343495fc78ab58

PEInfo: PE Structure information

 

( base data )

entrypointaddress.: 0x2590

timedatestamp.....: 0x44E58125 (Fri Aug 18 10:58:13 2006)

machinetype.......: 0x14C (Intel I386)

 

( 4 sections )

name viradd virsiz rawdsiz ntrpy md5

.text 0x1000 0x5475 0x6000 5.99 eb40aa04898b145b39ad6fed65d76aea

.rdata 0x7000 0xD0E 0x1000 4.86 ac8f8ad613fec801923e04b97959ead4

.data 0x8000 0x5A98 0x3000 0.65 d87ce043bef47f3a61d4950c786abbce

.rsrc 0xE000 0x360 0x1000 0.90 aafef067de0eebfa29c644d3bdefbed3

 

( 4 imports )

 

> kernel32.dll: CloseHandle, GetLastError, CreateMutexA, UnmapViewOfFile, MapViewOfFile, Sleep, CreateFileMappingA, GetSystemTime, SetFilePointer, LoadLibraryA, GetProcAddress, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, FlushFileBuffers, SetStdHandle, IsBadCodePtr, IsBadWritePtr, IsBadReadPtr, SetUnhandledExceptionFilter, VirtualAlloc, WriteFile, VirtualFree, HeapCreate, HeapDestroy, GetFileType, GetStdHandle, SetHandleCount, RtlUnwind, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, GetVersion, ExitProcess, HeapFree, HeapAlloc, WideCharToMultiByte, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, GetModuleFileNameA, FreeEnvironmentStringsA, MultiByteToWideChar, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, GetCPInfo, GetACP, GetOEMCP

> ole32.dll: CreateBindCtx, CoUninitialize, CoGetMalloc, CoCreateInstance, MkParseDisplayName, CoInitialize

> oleaut32.dll: -, -

> user32.dll: DispatchMessageA, TranslateMessage, TranslateAcceleratorA, GetMessageA, LoadAcceleratorsA, RegisterDeviceNotificationA, UnregisterDeviceNotification, RegisterClassExA, CreateWindowExA, PostQuitMessage, DefWindowProcA

 

( 0 exports )

TrID : File type identification

Win64 Executable Generic (58.7%)

Win32 Executable MS Visual C++ (generic) (25.8%)

Win32 Executable Generic (5.8%)

Win32 Dynamic Link Library (generic) (5.2%)

Win32 Executable MS Visual FoxPro 7 (1.5%)

ThreatExpert: http://www.threatexpert.com/report.aspx?md...64d4000304ab175

ssdeep: 384:2kG0uunnXM+C23lgQbBVYPP9ewsGTybD9TP4+Ylav6/ge+c7NkCDhOK6qhxaKE9t:24nXMZ7CIYwsjp9C7Nn16q39khs7JK1

PEiD : InstallShield 2000

CWSandbox: http://research.sunbelt-software.com/partn...64d4000304ab175

RDS : NSRL Reference Data Set

-

 

 

Fichier ZSSnp211.exe reçu le 2009.07.19 11:59:22 (UTC)

Situation actuelle: terminé

Résultat: 4/41 (9.76%)

Formaté Formaté

Impression des résultats Impression des résultats

Antivirus Version Dernière mise à jour Résultat

a-squared 4.5.0.24 2009.07.19 Trojan.Win32.Patched!IK

AhnLab-V3 5.0.0.2 2009.07.19 -

AntiVir 7.9.0.220 2009.07.17 -

Antiy-AVL 2.0.3.7 2009.07.17 Trojan/Win32.Patched.gen

Authentium 5.1.2.4 2009.07.19 -

Avast 4.8.1335.0 2009.07.19 -

AVG 8.5.0.387 2009.07.19 -

BitDefender 7.2 2009.07.19 -

CAT-QuickHeal 10.00 2009.07.17 -

ClamAV 0.94.1 2009.07.19 -

Comodo 1701 2009.07.19 -

DrWeb 5.0.0.12182 2009.07.19 -

eSafe 7.0.17.0 2009.07.16 Win32.Patched.ch

eTrust-Vet 31.6.6623 2009.07.18 -

F-Prot 4.4.4.56 2009.07.19 -

F-Secure 8.0.14470.0 2009.07.18 -

Fortinet 3.120.0.0 2009.07.19 -

GData 19 2009.07.19 -

Ikarus T3.1.1.64.0 2009.07.19 Trojan.Win32.Patched

Jiangmin 11.0.800 2009.07.19 -

K7AntiVirus 7.10.796 2009.07.18 -

Kaspersky 7.0.0.125 2009.07.19 -

McAfee 5680 2009.07.18 -

McAfee+Artemis 5680 2009.07.18 -

McAfee-GW-Edition 6.8.5 2009.07.19 -

Microsoft 1.4803 2009.07.19 -

NOD32 4257 2009.07.18 -

Norman 6.01.09 2009.07.17 -

nProtect 2009.1.8.0 2009.07.19 -

Panda 10.0.0.14 2009.07.18 -

PCTools 4.4.2.0 2009.07.19 -

Prevx 3.0 2009.07.19 -

Rising 21.38.62.00 2009.07.19 -

Sophos 4.43.0 2009.07.19 -

Sunbelt 3.2.1858.2 2009.07.18 -

Symantec 1.4.4.12 2009.07.19 -

TheHacker 6.3.4.3.370 2009.07.17 -

TrendMicro 8.950.0.1094 2009.07.18 -

VBA32 3.12.10.8 2009.07.19 -

ViRobot 2009.7.17.1841 2009.07.17 -

VirusBuster 4.6.5.0 2009.07.16 -

Information additionnelle

File size: 49152 bytes

MD5 : 6409f6271afe9b4fe449db849042e240

SHA1 : 7c8475f7d37f0b72a10c04316b143f28cf0cf43b

SHA256: b068d378be689ca0ac2f60e057eff15444572ef6a767a8a1a788080c730b34c8

PEInfo: PE Structure information

 

( base data )

entrypointaddress.: 0x2BC0

timedatestamp.....: 0x44E68761 (Sat Aug 19 05:37:05 2006)

machinetype.......: 0x14C (Intel I386)

 

( 4 sections )

name viradd virsiz rawdsiz ntrpy md5

.text 0x1000 0x5AA5 0x6000 6.26 30a2c00e45e827c62e1d40f2609bb79a

.rdata 0x7000 0xD6A 0x1000 4.82 d8875a53a92a69be8fe3e3aa0e8e533f

.data 0x8000 0x5058 0x3000 0.72 aabfd405a7da657217ac59cf72a5fa9e

.rsrc 0xE000 0x3F8 0x1000 1.07 3654bab490d14573b358dea5c272546e

 

( 0 imports )

 

 

( 0 exports )

TrID : File type identification

Win32 Executable MS Visual C++ (generic) (65.2%)

Win32 Executable Generic (14.7%)

Win32 Dynamic Link Library (generic) (13.1%)

Generic Win/DOS Executable (3.4%)

DOS Executable Generic (3.4%)

ThreatExpert: http://www.threatexpert.com/report.aspx?md...449db849042e240

ssdeep: 768:tSODkIlk9EC5DiaBwPUk/Dvufk8x57JKB:tSsNGWCFU8GvufFKB

PEiD : InstallShield 2000

CWSandbox: http://research.sunbelt-software.com/partn...449db849042e240

RDS : NSRL Reference Data Set

-

 

 

0 bytes size received / Se ha recibido un archivo vacio

 

 

Merci

[pear]

Bonjour,

 

 

Combo, Nettoyage

Déconnectez-vous du net et désactivez l'antivirus (juste le temps de la procédure !)

Connecter tous les disques amovibles (disque dur externe, clé USB…).

Dans certaines circonstances , le Mode sans échec peut être nécessaire

Ouvrez Combofix

# Dans le bloc-note ,copiez-collez ces lignes :

 

KillAll::

Folder::

C:\Program Files\AskBarDis

C:\Program Files\Bonjour

File::

c:\program files\askbardis\bar\bin\askbar.dll

e:\windows\ZSSnp211.exe

Driver::

Bonjour Service

ASKService

 

Registry::

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

[-HKEY_CLASSES_ROOT\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]

"ZSSnp211"=-

 

 

* Attention, ce code a été rédigé spécialement pour cet utilisateur, il serait dangereux de le réutiliser dans d'autres cas !

Enregistrez-le en lui donnant le nom CFScript.txt

* Faire un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe

 

* Au message qui apparait dans une fenêtre bleue ( Type 1 to continue, or 2 to abort) , taper 1 puis valider.

* Patienter le temps du scan.Le bureau va disparaitre à plusieurs reprises: c'est normal!

Ne toucher à rien tant que le scan n'est pas terminé.

* Une fois le scan achevé, un rapport va s'afficher: poster son contenu.

* Si le fichier n'apparait pas, il se trouve ici > C:\ComboFix.txt

 

Postez un nouvel Hijackthis, svp.

Téléchargez Hijackthis de TrendMicro.

* Décompressez le dans un dossier à la racine du disque dur(généralement C:\)

Mais jamais dans un dossier temporaire

renommer ce dossier par exemple Karcher

Sous Vista,,il faut faire clic-droit >> "Exécuter en tant qu'Administrateur" sur Hijackthis.exe sinon HJT tourne mais ne fixe rien.

* Lancer le fichier Hijackthis.exe

* Cliquer sur Do a system scan and save a log file

* Poster le rapport dans un nouveau message

Modifié le 24 juillet 2009 par pear

[Difanel]

Bonjour

 

voici le rapport d'Hijackthis après nettoyage de Combo

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:57:44, on 24/07/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

E:\WINDOWS\System32\smss.exe

E:\WINDOWS\system32\winlogon.exe

E:\WINDOWS\system32\services.exe

E:\WINDOWS\system32\lsass.exe

E:\WINDOWS\system32\Ati2evxx.exe

E:\WINDOWS\system32\svchost.exe

E:\WINDOWS\System32\svchost.exe

E:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

E:\WINDOWS\system32\drivers\CDAC11BA.EXE

E:\PVSW\Bin\WGE_SRV.exe

c:\Program Files\PC Tools Firewall Plus\FWService.exe

E:\WINDOWS\system32\Ati2evxx.exe

E:\WINDOWS\system32\svchost.exe

E:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe

E:\WINDOWS\system32\ctfmon.exe

E:\WINDOWS\explorer.exe

C:\Karcher\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.free.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=61005

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=61005

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [00PCTFW] "c:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s

O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~1\INetRepl.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll

O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - E:\Program Files\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\Program Files\a-squared Free\a2service.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - E:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: EBP Pervasive.SQL - Unknown owner - E:\PVSW\Bin\WGE_SRV.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - E:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - c:\Program Files\PC Tools Firewall Plus\FWService.exe

 

--

End of file - 6131 bytes

[pear]

Bonjour,

 

Dans Hijackthis, cochez ces lignes inutiles puis Fix checked et ce sera parfait.

 

R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe

 

Il ne vous servirait à rien de garder des outils de désinfection qui sont constamment mis à jours et seraient obsolètes en quelques jours.

 

Pour enlever les programmes utilisés pendant la procédure.

Télécharger ToolsCleaner2 de A.Rothstein

* Enregistrer ToolsCleaner2.exe sur le Bureau.

Sous Vista,Clic-droit > Exécuter en tant que Administrateur

* Double-cliquer dessus, puis cliquer sur Recherche --> Le programme va chercher les utilitaires installés

------> Il se peut que la fenêtre devienne blanche pendant le scan, c'est normal !

L'outil supprimera sans que vous ayez à intervenir.

 

Si vous estimez votre problème résolu, éditez l'en tête de votre premier message pour que ceux qui la recherchent y trouvent une solution.

[Difanel]

Bonjour Pear

 

et merci de ton aide

 

pour info, toujours impossible de passer en mode sans echec.

 

Dois-je marquer mon problème comme terminer ?

[pear]

Bonjour,

 

toujours impossible de passer en mode sans echec.

 

Copier/coller ce qui suit dans le bloc notes,

sans ligne blanche au début.

Enregistrez sur le bureau sous regis.reg.

Cliquez droit sur le fichier ->fusionner

Acceptez la modification du Régistre:

Windows Registry Editor Version 5.00

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]

"AlternateShell"="cmd.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]

@="FSFilter System Recovery"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

@="Universal Serial Bus controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

@="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

@="DiskDrive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

@="Standard floppy disk controller"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

@="Hdc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

@="Keyboard"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

@="Mouse"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

@="PCMCIA Adapters"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

@="SCSIAdapter"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

@="System"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

@="Floppy disk drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

@="Volume"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

@="Human Interface Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AVG Anti-Spyware Driver]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AVG Anti-Spyware Guard]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmadmin]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmboot.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmio.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmload.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmserver]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ip6fw.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NtLmSsp]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpcdd.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpdd.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpwd.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sr.sys]

@="FSFilter System Recovery"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SRService]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdpipe.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdtcp.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\termservice]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WZCSVC]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}]

@="Universal Serial Bus controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

@="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

@="DiskDrive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

@="Standard floppy disk controller"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

@="Hdc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

@="Keyboard"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

@="Mouse"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

@="Net"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

@="NetClient"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

@="NetService"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

@="NetTrans"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

@="PCMCIA Adapters"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

@="SCSIAdapter"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

@="System"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

@="Floppy disk drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

@="Volume"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

@="Human Interface Devices"

Modifié le 26 juillet 2009 par pear

[Difanel]

Bonjour

 

je viens d'effectuer la manip et toujours pas possible de passer en mode sans echec

[pear]

Bonjour,

 

Essayez ceci:

 

Télécharger SafeBootKeyRepair de sUBs

sur le bureau

* Double-cliquer sur l'exécutable pour le lancer (une fenêtre noire s'ouvre et demande d'attendre).

* (cela peut durer quelques minutes).

* Ne poster le rapport que s'il y a eu des erreurs !

* Supprimer le fichier SafeBootKeyRepair.exe.