Rapport highjackthis

Salut Pimprenelle27,
ravi de te retrouver...
Fix Navipromo version 4.0.5 commencé le 11/11/2009 9:31:37,86

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Phenom(tm) 9500 Quad-Core Processor )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : max ( Administrator )
BOOT : Normal boot


J'ajoute ceci, je viens de faire un nouveau scan avec Lpo sd qui me dit
--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-11 09:45:59
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwQueryKey, ZwOpenKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile, ZwQueryDirectoryFile, ZwQuerySystemInformation
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 704

C:\ (Local Disk) - NTFS - Total:228 Go (Free:10 Go)
D:\ (Local Disk) - NTFS - Total:227 Go (Free:126 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB) - FAT - Total:1963 Mo (Free:1 Go)
I:\ (USB)
K:\ (CD or DVD)
N:\ (Local Disk) - NTFS - Total:149 Go (Free:29 Go)


Recherche executée en mode normal

Nettoyage exécuté au redémarrage de l'ordinateur




Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\max\AppData\Local\Temp effectué !


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !



*** Scan terminé 11/11/2009 9:40:33,71 ***

Salut,
voila donc le navipromo seul. J'avais ajouté un ajouté un autre scan parce qu'une mise à jour récente de messenger ressemblait à un virus...

Fix Navipromo version 4.0.5 commencé le 14/11/2009 13:31:30,35

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Phenom(tm) 9500 Quad-Core Processor )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : max ( Administrator )
BOOT : Normal boot




C:\ (Local Disk) - NTFS - Total:228 Go (Free:9 Go)
D:\ (Local Disk) - NTFS - Total:227 Go (Free:126 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB) - FAT - Total:1963 Mo (Free:1 Go)
I:\ (USB)
K:\ (CD or DVD)
N:\ (Local Disk) - NTFS - Total:149 Go (Free:29 Go)


Recherche executée en mode normal

Nettoyage exécuté au redémarrage de l'ordinateur


C:\Windows\prefetch\GAME.EXE-BF9AEB55.pf supprimé !


Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\max\AppData\Local\Temp effectué !


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok




*** Scan terminé 14/11/2009 13:33:52,73 ***

Salut, voila le rapport lop

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Phenom(tm) 9500 Quad-Core Processor )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : max ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:228 Go (Free:8 Go)
D:\ (Local Disk) - NTFS - Total:227 Go (Free:127 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB) - FAT - Total:1963 Mo (Free:1 Go)
I:\ (USB)
K:\ (CD or DVD)
N:\ (Local Disk) - NTFS - Total:149 Go (Free:29 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 16/11/2009|13:12 )

[ UAC => 1 ]

--------------------\\ Listing des dossiers dans Local

[08/02/2008|18:32] C:\Users\max\AppData\Local\{7148F0A6-6813-11D6-A77B-00B0D0142050}
[01/02/2008|18:50] C:\Users\max\AppData\Local\Adobe
[08/03/2008|13:12] C:\Users\max\AppData\Local\Ahead
[17/04/2008|16:04] C:\Users\max\AppData\Local\Apple
[10/10/2009|19:30] C:\Users\max\AppData\Local\Apple Computer
[27/01/2008|21:46] C:\Users\max\AppData\Local\Application Data
[16/11/2009|12:28] C:\Users\max\AppData\Local\ApplicationHistory
[11/02/2008|11:12] C:\Users\max\AppData\Local\Apps
[27/01/2008|21:48] C:\Users\max\AppData\Local\ATI
[28/06/2009|22:10] C:\Users\max\AppData\Local\Boss Media
[07/11/2009|13:55] C:\Users\max\AppData\Local\d3d9caps.dat
[05/07/2009|20:23] C:\Users\max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[10/02/2008|09:28] C:\Users\max\AppData\Local\eMule
[22/03/2009|23:05] C:\Users\max\AppData\Local\FullTiltPoker
[02/04/2008|15:22] C:\Users\max\AppData\Local\fusioncache.dat
[25/10/2009|22:11] C:\Users\max\AppData\Local\GDIPFONTCACHEV1.DAT
[07/06/2009|12:06] C:\Users\max\AppData\Local\Google
[27/01/2008|21:46] C:\Users\max\AppData\Local\Historique
[16/11/2009|00:44] C:\Users\max\AppData\Local\IconCache.db
[17/11/2008|00:09] C:\Users\max\AppData\Local\Microsoft
[16/03/2008|18:21] C:\Users\max\AppData\Local\Microsoft Help
[27/01/2008|23:24] C:\Users\max\AppData\Local\Mozilla
[12/02/2009|13:24] C:\Users\max\AppData\Local\Native Instruments
[17/02/2009|22:30] C:\Users\max\AppData\Local\Nero
[04/06/2009|20:59] C:\Users\max\AppData\Local\Neuf
[27/01/2008|21:47] C:\Users\max\AppData\Local\PlayMovie
[30/08/2009|12:03] C:\Users\max\AppData\Local\PokerStars
[27/01/2008|21:47] C:\Users\max\AppData\Local\PowerCinema
[02/04/2008|15:35] C:\Users\max\AppData\Local\Sony
[16/11/2009|13:04] C:\Users\max\AppData\Local\Temp
[27/01/2008|21:46] C:\Users\max\AppData\Local\Temporary Internet Files
[27/01/2008|23:24] C:\Users\max\AppData\Local\VirtualStore
[26/10/2009|23:04] C:\Users\max\AppData\Local\xobni_installer_updater.log

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[16/11/2009 12:27][--a------] C:\Windows\tasks\PCConfidential.job
[31/10/2009 15:32][--a------] C:\Windows\tasks\RPCReminder.job
[16/11/2009 12:27][--a------] C:\Windows\tasks\RegPowerClean.job
[16/11/2009 12:25][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[16/11/2009 12:27][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[16/11/2009 12:26][--a------] C:\Windows\tasks\Google Software Updater.job
[29/12/2008 17:17][--a------] C:\Windows\tasks\yxzqrmnk.job
[16/11/2009 12:27][--a------] C:\Windows\tasks\AutoSmartDefrag.job
[16/11/2009 12:23][--ah-----] C:\Windows\tasks\SA.DAT
[16/11/2009 00:44][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[06/05/2007|20:22] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[16/09/2009|12:46] C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[03/04/2009|18:26] C:\ProgramData\{7D88804A-CB1E-43FE-88E8-53F833ADBB43}
[26/08/2009|16:45] C:\ProgramData\1C338
[13/11/2009|17:24] C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[10/02/2008|19:30] C:\ProgramData\addr_file.html
[09/02/2008|16:42] C:\ProgramData\Adobe
[21/06/2008|12:42] C:\ProgramData\Apple
[25/11/2008|11:44] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[13/07/2009|17:15] C:\ProgramData\ArtsAcoustic
[07/12/2007|08:43] C:\ProgramData\ATI
[14/11/2009|13:43] C:\ProgramData\Avira
[10/05/2009|21:24] C:\ProgramData\BOONTY
[28/06/2009|22:10] C:\ProgramData\Boss Media
[27/01/2008|21:42] C:\ProgramData\Bureau
[17/09/2008|14:15] C:\ProgramData\ConeXware
[27/01/2008|21:54] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[09/03/2008|01:07] C:\ProgramData\Downloaded Installations
[10/02/2008|09:29] C:\ProgramData\eMule
[27/01/2008|21:53] C:\ProgramData\eSobi
[27/01/2008|21:42] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[19/08/2008|09:27] C:\ProgramData\fssg
[30/08/2009|13:11] C:\ProgramData\Google
[16/11/2009|12:26] C:\ProgramData\Google Updater
[13/11/2009|17:24] C:\ProgramData\HotbarSA
[29/12/2008|22:37] C:\ProgramData\ICQ
[28/10/2009|20:12] C:\ProgramData\KONAMI
[18/07/2008|14:54] C:\ProgramData\Lavasoft
[08/03/2008|13:13] C:\ProgramData\LightScribe
[23/01/2009|17:47] C:\ProgramData\Malwarebytes
[27/01/2008|21:42] C:\ProgramData\Menu D‚marrer
[07/11/2009|14:31] C:\ProgramData\Microsoft
[11/11/2009|03:03] C:\ProgramData\Microsoft Help
[27/01/2008|21:42] C:\ProgramData\ModŠles
[30/08/2009|13:10] C:\ProgramData\Nero
[05/07/2009|20:21] C:\ProgramData\ntuser.pol
[10/08/2009|18:13] C:\ProgramData\ntusers.log
[07/10/2009|06:40] C:\ProgramData\Office Genuine Advantage
[19/09/2008|14:04] C:\ProgramData\Pinnacle
[29/02/2008|02:50] C:\ProgramData\QuickTime
[13/11/2009|17:47] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|14:02] C:\ProgramData\Start Menu
[27/01/2008|22:06] C:\ProgramData\Symantec
[10/08/2009|23:27] C:\ProgramData\SymplisIT
[02/05/2008|20:24] C:\ProgramData\Syncrosoft
[31/05/2008|16:21] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[26/10/2009|23:09] C:\ProgramData\Winferno
[08/02/2008|20:32] C:\ProgramData\WLInstaller
[12/02/2008|09:35] C:\ProgramData\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files

[26/08/2009|22:13] C:\Program Files\8085 Simulator v 3.0.0
[31/12/2008|17:55] C:\Program Files\Ableton
[27/01/2008|21:56] C:\Program Files\Acer Arcade Live
[07/12/2007|08:38] C:\Program Files\Acer Inc
[06/05/2007|20:22] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[06/05/2007|20:23] C:\Program Files\Adobe
[27/06/2008|08:55] C:\Program Files\Alwil Software
[22/10/2008|19:08] C:\Program Files\Apple Software Update
[07/12/2007|08:33] C:\Program Files\ATI
[12/11/2009|00:06] C:\Program Files\ATI Technologies
[19/09/2008|16:11] C:\Program Files\Audacity 1.3 Beta (Unicode)
[13/03/2008|19:34] C:\Program Files\AviSynth 2.5
[27/01/2009|20:46] C:\Program Files\BitComet
[23/12/2008|10:50] C:\Program Files\Bonjour
[10/05/2009|21:05] C:\Program Files\BoontyGames
[12/11/2009|00:07] C:\Program Files\BSplayer
[10/02/2008|11:48] C:\Program Files\Canon
[11/01/2009|02:40] C:\Program Files\CasinoOnNet
[07/11/2009|14:31] C:\Program Files\Common Files
[17/06/2008|15:46] C:\Program Files\Conduit
[29/01/2008|19:31] C:\Program Files\DAEMON Tools Lite
[07/06/2009|12:03] C:\Program Files\DivX
[02/05/2008|22:43] C:\Program Files\dpp
[22/03/2008|23:10] C:\Program Files\eMule
[13/03/2008|19:33] C:\Program Files\eRightSoft
[27/01/2008|21:57] C:\Program Files\eSobi
[27/01/2008|21:42] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[22/03/2008|10:45] C:\Program Files\FLV Player
[27/10/2009|10:26] C:\Program Files\Free Offers from Freeze.com
[30/08/2009|13:12] C:\Program Files\Full Tilt Poker
[27/01/2008|22:16] C:\Program Files\Glary Utilities
[30/08/2009|13:11] C:\Program Files\Google
[10/02/2008|12:40] C:\Program Files\Guitar Pro 5
[13/11/2009|17:24] C:\Program Files\Hotbar
[29/12/2008|22:37] C:\Program Files\ICQ6Toolbar
[26/08/2009|16:45] C:\Program Files\iMeshMediabarTb
[31/10/2009|15:32] C:\Program Files\InstallShield Installation Information
[10/08/2009|18:13] C:\Program Files\Intel
[18/05/2008|15:06] C:\Program Files\InterActual
[28/10/2009|22:11] C:\Program Files\Internet Explorer
[11/05/2008|10:19] C:\Program Files\IObit
[16/09/2009|12:45] C:\Program Files\iPod
[03/10/2008|07:37] C:\Program Files\IsoBuster
[16/09/2009|12:46] C:\Program Files\iTunes
[13/09/2009|09:42] C:\Program Files\Java
[09/02/2008|17:35] C:\Program Files\K-Lite Codec Pack
[28/10/2009|20:12] C:\Program Files\KONAMI
[18/07/2008|14:54] C:\Program Files\Lavasoft
[11/02/2008|10:29] C:\Program Files\Le Robert
[07/11/2009|14:19] C:\Program Files\Malwarebytes' Anti-Malware
[12/11/2009|00:10] C:\Program Files\Media player classic
[14/11/2009|16:23] C:\Program Files\Microsoft
[08/02/2008|22:03] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[25/10/2009|11:32] C:\Program Files\Microsoft Office
[25/10/2009|11:13] C:\Program Files\Microsoft Office2
[09/09/2009|16:12] C:\Program Files\Microsoft Silverlight
[02/04/2008|15:29] C:\Program Files\Microsoft SQL Server
[19/02/2008|10:10] C:\Program Files\Microsoft Visual Studio
[17/10/2009|08:37] C:\Program Files\Microsoft Works
[19/02/2008|10:09] C:\Program Files\Microsoft.NET
[26/09/2009|10:29] C:\Program Files\Movie Maker
[11/11/2009|09:52] C:\Program Files\Mozilla Firefox
[25/10/2009|11:32] C:\Program Files\MSBuild
[08/02/2008|21:56] C:\Program Files\MSXML 4.0
[31/08/2009|16:39] C:\Program Files\Native Instruments
[14/11/2009|13:34] C:\Program Files\Navilog1
[30/08/2009|13:01] C:\Program Files\Nero
[14/01/2009|23:03] C:\Program Files\Neuf
[18/07/2008|12:53] C:\Program Files\Panda Security
[06/10/2008|23:07] C:\Program Files\Pinnacle
[26/10/2009|23:05] C:\Program Files\Playalot Games
[30/08/2009|12:50] C:\Program Files\PokerStars
[07/02/2009|22:32] C:\Program Files\PowerArchiver
[10/02/2008|13:00] C:\Program Files\PowerTracks DirectX Plugins
[23/11/2008|18:06] C:\Program Files\Pro Evolution Soccer 2008
[20/05/2008|00:42] C:\Program Files\PSP VintageWarmer
[16/09/2009|12:44] C:\Program Files\QuickTime
[27/01/2008|23:37] C:\Program Files\RALINK
[10/02/2008|16:22] C:\Program Files\Real
[07/12/2007|08:32] C:\Program Files\Realtek
[04/08/2009|21:26] C:\Program Files\REAPER
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[04/06/2009|20:58] C:\Program Files\SFR
[11/02/2008|17:09] C:\Program Files\Smart HDD
[24/09/2008|00:00] C:\Program Files\Smart Projects
[04/05/2008|11:47] C:\Program Files\Sony
[02/04/2008|15:31] C:\Program Files\Sony Setup
[18/02/2009|18:20] C:\Program Files\Spectrasonics
[23/01/2009|19:09] C:\Program Files\Spybot - Search & Destroy
[08/02/2009|18:11] C:\Program Files\Steinberg
[24/08/2008|15:53] C:\Program Files\Sun
[10/08/2009|23:27] C:\Program Files\SymplisIT
[02/12/2008|12:14] C:\Program Files\Syncrosoft
[03/11/2009|19:24] C:\Program Files\Trend Micro
[10/05/2009|21:13] C:\Program Files\Ubisoft
[13/07/2009|17:15] C:\Program Files\Uninstall Information
[08/02/2008|18:23] C:\Program Files\Universalis
[13/11/2009|17:25] C:\Program Files\VideoLAN
[15/08/2009|12:37] C:\Program Files\Vstplugins
[27/01/2008|22:19] C:\Program Files\Webteh
[27/01/2008|22:18] C:\Program Files\Winamp
[26/09/2009|10:29] C:\Program Files\Windows Calendar
[26/09/2009|10:29] C:\Program Files\Windows Collaboration
[26/09/2009|10:29] C:\Program Files\Windows Defender
[26/09/2009|10:29] C:\Program Files\Windows Journal
[14/11/2009|16:23] C:\Program Files\Windows Live
[14/11/2009|16:22] C:\Program Files\Windows Live SkyDrive
[11/11/2009|03:05] C:\Program Files\Windows Mail
[28/10/2009|22:08] C:\Program Files\Windows Media Player
[27/01/2008|21:42] C:\Program Files\Windows NT
[26/09/2009|10:29] C:\Program Files\Windows Photo Gallery
[26/09/2009|10:29] C:\Program Files\Windows Sidebar
[26/10/2009|23:04] C:\Program Files\Winferno
[10/02/2008|10:18] C:\Program Files\WinRAR
[15/04/2008|16:47] C:\Program Files\Xvid
[24/08/2009|20:13] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[09/02/2008|16:42] C:\Program Files\Common Files\Adobe
[16/09/2009|12:45] C:\Program Files\Common Files\Apple
[19/02/2008|10:10] C:\Program Files\Common Files\DESIGNER
[01/05/2008|20:16] C:\Program Files\Common Files\Digidesign
[07/06/2009|12:03] C:\Program Files\Common Files\DivX Shared
[06/05/2007|20:30] C:\Program Files\Common Files\InstallShield
[08/02/2008|18:33] C:\Program Files\Common Files\Java
[06/05/2007|20:17] C:\Program Files\Common Files\LightScribe
[25/10/2009|11:32] C:\Program Files\Common Files\microsoft shared
[31/08/2009|16:40] C:\Program Files\Common Files\Native Instruments
[30/08/2009|13:11] C:\Program Files\Common Files\Nero
[30/10/2009|17:32] C:\Program Files\Common Files\NewTech Infosystems
[15/03/2008|17:36] C:\Program Files\Common Files\PX Storage Engine
[10/02/2008|16:22] C:\Program Files\Common Files\Real
[27/06/2008|08:23] C:\Program Files\Common Files\Scanner
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[27/01/2008|22:07] C:\Program Files\Common Files\Symantec Shared
[29/10/2009|14:17] C:\Program Files\Common Files\System
[07/11/2009|14:31] C:\Program Files\Common Files\Windows Live
[08/02/2008|20:37] C:\Program Files\Common Files\WindowsLiveInstaller
[26/10/2009|23:04] C:\Program Files\Common Files\Winferno
[10/02/2008|16:22] C:\Program Files\Common Files\xing shared

--------------------\\ Process

( 73 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-16 13:12:49
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 704

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:50][D:11]-> C:\Users\max\AppData\Local\Temp
[F:98][D:1]-> C:\Users\max\AppData\Roaming\MICROS~1\Windows\Cookies
[F:860][D:7]-> C:\Users\max\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:55][D:3]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 29/10/2009|15:13 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 11/11/2009| 9:48 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 16/11/2009|12:37 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - 16/11/2009|12:49 - Option : [1]
5 - "C:\Lop SD\LopR_5.txt" - 16/11/2009|13:05 - Option : [1]
6 - "C:\Lop SD\LopR_6.txt" - 16/11/2009|13:14 - Option : [1]

--------------------\\ Fin du rapport a 13:14:55
[ UAC => 1 ]

salut, voila le RSIT
Logfile of random's system information tool 1.06 (written by random/random)
Run by max at 2009-12-03 08:37:14
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 2 GB (1%) free of 234 GB
Total RAM: 3327 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:37:51, on 03/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Windows\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Smart HDD\GPIO\GPIOManager.exe
C:\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Le Robert\Le Petit Robert\PRHYPER.EXE
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WIN2K\RaConfig2500.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\max\Desktop\desinfection\RSIT.exe
C:\Program Files\trend micro\max.exe
C:\Windows\system32\conime.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2102473
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: D - {CBFC15E9-29B7-3CB1-81C4-16BE66D36875} - C:\Windows\system32\mq72899.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dll
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [GPIO] C:\Program Files\smart HDD\GPIO\GPIOManager.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [avgnt] "C:\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\Le Robert\Le Petit Robert\prhyper.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WIN2K\RaConfig2500.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI8CBC~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{130B8CB1-F13A-4CC3-8BF5-7FE7473752B1}: NameServer = 192.168.1.1
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Service Google Update (gupdate1c9e75f971307a1) (gupdate1c9e75f971307a1) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

Salut,
J'ai vidé la quarantaine, mais le pb c'est que Shredder et PC confidentiial sont toujours dans mon pc et Ie plante toujours.