Svchost.exe -Erreur d'application l'instruction à 0x6f8916c8

Bonjour,

après quelque temps de l'ouverture d'une session windows je reçoi le message suivant :

**** svchost.exe -Erreur d'application
l'instruction à 0x6f8916c8 emploi l'adresse mémoire 0x0199005c la mémoire ne peut pas être "read".
Cliquez sur OK pour terminer le programme.
Cliquez sur Annuler pour débouguer le programme ****

Si je clique sur "OK ou Annuler" windows se bloque.

J'ai un Dell Optiplex 320
CPU : 3 Ghz
RAM : 1 Go
Os : Win XP SP2
DD : 80 Go

Merci pour votre aide.

ca date d'environ un mois, j'ai rien installé,

************** Info.txt *******************

info.txt logfile of random's system information tool 1.06 2009-10-19 15:20:59

======Uninstall list======

-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.7 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70700000002}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ATI Catalyst Control Center-->MsiExec.exe /I{CB9FF6BD-FCE9-43FB-AD3C-5BCD4C822962}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean
BitDefender Antivirus Plus v10-->MsiExec.exe /I{22524CA1-515C-4153-9807-52AE65F73B5F}
Broadcom Management Programs-->MsiExec.exe /I{FB64BF25-3593-4E4E-AA85-84AEF1D1475F}
CodeSite 3.0.1 Client Tools-->C:\PROGRA~1\Raize\CS3\UNWISE.EXE C:\PROGRA~1\Raize\CS3\CS3ClientTools_Install.log
Dell Support 3.2.1-->MsiExec.exe /X{CEE2252C-4035-4B27-8EC6-0B085DD3A413}
Event Log Explorer 3.0-->"C:\Program Files\Event Log Explorer\unins000.exe"
FacilWebCots 3.0.3.256-->"C:\Cots\unins000.exe"
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
ImageMagick 6.2.5-5.2 Q16 (13/03/07)-->"C:\tools\ImageMagick\6.2.5-5.2-Q16\unins000.exe"
J2SE Development Kit 5.0 Update 6-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0150060}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Knowledge Xpert for Oracle Administration V9.1.1-->C:\PROGRA~1\QUESTS~1\KNOWLE~1\ORADM\UNWISE.EXE C:\PROGRA~1\QUESTS~1\KNOWLE~1\ORADM\INSTALL.LOG
Knowledge Xpert for PLSQL V9.1.1-->C:\PROGRA~1\QUESTS~1\KNOWLE~1\PLSQL\UNWISE.EXE C:\PROGRA~1\QUESTS~1\KNOWLE~1\PLSQL\INSTALL.LOG
Macromedia Dreamweaver MX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B4AB829-DFD3-436D-B808-D9733D76C590}\Setup.exe" -l0x40c mmUninstall
Macromedia Extension Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x40c mmUninstall
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Document Explorer 2005 Language Pack - FRA-->MsiExec.exe /X{A0EEDF22-8A8A-45C3-9571-FCCE846ABAED}
Microsoft Document Explorer 2005-->C:\Program Files\Fichiers communs\Microsoft Shared\Help 8\Microsoft Document Explorer 2005\install.exe
Microsoft Document Explorer 2005-->MsiExec.exe /X{44D4AF75-6870-41F5-9181-662EA05507E1}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Access Runtime (French) 2007-->MsiExec.exe /X{90120000-001C-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft SQL Server 2000 Driver for JDBC Service Pack 3-->MsiExec.exe /X{ACE98315-EA06-4751-B00C-5B42D1E03A76}
Microsoft Visual Studio 6.0 Enterprise Edition-->"C:\Program Files\Microsoft Visual Studio\Common\Setup\1033\Setup.exe"
Microsoft VM for Java-->RunDll32 advpack.dll,LaunchINFSection java.inf,UnInstall
Microsoft Web Publishing Wizard 1.53-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie3x86.inf,WebPostUninstall
Microsoft Windows Services for UNIX-->MsiExec.exe /I{51065952-A485-4AA5-8884-2E093B3C6206}
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique de Microsoft Document Explorer 2005 - FRA-->C:\Program Files\Fichiers communs\Microsoft Shared\Help 8\Microsoft Document Explorer 2005 Language Pack - FRA\install.exe
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Multi-Remote Registry Change v4-->MsiExec.exe /X{DFE7F0E9-E6AF-421C-A40E-0C83D4FBE3F0}
MySQL Connector/ODBC 3.51-->MsiExec.exe /I{C0EED196-57F3-46B7-AC3B-B2DD45B01A43}
Oracle Data Provider for .NET Help-->MsiExec.exe /I{6AA003BF-73E5-4911-ADB7-71DD5674DDD4}
Oracle Database 10g Express Edition-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{F0BC0F9E-C4A8-485C-93ED-424DB9EA3F75} /l1033
Quest Application Integration Tool-->MsiExec.exe /I{D9446E7F-BA07-4F3F-AA44-F1C0C85A3543}
Quest Installer-->C:\Program Files\Quest Software\Quest Installer\Uninstall.EXE
Quest SQL Optimizer 7.2 for Oracle-->MsiExec.exe /I{FFE5B5D3-DEA8-4EF0-8FE5-56C206EAACEE}
Remote Script-->"C:\Program Files\RemoteScript\uninstall.exe"
SearchAssist-->C:\DELL\SearchAssist\UninstSA.bat
Security Update for Microsoft Services for UNIX(KB939778)-->c:\windows\$NtUninstallKB939778$\hotfix.exe /u
Toad for Oracle-->MsiExec.exe /I{D6C757FF-2189-46C3-9528-8864B069B192}
Toad Group Policy Manager-->MsiExec.exe /I{564B3929-368C-4136-9BA6-8AE15126E6B8}
URL Assistant-->regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"
winpcap-nmap 4.02-->"C:\Program Files\WinPcap\uninstall.exe"
XML Notepad 2007-->MsiExec.exe /I{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}
Zed! Limited Edition-->MsiExec.exe /I{00000181-251F-5CA8-8868-36F59DEFD14D}

======Hosts File======

192.20.2.55 metperso

======Security center information======

AV: Bitdefender Antivirus (disabled) (outdated)
FW: Bitdefender Firewall (disabled)

======System event log======

Computer Name: CONNECTION-CI
Event Code: 17
Message: Fournisseur de temps NtpClient : une erreur s'est produite lors de la recherche DNS de
l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient va essayer à nouveau
la recherche DNS dans 30 minutes.
L'erreur était : Une opération a été tentée sur un hôte impossible à atteindre. (0x80072751)

Record Number: 8977
Source Name: W32Time
Time Written: 20091012083839.000000+000
Event Type: error
User:

Computer Name: CONNECTION-CI
Event Code: 7023
Message: Le service Security Update s'est arrêté avec l'erreur :
Accès refusé.


Record Number: 8965
Source Name: Service Control Manager
Time Written: 20091012082500.000000+000
Event Type: error
User:

Computer Name: CONNECTION-CI
Event Code: 7023
Message: Le service Monitor Support s'est arrêté avec l'erreur :
Accès refusé.


Record Number: 8964
Source Name: Service Control Manager
Time Written: 20091012082500.000000+000
Event Type: error
User:

Computer Name: CONNECTION-CI
Event Code: 44044
Message: I2c return failed

Record Number: 8963
Source Name: ati2mtag
Time Written: 20091012082343.000000+000
Event Type: error
User:

Computer Name: CONNECTION-CI
Event Code: 44044
Message: I2c return failed

Record Number: 8962
Source Name: ati2mtag
Time Written: 20091012082343.000000+000
Event Type: error
User:

=====Application event log=====

Computer Name: TEST-CONNECTION
Event Code: 32026
Message: Le service de télécopie n'a pas pu initialiser de périphériques de télécopies attribués (virtuel ou TAPI).
Aucune télécopie ne peut être envoyée ou reçue tant qu'un périphérique de télécopies n'a pas été installé.

Record Number: 14399
Source Name: Microsoft Fax
Time Written: 20090611075551.000000+000
Event Type: warning
User:

Computer Name: TEST-CONNECTION
Event Code: 1014
Message: Could not connect to Mapping Server at host localhost:while connecting
: RPC: Port mapper failure - RPC: Unable to receive


Record Number: 14389
Source Name: Interix
Time Written: 20090611075551.000000+000
Event Type: error
User:

Computer Name: TEST-CONNECTION
Event Code: 32068
Message: La règle de routage de trafic sortant n'est pas valide car elle ne peut pas trouver de périphérique valide. Les télécopies sortantes qui utilisent cette règle ne peuvent pas être acheminées. Vérifiez que le ou les périphériques concernés (en cas de routage vers un groupe de périphériques) sont connectés et installés correctement et allumés. En cas de routage vers un groupe, vérifiez que le groupe est configuré correctement.
Code de pays/région : '*'
Indicatif régional : '*'

Record Number: 14364
Source Name: Microsoft Fax
Time Written: 20090610091627.000000+000
Event Type: warning
User:

Computer Name: TEST-CONNECTION
Event Code: 32026
Message: Le service de télécopie n'a pas pu initialiser de périphériques de télécopies attribués (virtuel ou TAPI).
Aucune télécopie ne peut être envoyée ou reçue tant qu'un périphérique de télécopies n'a pas été installé.

Record Number: 14363
Source Name: Microsoft Fax
Time Written: 20090610091627.000000+000
Event Type: warning
User:

Computer Name: TEST-CONNECTION
Event Code: 1014
Message: Could not connect to Mapping Server at host localhost:while connecting
: RPC: Port mapper failure - RPC: Unable to receive


Record Number: 14355
Source Name: Interix
Time Written: 20090610091627.000000+000
Event Type: error
User:

======Environment variables======

"CLASSPATH"=.;%ORACLE_HOME%\jdbc\lib\ojdbc14.jar;%ORACLE_HOME%\jlib\orai18n.jar;%ITEXT_LIB%
"ComSpec"=%SystemRoot%\system32\cmd.exe
"COTS_HOME"=c:\cots
"DISPLAY"=localhost:0.0
"EDITOR"=vi
"FP_NO_HOST_CHECK"=NO
"INTERIX_ROOT"=/dev/fs/C/SFU/
"INTERIX_ROOT_WIN"=C:\SFU\
"ITEXT_LIB"=C:\cots\jakarta-tomcat-5.0.28\webapps\birt-viewer\WEB-INF\platform\plugins\com.lowagie.itext\lib\itext-1.3.jar
"JAVA_HOME"=C:\cots\jdk1.5.0_06
"LD_LIBRARY_PATH"=/usr/libusr/X11R6/lib
"NUMBER_OF_PROCESSORS"=2
"OPENNT_ROOT"=/dev/fs/C/SFU/
"ORACLE_HOME"=C:\oraclexe\app\oracle\product\10.2.0\server
"OS"=Windows_NT
"Path"=c:\tools\imagemagick\6.2.5-5.2-q16;C:\oraclexe\app\oracle\product\10.2.0\server\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\cots\jdk1.5.0_06\bin;C:\facil\web\bin;C:\Program Files\Fichiers communs\Easysoft\Shared\;C:\SFU\common\;C:\Program Files\EasyPHP 2.0b1\www\supervision;C:\tools\ImageMagick\6.2.5-5.2-Q16
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 5, GenuineIntel
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=0605
"SFUDIR"=C:\SFU\
"SFUDIR_INTERIX"=/dev/fs/C/SFU/
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"TOOLS_HOME"=c:\tools
"windir"=%SystemRoot%
"XAPPLRESDIR"=/usr/X11R6/lib/X11/app-defaults
"XCMSDB"=/usr/X11R6/lib/X11/Xcms.txt
"XKEYSYMDB"=/usr/X11R6/lib/X11/XKeysymDB
"XNLSPATH"=/usr/X11R6/lib/X11/locale

-----------------EOF-----------------



************* Log.txt **************

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-10-19 15:20:56
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 47 GB (62%) free of 76 GB
Total RAM: 990 MB (51% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\cg.job
C:\WINDOWS\tasks\cg_j.job
C:\WINDOWS\tasks\Check_CEI.job
C:\WINDOWS\tasks\j PC_.job
C:\WINDOWS\tasks\P.job
C:\WINDOWS\tasks\PC.job
C:\WINDOWS\tasks\RUN_MET_PKG.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\cots\jre1.5.0_06\bin\ssv.dll [2005-11-10 184423]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\BAE\BAE.dll [2007-01-12 98304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-05-01 843776]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112]
"SunJavaUpdateSched"=C:\cots\jre1.5.0_06\bin\jusched.exe [2005-11-10 36975]
"Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2004-08-05 144384]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"=C:\Program Files\Dell Support\DSAgnt.exe [2006-08-28 395776]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"kamsoft"=C:\WINDOWS\system32\ckvo.exe [2008-09-30 101447]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDAgent]
C:\Program Files\Softwin\BitDefender10\bdagent.exe [2007-03-26 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDMCon]
C:\Program Files\Softwin\BitDefender10\bdmcon.exe [2007-03-22 290816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kava]
C:\WINDOWS\system32\kavo.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SVCHOST]
C:\WINDOWS\MDM.EXE []

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Raccourci vers BackScan_cs.exe.lnk - C:\Documents and Settings\Administrateur\Bureau\NEW supervision\supervision\BackScan_cs.exe
Raccourci vers EasyPHP.exe.lnk - C:\Program Files\EasyPHP 2.0b1\EasyPHP.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-02-15 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-05 240128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\cots\jdk1.5.0_06\bin\java.exe"="C:\cots\jdk1.5.0_06\bin\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Documents and Settings\Operateur\Local Settings\Temp\OraInstall2007-08-18_04-06-08PM\jre\1.4.2\bin\javaw.exe"="C:\Documents and Settings\Operateur\Local Settings\Temp\OraInstall2007-08-18_04-06-08PM\jre\1.4.2\bin\javaw.exe:*:Enabled:javaw"
"C:\CQCLocal\Lib\APPRunnera.exe"="C:\CQCLocal\Lib\APPRunnera.exe:*:Enabled:Generic Application Runner"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\test\lib\APPRunnera.exe"="C:\test\lib\APPRunnera.exe:*:Enabled:Generic Application Runner"
"C:\CQCLocal\Lib\ManagerRunnera.exe"="C:\CQCLocal\Lib\ManagerRunnera.exe:*:Enabled:Manager Runner"
"C:\Program Files\PRTG Network Monitor\PRTG Probe.exe"="C:\Program Files\PRTG Network Monitor\PRTG Probe.exe:*:EnabledRTG_Network_Monitor_Probe"
"C:\Program Files\PRTG Network Monitor\PRTG Server.exe"="C:\Program Files\PRTG Network Monitor\PRTG Server.exe:*:EnabledRTG_Network_Monitor_Server"
"C:\Program Files\PRTG Network Monitor\PRTG Server Administrator.exe"="C:\Program Files\PRTG Network Monitor\PRTG Server Administrator.exe:*:EnabledRTG_Network_Monitor_Admin_Tool"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
shell\AutoRun\command - C:\n.com
shell\explore\command - C:\n.com
shell\open\command - C:\n.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17e1212d-6588-11de-b06a-001aa018404e}]
shell\AutoRun\command - E:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{180fa9e4-8efe-11dd-b03f-001aa018404e}]
shell\AutoRun\command - E:\zPharaoh.exe
shell\explore\command - E:\zPharaoh.exe
shell\open\command - E:\zPharaoh.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23f2a0d6-4d7e-11dc-98a9-806d6172696f}]
shell\AutoRun\command - C:\otyh.cmd
shell\explore\command - C:\otyh.cmd
shell\open\command - C:\otyh.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{39bf65a5-2b1c-11dd-b030-001aa018404e}]
shell\AutoRun\command - E:\m.exe
shell\explore\command - E:\m.exe
shell\open\command - E:\m.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{44e7ef98-7b66-11de-b06c-001aa018404e}]
shell\AutoRun\command - E:\Memorybar.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{44e7ef99-7b66-11de-b06c-001aa018404e}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{548eb648-dbf4-11dd-b054-001aa018404e}]
shell\AutoRun\command - E:\otyh.cmd
shell\explore\command - E:\otyh.cmd
shell\open\command - E:\otyh.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9fd74f08-e3bf-11dc-b022-001aa018404e}]
shell\AutoRun\command - b.com
shell\explore\command - b.com
shell\open\command - b.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab40ab48-2114-11dd-b02d-001aa018404e}]
shell\AutoRun\command - E:\tknn6.bat
shell\explore\command - E:\tknn6.bat
shell\open\command - E:\tknn6.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae0f2ad3-9d91-11dd-b040-001aa018404e}]
shell\AutoRun\command - E:\n.com
shell\explore\command - E:\n.com
shell\open\command - E:\n.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d0c88db5-75ce-11dd-b03d-001aa018404e}]
shell\AutoRun\command - E:\n.com
shell\explore\command - E:\n.com
shell\open\command - E:\n.com


======File associations======

.js - open - "C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe" "%1"

======List of files/folders created in the last 1 months======

2009-10-19 15:20:56 ----D---- C:\rsit
2009-10-19 15:20:56 ----D---- C:\Program Files\trend micro
2009-10-14 15:34:54 ----RSH---- C:\otyh.cmd

======List of files/folders modified in the last 1 months======

2009-10-19 15:20:56 ----RD---- C:\Program Files
2009-10-19 12:39:32 ----D---- C:\WINDOWS\Prefetch
2009-10-19 11:24:11 ----D---- C:\log
2009-10-18 15:35:58 ----D---- C:\WINDOWS\system32\inetsrv
2009-10-16 17:58:12 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-10-16 17:58:07 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-16 17:56:31 ----D---- C:\WINDOWS\Temp
2009-10-16 17:56:29 ----D---- C:\WINDOWS
2009-10-16 17:56:25 ----RSH---- C:\WINDOWS\system32\ckvo0.dll
2009-10-16 17:56:25 ----D---- C:\WINDOWS\system32
2009-10-16 17:56:24 ----D---- C:\WINDOWS\system32\drivers
2009-10-16 17:56:13 ----SHD---- C:\WINDOWS\CSC
2009-10-05 09:33:38 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-09-30 16:03:27 ----D---- C:\tmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 bdpredir;bdpredir; \??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R2 BDRSDRV;BDRSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2008-06-01 34064]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-05-22 230400]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-02-15 1754624]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2006-05-17 44544]
R3 DSproct;DSproct; \??\C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-08-12 137728]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NfsRdr;NfsRdr; \??\C:\WINDOWS\system32\drivers\nfsrdr.sys []
R3 Portmap;Portmap; \??\C:\WINDOWS\system32\drivers\portmap.sys []
R3 PsxDrv;PsxDrv; \??\C:\WINDOWS\system32\drivers\PSXDRV.SYS []
R3 RpcXdr;RpcXdr; \??\C:\WINDOWS\system32\drivers\rpcxdr.sys []
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2005-10-25 27264]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
S3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
S3 BDFSDRV;BDFSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
S3 cxru0wdm;CardMan 5x21; C:\WINDOWS\system32\DRIVERS\cxru0wdm.sys [2007-01-26 184192]
S3 E100B;Pilote de carte Intel (R) PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 PsSdk41;PsSdk41; \??\C:\WINDOWS\system32\Drivers\pssdk41.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]
S4 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-03 42368]
S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2004-08-03 44928]
S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2004-08-03 42752]
S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2004-08-03 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2004-08-03 5504]
S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2004-08-03 41088]
S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-03 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-02-15 425984]
R2 Client for NFS;Client for NFS; C:\WINDOWS\system32\nfsclnt.exe [2003-11-08 53408]
R2 IISADMIN;Administration IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-05 15872]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MSFtpsvc;Publication FTP; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-05 15872]
R2 OracleServiceXE;OracleServiceXE; c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE [2006-02-02 59064320]
R2 OracleXETNSListener;OracleXETNSListener; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe [2006-02-02 204800]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-05 268800]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 bdss;BitDefender Scan Server; C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe [2007-01-19 81920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FacilTomcat;Facil Tomcat; ccots/jakarta-tomcat-5.0.28\bin\tomcat5.exe [2007-08-18 94208]
S3 GroupPolicySrv;TOAD Group Policy Service; C:\Program Files\Quest Software\Toad Group Policy Manager\Service\GroupPolicyService.exe [2007-10-25 908800]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe [2007-03-21 237568]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 OracleMTSRecoveryService;OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe [2006-02-02 57616]
S3 OracleXEClrAgent;OracleXEClrAgent; C:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe [2006-02-02 45056]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2008-10-24 145248]
S3 Visual Studio Analyzer RPC bridge;Visual Studio Analyzer RPC bridge; C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe [1998-06-06 34036]
S3 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2007-03-27 446464]
S3 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe [2006-11-09 86016]
S4 CronService;Windows Cron Service; C:\SFU\common\cron.exe [2003-11-08 47536]
S4 Mapsvc;User Name Mapping; C:\SFU\Mapper\mapsvc.exe [2003-11-08 111728]
S4 OracleJobSchedulerXE;OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe [2006-02-02 102400]
S4 OracleServiceDSTR;OracleServiceDSTR; c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE [2006-02-02 59064320]
S4 zzInterix;Interix Subsystem Startup; C:\WINDOWS\system32\PSXRUN.EXE [2007-07-02 104448]

-----------------EOF-----------------





Merci

Ce sujet a été déplacé de la catégorie Systèmes d'exploitation (Windows, Mac OS, Linux...) vers la catégorie Sécurité - Virus par MaxGix