Rapport combofix : avis [Résolu]

Bonjour, d'après ce rapport, voyez vous quelque choses d'anormal ?
ComboFix 09-08-30.04 - Adeline 01/09/2009 21:54.3.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.1919.1216 [GMT 2:00]
Running from: c:\users\Adeline\Desktop\antitruc.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((( Files Created from 2009-08-01 to 2009-09-01 )))))))))))))))))))))))))))))))
.
2009-09-01 20:01 . 2009-09-01 20:01 -------- d-----w- c:\users\Adeline\AppData\Local\temp
2009-09-01 20:01 . 2009-09-01 20:01 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-09-01 20:01 . 2009-09-01 20:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-01 20:01 . 2009-09-01 20:01 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2009-09-01 18:57 . 2009-09-01 18:57 -------- d-----w- c:\users\Adeline\AppData\Local\Symantec
2009-09-01 17:40 . 2009-08-27 08:00 84912 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090901.006\NAVENG.SYS
2009-09-01 17:40 . 2009-08-27 08:00 371248 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090901.006\EECTRL.SYS
2009-09-01 17:40 . 2009-08-27 08:00 2747440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090901.006\CCERASER.DLL
2009-09-01 17:40 . 2009-08-27 08:00 259440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090901.006\ECMSVR32.DLL
2009-09-01 17:40 . 2009-08-27 08:00 177520 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090901.006\NAVENG32.DLL
2009-09-01 17:40 . 2009-08-27 08:00 1647984 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090901.006\NAVEX32A.DLL
2009-09-01 17:40 . 2009-08-27 08:00 1323568 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090901.006\NAVEX15.SYS
2009-09-01 17:40 . 2009-08-27 08:00 102448 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090901.006\ERASER.SYS
2009-09-01 17:16 . 2009-09-01 17:59 -------- d-----w- c:\users\Adeline\AppData\Roaming\vlc
2009-09-01 17:01 . 2009-09-01 17:01 -------- d-----w- c:\program files\VLC
2009-08-31 19:58 . 2009-08-31 21:32 -------- d-----w- c:\users\Adeline\AppData\Local\Microsoft Games
2009-08-30 17:50 . 2009-08-30 17:50 -------- d-----w- c:\users\Adeline\AppData\Local\Microsoft Help
2009-08-30 17:40 . 2009-06-15 15:21 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-08-30 17:40 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-08-30 17:40 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2009-08-30 17:40 . 2009-06-15 15:22 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-08-30 17:40 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-08-30 17:40 . 2009-06-15 15:24 270848 ----a-w- c:\windows\system32\schannel.dll
2009-08-30 17:40 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe
2009-08-30 17:40 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll
2009-08-30 15:42 . 2009-08-30 15:42 -------- d-----w- c:\program files\CCleaner
2009-08-29 19:20 . 2009-08-29 19:20 -------- d-----w- c:\users\Adeline\AppData\Roaming\Microsoft Web Folders
2009-08-29 18:50 . 2009-08-29 18:55 -------- d-----r- C:\cd1
2009-08-29 16:48 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-08-29 16:48 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-08-27 16:54 . 2009-07-11 23:15 533880 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\Scxpx86.dll
2009-08-27 16:54 . 2009-07-11 23:15 451960 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSxpx86.dll
2009-08-27 16:54 . 2009-07-11 23:15 276344 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSXpx86.sys
2009-08-27 16:54 . 2009-07-11 23:15 397360 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSviA64.sys
2009-08-27 16:54 . 2009-07-11 23:15 293424 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSvix86.sys
2009-08-27 16:34 . 2009-08-27 16:34 -------- d--h--w- c:\windows\PIF
2009-08-27 15:15 . 2009-08-27 15:15 1961720 ----a-w- c:\users\Adeline\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-08-27 15:09 . 2009-07-03 16:09 25136 ----a-r- c:\windows\system32\drivers\SymIMV.sys
2009-08-27 15:08 . 2009-08-27 15:08 124464 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-08-27 15:08 . 2009-08-27 16:34 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-08-27 15:08 . 2009-08-27 15:08 -------- d-----w- c:\program files\Symantec
2009-08-27 10:46 . 2009-08-27 10:46 -------- d-----w- C:\utility
2009-08-27 10:45 . 2008-01-21 02:32 -------- d-----w- C:\PerfLogs
2009-08-26 15:45 . 2009-09-01 19:50 -------- d-----w- c:\users\Adeline\Tracing
2009-08-26 15:20 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-08-26 15:11 . 2009-08-26 15:11 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2009-08-26 14:47 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll
2009-08-26 14:47 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-08-26 14:47 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2009-08-26 14:47 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll
2009-08-26 14:47 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe
2009-08-26 14:47 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2009-08-26 14:47 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2009-08-26 14:25 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll
2009-08-26 14:25 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll
2009-08-26 14:25 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-08-26 14:24 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2009-08-26 14:24 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll
2009-08-26 14:20 . 2009-08-26 14:20 5132604 ----a-w- c:\programdata\ArcSoft\Global Deploy\CheckUpdate\ArcConnect.exe
2009-08-26 07:54 . 2009-08-25 00:25 -------- d-----w- c:\windows\RE_DRIVE
2009-08-25 20:26 . 2009-08-25 20:26 -------- d-----w- c:\users\Administrator
2009-08-25 01:24 . 2009-08-25 01:24 -------- d-----w- c:\users\Adeline\Sauvegarde cours du 17.06.09
2009-08-25 01:16 . 2009-08-25 01:16 -------- d-----w- c:\users\Adeline\Sauvegarde cours du 28.04.09
2009-08-25 01:13 . 2009-06-15 15:24 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-08-25 01:13 . 2009-06-15 15:20 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-08-25 01:13 . 2009-06-15 15:20 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-08-25 01:13 . 2009-06-15 12:52 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-08-25 01:13 . 2009-04-21 11:55 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-08-25 01:11 . 2009-07-14 13:00 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-08-25 01:11 . 2009-07-14 12:58 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-08-25 01:11 . 2009-07-14 12:59 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-08-25 01:11 . 2009-07-14 10:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-08-25 01:11 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-08-25 01:00 . 2008-10-16 21:09 51224 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-25 01:00 . 2008-10-16 21:09 43544 ----a-w- c:\windows\system32\wups2.dll
2009-08-25 01:00 . 2008-10-16 21:13 1809944 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-25 01:00 . 2008-10-16 20:56 1524736 ----a-w- c:\windows\system32\wucltux.dll
2009-08-25 01:00 . 2008-10-16 21:12 561688 ----a-w- c:\windows\system32\wuapi.dll
2009-08-25 01:00 . 2008-10-16 21:08 34328 ----a-w- c:\windows\system32\wups.dll
2009-08-25 01:00 . 2008-10-16 20:55 83456 ----a-w- c:\windows\system32\wudriver.dll
2009-08-25 01:00 . 2008-10-16 12:08 162064 ----a-w- c:\windows\system32\wuwebv.dll
2009-08-25 01:00 . 2008-10-16 11:56 31232 ----a-w- c:\windows\system32\wuapp.exe
2009-08-25 00:36 . 2009-08-25 00:36 -------- d-----w- c:\users\Adeline\AppData\Roaming\Ulead Systems
2009-08-24 22:55 . 2009-08-24 22:55 -------- d-----w- c:\users\Adeline\AppData\Local\Toshiba
2009-08-24 22:55 . 2009-08-24 22:55 -------- d-----w- c:\users\Adeline\AppData\Local\ArcSoft
2009-08-24 22:54 . 2009-08-24 22:54 -------- d-----w- c:\users\Adeline\AppData\Roaming\ATI
2009-08-24 22:54 . 2009-08-24 22:54 -------- d-----w- c:\users\Adeline\AppData\Local\ATI
2009-08-24 22:54 . 2009-08-27 15:10 -------- d-----w- c:\users\Adeline\AppData\Roaming\ArcSoft
2009-08-24 22:54 . 2009-08-25 20:03 -------- d-----w- c:\users\Adeline\AppData\Local\Adobe
2009-08-24 22:54 . 2009-05-21 02:06 32850120 ----a-w- c:\windows\system32\msi1366.scr
2009-08-24 22:38 . 2009-08-31 21:48 -------- d-----w- c:\programdata\Ulead Systems
2009-08-24 22:38 . 2009-08-30 16:13 -------- d-----w- c:\users\Adeline\AppData\Local\VirtualStore
2009-08-24 22:35 . 2009-08-26 15:29 -------- d-----w- c:\program files\Microsoft Silverlight
2009-08-24 22:34 . 2009-08-24 22:34 -------- dc----w- c:\windows\system32\DRVSTORE
2009-08-24 22:34 . 2008-12-08 15:01 55264 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2009-08-24 22:34 . 2009-08-24 22:34 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-08-24 22:33 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2009-08-24 22:33 . 2009-08-24 22:33 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-08-24 22:31 . 2009-08-24 22:35 -------- d-----w- c:\program files\Microsoft
2009-08-24 22:31 . 2009-08-24 22:31 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-08-24 22:31 . 2009-08-24 22:34 -------- d-----w- c:\program files\Windows Live
2009-08-24 22:29 . 2009-08-24 22:29 -------- d-----w- c:\program files\Common Files\Windows Live
2009-08-24 22:29 . 2009-08-30 17:58 70880 ----a-w- c:\users\Adeline\AppData\Local\GDIPFONTCACHEV1.DAT
2009-08-24 22:24 . 2009-08-31 21:41 -------- d-----w- c:\users\Adeline\AppData\Local\Microsoft
2009-08-24 22:24 . 2009-08-31 21:33 -------- d-----w- c:\users\Adeline
2009-08-24 22:24 . 2009-08-24 22:24 -------- d-sh--we c:\users\Adeline\AppData\Local\Temporary Internet Files
2009-08-24 22:24 . 2009-08-24 22:24 -------- d-sh--we c:\users\Adeline\AppData\Local\Historique
2009-08-24 22:24 . 2009-08-24 22:24 -------- d-sh--we c:\users\Adeline\AppData\Local\Application Data
2009-08-24 22:24 . 2006-11-02 12:37 -------- d-----w- c:\users\Adeline\AppData\Roaming\Media Center Programs
2009-08-24 22:21 . 2009-08-24 22:21 -------- d-----w- c:\programdata\WindowsSearch
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-01 19:55 . 2009-07-02 21:06 669566 ----a-w- c:\windows\system32\perfh00C.dat
2009-09-01 19:55 . 2009-07-02 21:06 123556 ----a-w- c:\windows\system32\perfc00C.dat
2009-08-31 21:48 . 2009-07-02 21:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-31 17:09 . 2009-07-03 18:14 -------- d-----w- c:\programdata\Microsoft Help
2009-08-30 19:34 . 2009-07-03 00:35 -------- d-----w- c:\program files\MSI
2009-08-30 17:49 . 2009-07-03 18:23 -------- d-----w- c:\program files\Microsoft Works
2009-08-27 15:12 . 2009-07-03 16:13 -------- d-----w- c:\programdata\ArcSoft
2009-08-27 15:11 . 2009-07-03 16:10 -------- d-----w- c:\programdata\Symantec
2009-08-27 15:10 . 2009-07-03 16:09 -------- d-----w- c:\programdata\Norton
2009-08-27 15:08 . 2009-08-27 15:08 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-08-27 15:08 . 2009-08-27 15:08 10635 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-08-26 15:22 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-08-24 22:25 . 2009-08-24 22:25 6 ----a-w- c:\windows\silentOnce.tmp
2009-07-21 21:52 . 2009-08-25 01:12 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-08-25 01:12 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-08-25 01:12 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-08-25 01:12 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 14:35 . 2009-08-25 01:12 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-11 23:15 . 2009-07-03 16:09 293424 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys
2009-07-11 23:15 . 2009-07-03 16:09 276344 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSXpx86.sys
2009-07-11 23:15 . 2009-07-03 16:09 397360 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSviA64.sys
2009-07-11 23:15 . 2009-07-03 16:09 533880 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll
2009-07-11 23:15 . 2009-07-03 16:09 451960 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.dll
2009-07-03 21:36 . 2009-07-03 21:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-07-03 21:16 . 2009-07-03 21:16 -------- d-----w- c:\programdata\TOSHIBA
2009-07-03 20:44 . 2009-07-03 20:44 -------- d-----w- c:\program files\Toshiba
2009-07-03 16:09 . 2009-07-03 16:09 1294680 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\SyKnAppS.dll
2009-07-03 16:09 . 2009-07-03 16:09 136840 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\patch25.dll
2009-07-03 16:09 . 2009-07-03 16:09 791920 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll
2009-07-03 16:09 . 2009-07-03 16:09 288104 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CPDOEM\CPDOEM.dll
2009-06-10 12:12 . 2009-08-25 01:12 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-10 12:07 . 2009-08-25 01:12 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-06-05 12:34 . 2009-08-25 01:12 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-06-05 10:08 . 2009-08-25 01:12 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-06-04 12:34 . 2009-08-25 01:12 2066432 ----a-w- c:\windows\system32\mstscax.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-02 3882312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-14 61440]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-16 7547424]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2009-06-12 2064384]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-07-10 195072]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2008-08-27 79232]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-9-19 2356552]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"HideClock"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{C37CF850-F779-4F9D-A344-BF9AB15E29D1}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{274D7C5F-B662-4607-A31E-20140E218368}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{538635E4-A3A1-4273-8A3A-4DA5BC9C6CCD}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\NIS\1000000.07D\SymEFA.sys [03/07/2009 18:09 309296]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\drivers\NIS\1000000.07D\BHDrvx86.sys [03/07/2009 18:09 254512]
R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\NIS\1000000.07D\ccHPx86.sys [03/07/2009 18:09 362544]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSvix86.sys [27/08/2009 18:54 293424]
R2 Micro Star SCM;Micro Star SCM;c:\program files\System Control Manager\MSIService.exe [03/07/2009 18:02 159744]
R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [03/07/2009 18:09 115560]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [27/08/2009 10:00 102448]
R3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\System32\drivers\netr28.sys [03/07/2009 23:30 451584]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\NIS\1000000.07D\symndisv.sys [03/07/2009 18:09 40496]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\System32\drivers\ArcSoftKsUFilter.sys [03/07/2009 18:14 17920]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [25/08/2009 00:34 55264]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [08/12/2008 17:01 533344]
S3 rtl819xp;Realtek RTL8190\RTL8192E 802.11n Wireless LAN (Mini-)PCI NIC NT Driver;c:\windows\System32\drivers\rtl819xp.sys [03/07/2009 22:40 496640]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-09-01 c:\windows\Tasks\User_Feed_Synchronization-{E1B5B4C6-0423-48FC-AFE5-84BCFDE5B5F4}.job
- c:\windows\system32\msfeedssync.exe [2009-08-25 20:13]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-01 22:01
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
c:\users\Adeline\AppData\Local\Temp\catchme.dll 53248 bytes executable
scan completed successfully
hidden files: 1
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2009-09-01 22:05
ComboFix-quarantined-files.txt 2009-09-01 20:04
Pre-Run: 12 234 620 928 octets libres
Post-Run: 12 196 691 968 octets libres
258 --- E O F --- 2009-08-31 17:10
MERCI