Winupgro et rosa

[Phoximus]

Bonjour,

J'ai un petit pb avec winupgro et rosa. Vous trouverez ci dessous le log produit par combofix. Panda ne marche plus et internet sans fil hs...

Merci pour votre aide!

 

ComboFix 09-01-02.01 - Frédérick 2009-01-03 20:28:00.1 - NTFSx86

Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.2047.1649 [GMT 1:00]

Lancé depuis: c:\documents and settings\Frédérick\Bureau\superdupont.exe

* Un nouveau point de restauration a été créé

 

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\documents and settings\Frédérick\Application Data\drivers\downld

c:\documents and settings\Frédérick\Application Data\drivers\srosa.sys

c:\documents and settings\Frédérick\Application Data\drivers\srosa2.sys

c:\documents and settings\Frédérick\Application Data\drivers\winupgro.exe

c:\documents and settings\Invité\Application Data\drivers\downld

c:\documents and settings\Invité\Application Data\drivers\srosa.sys

c:\documents and settings\Invité\Application Data\drivers\srosa2.sys

c:\documents and settings\Invité\Application Data\drivers\winupgro.exe

c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

c:\windows\Downloaded Program Files\setup.inf

c:\windows\IE4 Error Log.txt

c:\windows\system32\tmp.reg

 

.

((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Service_SROSA

-------\Legacy_SROSA

-------\Legacy_ISODRIVE

-------\Legacy_SK9OU0S

-------\Service_ISODrive

-------\Service_sK9Ou0s

 

 

((((((((((((((((((((((((((((( Fichiers créés du 2008-12-03 au 2009-01-03 ))))))))))))))))))))))))))))))))))))

.

 

2009-01-03 19:06 . 2009-01-03 20:29 <REP> d--h----- c:\documents and settings\Invité\Application Data\drivers

2009-01-03 19:06 . 2006-07-26 06:06 794,632 --a------ c:\documents and settings\Invité\RTHDCPL.EXE

2009-01-03 19:06 . 2006-07-26 06:06 794,632 --a------ c:\documents and settings\Invité\RTHDCPL.EXE

2009-01-03 17:46 . 2009-01-03 20:29 <REP> d--h----- c:\documents and settings\Frédérick\Application Data\drivers

2008-12-26 19:05 . 2008-12-26 19:28 <REP> d-------- c:\program files\Vietcong

2008-12-24 10:15 . 2009-01-03 19:06 <REP> d-------- c:\documents and settings\Invité\Tracing

2008-12-24 10:15 . 2009-01-03 19:06 <REP> d-------- c:\documents and settings\Invité\Tracing

2008-12-19 18:25 . 2009-01-03 20:37 <REP> d-------- c:\documents and settings\Frédérick\Tracing

2008-12-19 18:25 . 2009-01-03 20:37 <REP> d-------- c:\documents and settings\Frédérick\Tracing

2008-12-19 18:21 . 2008-12-19 18:21 <REP> d-------- c:\program files\Windows Live SkyDrive

2008-12-19 18:15 . 2008-12-19 18:15 <REP> d-------- c:\program files\Fichiers communs\Windows Live

2008-12-09 07:34 . 2005-10-16 08:00 12,928 --a------ c:\windows\system32\drivers\filedisk.sys

2008-12-06 09:45 . 2008-12-06 09:45 <REP> d-------- c:\program files\SEGA

2008-12-05 06:55 . 2008-12-11 06:15 <REP> d-------- c:\program files\Delicious Add-on for Internet Explorer

2008-12-05 06:55 . 2008-12-11 06:00 <REP> d-------- c:\documents and settings\Frédérick\Application Data\Delicious IE Extension

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-01-03 17:08 1,132 ----a-w c:\windows\system32\drivers\APPFLTR.CFG.bck

2009-01-03 17:08 1,132 ----a-w c:\windows\system32\drivers\APPFLTR.CFG

2009-01-03 12:35 --------- d-----w c:\program files\Mozilla Thunderbird

2009-01-03 08:59 305,664 ----a-w c:\windows\system32\drivers\APPFCONT.DAT.bck

2009-01-03 08:59 305,664 ----a-w c:\windows\system32\drivers\APPFCONT.DAT

2009-01-03 03:26 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater

2008-12-30 18:26 --------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet

2008-12-19 17:22 --------- d-----w c:\program files\Microsoft

2008-12-19 17:21 --------- d-----w c:\program files\Windows Live

2008-12-19 17:21 --------- d-----w c:\documents and settings\Frédérick\Application Data\dvdcss

2008-12-02 18:17 --------- d--h--w c:\program files\InstallShield Installation Information

2008-12-02 18:16 --------- d-----w c:\program files\Warner Bros. Interactive Entertainment

2008-11-30 17:57 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT

2008-11-27 21:51 --------- d-----w c:\program files\Panda Security

2008-11-27 21:51 --------- d-----w c:\documents and settings\Frédérick\Application Data\Panda Security

2008-11-27 21:51 --------- d-----w c:\documents and settings\All Users\Application Data\Panda Security

2008-11-27 21:50 --------- d-----w c:\program files\Fichiers communs\Panda Security

2008-11-24 16:22 --------- d-----w c:\program files\Orange

2008-11-13 12:54 --------- d-----w c:\documents and settings\Frédérick\Application Data\Styler

2008-11-12 19:10 --------- d-----w c:\program files\Free Audio Pack

2008-11-11 18:53 --------- d-----w c:\documents and settings\Frédérick\Application Data\Thunderbird

2008-11-11 13:03 --------- d-----w c:\program files\iTunes

2008-11-11 13:02 --------- d-----w c:\program files\iPod

2008-11-11 13:02 --------- d-----w c:\program files\Bonjour

2008-11-11 13:01 --------- d-----w c:\program files\QuickTime

2008-11-11 13:01 --------- d-----w c:\program files\Fichiers communs\Apple

2008-11-11 13:00 --------- d-----w c:\program files\Apple Software Update

2008-11-09 14:35 --------- d-----w c:\program files\FusionSoft DVD Player XP

2008-11-09 09:37 --------- d-----w c:\documents and settings\All Users\Application Data\Backup

2008-11-09 09:32 --------- d-----w c:\program files\Fichiers communs\Symantec Shared

2008-11-09 09:29 --------- d-----w c:\documents and settings\Frédérick\Application Data\Symantec

2008-11-09 09:29 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec

2008-11-05 19:23 --------- d-----w c:\program files\FLV Player

2008-09-01 19:34 22,328 ----a-w c:\documents and settings\Frédérick\Application Data\PnkBstrK.sys

2007-11-22 06:39 278,528 ----a-w c:\program files\Fichiers communs\FDEUnInstaller.exe

2008-06-30 11:44 324,976 ----a-w c:\program files\mozilla firefox\components\coFFPlgn.dll

2008-09-22 20:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008092220080923\index.dat

.

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

"CopernicSummarizerWatchdog"="c:\program files\Copernic Summarizer\CSAgent.exe" [2003-10-02 20480]

"TrackerNotificationExtensions.exe"="c:\program files\Copernic Tracker\TrackerNotificationExtensions.exe" [2004-01-30 1261056]

"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2008-12-02 3882312]

"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]

"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8491008]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920]

"Adobe Version Cue CS2"="c:\program files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [2005-04-06 856064]

"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 623992]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2004-06-04 1400944]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]

"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]

"APVXDWIN"="c:\program files\Panda Security\Panda Global Protection 2009\APVXDWIN.EXE" [2009-01-03 869632]

"SCANINICIO"="c:\program files\Panda Security\Panda Global Protection 2009\Inicio.exe" [2009-01-03 50432]

"nwiz"="nwiz.exe" [2007-10-04 c:\windows\system32\nwiz.exe]

"RTHDCPL"="RTHDCPL.EXE" [2007-10-25 c:\windows\RTHDCPL.exe]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]

 

c:\documents and settings\Fr‚d‚rick\Menu D‚marrer\Programmes\D‚marrage\

Nikon Monitor.lnk - c:\program files\Fichiers communs\Nikon\Monitor\NkMonitor.exe [2008-08-07 479232]

 

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\

Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

Nikon Monitor.lnk - c:\program files\Fichiers communs\Nikon\Monitor\NkMonitor.exe [2008-08-07 479232]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]

@="Service"

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Adobe\\Adobe Version Cue CS2\\bin\\VersionCueCS2.exe"=

"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=

"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis SP Demo\\Bin32\\Crysis.exe"=

"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=

"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=

"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=

"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=

"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

 

R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [2008-11-27 28544]

R4 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost -k Panda --> c:\windows\system32\svchost -k Panda [?]

S1 APPFLT;App Filter Plugin;\??\c:\windows\system32\Drivers\APPFLT.SYS --> c:\windows\system32\Drivers\APPFLT.SYS [?]

S1 DSAFLT;DSA Filter Plugin;\??\c:\windows\system32\Drivers\DSAFLT.SYS --> c:\windows\system32\Drivers\DSAFLT.SYS [?]

S1 FNETMON;NetMon Filter Plugin;\??\c:\windows\system32\Drivers\fnetmon.SYS --> c:\windows\system32\Drivers\fnetmon.SYS [?]

S1 IDSFLT;Ids Filter Plugin;\??\c:\windows\system32\Drivers\IDSFLT.SYS --> c:\windows\system32\Drivers\IDSFLT.SYS [?]

S1 NETFLTDI;Panda Net Driver [TDI Layer];\??\c:\windows\system32\Drivers\NETFLTDI.SYS --> c:\windows\system32\Drivers\NETFLTDI.SYS [?]

S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShlDrv51.sys --> c:\windows\system32\DRIVERS\ShlDrv51.sys [?]

S1 WNMFLT;Wifi Monitor Filter Plugin;\??\c:\windows\system32\Drivers\WNMFLT.SYS --> c:\windows\system32\Drivers\WNMFLT.SYS [?]

S3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys --> c:\windows\system32\PavSRK.sys [?]

S3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?]

S4 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]

S4 PavProc;Panda Process Protection Driver;\??\c:\windows\system32\DRIVERS\PavProc.sys --> c:\windows\system32\DRIVERS\PavProc.sys [?]

S4 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Global Protection 2009\psksvc.exe [2008-11-27 28928]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

panda REG_MULTI_SZ Gwmsrv

.

Contenu du dossier 'Tâches planifiées'

 

2007-11-23 c:\windows\Tasks\1 Copernic Intra-Daily ~DESIBOU Frédérick.job

- c:\program files\Copernic Agent\CopernicAgent.exe [2004-12-02 19:16]

 

2007-11-23 c:\windows\Tasks\1 Copernic Tracker Intra-Daily ~DESIBOU Frédérick.job

- c:\program files\Copernic Tracker\CopernicTracker.exe [2004-01-30 11:28]

 

2008-12-11 c:\windows\Tasks\1 Copernic Tracker Intra-Daily ~FBDESIBOU Frédérick.job

- c:\program files\Copernic Tracker\CopernicTracker.exe [2004-01-30 11:28]

 

2007-11-23 c:\windows\Tasks\2 Copernic Daily ~DESIBOU Frédérick.job

- c:\program files\Copernic Agent\CopernicAgent.exe [2004-12-02 19:16]

 

2007-11-23 c:\windows\Tasks\2 Copernic Tracker Daily ~DESIBOU Frédérick.job

- c:\program files\Copernic Tracker\CopernicTracker.exe [2004-01-30 11:28]

 

2008-12-09 c:\windows\Tasks\2 Copernic Tracker Daily ~FBDESIBOU Frédérick.job

- c:\program files\Copernic Tracker\CopernicTracker.exe [2004-01-30 11:28]

 

2007-11-23 c:\windows\Tasks\3 Copernic Tracker Weekly ~DESIBOU Frédérick.job

- c:\program files\Copernic Tracker\CopernicTracker.exe [2004-01-30 11:28]

 

2008-12-09 c:\windows\Tasks\3 Copernic Tracker Weekly ~FBDESIBOU Frédérick.job

- c:\program files\Copernic Tracker\CopernicTracker.exe [2004-01-30 11:28]

 

2007-11-23 c:\windows\Tasks\3 Copernic Weekly ~DESIBOU Frédérick.job

- c:\program files\Copernic Agent\CopernicAgent.exe [2004-12-02 19:16]

 

2007-11-23 c:\windows\Tasks\4 Copernic Monthly ~DESIBOU Frédérick.job

- c:\program files\Copernic Agent\CopernicAgent.exe [2004-12-02 19:16]

 

2007-11-23 c:\windows\Tasks\4 Copernic Tracker Monthly ~DESIBOU Frédérick.job

- c:\program files\Copernic Tracker\CopernicTracker.exe [2004-01-30 11:28]

 

2008-12-09 c:\windows\Tasks\4 Copernic Tracker Monthly ~FBDESIBOU Frédérick.job

- c:\program files\Copernic Tracker\CopernicTracker.exe [2004-01-30 11:28]

 

2008-12-26 c:\windows\Tasks\Nettoyage de base.job

- c:\program files\Panda Security\Panda Global Protection 2009\PlaTasks.exe [2008-07-03 17:55]

 

2008-12-29 c:\windows\Tasks\SyncBackSE Sauvegarde Ordinateur FB.job

- c:\program files\2BrightSparks\SyncBackSE\SyncBackSE.exe [2008-04-14 14:28]

 

2009-01-03 c:\windows\Tasks\SyncBackSE Synchronisation dossier Désibou.job

- c:\program files\2BrightSparks\SyncBackSE\SyncBackSE.exe [2008-04-14 14:28]

.

- - - - ORPHELINS SUPPRIMES - - - -

 

HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

HKLM-Run-pdfSaver3 - (no file)

Notify-avldr - avldr.dll

 

 

.

------- Examen supplémentaire -------

.

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Ajouter au fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Chercher avec Copernic Agent - c:\program files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT

IE: Convertir en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convertir la cible du lien en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convertir la sélection en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convertir la sélection en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: Résumer avec Copernic Summarizer - c:\program files\Copernic Summarizer\Web\SummarizePage.htm

IE: Surveiller avec Copernic Tracker - c:\program files\Copernic Tracker\Web\TrackCurrentExt.htm

IE: Surveiller la cible avec Copernic Tracker - c:\program files\Copernic Tracker\Web\TrackTargetExt.htm

IE: {{0CFE98C9-A0F8-4E6E-94D7-C8F9157B0A43} - {3B355907-99F3-4503-BE7D-4C4E676EA777} - c:\progra~1\COPERN~3\COPERN~1.DLL

IE: {{0F2D17A0-E7DF-4847-995B-6F3ABF5BF187} - {961ACDBF-A8DE-454B-896F-FC9EA8A697EC} - c:\progra~1\COPERN~2\COPERN~2.DLL

IE: {{12200C1F-1E6B-4F57-8222-2811B123688C} - {3B355907-99F3-4503-BE7D-4C4E676EA777} - c:\progra~1\COPERN~3\COPERN~1.DLL

IE: {{6170AB22-F1E5-4D4F-8F6C-826C73838581} - {30E44B64-8FCD-43BC-BB6A-84BD312B8E0C} - c:\program files\Copernic Summarizer\CopernicSummarizerApp.dll

IE: {{B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - {961ACDBF-A8DE-454B-896F-FC9EA8A697EC} - c:\progra~1\COPERN~2\COPERN~2.DLL

TCP: {3E77384C-B35C-4586-9F76-24235ED58FCA} = 192.168.1.1

TCP: {F1D42D7C-7F4C-4BB5-B7B1-014E3DA8F691} = 192.168.1.1

Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - c:\progra~1\COPERN~1\COPERN~1.DLL

Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - c:\progra~1\COPERN~1\COPERN~1.DLL

Handler: copernictracker - {BACF7D7D-DEB2-4B11-8C6D-1693DC2555B8} - c:\progra~1\COPERN~3\COPERN~1.DLL

 

O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab

c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd

 

O16 -: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab

c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd

 

O16 -: {051D0E35-F4E3-4C8D-B411-AB0875F4C683} - hxxp://install.anark.com/client/version4/windows-ie/en/AMClient.cab

c:\windows\Downloaded Program Files\InstallClient.inf

FF - ProfilePath - c:\documents and settings\Frédérick\Application Data\Mozilla\Firefox\Profiles\e960rarf.default\

FF - prefs.js: browser.search.selectedEngine - Live Search

FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr

FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=

FF - component: c:\documents and settings\Frédérick\Application Data\Mozilla\Firefox\Profiles\e960rarf.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll

FF - plugin: c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npornap.dll

FF - plugin: c:\program files\Picasa2\npPicasa2.dll

.

.

------- Associations de fichier -------

.

JSEFile=c:\progra~1\PANDAS~1\PANDAG~1\PAVSCRIP.EXE "%1" %*

VBEFile=c:\progra~1\PANDAS~1\PANDAG~1\PAVSCRIP.EXE "%1" %*

VBSFile=c:\progra~1\PANDAS~1\PANDAG~1\PAVSCRIP.EXE "%1" %*

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-01-03 20:36:41

Windows 5.1.2600 Service Pack 3 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*NULL*]

"C040111900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

------------------------ Autres processus actifs ------------------------

.

c:\program files\Ahead\InCD\InCDsrv.exe

c:\program files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

c:\program files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe

c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe

c:\program files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\windows\system32\nvsvc32.exe

c:\windows\system32\PnkBstrA.exe

c:\program files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe

c:\program files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

c:\windows\system32\rundll32.exe

c:\progra~1\MI3AA1~1\rapimgr.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\Fichiers communs\LogiShrd\LQCVFX\COCIManager.exe

c:\program files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

.

**************************************************************************

.

Heure de fin: 2009-01-03 20:47:45 - La machine a redémarré

ComboFix-quarantined-files.txt 2009-01-03 19:47:42

 

Avant-CF: 380,697,669,632 octets libres

Après-CF: 381,015,957,504 octets libres

 

301 --- E O F --- 2008-12-19 02:00:42

[Thanos]

salut

 

Ton antivirus a été supprimé par Bagle et ta connexion sans fil désactivée! On va remédier à cela >>

 

Télécharge et installe FindyKill de ( Chiquitine29 ) comme montré dans ce tutoriel >> http://www.malekal.com/tutorial_FindyKill.php

 

Choisi l' option 1 (Recherche).

 

Poste le rapport FindyKill.txt

 

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque.

 

Ton antivirus n'est plus actif et le pc n'est plus protégé du coup! Il va falloir le réinstaller au plus vite!