Pc infecté, log hijackthis

Merci Pimprenelle,voilà le lien:

http://www.cijoint.fr/cjlink.php?file=cj200908/cijvxsCM3o.txt

Oups ! Désolé,mauvaise manip. Et désolé de mon iimpatience mais mon pc me fait criser à ne démarrer qu'au bout de la 8ème tentative!

Voilà le info.txt (enfin je crois):





info.txt logfile of random's system information tool 1.06 2009-08-28 12:44:59

======Uninstall list======

-->D:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->D:\WINDOWS\NuNInst.exe /UNINSTALL
-->D:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->MsiExec /X{1C4551A6-4743-4093-91E4-1477CD655043}
-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
-->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
-->MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf
7-Zip 4.65-->"D:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player 10 Plugin-->D:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->D:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Adobe Shockwave Player-->MsiExec.exe /X{54E4B63C-D252-454C-BE4F-468F102B331C}
Alchemy 1.2-->C:\PopCap\Alchemy\UnGins.exe "C:\PopCap\Alchemy\install.log"
Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->D:\Program Files\WinRAR\uninstall.exe
Assassin's Creed-->D:\Program Files\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x040c -removeonly
Atomica Deluxe 2.52-->C:\Program Files\PopCap Games\Atomica Deluxe\PopUninstall.exe C:\Program Files\PopCap Games\Atomica Deluxe\Install.log
Avira Premium Security Suite-->D:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Bit Che-->"D:\Program Files\Bit Che\unins000.exe"
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Brothers in Arms: Hell's Highway-->F:\Jeux\Hell's highway\Brothers in Arms - Hell's Highway\Binaries\uninst.exe
Burnout(TM) Paradise The Ultimate Box-->MsiExec.exe /X{9A996B6A-846E-4A89-B9C4-17546B7BE49F}
CCleaner (remove only)-->"D:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"D:\Program Files\CDBurnerXP\unins000.exe"
Chaos-League-->C:\Jeux Lacie\Chaos League\Chaos-League\uninstall.exe
ClearType Tuning-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,ClearTypeCPL.Uninstall
Combined Community Codec Pack 2008-09-21 16:18-->"D:\Program Files\Combined Community Codec Pack\unins000.exe"
Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007-->MsiExec.exe /X{90120000-00B2-040C-0000-0000000FF1CE}
Correctif pour Windows XP (KB961118)-->"D:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
CPU-Z-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,CPUZ.Uninstall
Crash Time 2 (remove only)-->"C:\Crash Time II\Uninstall.exe"
CurrPorts-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,CurrPorts.Uninstall
CyberLink PowerDVD 8-->"D:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\setup.exe" /z-uninstall
DAMN NFO Viewer Setup-->MsiExec.exe /I{D5DE2E28-2BA1-4CF8-A4C5-D3D2AE0A9E38}
Dassault Systemes Software B18-->"F:\Dassault Systemes\B18\intel_a\code\bin\Uninstall.exe" "F:\Dassault Systemes\B18" "CODE" "GUI" "B18" "0"
Dassault Systemes Software Prerequisites x86-->MsiExec.exe /I{9877BCD9-6698-4951-AE19-D5F398D83D5A}
dBpoweramp m4a Codec-->"D:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>D:\WINDOWS\system32\SpoonUninstall-dBpoweramp m4a Codec.dat
dBpoweramp Music Converter-->"D:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>D:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat
Death Track: Resurrection-->"D:\Program Files\Aspyr\Death Track\unins000.exe"
DiRT-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}\setup.exe" -l0x40c -removeonly
DivX-->D:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DVD Decrypter (Remove Only)-->"D:\Program Files\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2-->"D:\Program Files\DVD Shrink\unins000.exe"
DVD X Copy Platinum 4.0.3-->"D:\Program Files\321Studios\Platinum\uninstall.exe"
DVD X Rescue-->D:\PROGRA~1\321STU~1\DVDXRE~1\UNWISE.EXE D:\PROGRA~1\321STU~1\DVDXRE~1\INSTALL.LOG
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.5.0-->"D:\Program Files\DVDFab 5\unins000.exe"
DVDXCopy Platinum 4.0.3-->"C:\Program Files\321Studios\uninstall.exe"
DVDXCopy Xpress 3.0.2-->"D:\Program Files\321Studios\Xpress\uninstall.exe"
eMule-->"D:\Program Files\eMule\Uninstall.exe"
FlatOut2-->MsiExec.exe /I{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}
foobar2000 v0.9.6.5-->"D:\Program Files\foobar2000\uninstall.exe" _?=D:\Program Files\foobar2000
Free Ipod Video Converter V 2.6-->"D:\Program Files\Ipod Video Converter\unins000.exe"
Free Video Converter V 1.5-->"D:\Program Files\Free Video Converter\unins000.exe"
Glary Utilities 2.15.0.738-->"D:\Program Files\Glary Utilities\unins000.exe"
GoRC-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,GoRC.Uninstall
GPU-Z-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,GPUZ.Uninstall
HD Tune-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,HDTune.Uninstall
HijackThis 2.0.2-->"D:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->D:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->D:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HWMonitor-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,HWMonitor.Uninstall
ImgBurn-->"D:\Program Files\ImgBurn\uninstall.exe"
InfraRecorder-->D:\Program Files\InfraRecorder\uninstall.exe
IsoBuster 1.7-->"D:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
JkDefrag-->rundll32.exe advpack.dll,LaunchINFSection JKDEFRAG.INF,JkDefrag.Uninstall
Kaspersky Online Scanner-->D:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Kaspersky On-line Scanner-->D:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Lame ACM MP3 Codec-->D:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 D:\WINDOWS\INF\LameACM.inf
LG ODD Auto Firmware Update-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\setup.exe"
LightScribe System Software 1.10.27.1-->MsiExec.exe /X{CBCF859F-04BE-4A07-B6FA-F4FAD69EF1ED}
Logitech Desktop Messenger-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x40c UNINSTALL
Logitech Harmony Remote Software 7-->D:\Program Files\InstallShield Installation Information\{5C6F884D-680C-448B-B4C9-22296EE1B206}\Setup.exe -runfromtemp -l0x040c -removeonly
Ma-Config.com-->MsiExec.exe /X{FACFAAB3-1443-427D-A0B0-1B55BB4F7FB2}
Malwarebytes' Anti-Malware-->"D:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MediaCoder 0.6.2-->D:\Program Files\MediaCoder\uninst.exe
Medieval II Total War-->D:\Program Files\InstallShield Installation Information\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}\setup.exe -runfromtemp -l0x040c -removeonly
MemTest-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,MemTest.Uninstall
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->D:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft DirectX Control Panel 9.0c-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,DirectXCPL.Uninstall
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"D:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Groove MUI (French) 2007-->MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft XNA Framework Redistributable 2.0-->MsiExec.exe /I{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"D:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"D:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"D:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"D:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"D:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"D:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"D:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"D:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"D:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"D:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"D:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"D:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"D:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"D:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"D:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"D:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"D:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"D:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"D:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"D:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"D:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"D:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"D:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"D:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"D:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"D:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"D:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"D:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"D:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"D:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"D:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB969497)-->"D:\WINDOWS\ie8updates\KB969497-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"D:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->d:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->D:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Monkey's Audio-->"D:\Program Files\Monkey's Audio\unins000.exe"
Mozilla Firefox (3.0.13)-->D:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Need for Speed™ Undercover-->MsiExec.exe /X{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}
Nero 7 Essentials-->MsiExec.exe /X{1596098A-FCEC-48F0-B7C7-08A31B771036}
Nero Info Tool-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,InfoTool.Uninstall
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Notepad++-->D:\Program Files\Notepad++\uninstall.exe
NVIDIA Drivers-->D:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{1C4551A6-4743-4093-91E4-1477CD655043}
Open Command Prompt Shell Extension-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,CmdOpen.Uninstall
OpenAL-->"D:\Program Files\OpenAL\oalinst.exe" /U
Overlord II-->D:\Program Files\InstallShield Installation Information\{E426CEC1-35C5-42BF-913E-6EF8F1211D01}\setup.exe -runfromtemp -l0x040c -removeonly
Panda ActiveScan 2.0-->D:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Peggle (remove only)-->C:\Peggle\Uninstall.exe
Peggle Nights Deluxe 1.0-->C:\Peggle Nights\Peggle Nights Deluxe\PopUninstall.exe "C:\Peggle Nights\Peggle Nights Deluxe\Install.log"
Prince of Persia-->"D:\Program Files\InstallShield Installation Information\{7C11154F-3539-4CB5-979D-EF7913473E53}\setup.exe" -runfromtemp -l0x040c -removeonly
ProtectDisc Driver, Version 11-->D:\Program Files\ProtectDisc Driver Installer\uninstall_v11.exe
Pserv-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,Pserv.Uninstall
PunkBuster Services-->D:\WINDOWS\system32\pbsvc.exe -u
QT Lite 2.7.0-->"D:\Program Files\QT Lite\unins000.exe"
Quicksys RegDefrag-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,RegDefrag.Uninstall
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RegScanner-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,RegScanner.Uninstall
Remote Control USB Driver-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{8471021C-F529-43DE-84DF-3612E10F58C4}\setup.exe" -l0x9 -removeonly
Ri4m v5.0.1d-->D:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
Rome - Total War(TM)-->D:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}
Rome Total War - patch 1.3-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{A5D65411-8E73-4C85-AD80-9FE8B7391CF9}\Setup.exe" -l0x40c
Roxio Easy Media Creator 9 Suite-->MsiExec.exe /I{70272964-C468-4C5F-8246-AA2CABA75941}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Seven Seas Deluxe 1.13-->C:\Program Files\PopCap Games\Seven Seas Deluxe\PopUninstall.exe C:\Program Files\PopCap Games\Seven Seas Deluxe\Install.log
ShaunWhiteSnowboarding-->"D:\Program Files\InstallShield Installation Information\{2E52FB79-7F60-4AD7-B946-5ED18B4F274E}\setup.exe" -runfromtemp -l0x040c -removeonly
SPEED-LINK DUAL SHOCK ADAPTER-->D:\Program Files\InstallShield Installation Information\{AEC7CD2E-2BB5-40C3-9592-078F64677E6C}\setup.exe -runfromtemp -l0x0009 -removeonly
Sysinternals Suite-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,Sysinternals.Uninstall
Theme Hospital-->D:\WINDOWS\unin040c.exe -f"D:\Program Files\Bullfrog\Hospital\DeIsL1.isu"
Thrustmaster Force Feedback Driver-->D:\Program Files\InstallShield Installation Information\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}\setup.exe -runfromtemp -l0x040c -removeonly
Tom Clancy's Rainbow Six Vegas 2-->"D:\Program Files\InstallShield Installation Information\{FD416706-875C-4B0B-A23A-9E740DAE029E}\setup.exe" -runfromtemp -l0x040c -removeonly
Turok-->D:\Program Files\InstallShield Installation Information\{1BC3AF44-D80E-4744-A8E1-9BC540424AC9}\setup.exe -runfromtemp -l0x040cTurok -removeonly
Tweak UI-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,TweakUI.Uninstall
Unlocker 1.8.7-->D:\Program Files\Unlocker\uninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->D:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office Outlook 2007 (KB969907)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {74F98B24-AFBD-4800-9BD6-87D349B5C462}
Update for Outlook 2007 Junk Email Filter (kb970012)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {DC4A962B-9EC2-469C-BC9C-87312ADAEE81}
Utilitaires Gnu Unix-->rundll32.exe advpack.dll,LaunchINFSection KALUNIX.INF,Uninstall
VirtualCloneDrive-->"D:\Program Files\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="D:\Program Files\Elaborate Bytes\VirtualCloneDrive"
VSO Media Player-->"D:\Program Files\vso\CopyToDVD\unins000.exe"
Windows Installer CleanUp-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,MSI.Uninstall
Windows Internet Explorer 8-->"D:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
WinUHA 2.0 RC1 (2005.02.27)-->"D:\Program Files\WinUHA\unins000.exe"
Worms 4 Mayhem-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{45E7C481-3EF4-4FCB-AF0B-19F70D618F0C}\setup.exe" -l0x40c -removeonly
XML Paper Specification Shared Components Language Pack 1.0-->"D:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XnView 1.94-->"D:\Program Files\XnView\unins000.exe"

======Security center information======

AV: AntiVir Desktop
FW: Avira Pare-feu

======System event log======

Computer Name: SWEET-61E1FFE39
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Services Terminal Server.

Record Number: 5
Source Name: Service Control Manager
Time Written: 20090704113806.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: SWEET-61E1FFE39
Event Code: 7036
Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution.

Record Number: 4
Source Name: Service Control Manager
Time Written: 20090704113806.000000+120
Event Type: Informations
User:

Computer Name: SWEET-61E1FFE39
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).

Record Number: 3
Source Name: Service Control Manager
Time Written: 20090704113806.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: SWEET-61E1FFE39
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 2
Source Name: EventLog
Time Written: 20090704113750.000000+120
Event Type: Informations
User:

Computer Name: SWEET-61E1FFE39
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20090704113750.000000+120
Event Type: Informations
User:

=====Application event log=====

Computer Name: SWEET-61E1FFE39
Event Code: 0
Message:
Record Number: 442
Source Name: RoxLiveShare9
Time Written: 20090722150021.000000+120
Event Type: Informations
User:

Computer Name: SWEET-61E1FFE39
Event Code: 105
Message: The service was started.

Record Number: 441
Source Name: PLFlash DeviceIoControl Service
Time Written: 20090722150021.000000+120
Event Type: Informations
User:

Computer Name: SWEET-61E1FFE39
Event Code: 4
Message: The LightScribe Service started successfully.

Record Number: 440
Source Name: LightScribeService
Time Written: 20090722150021.000000+120
Event Type: Informations
User:

Computer Name: SWEET-61E1FFE39
Event Code: 1
Message:
Record Number: 439
Source Name: Bonjour Service
Time Written: 20090722150020.000000+120
Event Type: Informations
User:

Computer Name: SWEET-61E1FFE39
Event Code: 20
Message:
Record Number: 438
Source Name: Google Update
Time Written: 20090722112505.000000+120
Event Type: erreur
User: SWEET-61E1FFE39\Administrateur

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;%SystemRoot%\System32\GnuWin32;D:\Program Files\QT Lite\QTSystem;D:\Program Files\Fichiers communs\Roxio Shared\DLLShared;D:\Program Files\Fichiers communs\Roxio Shared\9.0\DLLShared;D:\Program Files\Smart Projects\IsoBuster;D:\Program Files\QT Lite\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=2
"LANG"=EN
"LANGUAGE"=EN
"WGETRC"=D:\WINDOWS\system32\GnuWin32\etc\wgetrc
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"RoxioCentral"=D:\Program Files\Fichiers communs\Roxio Shared\9.0\Roxio Central33\
"CLASSPATH"=.;D:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=D:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------


Merci d'avance ! Je vais patienter dans mon lit...Bonne nuit à bientôt.

C'est mon disque dur externe. Je sais pas si t'as une idée mais en tous cas j'ai l'impression que mon pc est plus stable quand le dd n'est pas allumé.

OK c'est fait voilà le rapport:




############################## | UsbFix V6.023 |

User : Administrateur (Administrateurs) # SWEET-61E1FFE39
Update on 29/08/09 by Chiquitine29, C_XX & Chimay8
Start at: 12:07:53 | 30/08/2009
Website : http://pagesperso-orange.fr/NosTools/index.html

Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
FW : Avira Pare-feu[ Enabled ]9.0.1.32

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 149,04 Go (565,21 Mo free) # NTFS
D:\ -> Disque fixe local # 34,46 Go (2,1 Go free) # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque fixe local # 298,09 Go (6,93 Go free) [LACIE] # NTFS
G:\ -> Disque CD-ROM
H:\ -> Disque CD-ROM
I:\ -> Disque CD-ROM
J:\ -> Disque CD-ROM

############################## | Processus actifs |

D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
D:\Program Files\Nero\Nero 7\InCD\InCD.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\Glary Utilities\memdefrag.exe
D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
D:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
D:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
D:\Program Files\Avira\AntiVir Desktop\avmailc.exe
D:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\system32\IoctlSvc.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\PnkBstrB.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe

################## | Fichiers # Dossiers infectieux |

Présent ! C:\autorun.inf
Présent ! D:\autorun.inf
Présent ! F:\Administrateur.exe
Présent ! F:\autorun.inf
Présent ! F:\Administrateur.exe

################## | Suspect ! ... | https://www.virustotal.com/gui/ |


################## | Registre # Clés Run infectieuses |

Présent ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
Présent ! HKLM\software\microsoft\security center "FirewallDisableNotify" ( 0x1 )

################## | Registre # Mountpoints2 |


################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # UsbFix V6.023 ! |

Le voilà:


g
############################## | UsbFix V6.023 |

User : Administrateur (Administrateurs) # SWEET-61E1FFE39
Update on 29/08/09 by Chiquitine29, C_XX & Chimay8
Start at: 12:17:23 | 30/08/2009
Website : http://pagesperso-orange.fr/NosTools/index.html

Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
FW : Avira Pare-feu[ Enabled ]9.0.1.32

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 149,04 Go (565,21 Mo free) # NTFS
D:\ -> Disque fixe local # 34,46 Go (2,01 Go free) # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque fixe local # 298,09 Go (6,93 Go free) [LACIE] # NTFS
G:\ -> Disque CD-ROM
H:\ -> Disque CD-ROM
I:\ -> Disque CD-ROM
J:\ -> Disque CD-ROM

############################## | Processus actifs |

D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\WINDOWS\system32\logonui.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
D:\Program Files\Avira\AntiVir Desktop\avmailc.exe
D:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\WINDOWS\system32\userinit.exe
F:\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\system32\IoctlSvc.exe
D:\WINDOWS\system32\PnkBstrA.exe

################## | Fichiers # Dossiers infectieux |

Supprimé ! C:\autorun.inf
Supprimé ! D:\autorun.inf
Supprimé ! F:\Administrateur.exe
Supprimé ! F:\autorun.inf

################## | Autres |


################## | Suspect ! ... | https://www.virustotal.com/gui/ |


################## | Registre # Clés Run infectieuses |

Supprimé ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
# HKLM\software\microsoft\security center "FirewallDisableNotify" # -> Reset sucessfully !

################## | Registre # Mountpoints2 |


################## | Listing des fichiers présent |

[25/10/2008 17:20|--a------|0] -> C:\AUTOEXEC.BAT
[29/12/2008 15:22|--a------|212] -> C:\Boot.bak
[14/05/2009 00:43|-rahs----|282] -> C:\boot.ini
[14/04/2008 14:00|-rahs----|4952] -> C:\Bootfont.bin
[03/08/2004 23:00|--a------|263488] -> C:\cmldr
[25/10/2008 17:20|--a------|0] -> C:\CONFIG.SYS
[10/01/2009 22:22|--a------|199] -> C:\DARE.INI
[12/05/2009 10:04|--a------|33] -> C:\DVDFab_Info.txt
[26/04/2009 17:03|--a------|15931] -> C:\GF_Excpt.txt
[25/10/2008 17:20|-rahs----|0] -> C:\IO.SYS
[25/03/2009 14:06|--a------|4194322] -> C:\memory_map.tga
[16/02/2009 19:42|--a------|5615] -> C:\mkv.txt
[16/02/2009 19:51|--a------|653] -> C:\mpeg.txt
[25/10/2008 17:20|-rahs----|0] -> C:\MSDOS.SYS
[14/04/2008 14:00|-rahs----|47564] -> C:\NTDETECT.COM
[14/04/2008 14:00|-rahs----|252240] -> C:\ntldr
[14/05/2009 16:01|--a------|1101] -> D:\message CCM
[?|?|?] -> D:\pagefile.sys
[23/07/2009 23:18|--ah-----|268] -> D:\sqmdata00.sqm
[24/07/2009 00:43|--ah-----|268] -> D:\sqmdata01.sqm
[24/07/2009 00:59|--ah-----|268] -> D:\sqmdata02.sqm
[24/07/2009 15:36|--ah-----|268] -> D:\sqmdata03.sqm
[25/07/2009 14:37|--ah-----|268] -> D:\sqmdata04.sqm
[25/07/2009 22:30|--ah-----|268] -> D:\sqmdata05.sqm
[26/07/2009 15:52|--ah-----|268] -> D:\sqmdata06.sqm
[27/07/2009 23:24|--ah-----|268] -> D:\sqmdata07.sqm
[28/07/2009 15:07|--ah-----|268] -> D:\sqmdata08.sqm
[28/07/2009 22:41|--ah-----|268] -> D:\sqmdata09.sqm
[29/07/2009 10:20|--ah-----|268] -> D:\sqmdata10.sqm
[29/07/2009 14:45|--ah-----|268] -> D:\sqmdata11.sqm
[29/07/2009 18:52|--ah-----|268] -> D:\sqmdata12.sqm
[01/08/2009 10:28|--ah-----|268] -> D:\sqmdata13.sqm
[01/08/2009 12:26|--ah-----|268] -> D:\sqmdata14.sqm
[21/08/2009 20:26|--ah-----|268] -> D:\sqmdata15.sqm
[22/08/2009 00:19|--ah-----|268] -> D:\sqmdata16.sqm
[22/07/2009 15:00|--ah-----|268] -> D:\sqmdata17.sqm
[22/07/2009 21:33|--ah-----|268] -> D:\sqmdata18.sqm
[23/07/2009 13:57|--ah-----|268] -> D:\sqmdata19.sqm
[23/07/2009 23:18|--ah-----|244] -> D:\sqmnoopt00.sqm
[24/07/2009 00:43|--ah-----|244] -> D:\sqmnoopt01.sqm
[24/07/2009 00:59|--ah-----|244] -> D:\sqmnoopt02.sqm
[24/07/2009 15:36|--ah-----|244] -> D:\sqmnoopt03.sqm
[25/07/2009 14:37|--ah-----|244] -> D:\sqmnoopt04.sqm
[25/07/2009 22:30|--ah-----|244] -> D:\sqmnoopt05.sqm
[26/07/2009 15:52|--ah-----|244] -> D:\sqmnoopt06.sqm
[27/07/2009 23:24|--ah-----|244] -> D:\sqmnoopt07.sqm
[28/07/2009 15:07|--ah-----|244] -> D:\sqmnoopt08.sqm
[28/07/2009 22:41|--ah-----|244] -> D:\sqmnoopt09.sqm
[29/07/2009 10:20|--ah-----|244] -> D:\sqmnoopt10.sqm
[29/07/2009 14:45|--ah-----|244] -> D:\sqmnoopt11.sqm
[29/07/2009 18:52|--ah-----|244] -> D:\sqmnoopt12.sqm
[01/08/2009 10:28|--ah-----|244] -> D:\sqmnoopt13.sqm
[01/08/2009 12:26|--ah-----|244] -> D:\sqmnoopt14.sqm
[21/08/2009 20:26|--ah-----|244] -> D:\sqmnoopt15.sqm
[22/08/2009 00:19|--ah-----|244] -> D:\sqmnoopt16.sqm
[22/07/2009 15:00|--ah-----|244] -> D:\sqmnoopt17.sqm
[22/07/2009 21:33|--ah-----|244] -> D:\sqmnoopt18.sqm
[23/07/2009 13:57|--ah-----|244] -> D:\sqmnoopt19.sqm
[14/05/2009 15:10|--a------|576] -> D:\TCleaner.txt
[30/08/2009 12:20|--a------|5948] -> D:\UsbFix.txt
[03/02/2008 02:00|--ah-----|6148] -> F:\.DS_Store
[02/02/2008 20:38|--ah-----|4096] -> F:\._.Trashes
[17/07/2009 14:09|--a------|275] -> F:\Disque local (D) (2).lnk
[09/07/2009 00:12|--a------|275] -> F:\Disque local (D).lnk
[02/03/9999 04:37|--a------|401720] -> F:\HiJackThis.exe
[28/08/2009 13:40|--a------|9424] -> F:\hijackthis.log
[16/01/2002 20:31|--a------|24576] -> F:\MPC2MP3.exe
[02/06/2002 16:23|--a------|267264] -> F:\MuseDrop.exe
[22/06/2009 09:20|--a------|191] -> F:\MuseDrop.ini
[09/08/2008 12:30|--a------|452608] -> F:\ToolsCleaner2.exe

################## | Cracks / Keygens / Serials |


################## | Upload |

Veuillez envoyer le fichier : D:\DOCUME~1\ADMINI~1\Bureau\UsbFix_Upload_Me_SWEET-61E1FFE39.zip : https://www.androidworld.fr/
Merci pour votre contribution .

Voilà le log. Apparemment mbam n' a rien détecté. J'attends ta confirmation et je mets résolu ?



Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2720
Windows 5.1.2600 Service Pack 3

31/08/2009 17:04:56
mbam-log-2009-08-31 (17-04-56).txt

Type de recherche: Examen complet (C:\|D:\|F:\|)
Eléments examinés: 384378
Temps écoulé: 1 hour(s), 3 minute(s), 22 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

C'est bon bit defender n'a rien détecté:





Généré à: Fri, Sep 04, 2009 - 09:47:42





Info d'analyse





Fichiers scannés


112094

Infectés Fichiers


0







Virus Détectés




Aucun virus trouvé.






Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.



---------------------------------------------------------

C'est ok pour toi ?

OK voilà le lien du rapport: http://www.cijoint.fr/cjlink.php?file=cj200909/cijed0wuDm.txt

Le voilà:



Infections :
==========


¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

"D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"

¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :


¤¤¤¤¤¤¤¤¤¤ D:\WINDOWS\Prefetch :

Layout.ini
NTOSBOOT-B00DFAAD.pf
REG.EXE-07FA5B3F.pf




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Salut. Je suis sous XP donc pas de contrôle des comptes utilisateurs ?

Sinon voilà le rapport Ad-remover:




.
======= RAPPORT D'AD-REMOVER 1.1.4.5_X | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 04.10.2009 à 21:55
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 12:41:00, 05/10/2009 | Mode Normal | Option: CLEAN
Exécuté de: D:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 SP3 v5.1.2600
Nom du PC: SWEET-61E1FFE39 | Utilisateur actuel: Administrateur
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.

HKCU\Software\AppDataLow\Software\Dealio
HKCU\Software\Search Settings
HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
HKLM\Software\Classes\SearchSettings.BHO
HKLM\Software\Classes\SearchSettings.BHO.1
HKLM\Software\Dealio
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}
HKLM\Software\Search Settings
HKLM\Software\Trymedia Systems
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
.
D:\Documents and Settings\Administrateur\Application Data\Dealio
D:\Documents and Settings\Administrateur\Application Data\Search Settings
D:\Program Files\Dealio Toolbar
D:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
D:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
D:\Program Files\Search Settings
D:\Windows\Installer\e31cb6.msi
D:\Windows\Installer\e31cbf.msi
D:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-30EFBC20.pf

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.3 *
.
Nom du profil: mteietq8.default (Administrateur)
.
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.fr/");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.1.3");
.
(prefs.js) EFFACÉ: user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials ... ) ==============
.
D:\Documents and Settings\All Users\Application Data\TrackMania United\Patches\tmunitedforever_fromtmu_setup.url
.
===================================
.
3641 Octet(s) - D:\Ad-Report-CLEAN[1].log
.
1 Fichier(s) - D:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
1 Fichier(s) - D:\WINDOWS\Temp
.
18 Fichier(s) - D:\Program Files\Ad-Remover\BACKUP
47 Fichier(s) - D:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 12:47:16 | 05/10/2009 - CLEAN[1]
.
============== E.O.F ==============
.

Désolé j'étais encore absent pour le boulot.

Voilà le lien:http://www.cijoint.fr/cjlink.php?file=cj200910/cijfas8eEc.txt

Je viens de les supprimer mais je n'ai pas encore redémarrer.

Pour vitysoft non je ne connais pas. J'ai cherché sur google et je n'ai trouvé qu'un gestionnaire de téléchargement java pour rapidshare. C'est ça ?
J'avais essayé de tester jdownloader mais impossible de le lancer.