Svhost.exe - Erreur d'application

Merci pour cette réponse rapide mais je suis déjà bloqué au premier point i.e la "désactivation" des comptes utilisateurs.

A partir du panneau de configuration, le double click sur l'icone m'affiche les comptes utilisateur mais pas de notion de "désactivation" : uniquement option "Ajouter", "Supprimer" et "Propriété".

J'ai télécharger à partir d'un autre PC Combofix, désactiver l'antivirus et le pare feu et je m'apprete à lancer combofix mais la non désactivation des comptes utilisateurs est elle un problème ?

Sauf que quand je clique sur l'icone Combofix, il ne se passe rien !!

Juste une petite fenêtre rectangulaire marque "combofix" avec une bde bleue, un rafraichissement bref de l&cran et puis plus rien.

De même, après avoir installersur le bureau Malwarebyte's, lorsque je veux le lancer, il ne se passe rien non plus.

Au niveau du PC cela semble ne faire qu'empirer et que bientôt je ne pourrais plus rien faire.

Ok, maintenant Combofix se lance mais nouveau problème car j'ai des message comme quoi le scanneur Symantec est tjrs actif alors que j'ai désactiver symantec auto protec, arrêté le service CCAP.exe, puis désactiver les service symantec via cmde services.msc etc... mais toujours le même message au lancement de combofix.
avec avertissement que combofix s'éxécutra à mes risques et périls !


Quid commodo ?

Ci dessous les rapprots Findykill.txt et Lopr.txt

Findykill :

############################## [ FindyKill V4.720 ]

# User : fboudet () # FBOUDET
# Update on 12/03/09 by Chiquitine29
# Start at: 17:26:42 | 13/03/2009

# Intel(R) Pentium(R) M processor 1.73GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Disabled
# AV : Symantec AntiVirus Corporate Edition 10.0.1.1000 [ Enabled | (!) Outdated ]

# C:\ # Disque fixe local # 55,79 Go (10,19 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque amovible # 3,84 Go (1,83 Go free) # FAT32

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\D-Link\D-Link DWA-645 Wireless N Notebook Adapter\acs.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Apoint\Apntex.exe
C:\PROGRA~1\GENIUS~1\GNETMOUS.EXE
C:\WINDOWS\system32\WDBtnMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\D-Link\D-Link DWA-645 Wireless N Notebook Adapter\wirelesscm.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Fichiers / Dossiers infectieux C:\ ]


################## [ C:\WINDOWS ]


################## [ C:\WINDOWS\system32 ]


################## [ C:\WINDOWS\system32\drivers ]


################## [ C:\.. Application Data ... ]


################## [ Registre / Clés infectieuses ]



################## [ Recherche dans supports amovibles]


# Contenu de l'autorun : C:\autorun.inf

[autorun]
;sowqhmjypgjzzqkdfuzkjsjqkeexbijcu
shellexecute="RECYCLER\S-3-2-82-100026283-100017420-100012859-2356.com c:\"
;ruigwcrvfbakemxzvchlxtedyrmegvargmtckyxmkyxewfetsnptjbszsnquezhbcosemftyveidspr
shell\Open\command="RECYCLER\S-3-2-82-100026283-100017420-100012859-2356.com c:\"
;fznqfxsmvkvmjbtidzhiwvlhmhvxzonqzarugdagk
shell=Open

# Presence des fichiers :

Found ! [13/03/2009 09:16][-r-hs----] - C:\autorun.inf

################## [ Registre / Mountpoint2 ]

Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##ares#logiciels$\Shell\explore\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##ares#logiciels$\Shell\open\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##artemis#commun\Shell\explore\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##artemis#commun\Shell\open\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##artemis#lswe\Shell\explore\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##artemis#lswe\Shell\open\Command

################## [ ! Fin du rapport # FindyKill V4.720 ! ]



Lopr :


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.73GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A06
USER : fboudet ( Not Administrator ! )
BOOT : Normal boot
Antivirus : Symantec AntiVirus Corporate Edition 10.0.1.1000 (Activated)
C:\ (Local Disk) - NTFS - Total:55 Go (Free:10 Go)
D:\ (CD or DVD)
E:\ (USB) - FAT32 - Total:3928 Mo (Free:1 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 13/03/2009|17:28 )

--------------------\\ Listing des dossiers dans APPLIC~1

[07/11/2005|12:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[07/11/2005|12:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM
[20/08/2007|14:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[19/08/2004|13:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[07/10/2005|11:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intel
[20/08/2007|14:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[07/11/2005|12:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[07/11/2005|15:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[07/10/2005|11:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun

[05/12/2008|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[20/01/2009|17:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{55A29068-F2CE-456C-9148-C869879E2357}
[05/02/2009|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{83C91755-2546-441D-AC40-9A6B4B860800}
[03/02/2009|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/07/2007|10:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[30/11/2006|12:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[18/02/2009|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Atheros
[29/09/2007|15:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[09/01/2009|08:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[07/10/2005|11:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[24/07/2008|09:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[23/01/2009|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[18/02/2009|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pure Networks
[19/08/2004|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[02/03/2009|04:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SITEguard
[13/03/2009|01:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\STOPzilla!
[03/02/2009|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[20/01/2009|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[29/11/2006|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[13/03/2009|00:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zoom Player

[07/11/2005|12:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[07/11/2005|12:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
[19/08/2004|13:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[07/10/2005|11:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[07/11/2005|12:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[07/11/2005|15:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[07/10/2005|11:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun

[25/05/2008|19:19] C:\DOCUME~1\fboudet\APPLIC~1\.ABC
[23/05/2008|07:44] C:\DOCUME~1\fboudet\APPLIC~1\Adobe
[13/05/2008|11:59] C:\DOCUME~1\fboudet\APPLIC~1\AdobeUM
[07/12/2008|01:18] C:\DOCUME~1\fboudet\APPLIC~1\Apple Computer
[18/12/2008|00:54] C:\DOCUME~1\fboudet\APPLIC~1\AVS4YOU
[09/08/2007|10:27] C:\DOCUME~1\fboudet\APPLIC~1\CyberLink
[22/12/2007|09:06] C:\DOCUME~1\fboudet\APPLIC~1\Dossier de téléchargement Share-to-Web
[22/12/2007|09:16] C:\DOCUME~1\fboudet\APPLIC~1\Dossier de téléchargement Share-to-Web
[13/03/2009|09:09] C:\DOCUME~1\fboudet\APPLIC~1\dvdcss
[01/04/2008|13:18] C:\DOCUME~1\fboudet\APPLIC~1\GARMIN
[30/11/2006|12:07] C:\DOCUME~1\fboudet\APPLIC~1\Google
[29/11/2006|13:50] C:\DOCUME~1\fboudet\APPLIC~1\Help
[19/08/2004|13:24] C:\DOCUME~1\fboudet\APPLIC~1\Identities
[18/02/2009|18:57] C:\DOCUME~1\fboudet\APPLIC~1\InstallShield
[07/10/2005|11:37] C:\DOCUME~1\fboudet\APPLIC~1\Intel
[30/01/2009|00:32] C:\DOCUME~1\fboudet\APPLIC~1\JAM Software
[22/12/2008|19:04] C:\DOCUME~1\fboudet\APPLIC~1\Juniper Networks
[11/02/2008|14:29] C:\DOCUME~1\fboudet\APPLIC~1\Lavasoft
[07/11/2005|12:14] C:\DOCUME~1\fboudet\APPLIC~1\Macromedia
[06/06/2008|09:09] C:\DOCUME~1\fboudet\APPLIC~1\Microsoft
[31/10/2007|19:31] C:\DOCUME~1\fboudet\APPLIC~1\Mobipocket
[04/10/2008|18:15] C:\DOCUME~1\fboudet\APPLIC~1\Mozilla
[25/03/2008|16:16] C:\DOCUME~1\fboudet\APPLIC~1\Real
[07/10/2005|11:35] C:\DOCUME~1\fboudet\APPLIC~1\Sun
[20/01/2009|17:26] C:\DOCUME~1\fboudet\APPLIC~1\TuneUp Software
[18/07/2008|21:50] C:\DOCUME~1\fboudet\APPLIC~1\U3
[13/03/2009|01:16] C:\DOCUME~1\fboudet\APPLIC~1\UseNeXT
[05/01/2009|20:26] C:\DOCUME~1\fboudet\APPLIC~1\vlc
[12/06/2008|21:39] C:\DOCUME~1\fboudet\APPLIC~1\WinRAR

[03/02/2009|11:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[03/02/2009|11:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\Dossier de téléchargement Share-to-Web
[03/02/2009|11:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[03/02/2009|11:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[20/08/2007|18:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[19/08/2004|13:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[13/03/2009 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[05/03/2009 18:59][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[13/03/2009 17:00][--a------] C:\WINDOWS\tasks\RegCure Program Check.job
[12/03/2009 04:33][--a------] C:\WINDOWS\tasks\RegCure.job
[28/03/2008 09:39][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 2200 series#1198311161.job
[09/03/2009 22:12][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[13/03/2009 16:40][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[25/07/2008|21:40] C:\Program Files\2BrightSparks
[30/11/2006|11:51] C:\Program Files\ACDSee32
[03/02/2009|11:56] C:\Program Files\Adobe
[29/11/2006|13:34] C:\Program Files\Apoint
[18/09/2008|14:57] C:\Program Files\Apple Software Update
[12/03/2009|23:37] C:\Program Files\AVS4YOU
[18/09/2008|15:00] C:\Program Files\Bonjour
[07/10/2005|11:37] C:\Program Files\Broadcom
[10/12/2008|14:43] C:\Program Files\Business Objects
[30/01/2009|00:10] C:\Program Files\CCleaner
[05/01/2009|21:36] C:\Program Files\CD Audio Reader Filter
[05/01/2009|20:35] C:\Program Files\Combined Community Codec Pack
[19/08/2004|13:15] C:\Program Files\ComPlus Applications
[07/10/2005|11:38] C:\Program Files\CyberLink
[07/10/2005|11:38] C:\Program Files\Dell
[18/02/2009|19:26] C:\Program Files\DIFX
[03/11/2008|10:12] C:\Program Files\Directory Lister
[18/02/2009|18:59] C:\Program Files\D-Link
[12/01/2008|15:01] C:\Program Files\Dnote Software
[05/01/2009|21:36] C:\Program Files\DScaler5
[05/01/2009|21:34] C:\Program Files\DSP-worx
[20/08/2007|19:41] C:\Program Files\eMule
[01/11/2008|12:16] C:\Program Files\ffdshow
[18/02/2009|19:26] C:\Program Files\Fichiers communs
[13/03/2009|17:26] C:\Program Files\FindyKill
[29/11/2006|12:24] C:\Program Files\foxit
[01/01/2008|14:50] C:\Program Files\Garmin
[03/02/2009|11:47] C:\Program Files\Genius NetScroll+ Mini Traveler Mouse
[09/01/2009|08:28] C:\Program Files\Google
[22/12/2007|09:06] C:\Program Files\Hewlett-Packard
[07/11/2005|14:32] C:\Program Files\IBM
[01/01/2008|15:41] C:\Program Files\IconColl
[18/02/2009|18:59] C:\Program Files\InstallShield Installation Information
[07/10/2005|11:36] C:\Program Files\Intel
[07/10/2005|11:37] C:\Program Files\Intel, Inc
[20/02/2009|18:01] C:\Program Files\Internet Explorer
[05/12/2008|11:58] C:\Program Files\iPod
[26/01/2007|10:34] C:\Program Files\Iris Export Service
[05/12/2008|11:59] C:\Program Files\iTunes
[30/01/2009|00:32] C:\Program Files\JAM Software
[29/11/2006|15:32] C:\Program Files\Java
[22/12/2008|09:07] C:\Program Files\Juniper Networks
[05/02/2009|18:56] C:\Program Files\Lavasoft
[01/11/2007|16:02] C:\Program Files\Logitech
[13/03/2009|17:17] C:\Program Files\Malwarebytes' Anti-Malware
[16/12/2008|10:07] C:\Program Files\Messenger
[18/03/2008|13:03] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[19/08/2004|13:18] C:\Program Files\microsoft frontpage
[19/03/2008|06:00] C:\Program Files\Microsoft Office
[29/11/2006|13:49] C:\Program Files\Microsoft Visual Studio
[07/11/2005|14:26] C:\Program Files\Microsoft VM
[30/11/2007|12:55] C:\Program Files\Mobipocket.com
[15/07/2008|21:50] C:\Program Files\Modem Helper
[05/01/2009|21:36] C:\Program Files\MONOGRAM AMR SplitterDecoder
[16/12/2008|10:03] C:\Program Files\Movie Maker
[13/03/2009|15:39] C:\Program Files\Mozilla Firefox
[19/03/2008|06:00] C:\Program Files\MSECache
[19/08/2004|13:14] C:\Program Files\MSN
[19/08/2004|13:14] C:\Program Files\MSN Gaming Zone
[29/11/2006|12:23] C:\Program Files\MSXML 4.0
[16/12/2008|10:00] C:\Program Files\NetMeeting
[07/10/2005|11:36] C:\Program Files\NetWaiting
[07/11/2005|13:07] C:\Program Files\OfficeUpdate11
[19/08/2004|13:15] C:\Program Files\Online Services
[16/12/2008|10:00] C:\Program Files\Outlook Express
[05/12/2007|12:14] C:\Program Files\PC Inspector File Recovery
[29/11/2006|12:28] C:\Program Files\PDFCreator
[07/11/2005|12:07] C:\Program Files\PowerArchiver
[18/02/2009|19:26] C:\Program Files\Pure Networks
[05/12/2008|11:56] C:\Program Files\QuickTime
[30/12/2007|18:32] C:\Program Files\QuickZip4
[19/09/2008|07:19] C:\Program Files\ReadIris
[25/03/2008|16:13] C:\Program Files\Real
[05/01/2009|21:36] C:\Program Files\RealMedia
[05/01/2009|20:07] C:\Program Files\RegCure
[26/01/2008|23:15] C:\Program Files\Rising Research
[14/05/2008|15:05] C:\Program Files\RKSoft
[05/12/2008|11:45] C:\Program Files\Safari
[30/11/2006|11:55] C:\Program Files\Screenkeeper
[19/08/2004|13:16] C:\Program Files\Services en ligne
[05/01/2009|21:34] C:\Program Files\SHOUTcast Source
[07/10/2005|11:21] C:\Program Files\Sigmatel
[29/01/2009|20:14] C:\Program Files\Stellar Phoenix Windows Data Recovery
[09/01/2009|11:41] C:\Program Files\STOPzilla!
[03/02/2009|09:53] C:\Program Files\Symantec
[13/03/2009|15:28] C:\Program Files\Symantec AntiVirus
[07/11/2005|13:01] C:\Program Files\ToniArts
[26/01/2007|12:32] C:\Program Files\Toscane
[12/06/2008|21:30] C:\Program Files\Traction Software
[07/03/2009|15:18] C:\Program Files\TuneUp Utilities 2009
[29/11/2006|15:00] C:\Program Files\UltraVNC
[19/08/2004|13:24] C:\Program Files\Uninstall Information
[18/02/2009|22:01] C:\Program Files\UseNeXT
[30/11/2006|12:30] C:\Program Files\VideoLAN
[01/11/2008|12:21] C:\Program Files\VirtualDub
[25/03/2008|16:43] C:\Program Files\VirtualDubMOD
[16/11/2007|12:28] C:\Program Files\Western Digital Technologies
[12/03/2009|23:36] C:\Program Files\Windows Media Player
[16/12/2008|10:00] C:\Program Files\Windows NT
[18/03/2008|11:34] C:\Program Files\WindowsUpdate
[09/03/2009|09:44] C:\Program Files\WinRAR
[19/08/2004|13:18] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[03/02/2009|11:56] C:\Program Files\Fichiers communs\Adobe
[05/12/2008|11:58] C:\Program Files\Fichiers communs\Apple
[18/12/2008|00:54] C:\Program Files\Fichiers communs\AVSMedia
[26/01/2007|10:25] C:\Program Files\Fichiers communs\Borland Shared
[10/12/2008|14:42] C:\Program Files\Fichiers communs\Business Objects
[29/11/2006|13:49] C:\Program Files\Fichiers communs\Designer
[22/12/2007|09:07] C:\Program Files\Fichiers communs\Hewlett-Packard
[07/10/2005|11:37] C:\Program Files\Fichiers communs\InstallShield
[09/01/2009|11:41] C:\Program Files\Fichiers communs\iS3
[29/11/2006|15:32] C:\Program Files\Fichiers communs\Java
[10/10/2008|16:46] C:\Program Files\Fichiers communs\Microsoft Shared
[19/08/2004|13:16] C:\Program Files\Fichiers communs\MSSoap
[19/08/2004|13:10] C:\Program Files\Fichiers communs\ODBC
[26/01/2007|10:28] C:\Program Files\Fichiers communs\PC SOFT
[18/02/2009|19:26] C:\Program Files\Fichiers communs\Pure Networks Shared
[25/03/2008|16:14] C:\Program Files\Fichiers communs\Real
[19/08/2004|13:16] C:\Program Files\Fichiers communs\Services
[19/08/2004|13:10] C:\Program Files\Fichiers communs\SpeechEngines
[03/02/2009|11:49] C:\Program Files\Fichiers communs\Symantec Shared
[16/12/2008|10:00] C:\Program Files\Fichiers communs\System
[25/03/2008|16:14] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 48 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-13 17:29:43
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
disk error: C:\WINDOWS\System32\
please note that you need administrator rights to perform deep scan

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\fboudet\.housecall6.6\Quarantine\Axialis Iconworkshop 6.03 Crack FR + 1300 Icons.rar.bac_a03160


[F:78][D:7]-> C:\DOCUME~1\fboudet\LOCALS~1\Temp
[F:6][D:0]-> C:\DOCUME~1\fboudet\Cookies
[F:8][D:4]-> C:\DOCUME~1\fboudet\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 13/03/2009|17:30 - Option : [1]

--------------------\\ Fin du rapport a 17:30:08

rapport Findykill après lancement option 2 :

############################## [ FindyKill V4.720 ]

# User : fboudet () # FBOUDET
# Update on 12/03/09 by Chiquitine29
# Start at: 17:56:24 | 13/03/2009

# Intel(R) Pentium(R) M processor 1.73GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Disabled
# AV : Symantec AntiVirus Corporate Edition 10.0.1.1000 [ Enabled | (!) Outdated ]

# C:\ # Disque fixe local # 55,79 Go (10,19 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque amovible # 3,84 Go (1,83 Go free) # FAT32

############################## [ Active Processes ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\D-Link\D-Link DWA-645 Wireless N Notebook Adapter\acs.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Apoint\Apntex.exe
C:\PROGRA~1\GENIUS~1\GNETMOUS.EXE
C:\WINDOWS\system32\WDBtnMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\D-Link\D-Link DWA-645 Wireless N Notebook Adapter\wirelesscm.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Infected Files / Folders C:\ ]


################## [ C:\WINDOWS ]


################## [ C:\WINDOWS\system32 ]


################## [ C:\WINDOWS\system32\drivers ]


################## [ C:\.. Application Data ... ]


################## [ Registry / Infected keys ]


################## [ Cleaning Removable drives ]

# Deleting files :

Deleted ! - C:\autorun.inf

################## [ Registry / Mountpoint2 ]

Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##ares#logiciels$\Shell\explore\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##ares#logiciels$\Shell\open\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##artemis#commun\Shell\explore\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##artemis#commun\Shell\open\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##artemis#lswe\Shell\explore\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##artemis#lswe\Shell\open\Command

################## [ Searching Other Infections ]

# -> Nothing found.

################## [ ! End of Report # FindyKill V4.720 ! ]



<rapport RSIT :

Info.txt :

info.txt logfile of random's system information tool 1.05 2009-03-13 18:04:44

======Uninstall list======

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\AFPViewr\DeIsL1.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL10.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL11.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL12.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL13.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL14.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL15.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL16.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL17.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL18.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL19.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL2.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL20.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL21.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL22.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL23.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL24.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL25.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL26.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL27.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL28.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL29.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL3.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL30.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL31.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL4.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL5.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL6.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL7.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL8.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL9.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\Emulator\DeIsL1.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\Emulator\DeIsL2.isu"
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\Emulator\DeIsL8.isu"
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABC (remove only)-->F:\ABC\Uninstall.exe
ACDSee 32-->C:\PROGRA~1\ACDSee32\UNWISE.EXE C:\PROGRA~1\ACDSee32\INSTALL.LOG
Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe® Photoshop® Album Edition Découverte 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
ALPS Touch Pad Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
AVS DVDMenu Editor 1.2.1.19-->"C:\Program Files\Fichiers communs\AVSMedia\AVS DVDMenu Editor\unins000.exe"
AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManger\unins000.exe"
AVS Video Converter 5.6-->"C:\Program Files\AVS4YOU\AVSVideoConverter\unins000.exe"
AVS Video Converter 6-->"C:\Program Files\AVS4YOU\AVSVideoConverter6\unins000.exe"
AVS Video ReMaker 2.3-->"C:\Program Files\AVS4YOU\AVSVideoReMaker\unins000.exe"
AVS Video to GO-->"C:\Program Files\AVS4YOU\AVSVideotoGO\unins000.exe"
AVS4YOU Software Navigator 1.3-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Broadcom Advanced Control Suite 2-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{64A77F14-0E08-4A97-A859-E93CFF428756} /l1036
Broadcom ASF Management Applications-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{25D24E84-64A9-40D2-85CF-540B1C4A6D52} /l1036
Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{7E369B27-13E2-41A5-9879-358EE1C8B5AD}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CD Audio Reader Filter (remove only)-->"C:\Program Files\CD Audio Reader Filter\uninstall.exe"
Combined Community Codec Pack 2008-09-21 16:18-->"C:\Program Files\Combined Community Codec Pack\unins001.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
CuteSQL ver. 1.2.-->"C:\Program Files\RKSoft\CuteSQL\unins000.exe"
DC-Bass Source 1.1.1-->"C:\Program Files\DSP-worx\DC-Bass Source\Uninstall.exe"
deploy CR 11-->MsiExec.exe /I{3D98EF92-831C-4F1D-8606-AA024A62E702}
Digital Video Repair 1.0-->"C:\Program Files\Rising Research\Digital Video Repair\uninstall.exe"
Directory Lister v0.9-->"C:\Program Files\Directory Lister\unins000.exe"
D-Link AirPlus-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CDC74FE6-5224-11D6-B27F-00E0181A6FA8}\Setup.exe" -l0x9
DScaler 5 Mpeg Decoders-->"C:\Program Files\DScaler5\unins000.exe"
DWA-645-->C:\Program Files\InstallShield Installation Information\{6F6F39E3-D24D-4EEE-9AEA-DEDAF991385D}\setup.exe -runfromtemp -l0x040c -removeonly
EasyCleaner-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9
eMule-->"F:\Emule\Uninstall.exe"
ffdshow [rev 1703] [2007-12-15]-->"C:\Program Files\ffdshow\unins000.exe"
FindyKill-->C:\Program Files\FindyKill\Uninstal.exe
Garmin City Navigator Europe NT 2008-->MsiExec.exe /X{1E105942-593C-4C48-AB3D-BEC2124F5FCE}
Garmin City Navigator Europe NT v9-->MsiExec.exe /X{29EA075F-2C61-472F-B01D-80E8D8F023F1}
Garmin POI Loader-->MsiExec.exe /X{80A2A967-C1B7-412D-B2B2-C4A33209C205}
Genius NetScroll+ Mini Traveler Mouse-->C:\Program Files\Genius NetScroll+ Mini Traveler Mouse\Setup.exe /Uninstall
Gestion de l'alimentation de la carte réseau interne-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F528948-0E80-4C96-B455-DE4167CB1DF7}\setup.exe" -l0x40c UNINSTALL APPDRVNT4
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
hp psc 2200 series-->rundll32 hpzcon05.dll,VendorJettison hp psc 2200 series
IBM iSeries Access for Windows-->"C:\Program Files\IBM\Client Access\cwbinarp.exe"
Icon Collector Version 1.3-->"C:\WINDOWS\UNISTB32.EXE" /U "C:\Program Files\IconColl\UNINST0.000" "C:\Program Files\IconColl\UNINST1.000"
Intel(R) Graphics Media Accelerator Driver for Mobile-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java 2 Runtime Environment, SE v1.4.2_07-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142070}
Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LiveUpdate 2.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.exe" -l0x40c UNINSTALL -removeonly
Logitech Harmony Remote Client-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{9233F6E2-952D-48C5-A0A2-FA6AEEFA8194} /l1036
Lotus Notes-->C:\WINDOWS\IsUn040c.exe -fC:\Lotus\Notes\Uninst.isu
Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
mCore-->MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mHlpDell-->MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Standard-->MsiExec.exe /I{9112040C-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mIWCA-->MsiExec.exe /I{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
MobileMe Control Panel-->MsiExec.exe /I{924EB80F-C2BB-4B9F-8412-88BBA937393F}
Mobipocket Reader 6.1-->MsiExec.exe /I{7078C6C2-F5A5-4A5F-86A8-CD1301CA07DF}
Modem Helper-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x40c ControlPanel
MONOGRAM AMR Splitter/Decoder (remove only)-->"C:\Program Files\MONOGRAM AMR SplitterDecoder\uninstall.exe"
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mSSO-->MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
mToolkit-->MsiExec.exe /I{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
NetWaiting-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x40c ControlPanelAnyText
Network Magic-->MsiExec.exe /X{25B9A03C-28C3-4F39-AA3A-37ACE91BF759}
Package de pilotes Windows - Pure Networks, Inc. Network Magic Device Discovery Driver (03/23/2007 4.1.7082.0)-->rundll32.exe C:\PROGRA~1\DIFX\B7A8D76A63BBE060C656AA54D656BF7D1C31D4C3\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\pnarp_5F686DCD97D2EA9F74BD89FAA7E73B89CD47B120\pnarp.inf
PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Photo et imagerie HP 1.0 - PSC 2000 Series Pilote-->MsiExec.exe /X{ED93995E-8BF2-480F-8EA4-7D29E29A7052}
Photo et imagerie HP 1.0 - PSC 2000 Series-->C:\Program Files\Hewlett-Packard\Digital Imaging\AiODriver\Drivers\Uninst\fra\hposcr01.exe -forcereboot -datfile hposcr01.dat
Photo et imagerie HP 1.0 - PSC 2000 Series-->MsiExec.exe /X{82DFB852-9594-4668-9C66-28BB6E94BCB2}
PoiEdit-->C:\PROGRA~1\DNOTES~1\POIEDI~1\UNWISE.EXE C:\PROGRA~1\DNOTES~1\POIEDI~1\INSTALL.LOG
PowerArchiver-->C:\Program Files\PowerArchiver\UNINST.EXE
PowerDVD 5.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Quick Zip 4.60.019-->"C:\Program Files\QuickZip4\unins000.exe"
QuickSet-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe" -l0x40c UNINSTALL APPDRVNT4
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Readiris 7.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9BFFB382-0B2C-11D6-AB3E-000102B0F79A}\setup.exe" -l0x40c
RealMedia (remove only)-->"C:\Program Files\RealMedia\uninstall.exe"
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RegCure 1.5.1.3-->C:\Program Files\RegCure\uninst.exe
Safari-->MsiExec.exe /I{582D2A53-F426-4C5E-A2E6-43C1AB36B907}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SHOUTcast Source (remove only)-->"C:\Program Files\SHOUTcast Source\uninstall.exe"
Softropolis ScreenKeeper-->"C:\Program Files\Screenkeeper\unins000.exe"
Stellar Phoenix Windows Data Recovery V3.0-->"C:\Program Files\Stellar Phoenix Windows Data Recovery\unins000.exe"
STOPzilla-->MsiExec.exe /X{09211910-8EAB-4EAB-A0D9-2D3BFF53CA40}
Symantec AntiVirus-->MsiExec.exe /I{3248E093-5288-4CA9-B3AB-11A675FEA1F9}
SyncBack-->"C:\Program Files\2BrightSparks\SyncBack\unins000.exe"
Toscane Exploreur V7-->MsiExec.exe /I{DCE8963E-0C6F-45DC-A760-A17AE2277B4A}
Toscane Intelligent Model Version 5.0-->C:\Program Files\Toscane\intelligentModel\Tim.exe -d
TreeSize Professional 5.1.2-->"C:\Program Files\JAM Software\TreeSize Professional\unins000.exe"
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
Ultr@VNC Release 1.0.0 RC 18 - Win32-->"C:\Program Files\UltraVNC\unins000.exe"
UseNeXT-->"C:\Program Files\UseNeXT\unins000.exe"
VirtualDub 1.8.6 Fr-->"C:\Program Files\VirtualDub\unins000.exe"
VirtualDub Plugin Pack 1.0.0.4 Fr-->"C:\Program Files\VirtualDub\unins001.exe"
VirtualDubMOD 1.5.10.3 Fr-->"C:\Program Files\VirtualDubMOD\unins000.exe"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WD Diagnostics-->MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
xImage-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{31492759-0E89-46B5-9770-F6E5808E3017}\Setup.exe" -l0x9
Zoom Player (remove only)-->"C:\Program Files\Combined Community Codec Pack\Zoom Player\uninstall.exe"

======Security center information======

AV: Symantec AntiVirus Corporate Edition (outdated)

System event log

Computer Name: FBOUDET
Event Code: 11197
Message: Échec lors de la mise à jour et la suppression des enregistrements (RR) des ressources hôte (A) de la carte réseau
ayant les paramètres :


Nom de la carte : {61AFCA8A-2C65-4E18-B7B3-D891DCB7784C}

Nom de l'hôte : FBOUDET

Suffixe du domaine primaire : lswe.priv

Liste de serveurs DNS :

149.150.4.2, 149.150.4.232

Mise à jour envoyée au serveur : 149.1.1.1

Adresse(s) IP :

149.150.4.132


La raison pour laquelle la demande de mise à jour a échoué est un problème
système. Pour un code d'erreur spécifique, consultez les données d'enregistrement affichées ci-dessous.

Record Number: 6469
Source Name: DnsApi
Time Written: 20090226115752.000000+060
Event Type: Avertissement
User:

Computer Name: FBOUDET
Event Code: 4202
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{61AFCA8A-2C65-4E18-B7B3-D891DCB7784C} était déconnectée du réseau,
et la configuration réseau de la carte a été abandonnée. Si la carte
réseau n'était pas déconnectée, ceci peut indiquer un disfonctionnement.
Contactez le fabricant pour des pilotes mis à jour.

Record Number: 6468
Source Name: Tcpip
Time Written: 20090226115751.000000+060
Event Type: Informations
User:

Computer Name: FBOUDET
Event Code: 4
Message: Broadcom NetXtreme 57xx Gigabit Controller: The network link is down. Check to make sure the network cable is properly connected.

Record Number: 6467
Source Name: b57w2k
Time Written: 20090226115744.000000+060
Event Type: Avertissement
User:

Computer Name: FBOUDET
Event Code: 7036
Message: Le service Lavasoft Ad-Aware Service est entré dans l'état : arrêté.

Record Number: 6466
Source Name: Service Control Manager
Time Written: 20090226114039.000000+060
Event Type: Informations
User:

Computer Name: FBOUDET
Event Code: 7035
Message: Un contrôle Arrêter a correctement été envoyé au service Lavasoft Ad-Aware Service.

Record Number: 6465
Source Name: Service Control Manager
Time Written: 20090226114033.000000+060
Event Type: Informations
User: SRVNTLY\fboudet

Application event log

Computer Name: FBOUDET
Event Code: 34
Message: Le service Symantec Event Manager démarre.

Record Number: 783
Source Name: ccEvtMgr
Time Written: 20090130083626.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: FBOUDET
Event Code: 35
Message: Le service 'Symantec Settings Manager' a démarré.

Record Number: 782
Source Name: ccSetMgr
Time Written: 20090130083626.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: FBOUDET
Event Code: 34
Message: Le service Symantec Settings Manager démarre.

Record Number: 781
Source Name: ccSetMgr
Time Written: 20090130083626.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: FBOUDET
Event Code: 0
Message:
Record Number: 780
Source Name: EvtEng
Time Written: 20090130083625.000000+060
Event Type: Informations
User:

Computer Name: FBOUDET
Event Code: 1517
Message: Windows a sauvegardé le Registre utilisateur SRVNTLY\fboudet alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.


Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.

Record Number: 779
Source Name: Userenv
Time Written: 20090130015603.000000+060
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\PROGRA~1\IBM\CLIENT~1;C:\PROGRA~1\IBM\CLIENT~1\Shared;C:\PROGRA~1\IBM\CLIENT~1\Emulator;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\j2re1.4.2_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\j2re1.4.2_07\lib\ext\QTJava.zip

-----------------EOF-----------------

Rapport Log.txt :


Logfile of random's system information tool 1.05 (written by random/random)
Run by fboudet at 2009-03-13 18:04:31
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 10 GB (18%) free of 57 GB
Total RAM: 1015 MB (63% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 2200 series#1198311161.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\RegCure Program Check.job
C:\WINDOWS\tasks\RegCure.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1827766B-9F49-4854-8034-F6EE26FCB1EC}]
ZILLAbar Browser Helper Object - C:\Program Files\STOPzilla!\SZSG.dll [2009-01-07 247232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-03-25 308856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-01-19 2436160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-12-13 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3215F20-3212-11D6-9F8B-00D0B743919D}]
STOPzilla Browser Helper Object - C:\Program Files\STOPzilla!\SZIEBHO.dll [2009-01-07 222656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-01-19 2436160]
{98828DED-A591-462F-83BA-D2F62A68B8B8} - STOPzilla - C:\Program Files\STOPzilla!\SZSG.dll [2009-01-07 247232]
SITEguard

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-02-15 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-02-15 126976]
""= []
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2004-10-30 385024]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2005-10-07 176128]
"Share-to-Web Namespace Daemon"=C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-11 69632]
"Client Access Service"=C:\Program Files\IBM\Client Access\cwbsvstr.exe [2005-06-12 20530]
"Client Access Help Update"=C:\Program Files\IBM\Client Access\cwbinhlp.exe [2005-06-12 24627]
"Client Access Check Version"=C:\Program Files\IBM\Client Access\cwbckver.exe [2005-06-12 45056]
"Client Access Express Welcome"=C:\Program Files\IBM\Client Access\cwbwlwiz.exe [2005-06-12 20480]
"Client Access PC5250 Sound"=C:\Program Files\IBM\Client Access\Emulator\pcssnd.exe [2005-06-12 40960]
"mouseElf"=C:\PROGRA~1\GENIUS~1\GNETMOUS.EXE [2003-05-13 163840]
"WD Button Manager"=C:\WINDOWS\system32\WDBtnMgr.exe [2008-07-22 339968]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-11-07 111936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-21 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Harmony Remote.lnk]
C:\PROGRA~1\Logitech\HARMON~1\HARMON~1.EXE [2005-04-18 1478144]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
hp psc 2000 Series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
officejet 6100.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
Wireless Connection Manager.lnk - C:\Program Files\D-Link\D-Link DWA-645 Wireless N Notebook Adapter\wirelesscm.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2005-02-15 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2004-09-07 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2005-08-18 43616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-08-24 133120]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\IBM\Client Access\cwbunnav.exe"="C:\Program Files\IBM\Client Access\cwbunnav.exe:*:Enabled:cwbunnav.exe"
"F:\ABC\abc.exe"="F:\ABC\abc.exe:*:Enabled:ABC"
"F:\Emule\emule.exe"="F:\Emule\emule.exe:*:Enabled:eMule"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe"="C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe:LocalSubNet:Enabled:Pure Networks Network Magic Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"F:\Emule\emule.exe"="F:\Emule\emule.exe:*:Enabled:eMule"
"F:\ABC\abc.exe"="F:\ABC\abc.exe:*:Enabled:abc"
"C:\Program Files\UltraVNC\winvnc.exe"="C:\Program Files\UltraVNC\winvnc.exe:149.150.0.0/255.255.0.0,192.168.0.0/255.255.0.0:Enabled:UltraVNC"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:149.150.0.0/255.255.0.0,192.168.0.0/255.255.0.0:Enabled:NetMeeting"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\##ares#logiciels$]
shell\AutoRun\command - T:\
shell\open\command - RECYCLED\INFO.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\##artemis#commun]
shell\AutoRun\command - P:\
shell\explore\command - RECYCLED\INFO.exe
shell\open\command - RECYCLED\INFO.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\##artemis#lswe]
shell\AutoRun\command - Q:\
shell\explore\command - RECYCLED\INFO.exe
shell\open\command - RECYCLED\INFO.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - G:\wd_windows_tools\WDSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7541a597-5272-11dd-af2f-00166f9a332a}]
shell\AutoRun\command - E:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{adc75cdb-1047-11dd-af0e-00166f9a332a}]
shell\AutoRun\command - E:\launcher.exe


======List of files/folders created in the last 1 months======

2009-03-13 18:04:31 ----D---- C:\rsit
2009-03-13 18:04:31 ----D---- C:\Program Files\trend micro
2009-03-13 17:28:37 ----A---- C:\lopR.txt
2009-03-13 17:28:21 ----D---- C:\Lop SD
2009-03-13 17:26:41 ----A---- C:\FindyKill.txt
2009-03-13 17:25:51 ----D---- C:\Program Files\FindyKill
2009-03-13 17:17:32 ----D---- C:\ComboFix
2009-03-13 17:17:32 ----A---- C:\WINDOWS\system32\CF17421.exe
2009-03-13 17:14:26 ----A---- C:\WINDOWS\system32\CF16824.exe
2009-03-13 17:02:01 ----A---- C:\WINDOWS\system32\CF14388.exe
2009-03-13 16:43:55 ----A---- C:\WINDOWS\system32\CF10067.exe
2009-03-13 16:34:25 ----A---- C:\WINDOWS\zip.exe
2009-03-13 16:34:25 ----A---- C:\WINDOWS\VFIND.exe
2009-03-13 16:34:25 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-03-13 16:34:25 ----A---- C:\WINDOWS\SWSC.exe
2009-03-13 16:34:25 ----A---- C:\WINDOWS\SWREG.exe
2009-03-13 16:34:25 ----A---- C:\WINDOWS\sed.exe
2009-03-13 16:34:25 ----A---- C:\WINDOWS\NIRCMD.exe
2009-03-13 16:34:25 ----A---- C:\WINDOWS\grep.exe
2009-03-13 16:34:25 ----A---- C:\WINDOWS\fdsv.exe
2009-03-13 16:34:22 ----A---- C:\WINDOWS\system32\CF8960.exe
2009-03-13 16:27:53 ----A---- C:\WINDOWS\system32\CF6367.exe
2009-03-13 16:04:26 ----D---- C:\WINDOWS\ERDNT
2009-03-13 16:04:25 ----A---- C:\WINDOWS\system32\CF2037.exe
2009-03-13 15:22:01 ----D---- C:\Qoobox
2009-03-13 11:41:38 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-12 23:36:00 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-03-11 13:01:22 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-11 13:01:14 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-03-11 13:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-07 15:17:33 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2009-03-07 15:17:32 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-03-07 15:17:30 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2009-02-25 09:31:37 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-18 19:26:41 ----D---- C:\Program Files\DIFX
2009-02-18 19:26:11 ----D---- C:\Program Files\Fichiers communs\Pure Networks Shared
2009-02-18 19:26:06 ----D---- C:\Program Files\Pure Networks
2009-02-18 19:25:01 ----D---- C:\Documents and Settings\All Users\Application Data\Pure Networks
2009-02-18 19:01:08 ----RHD---- C:\Documents and Settings\All Users\Application Data\Atheros
2009-02-18 19:01:04 ----D---- C:\WINDOWS\WlanGINA
2009-02-18 19:00:01 ----A---- C:\WINDOWS\system32\jswscsup.dll
2009-02-18 18:59:51 ----A---- C:\WINDOWS\system32\wsimd.dll
2009-02-18 18:59:51 ----A---- C:\WINDOWS\system32\wsfwDS.dll
2009-02-18 18:59:51 ----A---- C:\WINDOWS\system32\dsaNac.dll
2009-02-18 18:59:50 ----A---- C:\WINDOWS\system32\dsa.dll
2009-02-18 18:59:48 ----D---- C:\WINDOWS\pcidevice
2009-02-18 18:59:45 ----D---- C:\Program Files\D-Link
2009-02-18 18:57:24 ----D---- C:\Documents and Settings\fboudet\Application Data\InstallShield

======List of files/folders modified in the last 1 months======

2009-03-13 18:04:31 ----RD---- C:\Program Files
2009-03-13 18:03:54 ----D---- C:\WINDOWS\Temp
2009-03-13 18:01:13 ----D---- C:\WINDOWS\system32
2009-03-13 18:01:13 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-13 17:57:51 ----A---- C:\WINDOWS\ModemLog_Conexant D110 MDC V.9x Modem.txt
2009-03-13 17:17:01 ----D---- C:\WINDOWS\system32\drivers
2009-03-13 16:34:25 ----D---- C:\WINDOWS
2009-03-13 15:52:40 ----SHD---- C:\WINDOWS\CSC
2009-03-13 15:39:38 ----D---- C:\Program Files\Mozilla Firefox
2009-03-13 15:28:00 ----D---- C:\Program Files\Symantec AntiVirus
2009-03-13 13:33:22 ----D---- C:\WINDOWS\BDOSCAN8
2009-03-13 13:32:57 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-13 13:32:51 ----HD---- C:\WINDOWS\inf
2009-03-13 13:32:33 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-13 12:10:16 ----D---- C:\WINDOWS\network diagnostic
2009-03-13 11:34:34 ----D---- C:\WINDOWS\Minidump
2009-03-13 11:34:34 ----D---- C:\WINDOWS\Debug
2009-03-13 11:08:46 ----D---- C:\WINDOWS\Prefetch
2009-03-13 09:09:14 ----D---- C:\Documents and Settings\fboudet\Application Data\dvdcss
2009-03-13 09:07:45 ----SHD---- C:\RECYCLER
2009-03-13 01:16:18 ----D---- C:\Documents and Settings\fboudet\Application Data\UseNeXT
2009-03-13 01:06:40 ----D---- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2009-03-13 00:51:45 ----D---- C:\Documents and Settings\All Users\Application Data\Zoom Player
2009-03-12 23:37:41 ----D---- C:\Program Files\AVS4YOU
2009-03-12 23:36:15 ----D---- C:\Program Files\Windows Media Player
2009-03-12 23:36:11 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-03-12 22:32:16 ----D---- C:\WINDOWS\system32\FxsTmp
2009-03-12 09:49:14 ----D---- C:\WINDOWS\security
2009-03-11 13:01:15 ----D---- C:\WINDOWS\WinSxS
2009-03-11 12:02:58 ----HD---- C:\WINDOWS\$hf_mig$
2009-03-09 09:44:19 ----D---- C:\Program Files\WinRAR
2009-03-07 15:18:02 ----D---- C:\Program Files\TuneUp Utilities 2009
2009-03-07 15:17:37 ----SHD---- C:\WINDOWS\Installer
2009-03-07 15:17:28 ----SD---- C:\WINDOWS\Tasks
2009-03-05 18:59:22 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-03-02 04:35:00 ----D---- C:\Documents and Settings\All Users\Application Data\SITEguard
2009-02-24 08:35:58 ----D---- C:\WINDOWS\system32\appmgmt
2009-02-21 16:18:44 ----D---- C:\temp
2009-02-20 18:01:33 ----D---- C:\WINDOWS\avxoscan
2009-02-20 18:01:33 ----D---- C:\Program Files\Internet Explorer
2009-02-20 11:29:27 ----D---- C:\WINDOWS\system32\config
2009-02-18 22:01:07 ----D---- C:\Program Files\UseNeXT
2009-02-18 19:26:11 ----D---- C:\Program Files\Fichiers communs
2009-02-18 19:01:27 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-18 18:59:44 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-18 18:38:31 ----AC---- C:\WINDOWS\system32\results.txt
2009-02-17 08:18:19 ----D---- C:\Documents and Settings

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-12-22 82380]
R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2004-08-18 16128]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2008-03-17 19584]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2004-02-13 17153]
R1 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys []
R1 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys []
R1 SYMTDI;SYMTDI; \??\C:\WINDOWS\system32\Drivers\SYMTDI.SYS []
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 BASFND;BASFND; \??\C:\WINDOWS\system32\Drivers\BASFND.sys []
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 pnarp;Network Magic Device Discovery Driver; C:\WINDOWS\system32\DRIVERS\pnarp.sys [2007-03-23 25792]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2004-08-31 11354]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2005-09-28 113847]
R3 AR5416;%ATHER.Service.DispName%; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-01-17 1331136]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-05-10 156160]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2003-01-29 6841]
R3 GTIPCI21;GTIPCI21; C:\WINDOWS\system32\DRIVERS\gtipci21.sys [2004-05-03 80384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-17 1041536]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-06-17 200064]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-02-15 804317]
R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
R3 JSWSCIMD;jswscimd Service; C:\WINDOWS\system32\DRIVERS\jswscimd.sys [2007-08-28 57344]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090307.003\naveng.sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090307.003\navex15.sys []
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 STAC97;SigmaTel C-Major Audio; C:\WINDOWS\system32\drivers\STAC97.sys [2005-03-10 273168]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-06-17 685056]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-12-13 57408]
R4 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 AIRPLUS;D-Link AirPlus Wireless Adapter; C:\WINDOWS\system32\DRIVERS\AIRPLUS.sys [2002-08-28 61312]
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys [2004-03-24 4272]
S3 BzSpIDer;BzSpIDer; \??\F:\OPiron\BzSpIDer.sys []
S3 dsNcAdpt;Juniper Network Connect Adapter; C:\WINDOWS\system32\DRIVERS\dsNcAdpt.sys []
S3 E100B;Pilote de carte Intel (R) PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2007-03-08 8320]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2002-02-15 50960]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2002-03-21 16112]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2002-03-08 22512]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 SMCIRDA;Pilote de périphérique SMC IrCC Miniport; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-08-23 36937]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\Drivers\SYMREDRV.SYS []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-21 3210496]
S3 wlanndi5;wlanndi5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\wlanndi5.SYS []
S3 WN6201;Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\WN6201.sys []
S4 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Atheros Configuration Service; C:\Program Files\D-Link\D-Link DWA-645 Wireless N Notebook Adapter\acs.exe [2007-12-13 467028]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 BAsfIpM;Broadcom ASF IP monitoring service v6.0.4; C:\WINDOWS\system32\basfipm.exe [2004-04-01 77824]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe [2008-05-08 122880]
R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2004-09-07 86016]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-05 951120]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 NICCONFIGSVC;NICCONFIGSVC; C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe [2005-03-03 356352]
R2 nmservice;Pure Networks Network Magic Service; C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe [2007-03-14 321088]
R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2004-09-07 139264]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2004-09-07 360521]
R2 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2005-08-18 127584]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-03-07 603904]
R2 winvnc;VNC Server; C:\Program Files\UltraVNC\WinVNC.exe [2004-06-20 630854]
R2 WLANKEEPER;WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2004-09-07 225353]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 Cwbrxd;Fonction Commande à distance d'iSeries Access for Windows; C:\WINDOWS\CWBRXD.EXE [2005-06-12 57344]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-20 138168]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\D-Link\D-Link DWA-645 Wireless N Notebook Adapter\jswpsapi.exe [2008-04-16 356434]
S3 nmraapache;Pure Networks Net2Go Service; C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe [2007-03-14 12800]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-03-15 81920]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-03-07 360192]
S4 ccEvtMgr;Symantec Event Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe [2005-07-12 185968]
S4 ccPwdSvc;Symantec Password Validation; C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe [2005-07-12 83568]
S4 ccSetMgr;Symantec Settings Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe [2005-07-12 161392]
S4 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2005-08-18 19552]
S4 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe [2005-04-22 206552]
S4 SPBBCSvc;Symantec SPBBCSvc; C:\Program Files\Fichiers

Ci dessous la log


Bon suite au lancement de Rav.exe, il ya eu au niveau de la log de OTMove :

========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversio­n\explorer\mountpoints2\##ares#logiciels$\\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversio­n\explorer\mountpoints2\##artemis#commun\\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversio­n\explorer\mountpoints2\##artemis#lswe\\ not found.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03132009_184416

C'est un peu normal dans la mesure où ces drives logiques font références à des répertoires sur des serveurs du bureau alors que je suis à la maison.

Suite au lancement de Rav.exe, il ya eu détection sur l'ensemble de mes disques externes une log d'infection relative à "autorun.inf" avec suppression réussie par l'utilitaire.

Après avoir retirer les disques externes, redémarré le PC (tjs message d'erreur svchost.exe initial), impossible de lancer Flash_Disinfector". Le double click ne produit aucun effet (pas d'apparition de l'appli dans le gestionnaire des taches).

J'ai relancer RAV après redemarrage du pc et connection des disques externe == > RAS msg "ordinateur sain"

Ci dessous le rapport RSIT lancé après avoir téléchargé et installé la dernière version d'Hijackthis :

Logfile of random's system information tool 1.05 (written by random/random)
Run by fboudet at 2009-03-13 19:46:39
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 11 GB (18%) free of 57 GB
Total RAM: 1015 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:46:42, on 13/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\D-Link\D-Link DWA-645 Wireless N Notebook Adapter\acs.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Apoint\Apntex.exe
C:\PROGRA~1\GENIUS~1\GNETMOUS.EXE
C:\WINDOWS\system32\WDBtnMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\D-Link\D-Link DWA-645 Wireless N Notebook Adapter\wirelesscm.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\fboudet\Bureau\RSIT.exe
C:\Documents and Settings\fboudet\Bureau\fboudet.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.uvnc.com/download/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.1.1.4:4525
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\SZSG.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\STOPzilla!\SZSG.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"
O4 - HKLM\..\Run: [Client Access Help Update] "C:\Program Files\IBM\Client Access\cwbinhlp.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [Client Access Express Welcome] "C:\Program Files\IBM\Client Access\cwbwlwiz.exe"
O4 - HKLM\..\Run: [Client Access PC5250 Sound] "C:\Program Files\IBM\Client Access\Emulator\pcssnd.exe"
O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\GENIUS~1\GNETMOUS.EXE
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: officejet 6100.lnk = ?
O4 - Global Startup: Wireless Connection Manager.lnk = C:\Program Files\D-Link\D-Link DWA-645 Wireless N Notebook Adapter\wirelesscm.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\is3\anti-spyware\is3lsp.dll
O15 - Trusted Zone: http://a248.e.akamai.net
O15 - Trusted Zone: https://www.amazon.fr/
O15 - Trusted Zone: http://*.bitdefender.com
O15 - Trusted Zone: http://ssl-hints.netflame.cc
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lswe.priv
O17 - HKLM\Software\..\Telephony: DomainName = lswe.priv
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = lswe.priv
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = lswe.priv
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\Program Files\D-Link\D-Link DWA-645 Wireless N Notebook Adapter\acs.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Fonction Commande à distance d'iSeries Access for Windows (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\D-Link\D-Link DWA-645 Wireless N Notebook Adapter\jswpsapi.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: VNC Server (winvnc) - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe