ComboFix 11-01-13.01 - mpc 14/01/2011 12:10:47.1.2 - x86 Microsoft® Windows Vista(TM) Professionnel 6.0.6002.2.1252.33.1036.18.3325.1842 [GMT 1:00] Lancé depuis: c:\users\mpc\Bureau\ComboFix.exe AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} AV: BitDefender Internet Security *Enabled/Updated* {B6898459-9G65-6E98-55DC-78DESDF8956F} FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} SP: Norton Internet Security *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\borderlands\borderlands config editor v2.1.4.exe c:\program files\QUAD Utilities c:\program files\SpeedBit Toolbar\Toolbar\tbhelper.dll c:\program files\SpeedBit Video Downloader\Toolbar\tbhelper.dll c:\users\mpc\AppData\Roaming\Icones\icones_pa.ico c:\users\mpc\GoToAssistDownloadHelper.exe D:\install.exe Une copie infectée de c:\windows\explorer.exe a été trouvée et désinfectée Copie restaurée à partir de - c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2010-12-14 au 2011-01-14 )))))))))))))))))))))))))))))))))))) . 2011-01-14 11:31 . 2011-01-14 11:31 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-01-13 16:11 . 2011-01-13 16:11 -------- d-----w- c:\program files\Ad-Remover 2011-01-13 15:42 . 2011-01-13 15:44 -------- d-----w- c:\program files\ZHPDiag 2011-01-13 11:17 . 2011-01-13 11:17 600064 ----a-w- c:\users\mpc\RogueKiller.exe 2011-01-12 06:43 . 2010-12-28 15:55 413696 ----a-w- c:\windows\system32\odbc32.dll 2011-01-12 06:43 . 2010-12-28 15:53 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll 2011-01-12 06:43 . 2010-12-28 15:53 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll 2011-01-12 06:43 . 2010-12-28 15:53 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2011-01-12 06:43 . 2010-12-28 15:53 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll 2011-01-12 06:43 . 2010-12-28 15:53 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll 2011-01-12 06:43 . 2010-12-14 14:49 1169408 ----a-w- c:\windows\system32\sdclt.exe 2011-01-11 08:23 . 2011-01-11 08:23 -------- d--h--w- c:\documents and settings\All Users\Application Data\pile egg bold 2011-01-10 14:00 . 2011-01-10 14:00 -------- d-----w- c:\users\mpc\AppData\Local\Windows Live Writer 2011-01-10 14:00 . 2011-01-10 14:00 -------- d-----w- c:\users\mpc\AppData\Roaming\Windows Live Writer 2011-01-07 18:23 . 2011-01-07 18:23 3865 ---ha-w- c:\windows\yuiogl.exe 2011-01-05 13:19 . 2011-01-05 13:19 -------- d-----w- c:\users\mpc\AppData\Roaming\Reallusion 2011-01-04 17:24 . 2009-08-21 10:33 143936 ----a-w- c:\windows\system32\drivers\CtClsFlt.sys 2011-01-04 17:24 . 2009-05-28 09:48 134144 ----a-w- c:\windows\system32\drivers\CtAudDrv.sys 2011-01-04 17:11 . 2011-01-05 13:19 -------- d-----w- c:\programdata\Creative 2011-01-04 17:00 . 2006-10-06 06:17 53248 ----a-w- c:\windows\Ctree1df.rra 2011-01-04 17:00 . 2003-06-12 22:25 7062 ----a-w- c:\windows\system32\audiopid.vxd 2011-01-04 16:59 . 2009-07-24 01:00 32768 ----a-w- c:\windows\system32\V0610Hwx.dll 2011-01-04 16:59 . 2011-01-04 16:59 24 ----a-w- c:\windows\system32\TDSSblat.dat 2011-01-04 16:59 . 2011-01-04 16:59 24 ----a-w- c:\windows\system32\TDSSqoaa.log 2011-01-04 16:59 . 2009-07-03 01:00 114688 ----a-w- c:\windows\system32\V0610Ext.ax 2011-01-04 16:57 . 2011-01-04 16:57 2988 --sha-w- c:\windows\system32\scvhost.exe 2011-01-04 16:55 . 2011-01-07 11:02 -------- d-----w- c:\program files\Creative 2011-01-04 16:54 . 2003-11-10 17:14 729088 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll 2011-01-04 16:54 . 2003-11-10 17:13 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll 2011-01-04 16:54 . 2003-11-10 17:12 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll 2011-01-04 16:54 . 2003-11-10 17:12 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll 2011-01-04 16:54 . 2003-11-10 17:11 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe 2011-01-04 16:54 . 2011-01-04 16:54 188548 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll 2011-01-04 16:54 . 2011-01-04 16:54 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll 2010-12-30 10:48 . 2010-12-30 10:48 569397 ----a-w- c:\program files\Internet Explorer\PLUGINS\RichFX\Player\nprfxins.dll 2010-12-29 21:51 . 2010-12-29 21:51 -------- d-----w- c:\program files\Common Files\xing shared 2010-12-29 11:05 . 2010-12-29 11:05 -------- d-----w- c:\programdata\Hitman Pro 2010-12-24 17:10 . 2010-12-24 17:10 -------- d-----w- c:\programdata\PC Drivers HeadQuarters 2010-12-23 11:27 . 2010-12-23 11:27 -------- d-----w- c:\program files\Common Files\Skype 2010-12-23 11:27 . 2010-12-23 11:27 -------- d-----r- c:\program files\Skype 2010-12-20 11:15 . 2010-12-24 10:45 -------- d-----w- c:\users\mpc\AppData\Roaming\EAST Technologies 2010-12-20 10:25 . 2010-12-20 10:25 -------- d-----w- c:\program files\iPod 2010-12-20 10:25 . 2010-12-20 10:26 -------- d-----w- c:\program files\iTunes 2010-12-18 11:06 . 2010-12-18 11:06 -------- d-----w- c:\program files\Feedback Tool 2010-12-16 08:23 . 2010-10-12 15:53 33280 ----a-w- c:\program files\Windows Mail\wabfind.dll 2010-12-16 08:23 . 2010-10-12 13:41 66048 ----a-w- c:\program files\Windows Mail\wabmig.exe 2010-12-16 08:23 . 2010-10-12 13:41 515584 ----a-w- c:\program files\Windows Mail\wab.exe 2010-12-16 08:23 . 2010-10-18 13:31 2038272 ----a-w- c:\windows\system32\win32k.sys 2010-12-16 08:22 . 2010-11-04 18:56 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-12-16 08:22 . 2010-11-04 18:55 352768 ----a-w- c:\windows\system32\taskschd.dll 2010-12-16 08:22 . 2010-11-04 18:55 601600 ----a-w- c:\windows\system32\schedsvc.dll 2010-12-16 08:22 . 2010-11-04 18:55 270336 ----a-w- c:\windows\system32\taskcomp.dll 2010-12-16 08:22 . 2010-11-04 16:34 171520 ----a-w- c:\windows\system32\taskeng.exe 2010-12-16 08:21 . 2010-10-18 13:37 81920 ----a-w- c:\windows\system32\consent.exe 2010-12-16 08:21 . 2010-10-28 15:44 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-12-16 08:21 . 2010-10-28 13:27 292352 ----a-w- c:\windows\system32\atmfd.dll 2010-12-16 08:21 . 2010-06-16 15:30 72704 ----a-w- c:\windows\system32\fontsub.dll 2010-12-16 08:10 . 2010-11-03 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-04 16:57 . 2011-01-04 16:57 2988 --sha-w- c:\windows\system32\scvhost.exe 2010-12-30 11:03 . 2003-10-17 10:44 499712 ----a-w- c:\windows\system32\msvcp71.dll 2010-12-30 11:03 . 2003-10-17 10:44 348160 ----a-w- c:\windows\system32\msvcr71.dll 2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr 2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-11-02 16:43 . 2010-11-02 16:44 286720 ----a-w- c:\windows\iun507.exe . [code] 
----a-w 325,204 2006-12-21 19:56:28 C:\SwSetup\SP34746\WCAMC\FW_210_Silence Install .exe
[/code] . ------- Sigcheck ------- [-] 2009-10-31 . !HASH: COULD NOT OPEN FILE !!!!! . 2614272 . . [6.0.6002.16385] . . c:\windows\explorer.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CLASSES_ROOT\clsid\{e7f88e02-0c78-48a1-86d2-82d8865de2df}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}] 2010-04-16 07:33 2447360 ----a-w- c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}] [HKEY_CLASSES_ROOT\clsid\{ebfcd017-bcad-42c3-9ed5-89dbdfc59171}] [HKEY_CLASSES_ROOT\SPEEDBIT1.SPEEDBIT1.3] [HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] [HKEY_CLASSES_ROOT\SPEEDBIT1.SPEEDBIT1] [HKEY_CLASSES_ROOT\clsid\{e7f88e02-0c78-48a1-86d2-82d8865de2df}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2010-06-23 1699128] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2010-05-07 247144] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-16 39408] "Software Informer"="c:\program files\Software Informer\softinfo.exe" [2010-06-28 2322501] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-12-03 14944136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Bendping"="c:\documents and settings\All users\application data\pile egg bold\Bits Flag Tick.exe" [2011-01-13 4698] "OrderReminder"="c:\program files\Hewlett-Packard\OrderReminder\OrderReminder.exe" [2005-03-18 98304] "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2010-09-23 38840] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-08-19 9210400] "SPAMfighter Agent"="c:\program files\SPAMfighter\SFAgent.exe" [2009-03-12 326792] "CANAL+ CANALSAT A LA DEMANDE"="c:\program files\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe" [2010-07-06 163992] "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-10-29 122880] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584] "filmoTV"="c:\program files\Filmo-TV\filmoTV.exe" [2010-02-18 480768] "EEventManager"="c:\program files\EPSON\Creativity Suite\Event Manager\EEventManager.exe" [2004-11-01 118784] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-10-08 47904] "V0610Mon.exe"="c:\windows\V0610Mon.exe" [2010-08-31 24576] "Live! Central 2"="c:\program files\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe" [2009-11-04 426140] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-4-15 813584] WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-4-15 106561] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "EnableLUA"= 0 (0x0) R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate1c9cd59caaf1aa6;Service Google Update (gupdate1c9cd59caaf1aa6);c:\program files\Google\Update\GoogleUpdate.exe [2009-05-05 133104] R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SPEEDB~2\VideoAcceleratorService.exe [2010-12-30 313624] R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2009-09-23 288112] R3 APL531;OVT Scanner;c:\windows\system32\Drivers\ov550i.sys [2006-07-31 580992] R3 BELKIN;Belkin Wireless G USB Network Adapter;c:\windows\system32\DRIVERS\BLKWGU.sys [2007-06-01 252416] R3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11; [x] R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\NIS\1007020.00B\SYMNDISV.SYS [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [x] R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 I804thdmhqpr;I804thdmhqpr; [x] R4 TDSSuiop;TDSSuiop;c:\windows\system32\tdssserv.sys [2004-02-29 9632] R4 MSSQLServerADHelper100;Service SQL Active Directory Helper;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-11 47128] R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336] R4 SQLAgent$SQLEXPRESS;Agent SQL Server (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1108000.005\SYMDS.SYS [2009-11-05 328752] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1108000.005\SYMEFA.SYS [2010-04-22 173104] S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20101123.003\BHDrvx86.sys [2010-11-23 691248] S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1108000.005\ccHPx86.sys [2010-02-26 501888] S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20110113.001\IDSvix86.sys [2010-11-09 353912] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1108000.005\Ironx86.SYS [2010-04-29 116784] S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NIS\1108000.005\SYMTDIV.SYS [2010-05-06 339504] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSrv.exe [2010-04-11 87968] S2 CanalPlus.VOD;CanalPlus.VOD;c:\program files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe [2010-07-06 188416] S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe [2010-02-26 126392] S2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [2009-03-12 184968] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-05-07 92008] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-08-21 143936] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-05-27 102448] S3 V0610Vid;Creative Live! Cam Socialize HD Driver;c:\windows\system32\DRIVERS\V0610Vid.sys [2010-09-08 276480] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs rdiopxc AudioSrv yuiocus AppMgmt . Contenu du dossier 'Tâches planifiées' 2011-01-13 c:\windows\Tasks\{5D6942FD-23C6-69D8-45SQ-2XD456920C89}.job - c:\documents and settings\All Users\Application Data\pile egg bold\Bits Flag Tick.exe 2011-01-14 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-16 08:12] 2011-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-05-05 08:16] 2011-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-05-05 08:16] 2011-01-07 c:\windows\Tasks\At1.job - c:\windows\yuiogl.exe 2011-01-07 c:\windows\Tasks\At2.job - c:\windows\yuiogl.exe 2011-01-07 c:\windows\Tasks\At3.job - c:\windows\yuiogl.exe 2011-01-12 c:\windows\Tasks\Norton Security Scan for mpc.job - c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-05-11 07:48] 2011-01-14 c:\windows\Tasks\SpeedOptimizer Startup.job - c:\progra~1\speedo~1\SPO.exe [2010-05-05 09:13] 2011-01-13 c:\windows\Tasks\User_Feed_Synchronization-{5E3ED882-D45E-466C-8CED-3AA1188BFB81}.job - c:\windows\system32\msfeedssync.exe [2010-12-16 04:25] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.ask.com uInternet Settings,ProxyServer = hxxp://127.0.0.1:8080 uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html Trusted Zone: 1and1.fr Trusted Zone: priceminister.com\www DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} - hxxps://static.impots.gouv.fr/abos/stat ... rtdgi1.cab DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwar ... PIDPDE.cab FF - component: c:\program files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\DealioToolbarFF.dll FF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll . - - - - ORPHELINS SUPPRIMES - - - - Toolbar-Locked - (no file) HKCU-Run-SpeedUpMyPC - c:\program files\Uniblue\SpeedUpMyPC\launcher.exe HKCU-Run-fsm - (no file) HKCU-Run-Eraser RiskMonitor - c:\program files\East-Tec Eraser 2011\Launch.exe Notify-GoToAssist - (no file) AddRemove-Encyclopaedia Universalis 2011 - l:\encyclopaedia universalis 2011\Désinstaller Encyclopaedia Universalis 2011\Désinstaller Encyclopaedia Universalis 2011.exe . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-01-14 12:33 Windows 6.0.6002 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 . ------------------------ Autres processus actifs ------------------------ . c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe c:\windows\system32\scvhost.exe . ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.8.0.5\diMaster.dll\" /prefetch:1" . Heure de fin: 2011-01-14 12:39:42 ComboFix-quarantined-files.txt 2011-01-14 11:39 Avant-CF: 264 776 695 808 octets libres Après-CF: 264 725 770 240 octets libres - - End Of File - - AEF9A737484C244709659C41273A646E