[Résolu] infecté par un virus

Bonjour
j'ai un petit soucis avec mes images. En effet quand je clic dessus on me dis que l'extension de fichier .jpg a disparu, depuis quelques jours. J'ai posté un sujet dans le forum "windows & logiciel" et on m'a fait effectuer un scaner avec RSIT. Il se trouve qu'apparemment je suis infecté.
Merci de votre aide
je suis sous vista service pack 2

bonjour, peux-tu poster ton rapport RSIT stp ?

Voila les rapports après scan

Logfile of random's system information tool 1.06 (written by random/random)
Run by Romain at 2009-10-10 12:02:32
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2
System drive C: has 164 GB (72%) free of 228 GB
Total RAM: 1976 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:25, on 10/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEDE.EXE
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Users\Romain\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
G:\IUFMaquiCLE\aquiCLElanceur\lanceur.exe
G:\Apps\cafe\cafe.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Users\Romain\Desktop\RSIT.exe
C:\Program Files\trend micro\Romain.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c(...)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [EPSON SX100 Series] C:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\windows\TEMP\E_SE530.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\Romain\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - c:\Program Files\ActivIdentity\ActivClient\accoca.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Service Google Update (gupdate1ca339354e3da58) (gupdate1ca339354e3da58) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: rpcnetp - Unknown owner - C:\windows\System32\rpcnetp.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 13939 bytes

======Scheduled tasks folder======

C:\windows\tasks\EasyShare Registration Task.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\User_Feed_Synchronization-{768322FE-490D-4257-B87A-45FBD857C137}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
BHO_Startup Class - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2008-05-02 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-26 255600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-03 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-07-09 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2008-05-21 58128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-26 255600]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008-04-21 197904]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2008-03-19 3842048]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-05-14 177456]
"PTHOSTTR"=c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2008-05-08 238984]
"Persistence"=C:\windows\system32\igfxpers.exe [2008-06-10 145944]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2008-05-12 318488]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2008-06-10 150040]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-18 178712]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"HP Software Update"=c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-09 54840]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2008-06-10 170520]
"File Sanitizer"=C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2008-05-02 10244096]
"CognizanceTS"=c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2008-05-21 24848]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-07-10 195072]
"accrdsub"=c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-05-16 293168]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-08-26 122368]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-04 149280]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1314816]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-21 305440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-05-23 39408]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden []
"EPSON SX100 Series"=C:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE [2008-02-05 188928]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Notification de cadeaux MSN.lnk - C:\Users\Romain\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2008-05-21 208896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{45fa923d-2c01-11de-b1a7-806e6f6e6963}]
shell\AutoRun\command - E:\EPSETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ef0538c8-b56e-11de-aa54-00226483545d}]
shell\AutoRun\command - G:\start.exe


======File associations======

.js - edit - C:\windows\System32\Notepad.exe %1
.js - open - C:\windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-10-10 12:02:32 ----D---- C:\rsit
2009-10-10 12:02:32 ----D---- C:\Program Files\trend micro
2009-10-10 11:18:26 ----D---- C:\Users\Romain\AppData\Roaming\EPSON
2009-10-09 19:25:36 ----SHD---- C:\Config.Msi
2009-10-09 18:44:47 ----D---- C:\ProgramData\Kaspersky Lab
2009-10-09 17:47:11 ----D---- C:\ProgramData\UDL
2009-10-09 17:46:31 ----D---- C:\Program Files\Epson Software
2009-10-09 17:45:41 ----D---- C:\Program Files\ABBYY FineReader 6.0 Sprint
2009-10-09 17:44:00 ----A---- C:\windows\system32\PICSDK2.dll
2009-10-09 17:44:00 ----A---- C:\windows\system32\PICSDK.ini
2009-10-09 17:44:00 ----A---- C:\windows\system32\PICSDK.dll
2009-10-09 17:44:00 ----A---- C:\windows\system32\PICEntry.dll
2009-10-09 17:44:00 ----A---- C:\windows\system32\EpPicPrt.dll
2009-10-09 17:43:59 ----A---- C:\windows\system32\EPPicMgr.dll
2009-10-09 17:41:17 ----A---- C:\windows\system32\E_DCINST.DLL
2009-10-09 17:41:12 ----A---- C:\windows\system32\E_FLBEDE.DLL
2009-10-09 17:41:10 ----A---- C:\windows\system32\E_FD4BEDE.DLL
2009-10-09 17:40:59 ----D---- C:\ProgramData\EPSON
2009-10-09 17:40:07 ----A---- C:\windows\system32\escwiad.dll
2009-10-09 17:40:06 ----D---- C:\Program Files\epson
2009-10-09 17:39:42 ----A---- C:\windows\CDESX100DEFGIPS.ini
2009-10-08 18:37:10 ----D---- C:\ProgramData\McAfee Security Scan
2009-10-08 18:37:09 ----D---- C:\Program Files\McAfee Security Scan
2009-10-07 19:58:58 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-10-07 13:15:54 ----D---- C:\Users\Romain\AppData\Roaming\Yahoo!
2009-10-07 13:15:54 ----D---- C:\ProgramData\Yahoo! Companion
2009-10-07 13:15:53 ----D---- C:\Program Files\Yahoo!
2009-10-07 13:15:50 ----D---- C:\Program Files\Recuva
2009-10-02 19:43:40 ----N---- C:\windows\system32\MpSigStub.exe
2009-09-29 20:02:51 ----A---- C:\windows\myClean.bat
2009-09-26 08:39:04 ----D---- C:\Program Files\iPod
2009-09-26 08:39:02 ----D---- C:\Program Files\iTunes
2009-09-25 18:10:38 ----D---- C:\Users\Romain\AppData\Roaming\Mozilla
2009-09-12 09:18:38 ----D---- C:\windows\system32\eu-ES
2009-09-12 09:18:38 ----D---- C:\windows\system32\ca-ES
2009-09-12 09:18:37 ----D---- C:\windows\system32\vi-VN
2009-09-11 18:59:26 ----D---- C:\Program Files\Utilitaire de configuration iPhone
2009-09-11 18:58:23 ----A---- C:\windows\system32\GEARAspi.dll
2009-09-11 18:57:19 ----D---- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-11 18:55:01 ----D---- C:\Program Files\QuickTime

======List of files/folders modified in the last 1 months======

2009-10-10 12:03:39 ----D---- C:\windows\Temp
2009-10-10 12:03:02 ----D---- C:\windows\Prefetch
2009-10-10 12:02:32 ----RD---- C:\Program Files
2009-10-10 12:00:52 ----D---- C:\windows\System32
2009-10-10 12:00:52 ----D---- C:\windows\inf
2009-10-10 12:00:52 ----A---- C:\windows\system32\PerfStringBackup.INI
2009-10-10 10:18:06 ----SHD---- C:\System Volume Information
2009-10-10 09:32:09 ----D---- C:\ProgramData\hpqLog
2009-10-09 21:01:26 ----D---- C:\Users\Romain\AppData\Roaming\vlc
2009-10-09 19:27:54 ----SHD---- C:\windows\Installer
2009-10-09 19:27:28 ----HD---- C:\ProgramData
2009-10-09 19:27:23 ----D---- C:\windows\system32\drivers
2009-10-09 19:26:57 ----D---- C:\windows\system32\catroot
2009-10-09 19:00:05 ----D---- C:\Windows
2009-10-09 17:46:31 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-09 17:40:41 ----D---- C:\windows\system32\catroot2
2009-10-09 17:40:06 ----D---- C:\windows\twain_32
2009-10-07 20:57:56 ----D---- C:\windows\Microsoft.NET
2009-10-07 20:57:19 ----RSD---- C:\windows\assembly
2009-10-07 19:58:23 ----D---- C:\Program Files\Windows Live
2009-10-07 19:55:17 ----D---- C:\Program Files\Microsoft
2009-10-07 18:59:26 ----D---- C:\windows\system32\wbem
2009-10-07 18:50:41 ----D---- C:\windows\Tasks
2009-10-07 18:50:41 ----D---- C:\windows\system32\Tasks
2009-10-07 18:50:41 ----D---- C:\windows\system32\spool
2009-10-07 18:50:41 ----D---- C:\Users\Romain\AppData\Roaming\dvdcss
2009-10-07 18:50:40 ----D---- C:\windows\registration
2009-10-07 18:50:40 ----D---- C:\Program Files\HP Webcam Application
2009-09-29 20:02:34 ----D---- C:\ProgramData\SiteAdvisor
2009-09-26 13:38:44 ----D---- C:\Program Files\Google
2009-09-26 08:39:03 ----D---- C:\Program Files\Common Files\Apple
2009-09-25 18:10:32 ----D---- C:\Program Files\Mozilla Firefox
2009-09-18 22:43:10 ----D---- C:\Users\Romain\AppData\Roaming\Azureus
2009-09-12 18:12:53 ----D---- C:\Users\Romain\AppData\Roaming\Apple Computer
2009-09-12 09:39:06 ----D---- C:\windows\rescache
2009-09-12 09:27:39 ----SHD---- C:\boot
2009-09-12 09:19:52 ----D---- C:\Program Files\Windows Mail
2009-09-12 09:19:52 ----D---- C:\Program Files\Windows Calendar
2009-09-12 09:19:52 ----D---- C:\Program Files\Movie Maker
2009-09-12 09:19:51 ----D---- C:\Program Files\Windows Sidebar
2009-09-12 09:19:51 ----D---- C:\Program Files\Windows Media Player
2009-09-12 09:19:51 ----D---- C:\Program Files\Internet Explorer
2009-09-12 09:19:50 ----D---- C:\Program Files\Windows Collaboration
2009-09-12 09:19:49 ----D---- C:\Program Files\Windows Photo Gallery
2009-09-12 09:19:49 ----D---- C:\Program Files\Common Files\System
2009-09-12 09:19:46 ----D---- C:\windows\servicing
2009-09-12 09:19:46 ----D---- C:\Program Files\Windows Defender
2009-09-12 09:19:35 ----D---- C:\windows\system32\XPSViewer
2009-09-12 09:19:35 ----D---- C:\windows\system32\sk-SK
2009-09-12 09:19:35 ----D---- C:\windows\system32\oobe
2009-09-12 09:19:35 ----D---- C:\windows\system32\lv-LV
2009-09-12 09:19:35 ----D---- C:\windows\system32\ko-KR
2009-09-12 09:19:35 ----D---- C:\windows\system32\hr-HR
2009-09-12 09:19:35 ----D---- C:\windows\system32\et-EE
2009-09-12 09:19:35 ----D---- C:\windows\system32\en-US
2009-09-12 09:19:35 ----D---- C:\windows\system32\el-GR
2009-09-12 09:19:35 ----D---- C:\windows\system32\da-DK
2009-09-12 09:19:35 ----D---- C:\windows\IME
2009-09-12 09:19:35 ----AD---- C:\windows\system32\it-IT
2009-09-12 09:19:35 ----AD---- C:\windows\system32\de-DE
2009-09-12 09:19:34 ----D---- C:\windows\system32\migration
2009-09-12 09:19:34 ----D---- C:\windows\system32\fr
2009-09-12 09:19:30 ----D---- C:\windows\system32\ru-RU
2009-09-12 09:19:30 ----D---- C:\windows\system32\AdvancedInstallers
2009-09-12 09:19:29 ----AD---- C:\windows\system32\fr-FR
2009-09-12 09:19:27 ----D---- C:\windows\system32\sv-SE
2009-09-12 09:19:27 ----D---- C:\windows\system32\setup
2009-09-12 09:19:27 ----D---- C:\windows\system32\he-IL
2009-09-12 09:19:26 ----D---- C:\windows\system32\zh-TW
2009-09-12 09:19:26 ----D---- C:\windows\system32\zh-CN
2009-09-12 09:19:26 ----D---- C:\windows\system32\sr-Latn-CS
2009-09-12 09:19:26 ----D---- C:\windows\system32\SLUI
2009-09-12 09:19:26 ----D---- C:\windows\system32\sl-SI
2009-09-12 09:19:26 ----D---- C:\windows\system32\pt-PT
2009-09-12 09:19:26 ----D---- C:\windows\system32\pl-PL
2009-09-12 09:19:26 ----D---- C:\windows\system32\manifeststore
2009-09-12 09:19:26 ----D---- C:\windows\system32\hu-HU
2009-09-12 09:19:26 ----D---- C:\windows\system32\fi-FI
2009-09-12 09:19:26 ----D---- C:\windows\system32\es-ES
2009-09-12 09:19:26 ----D---- C:\windows\system32\cs-CZ
2009-09-12 09:19:25 ----D---- C:\windows\system32\uk-UA
2009-09-12 09:19:25 ----D---- C:\windows\system32\ro-RO
2009-09-12 09:19:25 ----D---- C:\windows\system32\ja-JP
2009-09-12 09:19:25 ----D---- C:\windows\system32\bg-BG
2009-09-12 09:19:24 ----D---- C:\windows\system32\th-TH
2009-09-12 09:19:23 ----D---- C:\windows\system32\tr-TR
2009-09-12 09:19:22 ----D---- C:\windows\system32\nb-NO
2009-09-12 09:19:22 ----D---- C:\windows\system32\migwiz
2009-09-12 09:19:22 ----D---- C:\windows\system32\lt-LT
2009-09-12 09:19:22 ----D---- C:\windows\system32\ar-SA
2009-09-12 09:19:22 ----AD---- C:\windows\system32\nl-NL
2009-09-12 09:19:21 ----D---- C:\windows\system32\pt-BR
2009-09-12 09:18:45 ----RSD---- C:\windows\Fonts
2009-09-12 09:18:44 ----D---- C:\windows\AppPatch
2009-09-12 09:18:37 ----D---- C:\windows\system32\Boot
2009-09-12 09:16:13 ----D---- C:\windows\winsxs
2009-09-11 18:58:23 ----DC---- C:\windows\system32\DRVSTORE
2009-09-11 17:35:06 ----A---- C:\windows\system32\rpcnetp.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2008-05-14 12496]
R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2009-07-13 28520]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2009-08-18 55656]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2008-04-07 34664]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2008-04-11 382464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2008-03-21 1207288]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HBtnKey;HBtnKey; C:\windows\system32\DRIVERS\cpqbttn.sys [2008-04-14 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2008-05-21 2369536]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2008-04-10 1804160]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk60x86.sys [2008-01-17 298496]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;Pilote de scanneur USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-16 182576]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2007-10-19 86016]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-05-14 34184]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-14 256512]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-02 77824]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2008-04-07 24936]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-18 354840]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-04-16 165192]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S2 gupdate1ca339354e3da58;Service Google Update (gupdate1ca339354e3da58); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-12 133104]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S2 rpcnetp;rpcnetp; C:\windows\System32\rpcnetp.exe []
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-23 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2008-03-24 74384]

-----------------EOF-----------------

Et voila le deuxième

info.txt logfile of random's system information tool 1.06 2009-10-10 12:06:30

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\InstallShield Installation Information\{69333A04-5134-40A5-A055-9166A7AA1EC8}\setup.exe -runfromtemp -l0x0009 -removeonly
2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
ActivClient 6.1 x86-->MsiExec.exe /I{AC194855-F7AC-4D04-B4C9-07BA46FCB697}
ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\windows\system32\Macromed\Flash\uninstall_plugin.exe
Agere Systems HDA Modem-->agrsmdel
aMSN 0.97.2-->C:\Program Files\aMSN\uninstall.exe
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft Print Creations - Album Page-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1AlbumPage
ArcSoft Print Creations - Funhouse-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1Funhouse
ArcSoft Print Creations - Greeting Card-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1GreetingCard
ArcSoft Print Creations - Photo Book-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1PhotoBook
ArcSoft Print Creations - Photo Calendar-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1Calendar
ArcSoft Print Creations - Scrapbook-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1ScrapBook
ArcSoft Print Creations - Slimline Card-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1Slimline
ArcSoft Print Creations-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
BIOS Configuration for HP ProtectTools-->MsiExec.exe /X{A1410161-F615-4B91-A019-FA33833EF00D}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
Credential Manager for HP ProtectTools-->rundll32.exe "c:\Program Files\Hewlett-Packard\IAM\Bin\SetupHelper.dll",ExecMain /Uninstall {0F98662A-EA83-414F-8766-3FCE46A32641}
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Drive Encryption for HP ProtectTools-->MsiExec.exe /I{9DBD8BEE-B3EC-4D82-A81C-0F6250176DCC}
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Epson Easy Photo Print 2-->C:\Program Files\InstallShield Installation Information\{DEDB47A3-C988-4A43-A645-E2CEA571E680}\SETUP.EXE -runfromtemp -l0x040c UNINST -removeonly
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Stylus SX100_TX100 Manuel-->C:\Program Files\EPSON\TPMANUAL\ESSX100_TX100\FRA\USE_G\DOCUNINS.EXE
EPSON SX100 Series Printer Uninstall-->C:\windows\system32\spool\DRIVERS\W32X86\3\E_FINSEDE.EXE /R /APD /P:"EPSON SX100 Series"
ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore-->MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A}
ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSTOOLS-->MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt-->MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
ESU for Microsoft Vista SP1-->MsiExec.exe /I{01F81577-D786-49D7-BAAF-B8A8B44CE251}
fflink-->MsiExec.exe /I{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}
File Sanitizer For HP ProtectTools-->C:\Program Files\InstallShield Installation Information\{789C97CE-9E17-4126-BDF4-11FF458BF705}\setup.exe -runfromtemp -l0x0009 -removeonly
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_1C6952B11521EC25.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{3A05B900-A3E7-11DE-A9B7-005056806466}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP 3D DriveGuard-->MsiExec.exe /X{4C203E35-B5C7-4E35-9834-619668C0FFEE}
HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{420BBA1D-B275-4891-838C-EA88FE87A632}\setup.exe" -l0x9 -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8BB128BE-2670-485D-A221-B00715BCEBCF}\setup.exe" -l0x9 -removeonly
HP Help and Support-->MsiExec.exe /X{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}
HP JavaCard for HP ProtectTools-->MsiExec.exe /I{2086797F-A4BA-4CD3-8104-09B8D39DA5D8}
HP ProtectTools Security Manager Suite-->C:\Windows\Installer\HPPTSuiteInstallEngine.exe /uninstall=C:\Windows\Installer\28035230.msi
HP ProtectTools Security Manager-->MsiExec.exe /I{926F4D5F-C8FC-4FB7-8E09-BCB8A997D1C7}
HP Quick Launch Buttons 6.40 E1-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 -removeonly uninst
HP Software Setup 5.00.A.7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{70CEFEBA-F757-4DBE-8A21-027C326137CE}\SETUP.EXE" -l0x9
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guides 0108-->MsiExec.exe /I{B79DB290-9F72-4B20-9776-848D7832705B}
HP Wallpaper-->MsiExec.exe /I{F173C2B3-296F-458C-98FF-1676A42EBA02}
HP Webcam Application-->C:\Program Files\InstallShield Installation Information\{154E4F71-DFC0-4B31-8D99-F97615031B02}\setup.exe -runfromtemp -l0x040c -removeonly
HP Webcam-->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x040c -removeonly
HP Wireless Assistant-->MsiExec.exe /I{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}
HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Graphics Media Accelerator Driver-->C:\windows\system32\igxpun.exe -uninstall
Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
InterVideo DVD Check-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D97A4A7-C274-4B63-86D9-07A33435F505}\setup.exe" REMOVEALL
InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes-->MsiExec.exe /I{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
kgcbaby-->MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
kgchday-->MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
kgchlwn-->MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
kgcinvt-->MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
kgckids-->MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
kgcmove-->MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
kgcvday-->MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
Logiciel Kodak EasyShare-->C:\ProgramData\Kodak\EasyShareSetup\$SETUP_140001_54a5c1\Setup.exe /APR-REMOVE
McAfee Security Scan-->"C:\Program Files\McAfee Security Scan\uninstall.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0410-0000-0000000FF1CE} /uninstall {0A75DA12-55CB-4DE5-8B6A-74D97847204E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {89C8E56A-90D8-4598-B0E6-EB28F6270E07}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Access MUI (Italian) 2007-->MsiExec.exe /X{90120000-0015-0410-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}
Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Excel MUI (Italian) 2007-->MsiExec.exe /X{90120000-0016-0410-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Italian) 2007-->MsiExec.exe /X{90120000-001A-0410-0000-0000000FF1CE}
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {C76C02F1-B07F-4974-876A-A18DEC9887C8}
Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Italian) 2007-->MsiExec.exe /X{90120000-0018-0410-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Italian) 2007-->MsiExec.exe /X{90120000-002C-0410-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Italian) 2007-->MsiExec.exe /X{90120000-0019-0410-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (Italian) 2007-->MsiExec.exe /X{90120000-006E-0410-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word 2007 Help - Aggiornamento (KB963665)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}
Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (Italian) 2007-->MsiExec.exe /X{90120000-001B-0410-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
MobileMe Control Panel-->MsiExec.exe /I{3AC54383-31D1-4907-961B-B12CBB1D0AE8}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (2.0.0.20)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
netbrdg-->MsiExec.exe /I{4537EA4B-F60

re,

Télécharge ComboFix (créé par sUBs) sur ton Bureau

Démarre en mode sans échec : http://forum.telecharger.01net.com/telecharger/virus_et_assimiles/failles_de_(...)

Double clique combofix.exe.

Le scan va démarrer, laisse toi guider.

ComboFix redémarrera ton PC

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse,et nouveau rapport hijackthis

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Voici le rapport ComboFix

ComboFix 09-10-08.04 - Romain 10/10/2009 18:37.1.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.1976.1407 [GMT 2:00]
Lancé depuis: c:\users\Romain\Desktop\ComboFix.exe
AV: Total Protection *On-access scanning disabled* (Outdated) {8C354827-2F54-4E28-90DC-AD391E77808C}
SP: AVG Anti-Spyware *disabled* (Updated) {48F2E28D-ED66-4646-9C11-B3055B0AF604}
SP: Total Protection *disabled* (Outdated) {DEBE977C-6A5A-49CC-937A-9E8BB3202260}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-494838625-689439657-2431413892-500
c:\$recycle.bin\S-1-5-21-70900338-3400025044-3150093166-500
c:\windows\Installer\28035230.msi
c:\windows\system32\oem27.inf

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-09-10 au 2009-10-10 ))))))))))))))))))))))))))))))))))))
.

2009-10-10 17:18 . 2009-10-10 17:20 -------- d-----w- c:\users\Romain\AppData\Local\temp
2009-10-10 17:18 . 2009-10-10 17:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-10-10 11:19 . 2009-10-10 11:19 -------- d-----w- c:\users\Romain\AppData\Local\Apps
2009-10-10 10:02 . 2009-10-10 11:59 -------- d-----w- c:\program files\trend micro
2009-10-10 10:02 . 2009-10-10 10:06 -------- d-----w- C:\rsit
2009-10-10 09:18 . 2009-10-10 09:18 -------- d-----w- c:\users\Romain\AppData\Roaming\EPSON
2009-10-09 16:44 . 2009-10-09 17:29 -------- d-----w- c:\programdata\Kaspersky Lab
2009-10-09 15:47 . 2009-10-09 15:47 -------- d-----w- c:\programdata\UDL
2009-10-09 15:46 . 2009-10-09 15:46 -------- d-----w- c:\program files\Epson Software
2009-10-09 15:45 . 2009-10-09 15:46 -------- d-----w- c:\program files\ABBYY FineReader 6.0 Sprint
2009-10-09 15:44 . 2007-06-21 22:10 501912 ----a-w- c:\windows\system32\PICSDK2.dll
2009-10-09 15:44 . 2006-10-30 22:10 120992 ----a-w- c:\windows\system32\EpPicPrt.dll
2009-10-09 15:44 . 2006-10-19 22:10 80024 ----a-w- c:\windows\system32\PICSDK.dll
2009-10-09 15:44 . 2006-10-19 22:10 108704 ----a-w- c:\windows\system32\PICEntry.dll
2009-10-09 15:44 . 2005-05-31 22:20 111932 ----a-w- c:\windows\system32\EPPICPrinterDB.dat
2009-10-09 15:44 . 2004-03-03 04:10 1120 ----a-w- c:\windows\system32\EPPICPresetData_IT.dat
2009-10-09 15:44 . 2004-03-03 04:10 1107 ----a-w- c:\windows\system32\EPPICPresetData_GE.dat
2009-10-09 15:41 . 2007-04-10 10:06 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2009-10-09 15:41 . 2007-12-07 11:08 86528 ----a-w- c:\windows\system32\E_FLBEDE.DLL
2009-10-09 15:41 . 2007-12-07 11:01 78848 ----a-w- c:\windows\system32\E_FD4BEDE.DLL
2009-10-09 15:40 . 2009-10-09 15:43 -------- d-----w- c:\programdata\EPSON
2009-10-09 15:40 . 2007-07-12 22:00 71680 ----a-w- c:\windows\system32\escwiad.dll
2009-10-09 15:40 . 2009-10-09 15:44 -------- d-----w- c:\program files\epson
2009-10-08 16:37 . 2009-10-08 16:37 -------- d-----w- c:\programdata\McAfee Security Scan
2009-10-08 16:37 . 2009-10-08 16:37 -------- d-----w- c:\program files\McAfee Security Scan
2009-10-07 17:58 . 2009-10-07 17:58 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2009-10-07 11:31 . 2009-10-07 11:31 -------- d-----w- c:\users\Romain\AppData\Local\www.shadowexplorer.com
2009-10-07 11:15 . 2009-10-07 11:15 -------- d-----w- c:\users\Romain\AppData\Roaming\Yahoo!
2009-10-07 11:15 . 2009-10-07 11:15 -------- d-----w- c:\programdata\Yahoo! Companion
2009-10-07 11:15 . 2009-10-07 11:15 -------- d-----w- c:\program files\Yahoo!
2009-10-07 11:15 . 2009-10-07 11:15 -------- d-----w- c:\program files\Recuva
2009-10-02 17:43 . 2009-10-01 08:29 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-09-29 18:02 . 2008-04-21 06:28 384 ----a-w- c:\windows\myClean.bat
2009-09-26 06:39 . 2009-09-26 06:39 -------- d-----w- c:\program files\iPod
2009-09-26 06:39 . 2009-09-26 06:39 -------- d-----w- c:\program files\iTunes
2009-09-25 16:10 . 2009-09-25 16:10 0 ----a-w- c:\windows\nsreg.dat
2009-09-25 16:10 . 2009-09-25 16:10 -------- d-----w- c:\users\Romain\AppData\Local\Mozilla
2009-09-12 07:18 . 2009-09-12 07:19 -------- d-----w- c:\windows\system32\ca-ES
2009-09-12 07:18 . 2009-09-12 07:19 -------- d-----w- c:\windows\system32\eu-ES
2009-09-12 07:18 . 2009-09-12 07:19 -------- d-----w- c:\windows\system32\vi-VN
2009-09-11 16:59 . 2009-09-11 16:59 -------- d-----w- c:\program files\Utilitaire de configuration iPhone
2009-09-11 16:58 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-09-11 16:58 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-09-11 16:57 . 2009-09-11 16:58 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-11 16:55 . 2009-09-11 16:55 -------- d-----w- c:\program files\QuickTime

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-10 16:33 . 2008-04-16 14:18 713542 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-10 16:33 . 2008-04-16 14:18 143542 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-10 16:22 . 2008-07-12 06:00 -------- d-----w- c:\programdata\hpqLog
2009-10-10 16:09 . 2009-08-03 12:44 -------- d-----w- c:\users\Romain\AppData\Roaming\vlc
2009-10-09 15:46 . 2008-07-12 06:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-07 17:58 . 2009-04-18 15:27 -------- d-----w- c:\program files\Windows Live
2009-10-07 17:55 . 2009-04-18 15:28 -------- d-----w- c:\program files\Microsoft
2009-10-07 16:50 . 2009-04-19 13:11 -------- d-----w- c:\users\Romain\AppData\Roaming\dvdcss
2009-10-07 16:50 . 2009-04-18 12:33 -------- d-----w- c:\program files\HP Webcam Application
2009-09-29 18:02 . 2008-07-12 06:44 -------- d-----w- c:\programdata\SiteAdvisor
2009-09-26 11:38 . 2009-05-23 10:38 -------- d-----w- c:\program files\Google
2009-09-26 06:39 . 2009-04-18 17:10 -------- d-----w- c:\program files\Common Files\Apple
2009-09-18 20:43 . 2009-04-19 09:45 -------- d-----w- c:\users\Romain\AppData\Roaming\Azureus
2009-09-12 16:12 . 2009-04-18 17:14 -------- d-----w- c:\users\Romain\AppData\Roaming\Apple Computer
2009-09-12 07:19 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-09-12 07:19 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-12 07:19 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-09-12 07:19 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2009-09-12 07:19 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-09-12 07:19 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-09-11 15:35 . 2009-05-28 17:57 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2009-09-10 21:39 . 2009-04-18 15:33 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-10 21:39 . 2008-07-12 06:20 -------- d-----w- c:\programdata\Microsoft Help
2009-09-04 15:06 . 2009-04-18 12:40 119488 ----a-w- c:\users\Romain\AppData\Local\GDIPFONTCACHEV1.DAT
2009-09-04 10:04 . 2009-09-04 10:04 -------- d-----w- c:\users\Romain\AppData\Roaming\OpenOffice.org
2009-09-04 09:27 . 2009-09-04 09:27 -------- d-----w- c:\program files\JRE
2009-09-04 09:27 . 2009-09-04 09:26 -------- d-----w- c:\program files\OpenOffice.org 3
2009-09-04 09:26 . 2009-07-06 16:38 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-04 09:26 . 2008-07-12 06:45 -------- d-----w- c:\program files\Java
2009-09-01 11:51 . 2008-07-12 06:26 -------- d-----w- c:\program files\Microsoft Works
2009-08-29 00:27 . 2009-09-03 07:45 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 . 2009-09-03 07:45 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-28 17:42 . 2009-08-28 17:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-08-28 17:42 . 2009-08-28 17:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-21 09:51 . 2009-07-21 10:09 -------- d-----w- c:\program files\Safari
2009-08-18 21:10 . 2009-04-19 09:45 -------- d-----w- c:\program files\Vuze
2009-08-18 15:01 . 2009-07-01 18:49 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-14 16:27 . 2009-09-10 16:32 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 15:53 . 2009-09-10 16:32 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 13:49 . 2009-09-10 16:32 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49 . 2009-09-10 16:32 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49 . 2009-09-10 16:32 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49 . 2009-09-10 16:32 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49 . 2009-09-10 16:32 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49 . 2009-09-10 16:32 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 13:49 . 2009-09-10 16:32 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 13:48 . 2009-09-10 16:32 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 13:48 . 2009-09-10 16:32 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-21 21:52 . 2009-07-29 09:36 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-29 09:36 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-29 09:36 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-29 09:36 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 13:54 . 2009-08-12 09:53 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-15 12:40 . 2009-08-12 09:53 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-07-15 12:39 . 2009-08-12 09:53 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-15 12:39 . 2009-08-12 09:53 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-15 12:39 . 2009-08-12 09:53 7680 ----a-w- c:\windows\system32\spwmp.dll
2008-12-17 23:04 . 2009-09-25 16:10 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2008-12-17 23:04 . 2009-09-25 16:10 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2008-12-17 23:04 . 2009-09-25 16:10 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2008-12-17 23:04 . 2009-09-25 16:10 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2008-12-17 23:04 . 2009-09-25 16:10 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
2008-07-12 06:15 . 2008-07-12 06:15 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DVD Check.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\DVD Check.lnk
backup=c:\windows\pss\DVD Check.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logiciel Kodak EasyShare.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logiciel Kodak EasyShare.lnk
backup=c:\windows\pss\Logiciel Kodak EasyShare.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan.lnk
backup=c:\windows\pss\McAfee Security Scan.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Romain^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Notification de cadeaux MSN.lnk]
path=c:\users\Romain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk
backup=c:\windows\pss\Notification de cadeaux MSN.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Romain^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk]
path=c:\users\Romain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
backup=c:\windows\pss\OpenOffice.org 3.1.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):c8,57,46,46,7a,33,ca,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{319782E2-34B3-45B7-B054-B8217A61A57B}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{9BB4B7C3-C16C-402D-8BD0-C63AA589DC62}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{FB0F7F84-3004-462B-8888-816B0934580B}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{2A0E5750-2616-4E70-9B10-44862AD0E329}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{D598A99C-0589-4652-84D5-2F6D45275A34}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"{4747B846-6C58-42FB-BB52-5E313CB83054}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{DCFB18CE-75CC-4AE3-BCEA-863B4B5FC5DB}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{E5FF84F7-CEFF-4E84-87E3-4DB9E6AFB809}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live FolderShare

R0 SbAlg;SbAlg;c:\windows\System32\drivers\SbAlg.sys [14/05/2008 02:36 51376]
R0 SbFsLock;SbFsLock;c:\windows\System32\drivers\SbFsLock.sys [14/05/2008 02:36 12928]
R1 RsvLock;RsvLock;c:\windows\System32\drivers\rsvlock.sys [14/05/2008 02:36 12496]
S2 rpcnetp;rpcnetp;c:\windows\System32\rpcnetp.exe --> c:\windows\System32\rpcnetp.exe [?]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [21/01/2008 04:32 179712]
S4 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient\accoca.exe [16/05/2007 01:08 182576]
S4 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [01/07/2009 20:49 108289]
S4 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [21/01/2008 04:33 21504]
S4 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [21/01/2008 04:33 21504]
S4 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [12/07/2008 08:46 193840]
S4 gupdate1ca339354e3da58;Service Google Update (gupdate1ca339354e3da58);c:\program files\Google\Update\GoogleUpdate.exe [12/09/2009 12:25 133104]
S4 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [14/05/2008 22:41 34184]
S4 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [14/05/2008 02:35 256512]
S4 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [12/07/2008 08:45 77824]
S4 hpsrv;HP Service;c:\windows\System32\hpservice.exe [07/04/2008 20:13 24936]
S4 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [12/07/2008 08:13 576024]
S4 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [08/04/2008 14:12 1112560]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
Cognizance REG_MULTI_SZ ASBroker ASChannel
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contenu du dossier 'Tâches planifiées'

2009-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-12 10:25]

2009-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-12 10:25]

2009-10-10 c:\windows\Tasks\User_Feed_Synchronization-{768322FE-490D-4257-B87A-45FBD857C137}.job
- c:\windows\system32\msfeedssync.exe [2009-07-29 20:13]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c(...)
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - hxxps://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
FF - ProfilePath - c:\users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.allow_platform_file_picker", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("signon.prefillForms", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.enabled", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}&");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}&");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-10 19:19
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(616)
c:\windows\system32\APSHook.dll

- - - - - - - > 'lsass.exe'(660)
c:\windows\system32\APSHook.dll
c:\program files\Hewlett-Packard\IAM\bin\ASWLNPkg.dll
c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll
.
Heure de fin: 2009-10-10 19:21
ComboFix-quarantined-files.txt 2009-10-10 17:21

Avant-CF: 173 017 116 672 octets libres
Après-CF: 175 172 730 880 octets libres

264 --- E O F --- 2009-10-08 16:14


et voici le rapport Hijackthis

Logfile of random's system information tool 1.06 (written by random/random)
Run by Romain at 2009-10-10 19:27:03
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2
System drive C: has 167 GB (73%) free of 228 GB
Total RAM: 1976 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:27:13, on 10/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\windows\Explorer.EXE
C:\windows\system32\Dwm.exe
c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEDE.EXE
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Users\Romain\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\windows\system32\SearchFilterHost.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Romain\Desktop\RSIT.exe
C:\Program Files\trend micro\Romain.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c(...)
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [EPSON SX100 Series] C:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\windows\TEMP\E_SE530.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\Romain\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O20 - AppInit_DLLs: C:\Windows\System32\APSHook.dll APSHook.dll
O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - c:\Program Files\ActivIdentity\ActivClient\accoca.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Service Google Update (gupdate1ca339354e3da58) (gupdate1ca339354e3da58) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: rpcnetp - Unknown owner - C:\windows\System32\rpcnetp.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 13257 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\User_Feed_Synchronization-{768322FE-490D-4257-B87A-45FBD857C137}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
BHO_Startup Class - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2008-05-02 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-26 255600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-03 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-07-09 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2008-05-21 58128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-26 255600]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008-04-21 197904]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-04 149280]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1314816]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2008-03-19 3842048]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-05-14 177456]
"PTHOSTTR"=c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2008-05-08 238984]
"Persistence"=C:\windows\system32\igfxpers.exe [2008-06-10 145944]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2008-05-12 318488]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-21 305440]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2008-06-10 150040]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-18 178712]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"HP Software Update"=c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-09 54840]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2008-06-10 170520]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-08-26 122368]
"File Sanitizer"=C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2008-05-02 10244096]
"CognizanceTS"=c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2008-05-21 24848]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-07-10 195072]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
"accrdsub"=c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-05-16 293168]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-05-23 39408]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden []
"EPSON SX100 Series"=C:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE [2008-02-05 188928]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Notification de cadeaux MSN.lnk - C:\Users\Romain\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\APSHook.dll APSHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2008-05-21 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2009-10-10 19:21:44 ----D---- C:\windows\temp
2009-10-10 19:21:42 ----SHD---- C:\$RECYCLE.BIN
2009-10-10 19:21:39 ----A---- C:\ComboFix.txt
2009-10-10 18:28:47 ----A---- C:\windows\zip.exe
2009-10-10 18:28:47 ----A---- C:\windows\SWXCACLS.exe
2009-10-10 18:28:47 ----A---- C:\windows\SWSC.exe
2009-10-10 18:28:47 ----A---- C:\windows\SWREG.exe
2009-10-10 18:28:47 ----A---- C:\windows\sed.exe
2009-10-10 18:28:47 ----A---- C:\windows\NIRCMD.exe
2009-10-10 18:28:47 ----A---- C:\windows\grep.exe
2009-10-10 18:27:44 ----D---- C:\windows\ERDNT
2009-10-10 18:27:33 ----D---- C:\ComboFix
2009-10-10 18:24:50 ----D---- C:\Qoobox
2009-10-10 12:02:32 ----D---- C:\rsit
2009-10-10 12:02:32 ----D---- C:\Program Files\trend micro
2009-10-10 11:18:26 ----D---- C:\Users\Romain\AppData\Roaming\EPSON
2009-10-09 19:25:36 ----D---- C:\Config.Msi
2009-10-09 18:44:47 ----D---- C:\ProgramData\Kaspersky Lab
2009-10-09 17:47:11 ----D---- C:\ProgramData\UDL
2009-10-09 17:46:31 ----D---- C:\Program Files\Epson Software
2009-10-09 17:45:41 ----D---- C:\Program Files\ABBYY FineReader 6.0 Sprint
2009-10-09 17:44:00 ----A---- C:\windows\system32\PICSDK2.dll
2009-10-09 17:44:00 ----A---- C:\windows\system32\PICSDK.ini
2009-10-09 17:44:00 ----A---- C:\windows\system32\PICSDK.dll
2009-10-09 17:44:00 ----A---- C:\windows\system32\PICEntry.dll
2009-10-09 17:44:00 ----A---- C:\windows\system32\EpPicPrt.dll
2009-10-09 17:43:59 ----A---- C:\windows\system32\EPPicMgr.dll
2009-10-09 17:41:17 ----A---- C:\windows\system32\E_DCINST.DLL
2009-10-09 17:41:12 ----A---- C:\windows\system32\E_FLBEDE.DLL
2009-10-09 17:41:10 ----A---- C:\windows\system32\E_FD4BEDE.DLL
2009-10-09 17:40:59 ----D---- C:\ProgramData\EPSON
2009-10-09 17:40:07 ----A---- C:\windows\system32\escwiad.dll
2009-10-09 17:40:06 ----D---- C:\Program Files\epson
2009-10-09 17:39:42 ----A---- C:\windows\CDESX100DEFGIPS.ini
2009-10-08 18:37:10 ----D---- C:\ProgramData\McAfee Security Scan
2009-10-08 18:37:09 ----D---- C:\Program Files\McAfee Security Scan
2009-10-07 19:58:58 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-10-07 13:15:54 ----D---- C:\Users\Romain\AppData\Roaming\Yahoo!
2009-10-07 13:15:54 ----D---- C:\ProgramData\Yahoo! Companion
2009-10-07 13:15:53 ----D---- C:\Program Files\Yahoo!
2009-10-07 13:15:50 ----D---- C:\Program Files\Recuva
2009-10-02 19:43:40 ----N---- C:\windows\system32\MpSigStub.exe
2009-09-29 20:02:51 ----A---- C:\windows\myClean.bat
2009-09-26 08:39:04 ----D---- C:\Program Files\iPod
2009-09-26 08:39:02 ----D---- C:\Program Files\iTunes
2009-09-25 18:10:38 ----D---- C:\Users\Romain\AppData\Roaming\Mozilla
2009-09-12 09:18:38 ----D---- C:\windows\system32\eu-ES
2009-09-12 09:18:38 ----D---- C:\windows\system32\ca-ES
2009-09-12 09:18:37 ----D---- C:\windows\system32\vi-VN
2009-09-11 18:59:26 ----D---- C:\Program Files\Utilitaire de configuration iPhone
2009-09-11 18:58:23 ----A---- C:\windows\system32\GEARAspi.dll
2009-09-11 18:57:19 ----D---- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-11 18:55:01 ----D---- C:\Program Files\QuickTime

======List of files/folders modified in the last 1 months======

2009-10-10 19:25:41 ----D---- C:\windows\Prefetch
2009-10-10 19:24:54 ----D---- C:\ProgramData\hpqLog
2009-10-10 19:22:39 ----D---- C:\windows\pss
2009-10-10 19:21:44 ----D---- C:\windows\System32
2009-10-10 19:21:44 ----D---- C:\Windows
2009-10-10 19:20:46 ----D---- C:\windows\Tasks
2009-10-10 19:19:51 ----A---- C:\windows\system.ini
2009-10-10 19:17:30 ----SHD---- C:\windows\Installer
2009-10-10 18:55:40 ----D---- C:\windows\system32\drivers
2009-10-10 18:55:40 ----D---- C:\windows\AppPatch
2009-10-10 18:55:40 ----D---- C:\Program Files\Common Files
2009-10-10 18:33:38 ----D---- C:\windows\inf
2009-10-10 18:33:38 ----A---- C:\windows\system32\PerfStringBackup.INI
2009-10-10 18:27:03 ----AD---- C:\windows\system32\fr-FR
2009-10-10 18:09:05 ----D---- C:\Users\Romain\AppData\Roaming\vlc
2009-10-10 12:02:32 ----RD---- C:\Program Files
2009-10-10 10:18:06 ----SHD---- C:\System Volume Information
2009-10-09 19:27:28 ----D---- C:\ProgramData
2009-10-09 19:26:57 ----D---- C:\windows\system32\catroot
2009-10-09 17:46:31 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-09 17:40:41 ----D---- C:\windows\system32\catroot2
2009-10-09 17:40:06 ----D---- C:\windows\twain_32
2009-10-07 20:57:56 ----D---- C:\windows\Microsoft.NET
2009-10-07 20:57:19 ----RSD---- C:\windows\assembly
2009-10-07 19:58:23 ----D---- C:\Program Files\Windows Live
2009-10-07 19:55:17 ----D---- C:\Program Files\Microsoft
2009-10-07 18:59:26 ----D---- C:\windows\system32\wbem
2009-10-07 18:50:41 ----D---- C:\windows\system32\Tasks
2009-10-07 18:50:41 ----D---- C:\windows\system32\spool
2009-10-07 18:50:41 ----D---- C:\Users\Romain\AppData\Roaming\dvdcss
2009-10-07 18:50:40 ----D---- C:\windows\registration
2009-10-07 18:50:40 ----D---- C:\Program Files\HP Webcam Application
2009-09-29 20:02:34 ----D---- C:\ProgramData\SiteAdvisor
2009-09-26 13:38:44 ----D---- C:\Program Files\Google
2009-09-26 08:39:03 ----D---- C:\Program Files\Common Files\Apple
2009-09-25 18:10:32 ----D---- C:\Program Files\Mozilla Firefox
2009-09-18 22:43:10 ----D---- C:\Users\Romain\AppData\Roaming\Azureus
2009-09-12 18:12:53 ----D---- C:\Users\Romain\AppData\Roaming\Apple Computer
2009-09-12 09:39:06 ----D---- C:\windows\rescache
2009-09-12 09:27:39 ----D---- C:\boot
2009-09-12 09:19:52 ----D---- C:\Program Files\Windows Mail
2009-09-12 09:19:52 ----D---- C:\Program Files\Windows Calendar
2009-09-12 09:19:52 ----D---- C:\Program Files\Movie Maker
2009-09-12 09:19:51 ----D---- C:\Program Files\Windows Sidebar
2009-09-12 09:19:51 ----D---- C:\Program Files\Windows Media Player
2009-09-12 09:19:51 ----D---- C:\Program Files\Internet Explorer
2009-09-12 09:19:50 ----D---- C:\Program Files\Windows Collaboration
2009-09-12 09:19:49 ----D---- C:\Program Files\Windows Photo Gallery
2009-09-12 09:19:49 ----D---- C:\Program Files\Common Files\System
2009-09-12 09:19:46 ----D---- C:\windows\servicing
2009-09-12 09:19:46 ----D---- C:\Program Files\Windows Defender
2009-09-12 09:19:35 ----D---- C:\windows\system32\XPSViewer
2009-09-12 09:19:35 ----D---- C:\windows\system32\sk-SK
2009-09-12 09:19:35 ----D---- C:\windows\system32\oobe
2009-09-12 09:19:35 ----D---- C:\windows\system32\lv-LV
2009-09-12 09:19:35 ----D---- C:\windows\system32\ko-KR
2009-09-12 09:19:35 ----D---- C:\windows\system32\hr-HR
2009-09-12 09:19:35 ----D---- C:\windows\system32\et-EE
2009-09-12 09:19:35 ----D---- C:\windows\system32\en-US
2009-09-12 09:19:35 ----D---- C:\windows\system32\el-GR
2009-09-12 09:19:35 ----D---- C:\windows\system32\da-DK
2009-09-12 09:19:35 ----D---- C:\windows\IME
2009-09-12 09:19:35 ----AD---- C:\windows\system32\it-IT
2009-09-12 09:19:35 ----AD---- C:\windows\system32\de-DE
2009-09-12 09:19:34 ----D---- C:\windows\system32\migration
2009-09-12 09:19:34 ----D---- C:\windows\system32\fr
2009-09-12 09:19:30 ----D---- C:\windows\system32\ru-RU
2009-09-12 09:19:30 ----D---- C:\windows\system32\AdvancedInstallers
2009-09-12 09:19:27 ----D---- C:\windows\system32\sv-SE
2009-09-12 09:19:27 ----D---- C:\windows\system32\setup
2009-09-12 09:19:27 ----D---- C:\windows\system32\he-IL
2009-09-12 09:19:26 ----D---- C:\windows\system32\zh-TW
2009-09-12 09:19:26 ----D---- C:\windows\system32\zh-CN
2009-09-12 09:19:26 ----D---- C:\windows\system32\sr-Latn-CS
2009-09-12 09:19:26 ----D---- C:\windows\system32\SLUI
2009-09-12 09:19:26 ----D---- C:\windows\system32\sl-SI
2009-09-12 09:19:26 ----D---- C:\windows\system32\pt-PT
2009-09-12 09:19:26 ----D---- C:\windows\system32\pl-PL
2009-09-12 09:19:26 ----D---- C:\windows\system32\manifeststore
2009-09-12 09:19:26 ----D---- C:\windows\system32\hu-HU
2009-09-12 09:19:26 ----D---- C:\windows\system32\fi-FI
2009-09-12 09:19:26 ----D---- C:\windows\system32\es-ES
2009-09-12 09:19:26 ----D---- C:\windows\system32\cs-CZ
2009-09-12 09:19:25 ----D---- C:\windows\system32\uk-UA
2009-09-12 09:19:25 ----D---- C:\windows\system32\ro-RO
2009-09-12 09:19:25 ----D---- C:\windows\system32\ja-JP
2009-09-12 09:19:25 ----D---- C:\windows\system32\bg-BG
2009-09-12 09:19:24 ----D---- C:\windows\system32\th-TH
2009-09-12 09:19:23 ----D---- C:\windows\system32\tr-TR
2009-09-12 09:19:22 ----D---- C:\windows\system32\nb-NO
2009-09-12 09:19:22 ----D---- C:\windows\system32\migwiz
2009-09-12 09:19:22 ----D---- C:\windows\system32\lt-LT
2009-09-12 09:19:22 ----D---- C:\windows\system32\ar-SA
2009-09-12 09:19:22 ----AD---- C:\windows\system32\nl-NL
2009-09-12 09:19:21 ----D---- C:\windows\system32\pt-BR
2009-09-12 09:18:45 ----RSD---- C:\windows\Fonts
2009-09-12 09:18:37 ----D---- C:\windows\system32\Boot
2009-09-12 09:16:13 ----D---- C:\windows\winsxs
2009-09-11 18:58:23 ----DC---- C:\windows\system32\DRVSTORE
2009-09-11 17:35:06 ----A---- C:\windows\system32\rpcnetp.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2008-05-14 12496]
R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2009-07-13 28520]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2009-08-18 55656]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2008-04-07 34664]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2008-04-11 382464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2008-03-21 1207288]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HBtnKey;HBtnKey; C:\windows\system32\DRIVERS\cpqbttn.sys [2008-04-14 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2008-05-21 2369536]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2008-04-10 1804160]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk60x86.sys [2008-01-17 298496]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 catchme;catchme; \??\C:\Users\Romain\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;Pilote de scanneur USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-16 182576]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2007-10-19 86016]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-05-14 34184]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-14 256512]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-02 77824]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2008-04-07 24936]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-18 354840]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-04-16 165192]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S2 gupdate1ca339354e3da58;Service Google Update (gupdate1ca339354e3da58); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-12 133104]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S2 rpcnetp;rpcnetp; C:\windows\System32\rpcnetp.exe []
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-23 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2008-03-24 74384]

-----------------EOF-----------------

Merci de ton aide.

re,

Télécharge Malwarebytes' Anti-Malware (MBAM)

Branche tous les supports amovibles que tu possèdes avant de faire ce scan (clé usb/disque dur externe etc)

* Double clique sur le fichier téléchargé pour lancer le processus d'installation.
* Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
* Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
* Sélectionne "Exécuter un examen complet"
* Clique sur "Rechercher"
* L'analyse démarre, le scan est relativement long, c'est normal.
* A la fin de l'analyse, un message s'affiche :


Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
* Ferme tes navigateurs.
* Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
* MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

Voila le rapport Malwarebyte



Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2941
Windows 6.0.6002 Service Pack 2

11/10/2009 10:29:33
mbam-log-2009-10-11 (10-29-33).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|)
Eléments examinés: 272200
Temps écoulé: 57 minute(s), 10 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

bonjour, c'est bon signe

Fais un scan BitDefender en ligne (avec Internet Explorer pas avec Firefox !)
(clique à gauche sur scan online).
et post moi le rapport de ce scan ici une fois terminé !

Petit problème !
BitDefender échoue dans la mise à jour, et donc je n'arrive pas à lancer le scan. En aurais-tu un autre ?
Merci

http://www.pandasecurity.com/activescan/index/?track=1&Lang=fr-FR&IdP(...)

voila le rapport qu'il en est ressorti



;***********************************************************************************************************************************************************************************
ANALYSIS: 2009-10-11 14:51:11
PROTECTIONS: 1
MALWARE: 35
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
AntiVir Desktop Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@casalemedia[2].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\romain@doubleclick[2].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\romain@atdmt[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\romain@atdmt[3].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.atdmt.com/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.atdmt.com/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.atdmt.com/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.atdmt.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\romain@tradedoubler[1].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\romain@tradedoubler[3].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.tradedoubler.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@247realmedia[2].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@fastclick[1].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@tribalfusion[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@mediaplex[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.mediaplex.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\romain@mediaplex[1].txt
00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@revenue[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@com[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@xiti[1].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@azjmp[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@statcounter[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@ad.yieldmanager[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@apmebf[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@serving-sys[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\romain@serving-sys[2].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@bs.serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.bs.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\romain@bs.serving-sys[2].txt
00168095 Cookie/888 TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@888[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\romain@weborama[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@weborama[1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@adtech[1].txt
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@fl01.ct2.comclick[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@advertising[1].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@statse.webtrendslive[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\romain@ads.pointroll[2].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.ads.pointroll.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@overture[1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@questionmarket[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@zedo[2].txt
00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@metriweb[1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\romain@bluestreak[2].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.bluestreak.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@adrevolver[2].txt
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@adultfriendfinder[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@go[1].txt
00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@searchportal.information[1].txt
00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@adviva[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\836sa97o.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\romain@smartadserver[2].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Cookies\Low\romain@smartadserver[1].txt
;===================================================================================================================================================================================
SUSPECTS
Sent Location
;===================================================================================================================================================================================
No C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description
;===================================================================================================================================================================================
;===================================================================================================================================================================================

nickel

tu n'as plus de souci ?

oui tout roule, mais j'ai toujours l'extension de fichier .jpg qui à disparu, donc j'ouvre mes image avec un autre programme
Merci en tout cas !!

pour les extensions jpg regarde par ici :
http://www.informatruc.com/forum/topic19002.html

sinon ton pc est propre

Edite ton premier post avec et mets [resolu] devant le titre de ton sujet.

Voici quelques liens pour des conseils en sécurité :

Mon site Web sur la sécurité informatique !
Comment protéger son PC pour éviter d'être infecté ?



Prends le temps de les lire car elles sont très enréchissantes.

Rapporte ton infection pour faire condamner les auteurs sur Malware-Complaints. Pour faire entendre notre voix, nous devons être le plus nombreux possibles, alors rapporte ton infection :

- Voir les règles de Malware-Complaints
- Enregistre sur le forum à partir du bouton register en haut :
Si tu as plus de 13 ans, choisir : I Agree to these terms and am over or exactly 13 years of age
Si tu as moins, clic sur : I Agree to these terms and am under 13 years of age

Après t'être enregistré, tu as sous forme de liste les types d'infection (Look2Me, Smitfraud, SpywareQuake etc..) : http://malwarecomplaints.info/phpBB3/viewtopic.php?f=10&t=553

Si le malware que tu as eu n'apparaît pas dans la liste, ou si tu ne sais pas quelle infection tu as eu, créé un message dans le sujet "Autres infections" conforme au règle du forum (age, ville, département etc..) : http://malwarecomplaints.info/phpBB3/viewtopic.php?f=10&t=123

au plaisir et bonne soirée