Phoximus

Bonjour, J'ai un petit pb avec winupgro et rosa. Vous trouverez ci dessous le log produit par combofix. Panda ne marche plus et internet sans fil hs... Merci pour votre aide! ComboFix 09-01-02.01 - Frédérick 2009-01-03 20:28:00.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.2047.1649 [GMT 1:00] Lancé depuis: c:\documents and settings\Frédérick\Bureau\superdupont.exe * Un nouveau point de restauration a été créé AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Frédérick\Application Data\drivers\downld c:\documents and settings\Frédérick\Application Data\drivers\srosa.sys c:\documents and settings\Frédérick\Application Data\drivers\srosa2.sys c:\documents and settings\Frédérick\Application Data\drivers\winupgro.exe c:\documents and settings\Invité\Application Data\drivers\downld c:\documents and settings\Invité\Application Data\drivers\srosa.sys c:\documents and settings\Invité\Application Data\drivers\srosa2.sys c:\documents and settings\Invité\Application Data\drivers\winupgro.exe c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe c:\windows\Downloaded Program Files\setup.inf c:\windows\IE4 Error Log.txt c:\windows\system32\tmp.reg . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_SROSA -------\Legacy_SROSA -------\Legacy_ISODRIVE -------\Legacy_SK9OU0S -------\Service_ISODrive -------\Service_sK9Ou0s ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-03 au 2009-01-03 )))))))))))))))))))))))))))))))))))) . 2009-01-03 19:06 . 2009-01-03 20:29 <REP> d--h----- c:\documents and settings\Invité\Application Data\drivers 2009-01-03 19:06 . 2006-07-26 06:06 794,632 --a------ c:\documents and settings\Invité\RTHDCPL.EXE 2009-01-03 19:06 . 2006-07-26 06:06 794,632 --a------ c:\documents and settings\Invité\RTHDCPL.EXE 2009-01-03 17:46 . 2009-01-03 20:29 <REP> d--h----- c:\documents and settings\Frédérick\Application Data\drivers 2008-12-26 19:05 . 2008-12-26 19:28 <REP> d-------- c:\program files\Vietcong 2008-12-24 10:15 . 2009-01-03 19:06 <REP> d-------- c:\documents and settings\Invité\Tracing 2008-12-24 10:15 . 2009-01-03 19:06 <REP> d-------- c:\documents and settings\Invité\Tracing 2008-12-19 18:25 . 2009-01-03 20:37 <REP> d-------- c:\documents and settings\Frédérick\Tracing 2008-12-19 18:25 . 2009-01-03 20:37 <REP> d-------- c:\documents and settings\Frédérick\Tracing 2008-12-19 18:21 . 2008-12-19 18:21 <REP> d-------- c:\program files\Windows Live SkyDrive 2008-12-19 18:15 . 2008-12-19 18:15 <REP> d-------- c:\program files\Fichiers communs\Windows Live 2008-12-09 07:34 . 2005-10-16 08:00 12,928 --a------ c:\windows\system32\drivers\filedisk.sys 2008-12-06 09:45 . 2008-12-06 09:45 <REP> d-------- c:\program files\SEGA 2008-12-05 06:55 . 2008-12-11 06:15 <REP> d-------- c:\program files\Delicious Add-on for Internet Explorer 2008-12-05 06:55 . 2008-12-11 06:00 <REP> d-------- c:\documents and settings\Frédérick\Application Data\Delicious IE Extension . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-03 17:08 1,132 ----a-w c:\windows\system32\drivers\APPFLTR.CFG.bck 2009-01-03 17:08 1,132 ----a-w c:\windows\system32\drivers\APPFLTR.CFG 2009-01-03 12:35 --------- d-----w c:\program files\Mozilla Thunderbird 2009-01-03 08:59 305,664 ----a-w c:\windows\system32\drivers\APPFCONT.DAT.bck 2009-01-03 08:59 305,664 ----a-w c:\windows\system32\drivers\APPFCONT.DAT 2009-01-03 03:26 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2008-12-30 18:26 --------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet 2008-12-19 17:22 --------- d-----w c:\program files\Microsoft 2008-12-19 17:21 --------- d-----w c:\program files\Windows Live 2008-12-19 17:21 --------- d-----w c:\documents and settings\Frédérick\Application Data\dvdcss 2008-12-02 18:17 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-02 18:16 --------- d-----w c:\program files\Warner Bros. Interactive Entertainment 2008-11-30 17:57 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT 2008-11-27 21:51 --------- d-----w c:\program files\Panda Security 2008-11-27 21:51 --------- d-----w c:\documents and settings\Frédérick\Application Data\Panda Security 2008-11-27 21:51 --------- d-----w c:\documents and settings\All Users\Application Data\Panda Security 2008-11-27 21:50 --------- d-----w c:\program files\Fichiers communs\Panda Security 2008-11-24 16:22 --------- d-----w c:\program files\Orange 2008-11-13 12:54 --------- d-----w c:\documents and settings\Frédérick\Application Data\Styler 2008-11-12 19:10 --------- d-----w c:\program files\Free Audio Pack 2008-11-11 18:53 --------- d-----w c:\documents and settings\Frédérick\Application Data\Thunderbird 2008-11-11 13:03 --------- d-----w c:\program files\iTunes 2008-11-11 13:02 --------- d-----w c:\program files\iPod 2008-11-11 13:02 --------- d-----w c:\program files\Bonjour 2008-11-11 13:01 --------- d-----w c:\program files\QuickTime 2008-11-11 13:01 --------- d-----w c:\program files\Fichiers communs\Apple 2008-11-11 13:00 --------- d-----w c:\program files\Apple Software Update 2008-11-09 14:35 --------- d-----w c:\program files\FusionSoft DVD Player XP 2008-11-09 09:37 --------- d-----w c:\documents and settings\All Users\Application Data\Backup 2008-11-09 09:32 --------- d-----w c:\program files\Fichiers communs\Symantec Shared 2008-11-09 09:29 --------- d-----w c:\documents and settings\Frédérick\Application Data\Symantec 2008-11-09 09:29 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec 2008-11-05 19:23 --------- d-----w c:\program files\FLV Player 2008-09-01 19:34 22,328 ----a-w c:\documents and settings\Frédérick\Application Data\PnkBstrK.sys 2007-11-22 06:39 278,528 ----a-w c:\program files\Fichiers communs\FDEUnInstaller.exe 2008-06-30 11:44 324,976 ----a-w c:\program files\mozilla firefox\components\coFFPlgn.dll 2008-09-22 20:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008092220080923\index.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] "CopernicSummarizerWatchdog"="c:\program files\Copernic Summarizer\CSAgent.exe" [2003-10-02 20480] "TrackerNotificationExtensions.exe"="c:\program files\Copernic Tracker\TrackerNotificationExtensions.exe" [2004-01-30 1261056] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2008-12-02 3882312] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8491008] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920] "Adobe Version Cue CS2"="c:\program files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [2005-04-06 856064] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 623992] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "InCD"="c:\program files\Ahead\InCD\InCD.exe" [2004-06-04 1400944] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576] "APVXDWIN"="c:\program files\Panda Security\Panda Global Protection 2009\APVXDWIN.EXE" [2009-01-03 869632] "SCANINICIO"="c:\program files\Panda Security\Panda Global Protection 2009\Inicio.exe" [2009-01-03 50432] "nwiz"="nwiz.exe" [2007-10-04 c:\windows\system32\nwiz.exe] "RTHDCPL"="RTHDCPL.EXE" [2007-10-25 c:\windows\RTHDCPL.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360] c:\documents and settings\Fr‚d‚rick\Menu D‚marrer\Programmes\D‚marrage\ Nikon Monitor.lnk - c:\program files\Fichiers communs\Nikon\Monitor\NkMonitor.exe [2008-08-07 479232] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664] Nikon Monitor.lnk - c:\program files\Fichiers communs\Nikon\Monitor\NkMonitor.exe [2008-08-07 479232] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Adobe\\Adobe Version Cue CS2\\bin\\VersionCueCS2.exe"= "c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\Electronic Arts\\Crytek\\Crysis SP Demo\\Bin32\\Crysis.exe"= "c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"= "c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"= "c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"= "c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"= "c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [2008-11-27 28544] R4 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost -k Panda --> c:\windows\system32\svchost -k Panda [?] S1 APPFLT;App Filter Plugin;\??\c:\windows\system32\Drivers\APPFLT.SYS --> c:\windows\system32\Drivers\APPFLT.SYS [?] S1 DSAFLT;DSA Filter Plugin;\??\c:\windows\system32\Drivers\DSAFLT.SYS --> c:\windows\system32\Drivers\DSAFLT.SYS [?] S1 FNETMON;NetMon Filter Plugin;\??\c:\windows\system32\Drivers\fnetmon.SYS --> c:\windows\system32\Drivers\fnetmon.SYS [?] S1 IDSFLT;Ids Filter Plugin;\??\c:\windows\system32\Drivers\IDSFLT.SYS --> c:\windows\system32\Drivers\IDSFLT.SYS [?] S1 NETFLTDI;Panda Net Driver [TDI Layer];\??\c:\windows\system32\Drivers\NETFLTDI.SYS --> c:\windows\system32\Drivers\NETFLTDI.SYS [?] S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShlDrv51.sys --> c:\windows\system32\DRIVERS\ShlDrv51.sys [?] S1 WNMFLT;Wifi Monitor Filter Plugin;\??\c:\windows\system32\Drivers\WNMFLT.SYS --> c:\windows\system32\Drivers\WNMFLT.SYS [?] S3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys --> c:\windows\system32\PavSRK.sys [?] S3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?] S4 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?] S4 PavProc;Panda Process Protection Driver;\??\c:\windows\system32\DRIVERS\PavProc.sys --> c:\windows\system32\DRIVERS\PavProc.sys [?] S4 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Global Protection 2009\psksvc.exe [2008-11-27 28928] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] panda REG_MULTI_SZ Gwmsrv . Contenu du dossier 'Tâches planifiées' 2007-11-23 c:\windows\Tasks\1 Copernic Intra-Daily ~DESIBOU Frédérick.job - c:\program files\Copernic Agent\CopernicAgent.exe [2004-12-02 19:16] 2007-11-23 c:\windows\Tasks\1 Copernic Tracker Intra-Daily ~DESIBOU Frédérick.job - c:\program files\Copernic Tracker\CopernicTracker.exe [2004-01-30 11:28] 2008-12-11 c:\windows\Tasks\1 Copernic Tracker Intra-Daily ~FBDESIBOU Frédérick.job - c:\program files\Copernic Tracker\CopernicTracker.exe [2004-01-30 11:28] 2007-11-23 c:\windows\Tasks\2 Copernic Daily ~DESIBOU Frédérick.job - c:\program files\Copernic Agent\CopernicAgent.exe [2004-12-02 19:16] 2007-11-23 c:\windows\Tasks\2 Copernic Tracker Daily ~DESIBOU Frédérick.job - c:\program files\Copernic Tracker\CopernicTracker.exe [2004-01-30 11:28] 2008-12-09 c:\windows\Tasks\2 Copernic Tracker Daily ~FBDESIBOU Frédérick.job - c:\program files\Copernic Tracker\CopernicTracker.exe [2004-01-30 11:28] 2007-11-23 c:\windows\Tasks\3 Copernic Tracker Weekly ~DESIBOU Frédérick.job - c:\program files\Copernic Tracker\CopernicTracker.exe [2004-01-30 11:28] 2008-12-09 c:\windows\Tasks\3 Copernic Tracker Weekly ~FBDESIBOU Frédérick.job - c:\program files\Copernic Tracker\CopernicTracker.exe [2004-01-30 11:28] 2007-11-23 c:\windows\Tasks\3 Copernic Weekly ~DESIBOU Frédérick.job - c:\program files\Copernic Agent\CopernicAgent.exe [2004-12-02 19:16] 2007-11-23 c:\windows\Tasks\4 Copernic Monthly ~DESIBOU Frédérick.job - c:\program files\Copernic Agent\CopernicAgent.exe [2004-12-02 19:16] 2007-11-23 c:\windows\Tasks\4 Copernic Tracker Monthly ~DESIBOU Frédérick.job - c:\program files\Copernic Tracker\CopernicTracker.exe [2004-01-30 11:28] 2008-12-09 c:\windows\Tasks\4 Copernic Tracker Monthly ~FBDESIBOU Frédérick.job - c:\program files\Copernic Tracker\CopernicTracker.exe [2004-01-30 11:28] 2008-12-26 c:\windows\Tasks\Nettoyage de base.job - c:\program files\Panda Security\Panda Global Protection 2009\PlaTasks.exe [2008-07-03 17:55] 2008-12-29 c:\windows\Tasks\SyncBackSE Sauvegarde Ordinateur FB.job - c:\program files\2BrightSparks\SyncBackSE\SyncBackSE.exe [2008-04-14 14:28] 2009-01-03 c:\windows\Tasks\SyncBackSE Synchronisation dossier Désibou.job - c:\program files\2BrightSparks\SyncBackSE\SyncBackSE.exe [2008-04-14 14:28] . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe HKLM-Run-pdfSaver3 - (no file) Notify-avldr - avldr.dll . ------- Examen supplémentaire ------- . uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Ajouter au fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Chercher avec Copernic Agent - c:\program files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT IE: Convertir en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir la sélection en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la sélection en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Résumer avec Copernic Summarizer - c:\program files\Copernic Summarizer\Web\SummarizePage.htm IE: Surveiller avec Copernic Tracker - c:\program files\Copernic Tracker\Web\TrackCurrentExt.htm IE: Surveiller la cible avec Copernic Tracker - c:\program files\Copernic Tracker\Web\TrackTargetExt.htm IE: {{0CFE98C9-A0F8-4E6E-94D7-C8F9157B0A43} - {3B355907-99F3-4503-BE7D-4C4E676EA777} - c:\progra~1\COPERN~3\COPERN~1.DLL IE: {{0F2D17A0-E7DF-4847-995B-6F3ABF5BF187} - {961ACDBF-A8DE-454B-896F-FC9EA8A697EC} - c:\progra~1\COPERN~2\COPERN~2.DLL IE: {{12200C1F-1E6B-4F57-8222-2811B123688C} - {3B355907-99F3-4503-BE7D-4C4E676EA777} - c:\progra~1\COPERN~3\COPERN~1.DLL IE: {{6170AB22-F1E5-4D4F-8F6C-826C73838581} - {30E44B64-8FCD-43BC-BB6A-84BD312B8E0C} - c:\program files\Copernic Summarizer\CopernicSummarizerApp.dll IE: {{B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - {961ACDBF-A8DE-454B-896F-FC9EA8A697EC} - c:\progra~1\COPERN~2\COPERN~2.DLL TCP: {3E77384C-B35C-4586-9F76-24235ED58FCA} = 192.168.1.1 TCP: {F1D42D7C-7F4C-4BB5-B7B1-014E3DA8F691} = 192.168.1.1 Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - c:\progra~1\COPERN~1\COPERN~1.DLL Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - c:\progra~1\COPERN~1\COPERN~1.DLL Handler: copernictracker - {BACF7D7D-DEB2-4B11-8C6D-1693DC2555B8} - c:\progra~1\COPERN~3\COPERN~1.DLL O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd O16 -: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd O16 -: {051D0E35-F4E3-4C8D-B411-AB0875F4C683} - hxxp://install.anark.com/client/version4/windows-ie/en/AMClient.cab c:\windows\Downloaded Program Files\InstallClient.inf FF - ProfilePath - c:\documents and settings\Frédérick\Application Data\Mozilla\Firefox\Profiles\e960rarf.default\ FF - prefs.js: browser.search.selectedEngine - Live Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q= FF - component: c:\documents and settings\Frédérick\Application Data\Mozilla\Firefox\Profiles\e960rarf.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npornap.dll FF - plugin: c:\program files\Picasa2\npPicasa2.dll . . ------- Associations de fichier ------- . JSEFile=c:\progra~1\PANDAS~1\PANDAG~1\PAVSCRIP.EXE "%1" %* VBEFile=c:\progra~1\PANDAS~1\PANDAG~1\PAVSCRIP.EXE "%1" %* VBSFile=c:\progra~1\PANDAS~1\PANDAG~1\PAVSCRIP.EXE "%1" %* . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-03 20:36:41 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*NULL*] "C040111900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . ------------------------ Autres processus actifs ------------------------ . c:\program files\Ahead\InCD\InCDsrv.exe c:\program files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe c:\program files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe c:\program files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\nvsvc32.exe c:\windows\system32\PnkBstrA.exe c:\program files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe c:\program files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe c:\windows\system32\rundll32.exe c:\progra~1\MI3AA1~1\rapimgr.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Fichiers communs\LogiShrd\LQCVFX\COCIManager.exe c:\program files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe . ************************************************************************** . Heure de fin: 2009-01-03 20:47:45 - La machine a redémarré ComboFix-quarantined-files.txt 2009-01-03 19:47:42 Avant-CF: 380,697,669,632 octets libres Après-CF: 381,015,957,504 octets libres 301 --- E O F --- 2008-12-19 02:00:42