Virus trojan downloader:Xin32/Renos.JS

Bonjour,

Windows Defender m'indique sans cesse que j'ai ce virus. Alors j'ai cherché une solution sur internet et j'ai trouvé un post d'une personne ayant eu le même virus que moi ( https://forums.commentcamarche.net/forum/affich-14707732-trojan-downloader-win32-renos-js ). J'ai fait ce qu'à dit Guillaume5188 dans un de ces post, en passant directement "à la vitesse supérieure" comme il a dit xD, c'est à dire en utilisant Combofix. Voici le résultat du scan, j'aurais voulu que quelqu'un m'aide puisque je ne vois pas trop ce que ce scan indique xD. Merci de votre aide.

ComboFix 09-10-11.01 - Marine 12/10/2009 12:05.1.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3069.1962 [GMT 2:00]
Lancé depuis: c:\users\Marine\Desktop\asdehi.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-746032363-521491259-186433594-500
c:\$recycle.bin\S-1-5-21-949307296-2436508327-2108572893-500
c:\users\Marine\AppData\Local\Temp\7zS2346\HPHNDUSVC.dll
c:\windows\Installer\2585c.msi
c:\windows\Installer\25860.msi
c:\windows\Installer\25864.msi
c:\windows\Installer\25868.msi
c:\windows\Installer\2586c.msi
c:\windows\Installer\292398.msi
c:\windows\msa.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_HPHNDUSVC

((((((((((((((((((((((((((((( Fichiers créés du 2009-09-12 au 2009-10-12 ))))))))))))))))))))))))))))))))))))
.

2009-10-12 10:16 . 2009-10-12 10:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-10-11 15:11 . 2009-10-11 15:11 -------- d-----w- c:\program files\CCleaner
2009-10-03 14:41 . 2009-10-03 14:43 -------- d-----w- c:\users\Marine\AppData\Roaming\Apple Computer
2009-10-03 14:41 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-10-03 14:41 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-10-03 14:40 . 2009-10-03 14:40 -------- d-----w- c:\program files\iPod
2009-10-03 14:40 . 2009-10-03 14:41 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-10-03 14:40 . 2009-10-03 14:41 -------- d-----w- c:\program files\iTunes
2009-10-03 14:39 . 2009-10-03 14:39 -------- d-----w- c:\program files\Bonjour
2009-10-03 14:22 . 2009-10-01 08:29 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-03 14:22 . 2009-10-03 14:22 -------- d-----w- c:\program files\Audacity
2009-09-25 14:28 . 2009-09-25 14:29 -------- d-----w- c:\users\Marine\AppData\Roaming\Epson
2009-09-25 14:18 . 2009-09-25 14:18 -------- d-----w- c:\programdata\UDL
2009-09-25 14:15 . 2009-09-25 14:17 -------- d-----w- c:\program files\Epson Software
2009-09-25 14:14 . 2009-09-25 14:15 -------- d-----w- c:\program files\ABBYY FineReader 6.0 Sprint
2009-09-25 13:22 . 2006-10-30 22:10 71840 ----a-w- c:\windows\system32\EPPicMgr.dll
2009-09-25 13:22 . 2004-03-03 04:10 4943 ----a-w- c:\windows\system32\EPPICPattern6.dat
2009-09-25 13:22 . 2004-03-03 04:10 31053 ----a-w- c:\windows\system32\EPPICPattern131.dat
2009-09-25 13:22 . 2004-03-03 04:10 27417 ----a-w- c:\windows\system32\EPPICPattern121.dat
2009-09-25 13:22 . 2004-03-03 04:10 26154 ----a-w- c:\windows\system32\EPPICPattern1.dat
2009-09-25 13:22 . 2004-03-03 04:10 24903 ----a-w- c:\windows\system32\EPPICPattern3.dat
2009-09-25 13:22 . 2004-03-03 04:10 21390 ----a-w- c:\windows\system32\EPPICPattern5.dat
2009-09-25 13:22 . 2004-03-03 04:10 20148 ----a-w- c:\windows\system32\EPPICPattern2.dat
2009-09-25 13:22 . 2004-03-03 04:10 11811 ----a-w- c:\windows\system32\EPPICPattern4.dat
2009-09-25 13:22 . 2009-09-25 13:22 -------- d-----w- c:\users\Marine\AppData\Roaming\InstallShield
2009-09-25 13:22 . 2007-04-10 18:06 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2009-09-25 13:21 . 2008-08-08 19:09 86528 ----a-w- c:\windows\system32\E_FLBFBE.DLL
2009-09-25 13:21 . 2007-12-07 19:01 78848 ----a-w- c:\windows\system32\E_FD4BFBE.DLL
2009-09-25 13:21 . 2009-09-25 14:20 -------- d-----w- c:\programdata\EPSON
2009-09-25 13:21 . 2008-11-16 22:00 342016 ----a-w- c:\windows\system32\eswiaud.dll
2009-09-25 13:21 . 2006-08-25 17:00 9216 ----a-w- c:\windows\system32\escdev.dll
2009-09-25 13:20 . 2009-09-25 14:16 -------- d-----w- c:\program files\epson
2009-09-23 16:42 . 2009-09-23 16:42 -------- d-----w- c:\programdata\WEBREG
2009-09-23 16:36 . 2009-09-23 16:42 -------- d-----w- c:\users\Marine\AppData\Roaming\HP
2009-09-23 15:09 . 2008-10-23 18:35 271704 ----a-w- c:\windows\system32\hpzids01.dll
2009-09-23 15:08 . 2008-10-24 09:48 118272 ----a-w- c:\windows\system32\hpz3l696.dll
2009-09-23 15:07 . 2009-09-23 15:07 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-09-23 15:03 . 2009-09-23 18:43 -------- d-----w- c:\programdata\HP
2009-09-22 16:10 . 2009-10-03 14:43 -------- d-----w- c:\users\Marine\AppData\Local\Apple Computer
2009-09-22 11:59 . 2009-10-03 14:40 -------- d-----w- c:\programdata\Apple Computer
2009-09-22 11:59 . 2009-09-22 12:00 -------- d-----w- c:\program files\QuickTime
2009-09-22 11:58 . 2009-10-03 14:40 -------- d-----w- c:\program files\Common Files\Apple
2009-09-22 11:58 . 2009-09-22 11:58 -------- d-----w- c:\users\Marine\AppData\Local\Apple
2009-09-22 11:58 . 2009-09-22 11:58 -------- d-----w- c:\program files\Apple Software Update
2009-09-22 11:58 . 2009-09-22 11:58 -------- d-----w- c:\programdata\Apple
2009-09-18 14:30 . 2009-09-18 14:30 -------- d-----w- c:\program files\pdfsam
2009-09-18 14:23 . 2009-09-18 15:30 -------- d-----w- c:\program files\Paint.NET
2009-09-18 14:23 . 2009-09-18 14:25 -------- d-----w- c:\users\Marine\AppData\Local\Paint.NET
2009-09-17 16:04 . 2009-10-12 09:54 -------- d-----w- c:\users\Marine\Tracing
2009-09-17 16:03 . 2009-09-19 14:07 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-17 16:02 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2009-09-17 16:01 . 2009-09-17 16:01 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-09-17 15:59 . 2009-09-17 15:59 -------- d-----w- c:\program files\Microsoft
2009-09-17 15:59 . 2009-09-17 15:59 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-09-17 15:40 . 2009-09-17 15:40 -------- d-----w- c:\program files\Common Files\Windows Live

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-12 08:22 . 2009-07-27 11:59 78608 ----a-w- c:\users\Marine\AppData\Local\GDIPFONTCACHEV1.DAT
2009-10-11 15:38 . 2009-07-31 08:42 -------- d-----w- c:\users\Marine\AppData\Roaming\vlc
2009-10-11 15:16 . 2009-08-08 14:42 -------- d-----w- c:\users\Marine\AppData\Roaming\Azureus
2009-10-11 10:09 . 2009-02-26 15:48 669566 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-11 10:09 . 2009-02-26 15:48 123556 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-04 08:21 . 2009-08-27 20:11 6836 ----a-w- c:\users\Marine\AppData\Local\d3d9caps.dat
2009-09-27 15:48 . 2009-08-14 17:58 -------- d-----w- c:\users\Marine\AppData\Roaming\dvdcss
2009-09-25 14:17 . 2009-02-26 08:07 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-25 14:16 . 2009-02-26 08:07 -------- d-----w- c:\program files\Common Files\InstallShield
2009-09-23 18:44 . 2009-02-26 09:28 -------- d-----w- c:\program files\HP
2009-09-17 16:03 . 2009-07-31 23:41 -------- d-----w- c:\program files\Windows Live
2009-09-17 16:00 . 2009-07-31 23:40 -------- d-----w- c:\program files\MSN Messenger
2009-09-16 14:08 . 2009-08-27 17:44 -------- d-----w- c:\program files\Vuze
2009-09-16 10:59 . 2009-02-26 09:12 -------- d-----w- c:\programdata\CyberLink
2009-09-12 19:16 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-05 07:22 . 2009-09-05 07:22 -------- d-----w- c:\program files\JRE
2009-09-05 07:22 . 2009-07-27 22:54 -------- d-----w- c:\program files\OpenOffice.org 3
2009-09-05 07:02 . 2009-07-27 12:00 -------- d-----w- c:\users\Marine\AppData\Roaming\hewlett-packard
2009-09-05 06:52 . 2009-02-26 08:07 -------- d-----w- c:\programdata\Hewlett-Packard
2009-08-29 00:27 . 2009-09-05 06:50 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 . 2009-09-05 06:50 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-26 18:10 . 2009-08-26 18:07 -------- d-----w- c:\program files\Buildalot 2 Town Of The Year
2009-08-26 11:30 . 2009-08-26 11:30 -------- d-----w- c:\program files\ReflexiveArcade
2009-08-26 11:27 . 2009-08-23 17:18 -------- d-----w- c:\programdata\HipSoft
2009-08-25 19:31 . 2009-02-26 08:36 -------- d-----w- c:\programdata\WildTangent
2009-08-23 17:16 . 2006-11-02 12:37 -------- d-----w- c:\program files\Microsoft Games
2009-08-23 17:14 . 2009-08-23 17:14 -------- d-----w- c:\users\Marine\AppData\Roaming\Microsoft Games
2009-08-23 17:03 . 2009-08-23 17:03 -------- d-----w- c:\users\Marine\AppData\Roaming\Atari
2009-08-23 16:32 . 2009-08-23 16:32 -------- d-----w- c:\users\Marine\AppData\Roaming\FloodLightGames
2009-08-23 16:32 . 2009-08-23 16:32 -------- d-----w- c:\programdata\FloodLightGames
2009-08-22 17:21 . 2009-07-27 22:52 -------- d-----w- c:\program files\eMule
2009-08-20 17:37 . 2009-07-27 22:53 -------- d-----w- c:\program files\Java
2009-08-18 20:55 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-08-18 20:55 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-08-18 20:55 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-08-18 20:55 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-08-18 20:55 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-08-18 20:55 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-08-17 18:24 . 2009-02-26 08:53 -------- d-----w- c:\program files\Microsoft Works
2009-08-17 16:10 . 2009-07-31 23:36 1279456 ----a-w- c:\windows\system32\aswBoot.exe
2009-08-17 16:05 . 2009-07-31 23:36 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-08-17 16:05 . 2009-07-31 23:36 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-08-17 16:05 . 2009-07-31 23:36 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-08-17 16:04 . 2009-07-31 23:37 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-08-17 16:04 . 2009-07-31 23:37 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-08-17 16:02 . 2009-07-31 23:36 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-08-16 15:24 . 2009-08-16 15:21 -------- d-----w- c:\program files\MP3Gain
2009-08-16 14:16 . 2009-08-16 14:16 -------- d-----w- c:\users\Marine\AppData\Roaming\Template
2009-08-16 14:16 . 2009-08-16 14:16 0 ----a-w- c:\users\Marine\AppData\Roaming\wklnhst.dat
2009-08-16 14:11 . 2009-08-16 14:11 -------- d-----w- c:\users\Marine\AppData\Roaming\OpenOffice.org
2009-08-16 11:34 . 2009-08-16 11:34 -------- d-----w- c:\program files\SFR
2009-08-14 16:27 . 2009-09-12 13:27 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 15:53 . 2009-09-12 13:27 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 13:49 . 2009-09-12 13:27 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49 . 2009-09-12 13:27 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49 . 2009-09-12 13:27 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49 . 2009-09-12 13:27 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49 . 2009-09-12 13:27 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 13:49 . 2009-09-12 13:27 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49 . 2009-09-12 13:27 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 13:48 . 2009-09-12 13:27 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 13:48 . 2009-09-12 13:27 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-25 03:23 . 2009-02-26 09:25 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-21 21:52 . 2009-08-03 19:58 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-08-03 19:58 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-08-03 19:58 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-08-03 19:58 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 13:54 . 2009-08-11 18:18 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-15 12:40 . 2009-08-11 18:18 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-07-15 12:39 . 2009-08-11 18:18 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-15 12:39 . 2009-08-11 18:18 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-15 12:39 . 2009-08-11 18:18 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-02-26 16:10 . 2009-02-26 15:51 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"HPAdvisor"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2008-11-13 972080]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-31 39408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-12-04 1410344]
"DVDAgent"="c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-11-28 1148200]
"TSMAgent"="c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-12-25 1316136]
"CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-12-25 189736]
"UCam_Menu"="c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2008-11-14 218408]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2008-11-18 914224]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-11-26 210216]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 206128]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-10-30 210216]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-12-08 432432]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-07-31 122368]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"TVAgent"="c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe" [2009-02-09 206120]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2008-12-04 665424]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-06-03 450652]

c:\users\Marine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):e7,8d,2a,fd,46,20,ca,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{CE27DBDA-2B35-495A-8166-3BE5EDB1866A}"= c:\program files\CyberLink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{E89A2DDD-560B-4D2B-9CC3-F3BBE3A4BAB5}"= c:\program files\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe:HP TouchSmart Music
"{CF29480C-E71F-4860-A87E-0C49C1FEDCF0}"= c:\program files\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe:HP TouchSmart Photo
"{7CEB410E-39EE-42CF-BF62-69213D798182}"= c:\program files\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe:HP TouchSmart Video
"{6172740A-9E4A-441F-BE55-8EEC7CEB9A04}"= c:\program files\Hewlett-Packard\Media\DVD\TSMAgent.exe:HP TouchSmart Media Resident Program
"{66D33D81-5D5B-4AFF-899C-8FD606001205}"= c:\program files\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe:CyberLink Media Service
"{0CA17F76-FA13-483B-BD8B-37A65371C939}"= c:\program files\Hewlett-Packard\Media\DVD\HPDVDSmart.exe:HP MediaSmart DVD
"{ACF9FB23-A67C-48D5-9FA5-7194DEB5A616}"= c:\program files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe:HP TouchSmart Music
"{8ED5D582-462A-48A3-973F-7EB55E17E820}"= c:\program files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe:HP TouchSmart Photo
"{97600DC1-46E4-4C6B-AD6E-3C54B7C5690A}"= c:\program files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe:HP TouchSmart Video
"{1E58530D-4ADD-46FD-B693-8B00E7DF2135}"= c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe:HP TouchSmart Media Resident Program
"{3BDE2C48-F795-4CD4-A97E-9FF594D592CA}"= c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe:CyberLink Media Service
"TCP Query User{91D163D3-F8D9-45BA-AD6A-D501F37D8D76}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{28C5DD7D-C093-4E12-9DC4-F477D4BFBD5E}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{11C29E82-D6DD-4E6C-AAD0-F70E4170780D}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{3DFBDD59-164D-4202-8C28-0D64AFC41BAB}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{E37C3766-5776-49CE-A1CB-4290A0102D1D}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{CAF7FAE3-2B31-4F08-96E6-2CFCC29191EC}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{C6C509BC-0E8D-4CC3-A8A6-9881D2ED5521}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{C8C18CAC-4091-41B9-A62F-AF55FFEB0281}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{51B8440E-43B5-4619-9B40-F296D3423617}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{521653B4-FDD5-41D0-807B-2CCF6EDDDFF4}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{863198BD-1BE5-463C-8C8B-E3651202D183}"= c:\program files\Hewlett-Packard\Media\TV\QP.exe:Quick Play
"{0406DFD3-2F11-46DD-BD16-6104381264D6}"= c:\program files\Hewlett-Packard\Media\TV\QPService.exe:Quick Play Resident Program
"{C4C80746-F5BD-40FF-8416-3D49DF3A5349}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live FolderShare
"{E1A14988-C6A5-4C41-A3CB-6AA735B8953A}"= e:\setup\hpznui01.exe:hpznui01.exe
"{F00B3D4A-EF97-47F1-A5BB-FDDC4DD03D57}"= TCP:427|RPort=427|c:\windows\system32\svchost.exe|Svc=HPSLPSVC:SLP_Service
"{19641700-7F69-4BDB-9C11-D2BFAD5BE09F}"= TCP:427:imprimante
"{C8875246-72A9-4BF1-87CE-DD9103EA1DFE}"= c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{718C7783-5AD2-403F-B640-CD1E21205472}"= c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{7A3C1BF3-2EFD-4159-9514-CD72D91572AB}"= c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{93243AE1-ED48-4B5E-A580-40F29244DB14}"= c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{13591741-EF7E-4AAD-B4D7-4F92D0AD4F88}"= c:\program files\HP\Digital Imaging\bin\hpfccopy.exe:hpfccopy.exe
"{5F1BAEA2-1C54-49E4-8DC5-F0E9456CE180}"= c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{69A8799B-4707-4CE2-B2D3-F05C4C0D6CD4}"= c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{89067836-DF89-40EF-B20E-B360A3D188F0}"= c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{0D4278C6-6756-4348-AC03-C52798DF8A98}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{D5840528-6F9C-4C43-8EAC-1FE350B5F21D}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{D3378DC1-7AED-4506-8566-3A895C846495}"= c:\program files\HP\Digital Imaging\bin\hpqcopy2.exe:hpqcopy2.exe
"{F6BC1567-2626-48DF-AF16-CF0D407C05E0}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{1B529A75-7EDD-407C-AB61-1A48FA11EC1D}"= c:\program files\HP\Digital Imaging\bin\hpqgplgtupl.exe:hpqgplgtupl.exe
"{FA0F444E-17F7-4B90-9EA3-2EC6B3CDBFF8}"= c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe:hpqgpc01.exe
"TCP Query User{1886A52E-20C3-41BD-9467-7322836F7AF3}c:\\program files\\epson software\\event manager\\eeventmanager.exe"= UDP:c:\program files\epson software\event manager\eeventmanager.exe:EEventManager Application
"UDP Query User{10FAA88F-4A4C-44BA-A1CA-6B1DAEC6EB56}c:\\program files\\epson software\\event manager\\eeventmanager.exe"= TCP:c:\program files\epson software\event manager\eeventmanager.exe:EEventManager Application
"{53AEBDB9-FE1C-4F04-8BD4-E9895F5B193D}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{806B3FDD-9D4D-4AD2-B098-48D9752B8FA1}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{A33A9013-A482-4BA9-BC99-304C2D763D8A}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{CDE8A25B-5008-4194-AF34-48133C530105}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [01/08/2009 01:36 114768]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/05/20 03:57];c:\program files\Hewlett-Packard\Media\DVD\000.fcl [28/11/2008 18:04 87536]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\AEstSrv.exe [02/03/2009 18:43 81920]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [01/08/2009 01:36 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [01/08/2009 01:36 53328]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21/01/2008 04:23 21504]
R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [18/03/2008 16:24 19456]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [26/02/2009 11:29 365952]
R2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [09/02/2009 18:14 296320]
R2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [09/02/2009 18:14 116096]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [26/02/2009 10:23 222512]
R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [04/09/2008 19:47 54784]
R3 usbfilter;AMD USB Filter Driver;c:\windows\System32\drivers\usbfilter.sys [20/05/2009 03:17 22072]
S2 Norton Internet Security;Norton Internet Security;"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?]
S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [05/12/2008 13:06 109408]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPHNDUService REG_MULTI_SZ HPHNDUSVC

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Tâches planifiées'
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.facebook.com/home.php?#/Mewine?ref=profile
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Pavilion&pf=cnnb
uInternet Settings,ProxyOverride = *.local
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-12 12:23
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\Ati2evxx.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\stacsv.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\program files\Epson Software\Event Manager\EEventManager.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
.
**************************************************************************
.
Heure de fin: 2009-10-12 12:27 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-10-12 10:26

Avant-CF: 353 377 394 688 octets libres
Après-CF: 353 033 531 392 octets libres

334 --- E O F --- 2009-10-12 08:39