Probleme virus NTOSKRNL-HOOK

Bonjour.

Voila depuis hier j'ai découvert se virus dans ordinateur et je n'arrive pas a l'effacer avec McAfee virus scan 8.5.0i. Meme si il me dit qu'il l'a nettoye ou supprimer je le retrouve a chaque analyse et rien ne change j'aimerais savoir comment le supprimer.

Je suis sous windows vista basic edition. Mon anti virus est bien a jour.

Merci de votre aide =)

silverone

Fais un scan HijackThis et poste le rapport.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:40:24, on 08/08/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16890)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\s3trayp.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Isabelle\Program Files\DNA\btdna.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\temp\11846906.tmp
C:\Windows\system32\taskeng.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe 1
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Isabelle\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: PHOTOfunSTUDIO.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E0278D4B-CD9B-4423-A5BA-B3A6AA6F52F5}: NameServer = 85.255.112.231,85.255.112.98
O17 - HKLM\System\CCS\Services\Tcpip\..\{F1CD4E67-3621-460A-AD25-392691AE3DAC}: NameServer = 85.255.112.231,85.255.112.98
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.231,85.255.112.98
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.231,85.255.112.98
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: TwonkyMedia - PacketVideo - C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10236 bytes

JE me trouve aussi avec ce message tres souvent mais je pense que c'est un faux car a chaque fois y a ecrit que ca vient du site mindermo ou un trop du genre

...

Télécharge, installe et mets à jour Malwarebytes Anti-malware ; puis, fais un scan complet et poste le rapport.

Si MalwareByte's a détecté des infections, clique sur Afficher les résultats, puis sur Supprimer la sélection.

---
Il semble que tu as encore des restes de Norton/Symantec sur le PC ! Pour les supprimer totalement, utilise cet outil :

http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/2005041(...)

[img]http://www.hiboox.fr/go/images/informatique/windows-bon,6f3090955224e02e6f69bbeb6338e319.jpg.html[/img]

http://www.hiboox.fr/go/images/informatique/windows-bon,6f3090955224e02e6f69b(...)

J'ai un bug lorsque que je clique sur ton lien pour le telecharger ben cela ne marche pas le site est introuvable



VOus n'auriez pas un lien sur clubic ou même telecharger.com =)



Edit: JE viens de desintaller les reste de norton

MBAM refuse de fonctionner et bug a chaque lancement

Logfile of random's system information tool 1.06 (written by random/random)
Run by Isabelle at 2009-08-09 14:20:43
Microsoft® Windows Vista™ Édition Familiale Basique
System drive C: has 3 GB (3%) free of 94 GB
Total RAM: 2302 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:20:46, on 09/08/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16890)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\temp\11846906.tmp
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\s3trayp.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Isabelle\Program Files\DNA\btdna.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conime.exe
C:\Users\Isabelle\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Isabelle.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe 1
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Isabelle\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: PHOTOfunSTUDIO.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E0278D4B-CD9B-4423-A5BA-B3A6AA6F52F5}: NameServer = 85.255.112.231,85.255.112.98
O17 - HKLM\System\CCS\Services\Tcpip\..\{F1CD4E67-3621-460A-AD25-392691AE3DAC}: NameServer = 85.255.112.231,85.255.112.98
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.231,85.255.112.98
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.231,85.255.112.98
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: TwonkyMedia - PacketVideo - C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9148 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{2B3E5022-E499-4FDD-A0CA-1AA8733EA993}.job
C:\Windows\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll [2008-01-24 66880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-30 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-19 669168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-07 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-30 259696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-08-28 1006264]
"S3Trayp"=C:\Windows\system32\S3trayp.exe [2006-12-15 176128]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe [2007-01-02 471040]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2006-09-12 155648]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-02-26 153136]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2008-01-24 111952]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\UdaterUI.exe [2006-11-17 136768]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-06-02 81920]
"LWBMOUSE"=C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe [2001-03-26 429568]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-07-10 195072]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-03-28 413696]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []
"Nokia FastStart"=C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-02-26 2376992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-05-17 1232896]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-11 39408]
"BitTorrent DNA"=C:\Users\Isabelle\Program Files\DNA\btdna.exe [2008-12-16 342848]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PHOTOfunSTUDIO.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-08-09 14:12:08 ----D---- C:\rsit
2009-08-09 00:38:14 ----D---- C:\ProgramData\Malwarebytes
2009-08-09 00:38:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-09 00:04:50 ----D---- C:\ProgramData\NortonInstaller
2009-08-08 23:39:51 ----D---- C:\Program Files\Trend Micro
2009-08-07 23:31:14 ----D---- C:\Users\Isabelle\AppData\Roaming\TeamViewer
2009-08-07 23:30:50 ----D---- C:\Program Files\TeamViewer
2009-07-31 17:37:06 ----D---- C:\ProgramData\PC Suite
2009-07-29 00:04:30 ----A---- C:\Windows\system32\mshtml.dll
2009-07-29 00:04:27 ----A---- C:\Windows\system32\ieframe.dll
2009-07-29 00:04:24 ----A---- C:\Windows\system32\mstime.dll
2009-07-29 00:04:23 ----A---- C:\Windows\system32\ieapfltr.dll
2009-07-29 00:04:22 ----A---- C:\Windows\system32\urlmon.dll
2009-07-29 00:04:21 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-29 00:04:20 ----A---- C:\Windows\system32\wininet.dll
2009-07-29 00:04:20 ----A---- C:\Windows\system32\iertutil.dll
2009-07-29 00:04:19 ----A---- C:\Windows\system32\occache.dll
2009-07-29 00:04:19 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-29 00:04:19 ----A---- C:\Windows\system32\dxtmsft.dll
2009-07-29 00:04:18 ----A---- C:\Windows\system32\ieaksie.dll
2009-07-29 00:04:17 ----A---- C:\Windows\system32\mshtmled.dll
2009-07-29 00:04:16 ----A---- C:\Windows\system32\icardie.dll
2009-07-29 00:04:16 ----A---- C:\Windows\system32\dxtrans.dll
2009-07-29 00:04:15 ----A---- C:\Windows\system32\ieencode.dll
2009-07-29 00:04:14 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-29 00:04:13 ----A---- C:\Windows\system32\advpack.dll
2009-07-29 00:04:13 ----A---- C:\Windows\system32\admparse.dll
2009-07-29 00:04:12 ----A---- C:\Windows\system32\ieui.dll
2009-07-29 00:04:12 ----A---- C:\Windows\system32\iesetup.dll
2009-07-29 00:04:12 ----A---- C:\Windows\system32\iernonce.dll
2009-07-29 00:04:11 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-29 00:04:11 ----A---- C:\Windows\system32\ie4uinit.exe
2009-07-29 00:04:10 ----A---- C:\Windows\system32\pngfilt.dll
2009-07-29 00:04:07 ----A---- C:\Windows\system32\ieakui.dll
2009-07-29 00:04:06 ----A---- C:\Windows\system32\mshtmler.dll
2009-07-24 01:14:31 ----D---- C:\Program Files\Common Files\DivX Shared
2009-07-17 23:51:00 ----D---- C:\Program Files\Wakfu
2009-07-14 20:35:02 ----A---- C:\Windows\system32\t2embed.dll
2009-07-14 20:35:02 ----A---- C:\Windows\system32\fontsub.dll
2009-07-14 20:34:59 ----A---- C:\Windows\system32\lpk.dll
2009-07-14 20:34:59 ----A---- C:\Windows\system32\dciman32.dll
2009-07-14 20:34:59 ----A---- C:\Windows\system32\atmlib.dll
2009-07-14 20:34:59 ----A---- C:\Windows\system32\atmfd.dll
2009-07-12 01:14:30 ----D---- C:\Users\Isabelle\AppData\Roaming\PC Suite
2009-07-10 23:32:14 ----D---- C:\Users\Isabelle\AppData\Roaming\Nokia
2009-07-10 23:21:14 ----A---- C:\Windows\system32\nhm_server_trace.txt
2009-07-10 23:17:14 ----D---- C:\ProgramData\NokiaMusic
2009-07-10 23:13:09 ----D---- C:\Program Files\Common Files\muvee Technologies
2009-07-10 23:06:37 ----D---- C:\Program Files\Common Files\Nokia
2009-07-10 23:04:22 ----D---- C:\Windows\Downloaded Installations
2009-07-10 23:01:32 ----D---- C:\Program Files\DIFX
2009-07-10 22:59:00 ----DC---- C:\Windows\system32\DRVSTORE
2009-07-10 22:47:41 ----A---- C:\Windows\system32\nmwcdcls.dll
2009-07-10 22:47:39 ----D---- C:\Program Files\Nokia

======List of files/folders modified in the last 1 months======

2009-08-09 14:20:46 ----D---- C:\Windows\Temp
2009-08-09 14:15:37 ----D---- C:\Users\Isabelle\AppData\Roaming\DNA
2009-08-09 14:05:30 ----D---- C:\Windows\Tasks
2009-08-09 14:05:02 ----RD---- C:\Program Files
2009-08-09 01:28:20 ----HD---- C:\ProgramData
2009-08-09 01:28:08 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-08-09 00:38:16 ----D---- C:\Windows\system32\drivers
2009-08-09 00:05:06 ----SHD---- C:\Windows\Installer
2009-08-08 23:36:49 ----D---- C:\Windows\system32\Tasks
2009-08-08 16:25:02 ----D---- C:\Windows\system32\catroot2
2009-08-08 16:25:00 ----SHD---- C:\System Volume Information
2009-08-08 13:22:40 ----D---- C:\Program Files\Mozilla Firefox
2009-08-08 02:28:46 ----D---- C:\Windows\System32
2009-08-01 12:45:03 ----D---- C:\QUARANTINE
2009-07-31 18:42:19 ----D---- C:\Windows\inf
2009-07-31 18:42:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-07-31 17:37:28 ----D---- C:\Windows
2009-07-31 17:37:25 ----D---- C:\Windows\winsxs
2009-07-31 17:37:21 ----D---- C:\Windows\system32\catroot
2009-07-31 17:36:59 ----D---- C:\Windows\SoftwareDistribution
2009-07-31 15:05:56 ----D---- C:\Program Files\Microsoft Silverlight
2009-07-31 03:01:49 ----HD---- C:\Config.Msi
2009-07-30 00:52:30 ----D---- C:\Program Files\Internet Explorer
2009-07-30 00:52:29 ----D---- C:\Windows\system32\migration
2009-07-30 00:52:27 ----D---- C:\Windows\AppPatch
2009-07-26 23:19:28 ----D---- C:\Windows\Prefetch
2009-07-25 15:27:02 ----D---- C:\Users\Isabelle\AppData\Roaming\Panasonic
2009-07-24 01:14:40 ----D---- C:\Program Files\DivX
2009-07-24 01:14:31 ----D---- C:\Program Files\Common Files
2009-07-17 01:23:11 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-15 13:07:46 ----D---- C:\Program Files\Windows Mail
2009-07-12 01:15:50 ----D---- C:\Program Files\Messenger Plus! Live
2009-07-10 23:21:12 ----RSD---- C:\Windows\assembly
2009-07-10 23:17:51 ----D---- C:\Windows\Globalization
2009-07-10 23:13:34 ----RSD---- C:\Windows\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys [2008-01-24 31816]
R1 mfetdik;McAfee Inc.; C:\Windows\system32\drivers\mfetdik.sys [2008-01-24 52104]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio32.sys [2008-11-04 8704]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2006-08-30 140800]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-01-13 954368]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-05-17 14208]
R3 FETND6V;VIA Rhine Family Fast Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\fetnd6v.sys [2008-09-22 43520]
R3 HdAudAddService;VIA High Definition Audio Service; C:\Windows\system32\drivers\viahduaa.sys [2006-12-19 142848]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-10-15 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-10-15 207360]
R3 mfeapfk;McAfee Inc.; C:\Windows\system32\drivers\mfeapfk.sys [2008-01-24 64232]
R3 mfeavfk;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk.sys [2008-01-24 72936]
R3 mfebopk;McAfee Inc.; C:\Windows\system32\drivers\mfebopk.sys [2008-01-24 33960]
R3 mfehidk;McAfee Inc.; C:\Windows\system32\drivers\mfehidk.sys [2008-01-24 171400]
R3 S3GIGP;S3GIGP; C:\Windows\system32\DRIVERS\VTGKModeDX32.sys [2007-02-05 842752]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-10-15 661504]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2006-11-02 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2006-11-02 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2006-11-02 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\Windows\system32\DRIVERS\fetnd5bv.sys [2008-02-26 43520]
S3 FETNDIS;Service de pilote de carte VIA famille Rhine 10/100Mo Fast Ethernet; C:\Windows\system32\DRIVERS\fetnd5.sys [2006-11-02 45568]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2006-05-11 247808]
S4 nvatabus;nvatabus; C:\Windows\system32\drivers\nvatabus.sys [2006-07-14 105088]
S4 viamraid;viamraid; C:\Windows\system32\drivers\viamraid.sys [2006-03-31 100992]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2006-11-17 104000]
R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe [2008-01-24 144704]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [2008-01-24 54608]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 TeamViewer4;TeamViewer 4; C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe [2009-07-30 185640]
R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler; C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [2006-12-08 204800]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-16 386560]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S2 TwonkyMedia;TwonkyMedia; C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe [2009-01-29 102400]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-07 182768]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-02-26 267824]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

Voila Dede

Manque un bout du rapport !

log.txt et info.txt (réduit dans la barre des tâches) à la fin de l’analyse.

Les rapports sont dans le dossier ici C:\rsit <--

info.txt logfile of random's system information tool 1.06 2009-08-09 14:12:19

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.5 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Age of Mythology - The Titans Expansion-->"C:\Program Files\Microsoft Games\Age of Mythology\UNINSTXP.EXE" /runtemp /addremove
Age of Mythology-->"C:\Program Files\Microsoft Games\Age of Mythology\UNINSTAL.EXE" /runtemp /addremove
ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft Software Suite-->C:\Program Files\InstallShield Installation Information\{497A1721-088F-41EF-8876-B43C9DA5528B}\Setup.exe -runfromtemp -l0x040c -removeonly
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
BattleForge™-->MsiExec.exe /X{4160920F-2C6A-4AAF-81D5-114C850911EE}
Browser Mouse Browser Mouse 1.0-->C:\Program Files\Browser Mouse\Browser Mouse\1.0\unins000.EXE
Command & Conquer Generals-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
Command and Conquer(TM) Generals - Heure H-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Earth 2160-->C:\PROGRA~1\REALIT~1\EARTH2~1\UNINST~1.EXE C:\PROGRA~1\REALIT~1\EARTH2~1\INSTALL.LOG
EVEREST Ultimate Edition v4.50-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
FirstSteps Diagnostics-->MsiExec.exe /X{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}
Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
GammaHT-->"C:\Program Files\GammaHT\Uninstall.exe"
Google Earth-->MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe -U -IPZAZCMzK.INF
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotel Giant 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6328CF1B-FA83-485C-94F5-B3D1B4B934E2}\setup.exe" -l0x40c -uninst -removeonly
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 10.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3-->C:\Program Files\HP\Digital Imaging\{AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2}\setup\hpzscr01.exe -datfile hposcr28.dat -onestop
HP Imaging Device Functions 10.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 3.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 10.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
ImgBurn 2.3.2.0 Fr-->"C:\Program Files\ImgBurn\unins000.exe"
InterVideo WinDVD 8-->C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x040c
iPhone/iTouch/iPod to Computer Transfer 3.9.2-->"C:\Program Files\Cucusoft\iPod to Computer\unins000.exe"
IsoBuster 2.4-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee VirusScan Enterprise-->MsiExec.exe /X{35C03C04-3F1F-42C2-A989-A757EE691F65}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Express Edition - FRA-->MsiExec.exe /X{15473D70-D791-3B5E-B174-2FD19EC0D017}
Microsoft Visual C++ 2008 Express - Français-->C:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual C++ 2008 Express Edition - FRA\setup.exe
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework-->MsiExec.exe /X{AB47EEE8-507B-331F-AA28-B7C7257F014C}
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32-->MsiExec.exe /X{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries-->MsiExec.exe /X{842FAF7C-50EF-4463-9B8F-6222E1384D7D}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.2)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Nero 7 Essentials-->MsiExec.exe /X{81CD6232-10F5-4832-B3DA-1B88B1571036}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296}
Nokia Home Media Server-->MsiExec.exe /X{0EEB3C40-2A8C-4045-B3F9-13C4A5C490C0}
Nokia Map Loader-->MsiExec.exe /I{03528A01-7E5E-4C5F-94DF-1D8012E969EF}
Nokia Music-->MsiExec.exe /I{BEC99D86-1D70-4AB8-8D15-E116392F9B7D}
Nokia Ovi Application Installer 6.85.3011-->msiexec /qn /x {42B74521-4706-412A-9A27-AED12B83E886}
Nokia Ovi Application Installer-->MsiExec.exe /I{42B74521-4706-412A-9A27-AED12B83E886}
Nokia Ovi Content Copier 6.85.3011-->msiexec /qn /x {6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
Nokia Ovi Content Copier-->MsiExec.exe /X{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
Nokia Ovi One Touch Access 6.85.3019-->msiexec /qn /x {C4B045DB-C2C0-4A05-8DA5-754B4733EE31}
Nokia Ovi One Touch Access-->MsiExec.exe /I{C4B045DB-C2C0-4A05-8DA5-754B4733EE31}
Nokia Ovi Suite-->MsiExec.exe /I{2218B96C-ABA2-45D9-A0B4-56B71F5303DB}
Nokia Ovi System Utilities 6.85.3018-->msiexec /qn /x {F9EA1C47-64A6-45E4-9A80-8CC1575B971D}
Nokia Ovi System Utilities-->MsiExec.exe /X{F9EA1C47-64A6-45E4-9A80-8CC1575B971D}
Nokia Photos-->MsiExec.exe /I{9292B96D-B693-4F07-B5FE-21CCDC7CB4AF}
Nokia Software Updater-->MsiExec.exe /X{9F59C3AE-81B0-4EF6-9762-D674BB079705}
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037}
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PHOTOfunSTUDIO-->C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\setup.exe -runfromtemp -l0x040c -z"Uninstall" -removeonly
QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c -removeonly
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
TeamViewer 4-->C:\Program Files\TeamViewer\Version4\uninstall.exe
TwonkyMedia-->C:\Program Files\Nokia\Nokia Home Media Server\\Media Server\UninstallTwonkyMedia.exe
VC Runtimes MSI-->MsiExec.exe /X{FF29527A-44CD-3422-945E-981A13584000}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VIA Chrome9 HC IGP Windows Vista Display-->C:\Windows\system32\s3minset.exe -uninf -u 'VIA Chrome9 HC IGP Windows Vista Display' -ver '01/29/2007, 7.14.10.0058'
VIA Gestionnaire de périphériques de plate-forme-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VIA Rhine Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
Videora iPod Converter 4.03-->C:\Program Files\Red Kawa\Video Converter App\uninstaller.exe
VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Wakfu-->C:\Program Files\Wakfu\uninstall.exe
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live Writer-->MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
YouTube Downloader App 1.01-->C:\Program Files\Red Kawa\Downloader App\uninstaller.exe

======Security center information======

AV: McAfee VirusScan Enterprise
AS: Windows Defender

======System event log======

Computer Name: PC-de-Isabelle
Event Code: 7022
Message: Le service Service HP CUE DeviceDiscovery est en attente de démarrage.
Record Number: 135950
Source Name: Service Control Manager
Time Written: 20090808225105.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Isabelle
Event Code: 7034
Message: Le service Planificateur LiveUpdate automatique s'est terminé de façon inattendue pour la 1ème fois.
Record Number: 135972
Source Name: Service Control Manager
Time Written: 20090808225915.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Isabelle
Event Code: 4001
Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

Record Number: 136011
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20090809005506.112250-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Isabelle
Event Code: 7000
Message: Le service Planificateur LiveUpdate automatique n'a pas pu démarrer en raison de l'erreur :
Le chemin d'accès spécifié est introuvable.
Record Number: 136065
Source Name: Service Control Manager
Time Written: 20090809120645.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Isabelle
Event Code: 7022
Message: Le service Service HP CUE DeviceDiscovery est en attente de démarrage.
Record Number: 136092
Source Name: Service Control Manager
Time Written: 20090809120756.000000-000
Event Type: Erreur
User:

=====Application event log=====

Computer Name: PC-de-Isabelle
Event Code: 5007
Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.
Record Number: 37066
Source Name: WerSvc
Time Written: 20090808234833.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Isabelle
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.

DÉTAIL -
2 user registry handles leaked from \Registry\User\S-1-5-21-1352774658-2991990178-3595417818-1000:
Process 820 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1352774658-2991990178-3595417818-1000
Process 1280 (\Device\HarddiskVolume2\Program Files\McAfee\Common Framework\FrameworkService.exe) has opened key \REGISTRY\USER\S-1-5-21-1352774658-2991990178-3595417818-1000\Software\Microsoft\Windows NT\CurrentVersion\Network\Location Awareness

Record Number: 37070
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090809005503.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Isabelle
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.

DÉTAIL -
2 user registry handles leaked from \Registry\User\S-1-5-21-1352774658-2991990178-3595417818-1000_Classes:
Process 1280 (\Device\HarddiskVolume2\Program Files\McAfee\Common Framework\FrameworkService.exe) has opened key \REGISTRY\USER\S-1-5-21-1352774658-2991990178-3595417818-1000_CLASSES
Process 820 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1352774658-2991990178-3595417818-1000_CLASSES

Record Number: 37071
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090809005504.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Isabelle
Event Code: 1000
Message: Application défaillante TwonkyMedia.exe, version 4.4.0.0, horodatage 0x4981d143, module défaillant unknown, version 0.0

Logfile of random's system information tool 1.06 (written by random/random)
Run by Isabelle at 2009-08-09 14:20:43
Microsoft® Windows Vista™ Édition Familiale Basique
System drive C: has 3 GB (3%) free of 94 GB
Total RAM: 2302 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:20:46, on 09/08/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16890)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\temp\11846906.tmp
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\s3trayp.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Isabelle\Program Files\DNA\btdna.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conime.exe
C:\Users\Isabelle\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Isabelle.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe 1
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Isabelle\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: PHOTOfunSTUDIO.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E0278D4B-CD9B-4423-A5BA-B3A6AA6F52F5}: NameServer = 85.255.112.231,85.255.112.98
O17 - HKLM\System\CCS\Services\Tcpip\..\{F1CD4E67-3621-460A-AD25-392691AE3DAC}: NameServer = 85.255.112.231,85.255.112.98
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.231,85.255.112.98
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.231,85.255.112.98
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: TwonkyMedia - PacketVideo - C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9148 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{2B3E5022-E499-4FDD-A0CA-1AA8733EA993}.job
C:\Windows\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll [2008-01-24 66880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-30 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-19 669168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-07 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-30 259696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-08-28 1006264]
"S3Trayp"=C:\Windows\system32\S3trayp.exe [2006-12-15 176128]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe [2007-01-02 471040]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2006-09-12 155648]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-02-26 153136]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2008-01-24 111952]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\UdaterUI.exe [2006-11-17 136768]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-06-02 81920]
"LWBMOUSE"=C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe [2001-03-26 429568]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-07-10 195072]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-03-28 413696]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []
"Nokia FastStart"=C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-02-26 2376992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-05-17 1232896]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-11 39408]
"BitTorrent DNA"=C:\Users\Isabelle\Program Files\DNA\btdna.exe [2008-12-16 342848]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PHOTOfunSTUDIO.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-08-09 14:12:08 ----D---- C:\rsit
2009-08-09 00:38:14 ----D---- C:\ProgramData\Malwarebytes
2009-08-09 00:38:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-09 00:04:50 ----D---- C:\ProgramData\NortonInstaller
2009-08-08 23:39:51 ----D---- C:\Program Files\Trend Micro
2009-08-07 23:31:14 ----D---- C:\Users\Isabelle\AppData\Roaming\TeamViewer
2009-08-07 23:30:50 ----D---- C:\Program Files\TeamViewer
2009-07-31 17:37:06 ----D---- C:\ProgramData\PC Suite
2009-07-29 00:04:30 ----A---- C:\Windows\system32\mshtml.dll
2009-07-29 00:04:27 ----A---- C:\Windows\system32\ieframe.dll
2009-07-29 00:04:24 ----A---- C:\Windows\system32\mstime.dll
2009-07-29 00:04:23 ----A---- C:\Windows\system32\ieapfltr.dll
2009-07-29 00:04:22 ----A---- C:\Windows\system32\urlmon.dll
2009-07-29 00:04:21 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-29 00:04:20 ----A---- C:\Windows\system32\wininet.dll
2009-07-29 00:04:20 ----A---- C:\Windows\system32\iertutil.dll
2009-07-29 00:04:19 ----A---- C:\Windows\system32\occache.dll
2009-07-29 00:04:19 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-29 00:04:19 ----A---- C:\Windows\system32\dxtmsft.dll
2009-07-29 00:04:18 ----A---- C:\Windows\system32\ieaksie.dll
2009-07-29 00:04:17 ----A---- C:\Windows\system32\mshtmled.dll
2009-07-29 00:04:16 ----A---- C:\Windows\system32\icardie.dll
2009-07-29 00:04:16 ----A---- C:\Windows\system32\dxtrans.dll
2009-07-29 00:04:15 ----A---- C:\Windows\system32\ieencode.dll
2009-07-29 00:04:14 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-29 00:04:13 ----A---- C:\Windows\system32\advpack.dll
2009-07-29 00:04:13 ----A---- C:\Windows\system32\admparse.dll
2009-07-29 00:04:12 ----A---- C:\Windows\system32\ieui.dll
2009-07-29 00:04:12 ----A---- C:\Windows\system32\iesetup.dll
2009-07-29 00:04:12 ----A---- C:\Windows\system32\iernonce.dll
2009-07-29 00:04:11 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-29 00:04:11 ----A---- C:\Windows\system32\ie4uinit.exe
2009-07-29 00:04:10 ----A---- C:\Windows\system32\pngfilt.dll
2009-07-29 00:04:07 ----A---- C:\Windows\system32\ieakui.dll
2009-07-29 00:04:06 ----A---- C:\Windows\system32\mshtmler.dll
2009-07-24 01:14:31 ----D---- C:\Program Files\Common Files\DivX Shared
2009-07-17 23:51:00 ----D---- C:\Program Files\Wakfu
2009-07-14 20:35:02 ----A---- C:\Windows\system32\t2embed.dll
2009-07-14 20:35:02 ----A---- C:\Windows\system32\fontsub.dll
2009-07-14 20:34:59 ----A---- C:\Windows\system32\lpk.dll
2009-07-14 20:34:59 ----A---- C:\Windows\system32\dciman32.dll
2009-07-14 20:34:59 ----A---- C:\Windows\system32\atmlib.dll
2009-07-14 20:34:59 ----A---- C:\Windows\system32\atmfd.dll
2009-07-12 01:14:30 ----D---- C:\Users\Isabelle\AppData\Roaming\PC Suite
2009-07-10 23:32:14 ----D---- C:\Users\Isabelle\AppData\Roaming\Nokia
2009-07-10 23:21:14 ----A---- C:\Windows\system32\nhm_server_trace.txt
2009-07-10 23:17:14 ----D---- C:\ProgramData\NokiaMusic
2009-07-10 23:13:09 ----D---- C:\Program Files\Common Files\muvee Technologies
2009-07-10 23:06:37 ----D---- C:\Program Files\Common Files\Nokia
2009-07-10 23:04:22 ----D---- C:\Windows\Downloaded Installations
2009-07-10 23:01:32 ----D---- C:\Program Files\DIFX
2009-07-10 22:59:00 ----DC---- C:\Windows\system32\DRVSTORE
2009-07-10 22:47:41 ----A---- C:\Windows\system32\nmwcdcls.dll
2009-07-10 22:47:39 ----D---- C:\Program Files\Nokia

======List of files/folders modified in the last 1 months======

2009-08-09 14:20:46 ----D---- C:\Windows\Temp
2009-08-09 14:15:37 ----D---- C:\Users\Isabelle\AppData\Roaming\DNA
2009-08-09 14:05:30 ----D---- C:\Windows\Tasks
2009-08-09 14:05:02 ----RD---- C:\Program Files
2009-08-09 01:28:20 ----HD---- C:\ProgramData
2009-08-09 01:28:08 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-08-09 00:38:16 ----D---- C:\Windows\system32\drivers
2009-08-09 00:05:06 ----SHD---- C:\Windows\Installer
2009-08-08 23:36:49 ----D---- C:\Windows\system32\Tasks
2009-08-08 16:25:02 ----D---- C:\Windows\system32\catroot2
2009-08-08 16:25:00 ----SHD---- C:\System Volume Information
2009-08-08 13:22:40 ----D---- C:\Program Files\Mozilla Firefox
2009-08-08 02:28:46 ----D---- C:\Windows\System32
2009-08-01 12:45:03 ----D---- C:\QUARANTINE
2009-07-31 18:42:19 ----D---- C:\Windows\inf
2009-07-31 18:42:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-07-31 17:37:28 ----D---- C:\Windows
2009-07-31 17:37:25 ----D---- C:\Windows\winsxs
2009-07-31 17:37:21 ----D---- C:\Windows\system32\catroot
2009-07-31 17:36:59 ----D---- C:\Windows\SoftwareDistribution
2009-07-31 15:05:56 ----D---- C:\Program Files\Microsoft Silverlight
2009-07-31 03:01:49 ----HD---- C:\Config.Msi
2009-07-30 00:52:30 ----D---- C:\Program Files\Internet Explorer
2009-07-30 00:52:29 ----D---- C:\Windows\system32\migration
2009-07-30 00:52:27 ----D---- C:\Windows\AppPatch
2009-07-26 23:19:28 ----D---- C:\Windows\Prefetch
2009-07-25 15:27:02 ----D---- C:\Users\Isabelle\AppData\Roaming\Panasonic
2009-07-24 01:14:40 ----D---- C:\Program Files\DivX
2009-07-24 01:14:31 ----D---- C:\Program Files\Common Files
2009-07-17 01:23:11 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-15 13:07:46 ----D---- C:\Program Files\Windows Mail
2009-07-12 01:15:50 ----D---- C:\Program Files\Messenger Plus! Live
2009-07-10 23:21:12 ----RSD---- C:\Windows\assembly
2009-07-10 23:17:51 ----D---- C:\Windows\Globalization
2009-07-10 23:13:34 ----RSD---- C:\Windows\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys [2008-01-24 31816]
R1 mfetdik;McAfee Inc.; C:\Windows\system32\drivers\mfetdik.sys [2008-01-24 52104]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio32.sys [2008-11-04 8704]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2006-08-30 140800]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-01-13 954368]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-05-17 14208]
R3 FETND6V;VIA Rhine Family Fast Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\fetnd6v.sys [2008-09-22 43520]
R3 HdAudAddService;VIA High Definition Audio Service; C:\Windows\system32\drivers\viahduaa.sys [2006-12-19 142848]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-10-15 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-10-15 207360]
R3 mfeapfk;McAfee Inc.; C:\Windows\system32\drivers\mfeapfk.sys [2008-01-24 64232]
R3 mfeavfk;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk.sys [2008-01-24 72936]
R3 mfebopk;McAfee Inc.; C:\Windows\system32\drivers\mfebopk.sys [2008-01-24 33960]
R3 mfehidk;McAfee Inc.; C:\Windows\system32\drivers\mfehidk.sys [2008-01-24 171400]
R3 S3GIGP;S3GIGP; C:\Windows\system32\DRIVERS\VTGKModeDX32.sys [2007-02-05 842752]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-10-15 661504]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2006-11-02 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2006-11-02 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2006-11-02 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\Windows\system32\DRIVERS\fetnd5bv.sys [2008-02-26 43520]
S3 FETNDIS;Service de pilote de carte VIA famille Rhine 10/100Mo Fast Ethernet; C:\Windows\system32\DRIVERS\fetnd5.sys [2006-11-02 45568]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2006-05-11 247808]
S4 nvatabus;nvatabus; C:\Windows\system32\drivers\nvatabus.sys [2006-07-14 105088]
S4 viamraid;viamraid; C:\Windows\system32\drivers\viamraid.sys [2006-03-31 100992]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2006-11-17 104000]
R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe [2008-01-24 144704]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [2008-01-24 54608]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 TeamViewer4;TeamViewer 4; C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe [2009-07-30 185640]
R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler; C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [2006-12-08 204800]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-16 386560]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S2 TwonkyMedia;TwonkyMedia; C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe [2009-01-29 102400]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-07 182768]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-02-26 267824]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

...

Clique droit sur ComboFix (par sUBs).

Choisis "Enregistrer sous" (dans IE c'est "Enregistrer la cible/le lien sous..") et sauvegarde-le (Enregistrer dans) sur le Bureau.

Important : dans "Nom du fichier" enregistre (renomme) "combofix" en combo-fix.exe

Prends connaissance de ce tutoriel : http://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

Ferme toutes les fenêtres et applications.
Déconnecte-toi du net et désactive tes protections résidentes :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm

A ce moment, désactive l' UAC (important) :
http://tinyurl.com/5zfaxk

Sur le bureau, double clique combo-fix.exe.
Tape sur la touche Y (Yes) pour démarrer le scan.
ComboFix redémarrera ton PC.
Lorsque le scan sera complété, un rapport apparaîtra.
Copie/colle ce rapport dans ta prochaine réponse.

PS : Le rapport se trouve également ici : C:\Combofix.txt

Ne pas cliquer dans la fenêtre de Combofix durant l’analyse, cela pourrait provoquer le gel du programme

ComboFix 09-08-07.09 - Isabelle 10/08/2009 1:12.1.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6000.0.1252.33.1036.18.2302.1751 [GMT 2:00]
Running from: c:\users\Isabelle\Downloads\ComboFix.exe
AV: McAfee VirusScan Enterprise *On-access scanning disabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1099261494-2186156326-3733426758-500
c:\$recycle.bin\S-1-5-21-2365545147-1999384947-2466353664-500
c:\users\Isabelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\pse_300_fra.exe
c:\windows\Installer\1fe9e49.msi
c:\windows\system32\drivers\ESQULledcpcdwftidinvqdxtwowhvxnuvvkyf.sys
c:\windows\system32\ESQULsojslpbsmaxucoihgksodbmrbrvxejip.dll
c:\windows\system32\ESQULvqlybnfrotcmqqiumggapakxemqwgjxg.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ESQULserv.sys
-------\Legacy_ESQULserv.sys
-------\Service_ESQULserv.sys


((((((((((((((((((((((((( Files Created from 2009-07-09 to 2009-08-09 )))))))))))))))))))))))))))))))
.

2009-08-09 23:21 . 2009-08-09 23:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-08-09 23:21 . 2009-08-09 23:27 -------- d-----w- c:\users\Isabelle\AppData\Local\temp
2009-08-09 12:12 . 2009-08-09 12:12 -------- d-----w- C:\rsit
2009-08-08 22:04 . 2009-08-08 22:04 -------- d-----w- c:\progra~2\NortonInstaller
2009-08-08 21:39 . 2009-08-08 21:39 -------- d-----w- c:\program files\Trend Micro
2009-08-07 21:31 . 2009-08-07 21:37 -------- d-----w- c:\users\Isabelle\AppData\Roaming\TeamViewer
2009-08-07 21:30 . 2009-08-07 21:30 -------- d-----w- c:\program files\TeamViewer
2009-08-07 21:29 . 2009-08-07 21:29 -------- d-----w- c:\users\Isabelle\temp
2009-07-31 15:37 . 2008-03-21 22:41 503864 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2009-07-31 15:37 . 2008-03-21 22:41 35896 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2009-07-31 15:37 . 2009-07-31 15:37 -------- d-----w- c:\progra~2\PC Suite
2009-07-23 23:14 . 2009-07-23 23:14 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-07-17 21:51 . 2009-07-17 22:15 -------- d-----w- c:\program files\Wakfu
2009-07-14 18:35 . 2009-06-15 15:29 156160 ----a-w- c:\windows\system32\t2embed.dll
2009-07-14 18:35 . 2009-06-15 15:22 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-14 18:34 . 2009-06-15 15:23 24064 ----a-w- c:\windows\system32\lpk.dll
2009-07-14 18:34 . 2009-06-15 15:21 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-14 18:34 . 2009-06-15 15:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-07-14 18:34 . 2009-06-15 13:03 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-07-11 23:14 . 2009-07-11 23:14 -------- d-----w- c:\users\Isabelle\AppData\Local\IsolatedStorage
2009-07-11 23:14 . 2009-07-11 23:14 -------- d-----w- c:\users\Isabelle\AppData\Roaming\PC Suite
2009-07-11 23:13 . 2009-07-11 23:13 -------- d-----w- c:\users\Isabelle\AppData\Local\Nokia

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-09 23:25 . 2008-11-15 22:18 -------- d-----w- c:\users\Isabelle\AppData\Roaming\DNA
2009-08-09 23:25 . 2008-11-15 22:18 -------- d-----w- c:\program files\DNA
2009-08-09 20:20 . 2009-03-15 21:28 1 ----a-w- c:\users\Isabelle\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-08-08 23:28 . 2007-08-28 06:47 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-07-31 16:42 . 2006-11-02 15:45 698996 ----a-w- c:\windows\system32\perfh00C.dat
2009-07-31 16:42 . 2006-11-02 15:45 120866 ----a-w- c:\windows\system32\perfc00C.dat
2009-07-31 15:37 . 2009-07-31 15:37 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-07-31 15:37 . 2009-07-31 15:37 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-07-31 13:05 . 2008-05-17 16:10 -------- d-----w- c:\program files\Microsoft Silverlight
2009-07-25 13:27 . 2009-07-06 19:07 -------- d-----w- c:\users\Isabelle\AppData\Roaming\Panasonic
2009-07-23 23:14 . 2009-01-30 23:23 -------- d-----w- c:\program files\DivX
2009-07-18 12:17 . 2009-07-28 22:04 827392 ----a-w- c:\windows\system32\wininet.dll
2009-07-18 12:10 . 2009-07-28 22:04 56320 ----a-w- c:\windows\system32\iesetup.dll
2009-07-18 12:10 . 2009-07-28 22:04 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-07-18 12:07 . 2009-07-28 22:04 72704 ----a-w- c:\windows\system32\admparse.dll
2009-07-18 10:00 . 2009-07-28 22:04 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-18 08:34 . 2009-07-28 22:04 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-07-16 23:23 . 2007-08-28 06:36 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-15 11:07 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-07-11 23:15 . 2008-05-17 19:07 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-11 23:11 . 2008-05-17 11:48 62680 ----a-w- c:\users\Isabelle\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-10 21:32 . 2009-07-10 21:32 -------- d-----w- c:\users\Isabelle\AppData\Roaming\Nokia
2009-07-10 21:20 . 2009-07-10 20:47 -------- d-----w- c:\program files\Nokia
2009-07-10 21:19 . 2009-07-10 21:06 -------- d-----w- c:\program files\Common Files\Nokia
2009-07-10 21:18 . 2009-07-10 21:18 51534 ----a-w- c:\windows\inf\Nokia Music\000C\tmpC1B0.tmp
2009-07-10 21:18 . 2009-07-10 21:18 51534 ----a-w- c:\windows\inf\Nokia Music\0009\tmpC1B0.tmp
2009-07-10 21:18 . 2009-07-10 21:18 51534 ----a-w- c:\windows\inf\Nokia Music\0000\tmpC1B0.tmp
2009-07-10 21:18 . 2009-07-10 21:18 1593 ----a-w- c:\windows\inf\Nokia Music\tmpC1C1.tmp
2009-07-10 21:17 . 2009-07-10 21:17 -------- d-----w- c:\progra~2\NokiaMusic
2009-07-10 21:13 . 2009-07-10 21:13 -------- d-----w- c:\program files\Common Files\muvee Technologies
2009-07-10 21:01 . 2009-07-10 21:01 -------- d-----w- c:\program files\DIFX
2009-07-07 20:30 . 2009-07-06 19:07 -------- d-----w- c:\progra~2\ArcSoft
2009-07-06 21:08 . 2009-07-06 19:06 -------- d-----w- c:\users\Isabelle\AppData\Roaming\ArcSoft
2009-07-06 19:13 . 2009-07-06 19:13 -------- d-----w- c:\users\Isabelle\AppData\Roaming\DivX
2009-07-06 19:06 . 2007-08-28 06:35 -------- d-----w- c:\program files\Common Files\InstallShield
2009-07-06 19:04 . 2009-07-06 19:03 -------- d-----w- c:\program files\QuickTime
2009-07-06 19:03 . 2009-07-06 19:03 -------- d-----w- c:\progra~2\Apple Computer
2009-07-06 19:02 . 2009-07-06 19:02 -------- d-----w- c:\program files\Apple Software Update
2009-07-06 19:02 . 2009-07-06 19:02 -------- d-----w- c:\progra~2\Apple
2009-07-06 18:59 . 2009-07-06 18:47 -------- d-----w- c:\program files\Common Files\ArcSoft
2009-07-06 18:46 . 2009-07-06 18:46 -------- d-----w- c:\program files\ArcSoft
2009-07-06 18:36 . 2009-07-06 18:36 -------- d-----w- c:\program files\Panasonic
2009-07-06 18:34 . 2009-07-06 18:34 -------- d-----w- c:\users\Isabelle\AppData\Roaming\InstallShield
2009-07-02 22:04 . 2009-06-18 20:43 1878984 ----a-w- c:\users\Isabelle\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-05-17 1232896]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-11 39408]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-08-09 318272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-08-28 1006264]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe" [2007-01-02 471040]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-09-12 155648]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-02-26 153136]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2008-01-24 111952]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2006-11-17 136768]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 81920]
"LWBMOUSE"="c:\program files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe" [2001-03-26 429568]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-07-10 195072]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-03-28 413696]
"Nokia FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2009-02-26 2376992]
"S3Trayp"="S3trayp.exe" - c:\windows\System32\s3trayp.exe [2006-12-15 176128]

c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
PHOTOfunSTUDIO.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe [2009-7-6 44176]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{E6057D39-4160-4B3F-9E2B-619B58C2D28B}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{9CB5AB57-F601-42E1-8077-AA4DCDC365DF}"= UDP:c:\windows\System32\lxbkcoms.exe:Lexmark Communications System
"{5F77EE37-4B4E-4F1B-945C-992319C5C1F4}"= TCP:c:\windows\System32\lxbkcoms.exe:Lexmark Communications System
"{EE2D72FD-CC80-4621-BA7E-FA84FD0CC14B}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxbkpswx.exe:Printer Status Window
"{D24416F4-9489-46BC-8057-0A39042E8973}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxbkpswx.exe:Printer Status Window
"{454D67BD-3EE6-4686-B93D-5AC404E258D8}"= UDP:c:\program files\McAfee\Common Framework\FrameworkService.exe:McAfee Framework Service
"{5CC4E2C6-AD9D-43DF-8F41-DAD9D85AD365}"= TCP:c:\program files\McAfee\Common Framework\FrameworkService.exe:McAfee Framework Service
"{06257296-FF9E-44A6-BAE1-470B8A8BC8EB}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{FDB6BD29-1F2F-455D-A3D3-1123B13F5D4C}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{31904A29-38A9-46FF-88B6-071B451FECF3}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{B30E0291-2DC6-4CB7-BC25-6BD14A141430}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{43D02A70-8434-4DDF-B479-7D5E74D7543D}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{42421A75-F074-4876-A2A1-58E639D5E1B3}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{784802CF-5E53-4A02-B90B-E374431745C1}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{39E772CB-2FC8-4F30-B16F-61C858383E22}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{BFF04820-56DD-4E5A-8325-F19405476016}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{54161138-BF6D-416D-A4B9-A2B9D7285500}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"TCP Query User{AFB36303-7242-4778-A86F-C0E2748592D4}c:\\users\\isabelle\\appdata\\local\\temp\\wzsd768.tmp\\rctrec1.exe"= UDP:c:\users\isabelle\appdata\local\temp\wzsd768.tmp\rctrec1.exe:rctrec1.exe
"UDP Query User{D962F72D-4BB9-4131-9A5F-538967ED63F5}c:\\users\\isabelle\\appdata\\local\\temp\\wzsd768.tmp\\rctrec1.exe"= TCP:c:\users\isabelle\appdata\local\temp\wzsd768.tmp\rctrec1.exe:rctrec1.exe
"{416AFBFD-2EEF-4714-B25D-D34A830F8339}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{11A67E80-0AC1-4232-B684-D4A41C789FF1}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{ADFA9307-2AA3-4980-A23C-C42BC5101517}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{94390DF7-8BB2-415C-8922-4BCC03E817B4}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"TCP Query User{D7487D6C-9EB8-4714-B941-3C0D6D0A48A2}c:\\program files\\microsoft games\\age of mythology\\aomx.exe"= UDP:c:\program files\microsoft games\age of mythology\aomx.exe:Age of Mythology - The Titans Expansion
"UDP Query User{2EF1E9BF-1118-442B-9EB4-7288E53E1C90}c:\\program files\\microsoft games\\age of mythology\\aomx.exe"= TCP:c:\program files\microsoft games\age of mythology\aomx.exe:Age of Mythology - The Titans Expansion
"{7F6D452E-75AB-46D0-95E2-5C58D4E30B07}"= TCP:2300:Age of Mythology - The Titans Expansion
"TCP Query User{1BAF013D-59E7-41B4-99CC-D0A7D7020038}c:\\program files\\microsoft games\\age of mythology\\aomx.exe"= UDP:c:\program files\microsoft games\age of mythology\aomx.exe:Age of Mythology - The Titans Expansion
"UDP Query User{57896854-25C9-4DF3-B3C5-0027110C5DDA}c:\\program files\\microsoft games\\age of mythology\\aomx.exe"= TCP:c:\program files\microsoft games\age of mythology\aomx.exe:Age of Mythology - The Titans Expansion
"{02743713-F07B-4727-B6BA-E0D73DEE72C8}"= UDP:c:\program files\Electronic Arts\BattleForgeBeta\Bootstrapper.exe:BattleForge™ Launcher
"{DDF0241C-C1A9-42FC-B163-226AD62EF114}"= TCP:c:\program files\Electronic Arts\BattleForgeBeta\Bootstrapper.exe:BattleForge™ Launcher
"{2B9E7B5E-830F-44A3-A290-26B86AD7A6F7}"= UDP:c:\program files\Electronic Arts\BattleForgeBeta\BattleForge.exe:BattleForge™
"{64F891EB-FAA7-4E90-88F3-90BED8EDAA93}"= TCP:c:\program files\Electronic Arts\BattleForgeBeta\BattleForge.exe:BattleForge™
"TCP Query User{13E4CF60-9FEB-4AFE-A79C-90D404FF8D7E}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{B9F069D4-EB99-4DED-ACFC-ECC94559C104}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{34D73F4D-AC4E-4611-B0F2-64BF4E0580AE}"= UDP:c:\program files\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe:TwonkyMedia
"{05B33B5C-B2C8-4776-A2BA-80859DBEE39D}"= TCP:c:\program files\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe:TwonkyMedia
"{573D6D43-4D33-4FB7-971A-BE949CC7E598}"= UDP:c:\program files\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe:TwonkyMediaServer
"{18A382DE-B01A-4562-AE9F-D3AFD309820C}"= TCP:c:\program files\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe:TwonkyMediaServer
"TCP Query User{B9E0A639-F5A7-423B-AD3F-79D7FC8F66EF}f:\\w_aio_wiigag\\games\\worms forts under siege\\wf.exe"= UDP:f:\w_aio_wiigag\games\worms forts under siege\wf.exe:WF
"UDP Query User{7DAA91B0-6196-4D2E-932A-5764CD39C573}f:\\w_aio_wiigag\\games\\worms forts under siege\\wf.exe"= TCP:f:\w_aio_wiigag\games\worms forts under siege\wf.exe:WF
"TCP Query User{CA42588F-9891-4B9E-B267-327CBB40A81C}c:\\users\\isabelle\\desktop\\valentin_jeu\\w_aio_wiigag\\games\\worms forts under siege\\wf.exe"= UDP:c:\users\isabelle\desktop\valentin_jeu\w_aio_wiigag\games\worms forts under siege\wf.exe:wf.exe
"UDP Query User{08BBC594-382A-4426-9832-4B7266D0FD6D}c:\\users\\isabelle\\desktop\\valentin_jeu\\w_aio_wiigag\\games\\worms forts under siege\\wf.exe"= TCP:c:\users\isabelle\desktop\valentin_jeu\w_aio_wiigag\games\worms forts under siege\wf.exe:wf.exe
"{D94FA427-E507-4473-A11E-CA33C397C0B8}"= UDP:c:\program files\TeamViewer\Version4\TeamViewer.exe:Teamviewer Remote Control Application
"{8036F6C1-73C9-436D-9F72-F22EE7086C10}"= TCP:c:\program files\TeamViewer\Version4\TeamViewer.exe:Teamviewer Remote Control Application
"{E4E0FCD2-39A1-4F9D-947C-2296B325BD30}"= UDP:c:\users\Isabelle\AppData\Local\Temp\7zSA2EA.tmp\SymNRT.exe:Norton Removal Tool
"{59BFB5C8-B69D-4B96-9DD8-B18C6E97E51E}"= TCP:c:\users\Isabelle\AppData\Local\Temp\7zSA2EA.tmp\SymNRT.exe:Norton Removal Tool
"{74B8C7CD-02E5-46F6-8753-0A1CDFD6540B}"= UDP:c:\users\Isabelle\AppData\Local\Temp\7zS3B88.tmp\SymNRT.exe:Norton Removal Tool
"{579D762A-03AD-46EA-86FB-F5D5A6A8F395}"= TCP:c:\users\Isabelle\AppData\Local\Temp\7zS3B88.tmp\SymNRT.exe:Norton Removal Tool
"{0FA87370-FA96-4C8E-A1DA-A7C1CD5EA644}"= UDP:c:\users\Isabelle\AppData\Local\Temp\7zS9AFC.tmp\SymNRT.exe:Norton Removal Tool
"{2B8644AE-F6D1-4273-B22C-A6688A2C4B2F}"= TCP:c:\users\Isabelle\AppData\Local\Temp\7zS9AFC.tmp\SymNRT.exe:Norton Removal Tool
"{1A73EA85-FFCD-4B90-9FC0-E5576A436038}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"{0CA3295F-5886-4AA2-A6E1-BF65E2372569}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [02/11/2006 10:35 22016]
R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [30/07/2009 17:29 185640]
R3 FETND6V;VIA Rhine Family Fast Ethernet Adapter Driver;c:\windows\System32\drivers\fetnd6v.sys [22/09/2008 04:20 43520]
R3 S3GIGP;S3GIGP;c:\windows\System32\drivers\VTGKModeDX32.sys [28/08/2007 08:34 842752]
S2 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HsfXAudioService REG_MULTI_SZ HsfXAudioService
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.fr/
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} - hxxps://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
FF - ProfilePath - c:\users\Isabelle\AppData\Roaming\Mozilla\Firefox\Profiles\zzzzzs0s.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.
.
------- File Associations -------
.
vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
jsefile\shell\open2\command=%SystemRoot%\System32\CScript.exe "%1" %*
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-10 01:27
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe 1????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\audiodg.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\McAfee\Common Framework\FrameworkService.exe
c:\program files\McAfee\VirusScan Enterprise\Mcshield.exe
c:\program files\McAfee\VirusScan Enterprise\VsTskMgr.exe
c:\program files\McAfee\Common Framework\naPrdMgr.exe
c:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
c:\windows\System32\drivers\XAudio.exe
c:\program files\McAfee\Common Framework\Mctray.exe
c:\program files\Apoint2K\ApMsgFwd.exe
c:\program files\Apoint2K\ApntEx.exe
c:\program files\Nokia\PC Connectivity Solution\ServiceLayer.exe
c:\program files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\Nokia\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\windows\System32\conime.exe
.
**************************************************************************
.
Completion time: 2009-08-09 1:32 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-09 23:32

Pre-Run: 3 460 624 384 octets libres
Post-Run: 3 524 190 208 octets libres

329 --- E O F --- 2009-08-06 23:45

Désolé pour le retard et merci pour les liens =)

silverone1

Que dit McAfee virus scan 8.5 si tu relances un scan ?

---
Au besoin, fais ce scan en ligne ...

Clique sur J' accepte > Démarrer l' analyse, etc ...

Une fois le scan achevé, sauvegarde le rapport et poste-le.

Tuto : http://forum.pcastuces.com/bitdefender_online_scanner___tutoriel-f31s2.htm

PS : désactive McAfee le temps du scan ...

Alors Quand je l'ai remis il ne détectait plus rien
La je suis en train de le scanner

Je suis en pleine analyse il me faut 2heurs pour tout faire mais actuellement ca ne détecte plus ce virus.

Merci =)