Virus Trash.Gen impossible à supprimer...

Bonjour,

J'esaie vainement de supprimer un malware sur mon pc, mais sans succès pour le moment.

Son nom : Trash.Gen
Avira, AVG et d'autres antivirus le reconnaissent mais n'arrivent pas à le supprimer.
Avira n'arrive pas non plus à le mettre en quarantaine.

Idem avec Combox fix : il le trouve, mais n'arrive pas à le supprimer.

Les DLL infectées sont : clbn.dll et clbn.dll.bak
Et le fichier virusé est : ~.exe
Les 3 fichiers sont dans windows\system32

Pouverz-vous m'aider SVP ???
J'ai pas trop envie de réinstaller WinXP à cause de ce petit virus ennuyeux...

Merci d'avance.

Ci-joint un rapport Hijackthis 3.0 :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:13:08, on 27/12/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\NOKIA\Fonds_Vidéos_3220\Nokia PC Suite 6\LaunchApplication.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Spamihilator\spamihilator.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\East-Tec Eraser 2008\eteraser.exe
C:\Documents and Settings\Lupo\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.stern.de/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - D:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {90DA5520-96B7-435A-88E2-DEAA131B2A60} - c:\windows\system32\clbn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\NOKIA\Fonds_Vidéos_3220\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SIDEBAR] "D:\Program Files\Desktop Sidebar\dsidebar.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [Spamihilator] "D:\Program Files\Spamihilator\spamihilator.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Subscribe in Desktop Sidebar - res://D:\Program Files\Desktop Sidebar\sbhelp.dll/menuhandler.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - D:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - D:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/224e93ed619b0fa78c00/netzip/RdxIE601_fr.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.1.0.56.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{433B2937-1333-42D1-8B7C-B594D735212E}: NameServer = 80.10.246.1 80.10.246.132
O17 - HKLM\System\CCS\Services\Tcpip\..\{638D368D-1523-44A1-8FE1-BDF43A3796AF}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{89D5CF1B-4631-4B8C-9345-9E9BD076031C}: NameServer = 192.168.1.1
O20 - Winlogon Notify: dsdxlpug - C:\WINDOWS\SYSTEM32\clbn.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\System32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 10969 bytes

Et voici le rapport Combofix :
StartupList report, 2007-12-27, 11:24:07
StartupList version: 1.52.2
Started from : C:\Documents and Settings\Lupo\Bureau\HijackThis.EXE
Detected: Windows XP SP1 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
D:\NOKIA\Fonds_Vidéos_3220\Nokia PC Suite 6\LaunchApplication.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\devldr32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
D:\Program Files\Spamihilator\spamihilator.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
C:\Documents and Settings\Lupo\Bureau\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\Lupo\Menu Démarrer\Programmes\Démarrage]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage]
DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

SpeedTouch USB Diagnostics = "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
Logitech Utility = Logi_MwX.Exe
ISUSScheduler = "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
ASUS Probe = C:\Program Files\ASUS\Probe\AsusProb.exe
AVG7_CC = D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
ATICCC = "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
TkBellExe = "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
Tweak UI = RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
SunJavaUpdateSched = "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
ZoneAlarm Client = "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
PCSuiteTrayApplication = D:\NOKIA\Fonds_Vidéos_3220\Nokia PC Suite 6\LaunchApplication.exe -startup
QuickTime Task = "D:\Program Files\QuickTime\qttask.exe" -atboottime
iTunesHelper = "D:\Program Files\iTunes\iTunesHelper.exe"
avgnt = "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

SIDEBAR = "D:\Program Files\Desktop Sidebar\dsidebar.exe"
WOOKIT = C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
Spamihilator = "D:\Program Files\Spamihilator\spamihilator.exe"
swg = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
*No values found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" /S

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\WINDOWS\System32\mshta.exe "%1" %*

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{306D6C21-C1B6-4629-986C-E59E1875B8AF}] *
StubPath = "C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\Messenger\msgsc.dll",HideIconsUser

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\msmsgs.inf,BLC.QuietInstall.PerUser

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install

--------------------------------------------------

Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps

*Registry key not found*

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Verifying REGEDIT.EXE integrity:

- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Regedit.exe has no CompanyName property! It is either missing or named something else.
- Regedit.exe has no OriginalFilename property! It is either missing or named something else.
- Regedit.exe has no FileDescription property! It is either missing or named something else.

Registry check failed!

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
Idea2 SidebarBrowserMonitor Class - D:\Program Files\Desktop Sidebar\sbhelp.dll - {45AD732C-2CE2-4666-B366-B2214AD57A49}
(no name) - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - c:\windows\system32\clbn.dll - {90DA5520-96B7-435A-88E2-DEAA131B2A60}
(no name) - c:\program files\google\googletoolbar2.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
(no name) - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}

--------------------------------------------------

Enumerating Task Scheduler jobs:

AppleSoftwareUpdate.job

--------------------------------------------------

Enumerating Download Program Files:

[DirectAnimation Java Classes]
CODEBASE = file://C:\WINDOWS\Java\classes\dajava.cab
OSD = C:\WINDOWS\Downloaded Program Files\DirectAnimation Java Classes.osd

[Microsoft XML Parser for Java]
CODEBASE = file://C:\WINDOWS\Java\classes\xmldso.cab
OSD = C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd

[SupportSoft SmartIssue]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\tgctlsi.dll
CODEBASE = https://support.norton.com/sp/en/us/home/current/info

[SupportSoft Script Runner Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\tgctlsr.dll
CODEBASE = https://support.norton.com/sp/en/us/home/current/info

[QuickTime Object]
InProcServer32 = D:\Program Files\QuickTime\QTPlugin.ocx
CODEBASE = http://www.apple.com/qtactivex/qtplugin.cab

[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\system32\Macromed\Director\SwDir.dll
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

[LSSupCtl Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\LSSupCtl.dll
CODEBASE = https://support.norton.com/sp/en/us/home/current/info

[RdxIE Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\RdxIE.dll
CODEBASE = http://software-dl.real.com/224e93ed619b0fa78c00/netzip/RdxIE601_fr.cab

[{67DABFBF-D0AB-41FA-9C46-CC0F21721616}]
CODEBASE = http://download.divx.com/player/DivXBrowserPlugin.cab

[Java Plug-in 1.6.0_03]
InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

[Java Plug-in 1.5.0_08]
InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab

[Java Plug-in 1.5.0_10]
InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab

[Java Plug-in 1.6.0_01]
InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

[Java Plug-in 1.6.0_02]
InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

[Java Plug-in 1.6.0_03]
InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

[Java Plug-in 1.6.0_03]
InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

[ActiveDataInfo Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\SymAData.dll
CODEBASE = https://support.norton.com/sp/en/us/home/current/info

[PB_Uploader Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\uploader_uni.ocx
CODEBASE = http://www.photoways.com/clients/uploader_v2.1.0.56.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx
CODEBASE = http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\mswsock.dll
Protocol #5: C:\WINDOWS\system32\mswsock.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll

--------------------------------------------------

Enumerating Windows NT/2000/XP services

Pilote d'unité 61883: System32\DRIVERS\61883.sys (manual start)
Service d'application d'assistance IPv6: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Pilote ACPI Microsoft: System32\DRIVERS\ACPI.sys (system)
General Purpose USB Driver (adildr.sys): System32\Drivers\adildr.sys (autostart)
USB ADSL WAN Adapter: System32\DRIVERS\adiusbaw.sys (manual start)
Adobe LM Service: "C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe" (manual start)
Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start)
Environnement de prise en charge de réseau AFD: \SystemRoot\System32\drivers\afd.sys (autostart)
Filtre de bus AGP Intel: System32\DRIVERS\agp440.sys (system)
Alcatel SpeedTouch USB ADSL PPP Networking Driver (NDISWAN): System32\DRIVERS\alcan5wn.sys (manual start)
Alcatel Speed Touch ADSL Modem ATM Transport: System32\DRIVERS\alcaudsl.sys (manual start)
Avertissement: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start)
AntiVir PersonalEdition Classic Scheduler: "C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe" (autostart)
AntiVir PersonalEdition Classic Guard: "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe" (autostart)
Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Protocole client ARP 1394: System32\DRIVERS\arp1394.sys (manual start)
ASAPIW2K: system32\drivers\ASAPIW2k.sys (manual start)
aslm75: \??\C:\WINDOWS\system32\drivers\aslm75.sys (autostart)
ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start)
Pilote de média asynchrone RAS: system32\DRIVERS\asyncmac.sys (manual start)
Contrôleur de disque dur IDE/ESDI standard: System32\DRIVERS\atapi.sys (system)
Ati HotKey Poller: %SystemRoot%\System32\Ati2evxx.exe (autostart)
ATI Smart: C:\WINDOWS\system32\ati2sgag.exe (autostart)
ati2mtag: System32\DRIVERS\ati2mtag.sys (manual start)
Protocole client ATM ARP: System32\DRIVERS\atmarpc.sys (manual start)
Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Pilote audio Stub: System32\DRIVERS\audstub.sys (manual start)
Périphérique AVC: System32\DRIVERS\avc.sys (manual start)
AVG7 Alert Manager Server: D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe (autostart)
AVG7 Kernel: \SystemRoot\System32\Drivers\avg7core.sys (system)
AVG7 Wrap Driver: \SystemRoot\System32\Drivers\avg7rsw.sys (system)
AVG7 Resident Driver XP: \SystemRoot\System32\Drivers\avg7rsxp.sys (system)
AVG7 Update Service: D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe (autostart)
AVG7 Clean Driver: \SystemRoot\System32\Drivers\avgclean.sys (system)
AVG E-mail Scanner: D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe (autostart)
avgntdd: SYSTEM32\DRIVERS\avgntdd.sys (system)
avgntmgr: SYSTEM32\DRIVERS\avgntmgr.sys (system)
AVG Network Redirector: \SystemRoot\System32\Drivers\avgtdi.sys (autostart)
avipbb: System32\DRIVERS\avipbb.sys (system)
Service de transfert intelligent en arrière-plan: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Explorateur d'ordinateur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
catchme: \??\C:\DOCUME~1\Lupo\LOCALS~1\Temp\catchme.sys (manual start)
Closed Caption Decoder: System32\DRIVERS\CCDECODE.sys (manual start)
Pilote de CD-ROM: System32\DRIVERS\cdrom.sys (system)
Indexing Service: %SystemRoot%\system32\cisvc.exe (manual start)
Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (manual start)
.NET Runtime Optimization Service v2.0.50727_X86: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start)
Application système COM+: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Creative SBLive! Port de jeux: System32\DRIVERS\ctljystk.sys (manual start)
Client DHCP: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Pilote de disque: System32\DRIVERS\disk.sys (system)
Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
Pilote de Gestionnaire de disque logique: System32\drivers\dmio.sys (system)
dmload: System32\drivers\dmload.sys (system)
Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start)
Client DNS: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
Dr2tim2: C:\WINDOWS\System32\drivers\oprghdlr.sys (manual start)
Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start)
dtscsi: \SystemRoot\System32\Drivers\dtscsi.sys (manual start)
Intel(R) PRO/1000 Adapter Driver: System32\DRIVERS\e1000325.sys (manual start)
ElbyCDFL: System32\Drivers\ElbyCDFL.sys (manual start)
ElbyCDIO Driver: System32\Drivers\ElbyCDIO.sys (autostart)
Creative SB Live! (WDM): system32\drivers\emu10k1m.sys (manual start)
Pilote du Gestionnaire d'interface Creative (WDM): system32\drivers\ctlfacem.sys (manual start)
Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Journal des événements: %SystemRoot%\system32\services.exe (autostart)
Système d'événements de COM+: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start)
LEGO MINDSTORMS NXT Driver: System32\DRIVERS\fantom.sys (manual start)
Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Pilote de contrôleur de lecteur de disquettes: System32\DRIVERS\fdc.sys (manual start)
Pilote de lecteur de disquettes: System32\DRIVERS\flpydisk.sys (manual start)
Pilote du Gestionnaire de volume: System32\DRIVERS\ftdisk.sys (system)
France Telecom Routing Table Service: C:\WINDOWS\System32\FTRTSVC.exe (autostart)
Énumérateur de port jeu: System32\DRIVERS\gameenum.sys (manual start)
Pilote de filtre Microsoft SideWinder Value Add: System32\DRIVERS\GcKernel.sys (manual start)
GEARAspiWDM: System32\Drivers\GEARAspiWDM.sys (manual start)
giveio: System32\giveio.sys (system)
Classificateur de paquets générique: System32\DRIVERS\msgpc.sys (manual start)
Google Updater Service: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" (manual start)
Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Activateur de port HID à manette de jeu Microsoft: System32\DRIVERS\hidgame.sys (manual start)
HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Minipilote de périphérique Microsoft SideWinder HID virtuel: System32\DRIVERS\HIDSwvd.sys (manual start)
Pilote de classe HID Microsoft: System32\DRIVERS\hidusb.sys (manual start)
Pilote pour clavier i8042 et souris sur port PS/2: System32\DRIVERS\i8042prt.sys (system)
InstallDriver Table Manager: "C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe" (manual start)
iriver Internet Audio Player IFP-100: System32\DRIVERS\ifpusb.sys (system)
Pilote de filtre de gravure CD: System32\DRIVERS\imapi.sys (system)
Service COM de gravage de CD IMAPI: C:\WINDOWS\System32\imapi.exe (manual start)
Pilote de filtre de trafic IP: System32\DRIVERS\ipfltdrv.sys (manual start)
Pilote de tunnelage IP dans IP: System32\DRIVERS\ipinip.sys (manual start)
Traducteur d'adresses réseau IP: System32\DRIVERS\ipnat.sys (manual start)
Service de l'iPod: "C:\Program Files\iPod\bin\iPodService.exe" (manual start)
Pilote IPSEC: System32\DRIVERS\ipsec.sys (system)
Service énumérateur IR: System32\DRIVERS\irenum.sys (manual start)
Pilote de bus Plug-and-Play ISA/EISA: System32\DRIVERS\isapnp.sys (system)
ithsgt: System32\DRIVERS\ithsgt.sys (autostart)
Pilote de la classe Clavier: System32\DRIVERS\kbdclass.sys (system)
Pilote HID de clavier: System32\DRIVERS\kbdhid.sys (system)
Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start)
Logitech PS/2 Mouse Filter Driver: System32\DRIVERS\L8042pr2.Sys (manual start)
Serveur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Station de travail: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Logitech USB Filter Driver: system32\drivers\lccfltr.sys (manual start)
Logitech HID/USB Mouse Filter Driver: System32\DRIVERS\LHidFlt2.Sys (manual start)
Logitech USB Receiver device driver: System32\Drivers\LHidUsb.Sys (manual start)
lilsgt: System32\DRIVERS\lilsgt.sys (autostart)
Assistance TCP/IP NetBIOS: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Logitech Mouse Class Filter Driver: System32\DRIVERS\LMouFlt2.Sys (manual start)
Pinnacle Marvin Bus: System32\DRIVERS\MarvinBus.sys (manual start)
Affichage des messages: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Partage de Bureau à distance NetMeeting: C:\WINDOWS\System32\mnmsrvc.exe (manual start)
Pilote de la classe Souris: System32\DRIVERS\mouclass.sys (system)
Pilote HID de souris: System32\DRIVERS\mouhid.sys (manual start)
Redirecteur client WebDav: System32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: System32\DRIVERS\mrxsmb.sys (system)
Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start)
Microsoft DV Camera and VCR: System32\DRIVERS\msdv.sys (manual start)
Windows Installer: %systemroot%\system32\msiexec.exe /V (manual start)
Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start)
Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start)
Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start)
Convertisseur en T/site-à-site de répartition Microsoft: system32\drivers\MSTEE.sys (manual start)
NABTS/FEC VBI Codec: System32\DRIVERS\NABTSFEC.sys (manual start)
naecd: \??\C:\DOCUME~1\Lupo\LOCALS~1\Temp\naecd.sys (manual start)
Microsoft TV/Video Connection: System32\DRIVERS\NdisIP.sys (manual start)
Pilote TAPI NDIS d'accès distant: System32\DRIVERS\ndistapi.sys (manual start)
NDIS mode utilisateur E/S Protocole: System32\DRIVERS\ndisuio.sys (manual start)
Pilote réseau étendu NDIS d'accès distant: System32\DRIVERS\ndiswan.sys (manual start)
Interface NetBIOS: System32\DRIVERS\netbios.sys (system)
NetBIOS sur TCP/IP: System32\DRIVERS\netbt.sys (system)
DDE réseau: %SystemRoot%\system32\netdde.exe (manual start)
DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (manual start)
Ouverture de session réseau: %SystemRoot%\System32\lsass.exe (manual start)
Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Pilote réseau 1394: System32\DRIVERS\nic1394.sys (manual start)
NLA (Network Location Awareness): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Nokia USB Phone Parent: system32\drivers\nmwcd.sys (manual start)
Nokia USB Modem: system32\drivers\nmwcdcm.sys (manual start)
Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\System32\lsass.exe (manual start)
Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Pilote de filtre de trafic IPX: System32\DRIVERS\nwlnkflt.sys (manual start)
Pilote de transfert de trafic IPX: System32\DRIVERS\nwlnkfwd.sys (manual start)
Contrôleur hôte compatible IEE 1394 VIA OHCI: System32\DRIVERS\ohci1394.sys (system)
StarForce Protection VFS (version 2.x)Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Pilote de port parallèle: System32\DRIVERS\parport.sys (manual start)
pbmxsgsl: system32\drivers\cbypplkg.dat (system)
PCAMPR5 NDIS Protocol Driver: \??\C:\WINDOWS\System32\PCAMPR5.SYS (manual start)
PCANDIS5 Protocol Driver: \??\C:\WINDOWS\System32\PCANDIS5.SYS (manual start)
Pilote de bus PCI: System32\DRIVERS\pci.sys (system)
PCIIde: System32\DRIVERS\pciide.sys (system)
Low level access layer for CD devices: System32\Drivers\Pcouffin.sys (manual start)
PfModNT: \??\C:\WINDOWS\System32\PfModNT.sys (autostart)
Plug-and-Play: %SystemRoot%\system32\services.exe (autostart)
Services IPSEC: %SystemRoot%\System32\lsass.exe (autostart)
Miniport réseau étendu (PPTP): System32\DRIVERS\raspptp.sys (manual start)
Pilote processeur: System32\DRIVERS\processr.sys (system)
StarForce Protection Environment Driver v6: \SystemRoot\System32\drivers\prodrv06.sys (system)
StarForce Protection Helper Driver v2: System32\drivers\prohlp02.sys (system)
StarForce Protection Synchronization Driver v1: System32\drivers\prosync1.sys (system)
Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart)
Planificateur de paquets QoS: System32\DRIVERS\psched.sys (manual start)
Pilote de liaison parallèle directe: System32\DRIVERS\ptilink.sys (manual start)
PxHelp20: System32\DRIVERS\PxHelp20.sys (system)
Pilote de connexion automatique d'accès distant: System32\DRIVERS\rasacd.sys (system)
Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Miniport réseau étendu (L2TP): System32\DRIVERS\rasl2tp.sys (manual start)
Gestionnaire de connexions d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Pilote PPPOE d'accès à distance: System32\DRIVERS\raspppoe.sys (manual start)
Parallèle direct: System32\DRIVERS\raspti.sys (manual start)
Rdbss: System32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Pilote de redirecteur de périphérique Terminal Server: System32\DRIVERS\rdpdr.sys (manual start)
Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start)
Pilote de filtre de lecture digitale de CD audio: System32\DRIVERS\redbook.sys (system)
Routage et accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Accès à distance au Registre: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Localisateur d'appels de procédure distante (RPC): %SystemRoot%\System32\locator.exe (manual start)
Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start)
Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart)
Prise en charge des cartes à puces: %SystemRoot%\System32\SCardSvr.exe (manual start)
Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start)
Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: System32\DRIVERS\secdrv.sys (autostart)
Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Pilote de filtre Serenum: System32\DRIVERS\serenum.sys (manual start)
Pilote de port série: System32\DRIVERS\serial.sys (system)
ServiceLayer: "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe" (manual start)
StarForce Protection Environment Driver (version 1.x): System32\drivers\sfdrv01.sys (system)
StarForce Protection Helper Driver: System32\drivers\sfhlp01.sys (system)
StarForce Protection Helper Driver (version 2.x): System32\drivers\sfhlp02.sys (system)
Pilote du Gestionnaire SoundFont Creative (WDM): system32\drivers\sfmanm.sys (manual start)
StarForce Protection VFS Driver (version 2.x): System32\drivers\sfvfs02.sys (system)
SAGEM 802.11g XG762 1211B Driver: System32\DRIVERS\WlanBZXP.sys (manual start)
Pare-feu de connexion Internet (ICF) / Partage de connexion Internet (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
BDA Slip De-Framer: System32\DRIVERS\SLIP.sys (manual start)
speedfan: System32\speedfan.sys (system)
Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start)
Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart)
sptd: System32\Drivers\sptd.sys (system)
Pilote de filtre de restauration système: \SystemRoot\system32\DRIVERS\sr.sys (disabled)
srescan: System32\ZoneLabs\srescan.sys (system)
Service de restauration système: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Srv: System32\DRIVERS\srv.sys (manual start)
Service de découvertes SSDP: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
ssmdrv: System32\DRIVERS\ssmdrv.sys (system)
Acquisition d'image Windows (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)
BDA IPSink: System32\DRIVERS\StreamIP.sys (manual start)
Pilote de bus logiciel: System32\DRIVERS\swenum.sys (manual start)
Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start)
MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{F865A76D-EE91-4B8E-B263-A8897ECEE092} (manual start)
SymEvent: \??\C:\Program Files\Symantec\SYMEVENT.SYS (manual start)
Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start)
Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start)
Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Pilote du protocole TCP/IP: System32\DRIVERS\tcpip.sys (system)
Pilote du protocole IPv6 Microsoft: System32\DRIVERS\tcpip6.sys (system)
Pilote de périphérique terminal: System32\DRIVERS\termdd.sys (system)
Services Terminal Server: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Telnet: C:\WINDOWS\System32\tlntsvr.exe (disabled)
Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Pilote de carte miniport Tun Microsoft: System32\DRIVERS\tunmp.sys (manual start)
Windows User Mode Driver Framework: C:\WINDOWS\System32\wdfmgr.exe (autostart)
Pilote de mise à jour microcode: System32\DRIVERS\update.sys (manual start)
Gestionnaire de téléchargement: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Hôte de périphérique universel Plug-and-Play: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)
Pilote parent générique USB Microsoft: System32\DRIVERS\usbccgp.sys (manual start)
Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft: System32\DRIVERS\usbehci.sys (manual start)
Concentrateur USB2: System32\DRIVERS\usbhub.sys (manual start)
Classe d'imprimantes USB Microsoft: System32\DRIVERS\usbprint.sys (manual start)
Pilote de scanneur USB: System32\DRIVERS\usbscan.sys (manual start)
Pilote de stockage de masse USB: System32\DRIVERS\USBSTOR.SYS (manual start)
Pilote miniport de contrôleur hôte universel USB Microsoft: System32\DRIVERS\usbuhci.sys (manual start)
ADI Remote NDIS Network Device Driver: System32\DRIVERS\usb8023.sys (manual start)
SecuROM User Access Service (V7): C:\WINDOWS\System32\UAService7.exe (autostart)
Service Messenger Sharing Folders USN Journal Reader: "C:\Program Files\MSN Messenger\usnsvc.exe" (manual start)
VgaSave: \SystemRoot\System32\drivers\vga.sys (system)
vsdatant: System32\vsdatant.sys (system)
TrueVector Internet Monitor: C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service (autostart)
Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start)
Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Pilote ARP IP d'accès distant: System32\DRIVERS\wanarp.sys (manual start)
Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start)
WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Logitech Virtual Bus Enumerator Driver: system32\drivers\WmBEnum.sys (manual start)
Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Logitech WingMan HID Filter Driver: system32\drivers\WmFilter.sys (manual start)
Extensions du pilote WMI: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Carte de performance WMI: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start)
Logitech Virtual Hid Device Driver: system32\drivers\WmVirHid.sys (manual start)
Logitech WingMan Translation Layer Driver: system32\drivers\WmXlCore.sys (manual start)
Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0: \SystemRoot\System32\drivers\ws2ifsl.sys (disabled)
World Standard Teletext Codec: System32\DRIVERS\WSTCODEC.SYS (manual start)
Mises à jour automatiques: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
ZDCndis5 Protocol Driver: \??\C:\WINDOWS\System32\ZDCndis5.SYS (manual start)
ZDPSp50 NDIS Protocol Driver: System32\Drivers\ZDPSp50.sys (manual start)

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: *Registry value not found*

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*No values found*

--------------------------------------------------

End of report, 43,150 bytes
Report generated in 0.219 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

Configuration: Windows XP
Internet Explorer 6.0