Virus sur system32

dawwood Messages postés 55 Date d'inscription   Statut Membre Dernière intervention   -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,

Hier en voulant télécharger un ebook gratuitement je me suis pris un virus sur l'exe "yp", antivir me dit qu'il est situé sur system32/sshnas21.dll , pourriez vous me dire comment faire pour l'éradiquer merci ...
Configuration: Windows Vista / Firefox 3.5.8

5 réponses

  1. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    slt colle un rapport avec malwarebyte antimalware après mise à jour : analyse rapide
    0
  2. dawwood Messages postés 55 Date d'inscription   Statut Membre Dernière intervention   1
     
    salut jlpjlp!

    j ai fait ce que tu as dit je te colle le rapport merci :

    Malwarebytes' Anti-Malware 1.28
    Database version: 1221
    Windows 6.0.6002 Service Pack 2

    24/02/2010 18:25:51
    mbam-log-2010-02-24 (18-25-42).txt

    Scan type: Quick Scan
    Objects scanned: 47759
    Time elapsed: 6 minute(s), 13 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 2
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> No action taken.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
    0
  3. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    j'avais dis de mettre à jour et seulement ensuite de faire une analyse et nous coller le rapport!

    recommence !!!

    et colle le rapport

    ________________

    puis
    Télécharge ici :

    http://images.malwareremoval.com/random/RSIT.exe

    random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

    Double-clique sur RSIT.exe afin de lancer RSIT.

    Clique Continue à l'écran Disclaimer.

    Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

    Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

    Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

    NB : Les rapports sont sauvegardés dans le dossier C:\rsit
    0
  4. dawwood Messages postés 55 Date d'inscription   Statut Membre Dernière intervention   1
     
    voici le log.txt rsit1

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
    C:\PROGRA~1\Google\GOOGLE~4\GOOGLE~1.EXE [2008-11-05 161264]

    C:\Users\DAWOOD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\Windows\System32\cssdll32.dll C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "EnableLUA"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "FilterAdministratorToken"=1
    "EnableUIADesktopToggle"=0
    "UacDisableNotify"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=255
    "NoDriveAutoRun"=FFFFFFFF
    "HonorAutoRunSetting"=1
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "BindDirectlyToPropertySetStorage"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "HonorAutoRunSetting"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\PPStream\PPStream.exe"="C:\Program Files\PPStream\PPStream.exe:*:Enabled:PPSÍøÂçµçÊÓ"
    "C:\Program Files\PPStream\PPSAP.exe"="C:\Program Files\PPStream\PPSAP.exe:*:Enabled:PPS ÍøÂç¼ÓËÙÆ÷"
    "C:\Program Files\PPMate\PPMate\ppmate.exe"="C:\Program Files\PPMate\PPMate\ppmate.exe:*:Enabled:PPMate"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5c655cc-44fa-11de-8838-001060d13545}]
    shell\AutoRun\command - G:\AurLaunch\LaunchScreen.exe

    ======List of files/folders created in the last 1 months======

    2010-02-24 18:59:43 ----D---- C:\rsit
    2010-02-24 18:47:24 ----A---- C:\Windows\isRS-000.tmp
    2010-02-21 21:16:05 ----A---- C:\Windows\msa.exe
    2010-02-20 03:19:17 ----D---- C:\Users\DAWOOD\AppData\Roaming\Usenet.nl
    2010-02-20 03:19:04 ----D---- C:\Program Files\Usenet.nl
    2010-02-12 16:46:26 ----D---- C:\ProgramData\TechSmith
    2010-02-12 16:46:25 ----D---- C:\Program Files\QuickTime
    2010-02-12 16:46:01 ----D---- C:\Program Files\Common Files\TechSmith Shared
    2010-02-12 16:45:59 ----D---- C:\Program Files\TechSmith
    2010-02-10 14:06:54 ----A---- C:\Windows\system32\ntoskrnl.exe
    2010-02-10 14:06:54 ----A---- C:\Windows\system32\ntkrnlpa.exe
    2010-02-10 14:06:36 ----A---- C:\Windows\system32\quartz.dll
    2010-02-10 14:06:35 ----A---- C:\Windows\system32\tsbyuv.dll
    2010-02-10 14:06:35 ----A---- C:\Windows\system32\msyuv.dll
    2010-02-10 14:06:35 ----A---- C:\Windows\system32\msvidc32.dll
    2010-02-10 14:06:35 ----A---- C:\Windows\system32\msrle32.dll
    2010-02-10 14:06:35 ----A---- C:\Windows\system32\mciavi32.dll
    2010-02-10 14:06:35 ----A---- C:\Windows\system32\iyuv_32.dll
    2010-02-10 14:06:34 ----A---- C:\Windows\system32\msvfw32.dll
    2010-02-10 14:06:34 ----A---- C:\Windows\system32\avifil32.dll

    ======List of files/folders modified in the last 1 months======

    2010-02-24 18:59:56 ----D---- C:\Windows\Prefetch
    2010-02-24 18:58:12 ----D---- C:\Windows\Tasks
    2010-02-24 18:55:39 ----D---- C:\Program Files\Mozilla Firefox
    2010-02-24 18:55:12 ----D---- C:\Windows\System32
    2010-02-24 18:53:24 ----D---- C:\Windows\temp
    2010-02-24 18:52:40 ----D---- C:\Windows
    2010-02-24 18:52:32 ----D---- C:\Windows\system32\Tasks
    2010-02-24 18:51:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2010-02-24 18:47:21 ----D---- C:\Windows\system32\drivers
    2010-02-24 18:10:28 ----D---- C:\Users\DAWOOD\AppData\Roaming\OpenOffice.org2
    2010-02-24 15:06:47 ----SHD---- C:\System Volume Information
    2010-02-24 14:18:47 ----D---- C:\Windows\system32\catroot
    2010-02-24 14:18:42 ----D---- C:\Windows\system32\catroot2
    2010-02-24 14:18:40 ----D---- C:\Windows\winsxs
    2010-02-22 18:31:02 ----D---- C:\jv
    2010-02-22 02:50:59 ----D---- C:\outi
    2010-02-22 01:55:29 ----SD---- C:\Users\DAWOOD\AppData\Roaming\Microsoft
    2010-02-20 20:10:54 ----A---- C:\Windows\NeroDigital.ini
    2010-02-20 03:19:04 ----D---- C:\Program Files
    2010-02-12 16:47:02 ----SHD---- C:\Windows\Installer
    2010-02-12 16:47:00 ----D---- C:\Windows\system32\QuickTime
    2010-02-12 16:46:26 ----D---- C:\ProgramData
    2010-02-12 16:46:01 ----D---- C:\Program Files\Common Files
    2010-02-12 00:09:40 ----D---- C:\Program Files\Windows Live Safety Center
    2010-02-11 04:54:56 ----D---- C:\Program Files\Windows Mail
    2010-02-11 03:04:44 ----D---- C:\Windows\Debug
    2010-02-11 03:03:51 ----D---- C:\ProgramData\Microsoft Help
    2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe
    2010-02-01 11:40:54 ----D---- C:\Windows\system32\LogFiles
    2010-01-29 09:27:19 ----D---- C:\Program Files\Veetle

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
    R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
    R1 cmdGuard;COMODO Firewall Pro Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2009-04-16 108560]
    R1 cmdHlp;COMODO Firewall Pro Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2008-11-20 25104]
    R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-07-15 28520]
    R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-05-28 279712]
    R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-10 56816]
    R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-05-28 25888]
    R3 BthEnum;Service d'énumérateur Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 22528]
    R3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-18 92160]
    R3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-10 29696]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
    R3 Inspect;Comodo Firewall Network Driver; C:\Windows\system32\DRIVERS\inspect.sys [2008-11-01 72720]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-10 1775712]
    R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-04-04 46592]
    R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-01-07 19160]
    R3 NETw5v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits ; C:\Windows\system32\DRIVERS\NETw5v32.sys [2009-09-15 6000640]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-08-28 9616704]
    R3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 148992]
    R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
    R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-22 982272]
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-18 11264]
    S2 MBAMDrvService;MBAMDrvService; \??\C:\Windows\system32\drivers\mbam.sys [2010-01-07 19160]
    S3 abjgd4cn;abjgd4cn; C:\Windows\system32\drivers\abjgd4cn.sys []
    S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-10 507904]
    S3 Cam5603D;WebCam; C:\Windows\System32\Drivers\BisonCam.sys [2007-04-19 788400]
    S3 catchme;catchme; C:\Windows\system32\drivers\catchme.sys []
    S3 cpuz130;cpuz130; C:\Windows\system32\drivers\cpuz130.sys []
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-09-23 14336]
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
    S3 dump_wmimmc;dump_wmimmc; C:\Windows\system32\drivers\dump_wmimmc.sys []
    S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2008-09-17 27672]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
    S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
    S3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2008-03-13 2555392]
    S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
    S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
    S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
    S3 RivaTuner32;RivaTuner32; \??\C:\Program Files\RivaTuner v2.24\RivaTuner32.sys [2009-02-25 9088]
    S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\Windows\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
    S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360]
    S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\se59mdm.sys [2006-09-05 97088]
    S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624]
    S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
    S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys []
    S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-10 27648]
    S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
    S4 nvatabus;nvatabus; C:\Windows\system32\drivers\nvatabus.sys [2006-07-14 105088]
    S4 viamraid;viamraid; C:\Windows\system32\drivers\viamraid.sys [2006-03-31 100992]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-15 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]
    R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
    R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\Firewall\cmdagent.exe [2009-04-16 700152]
    R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-09-21 858384]
    R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-05-03 355096]
    R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-01-07 236368]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-08-27 215656]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-06-02 66872]
    R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-09-21 473360]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-20 262247]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
    R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler; C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [2006-12-08 204800]
    R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2009-10-16 604488]
    R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-18 21504]
    S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-20 182768]
    S2 vvdsvc;VJVodClientServices; C:\Windows\System32\svchost.exe [2008-01-18 21504]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-12-24 72704]
    S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
    S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
    S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-07 29744]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
    S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-02-26 267824]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2009-09-17 651776]
    S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-10-16 361288]
    S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-18 21504]
    S4 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
    S4 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe []

    l info txt :

    info.txt logfile of random's system information tool 1.06 2010-02-24 19:00:25

    ======Uninstall list======

    @promt Professional 8 EFFE Trial-->MsiExec.exe /I{661E7BE6-5239-4293-BA67-E7B804353910}
    -->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
    -->C:\Windows\UNNeroShowTime.exe /UNINSTALL
    -->C:\Windows\UNNeroVision.exe /UNINSTALL
    -->C:\Windows\UNRecode.exe /UNINSTALL
    -->MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
    7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
    A Geeks Toy-->MsiExec.exe /I{EEDA9217-C519-4AC4-A99F-D835736B9212}
    Acrobat.com-->msiexec /qb /x {27F00C63-449B-2FAB-CBE8-24AB80E17449}
    Acrobat.com-->MsiExec.exe /I{27F00C63-449B-2FAB-CBE8-24AB80E17449}
    Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
    Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
    Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
    Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
    Adobe Reader 9.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
    Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
    AnalogX Scratch-->C:\Program Files\AnalogX\Scratch\scratchu.exe
    Antidote RX v2-->MsiExec.exe /X{A474EA56-5DBD-4181-8230-806A4762EA7F}
    ApprentiClavier-->C:\Windows\ApprentiClavier_uninstall.exe
    Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
    Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
    Bet Angel - Basic-->MsiExec.exe /I{93D2FB09-C348-42FE-B430-4B14FA8A15B7}
    Bet Angel - Professional-->MsiExec.exe /I{934ADE09-500E-486D-9363-C7C279CB805A}
    BitTorrent-->C:\Program Files\BitTorrent\uninst.exe
    Camtasia Studio 6-->MsiExec.exe /I{A589DA26-51BD-475D-8C32-E19E34145842}
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    CleanUp!-->C:\Program Files\CleanUp!\uninstall.exe
    COMODO Firewall Pro-->C:\Program Files\COMODO\Firewall\cfpconfg.exe -u
    COMODO SafeSurf-->C:\Program Files\COMODO\SafeSurf\cssconfg.exe -u
    ConvertHelper 2.2-->"C:\Program Files\ConvertHelper\unins000.exe"
    Dico de Rimes-->c:\rimes\Uninstal.exe
    Disc2Phone-->MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    eMusic - 50 Free MP3 offer-->"C:\Program Files\Winamp\eMusic\Uninst-eMusic-promotion.exe"
    EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
    Everest Poker (Remove Only)-->C:\Program Files\Everest Poker\cstart.exe /uninstall
    EVEREST Ultimate Edition v5.30-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
    FairBot-->"C:\Program Files\FairBot\unins000.exe"
    FirstSteps Diagnostics-->MsiExec.exe /X{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}
    free-downloads.net Toolbar-->C:\PROGRA~1\FREE-D~1.NET\UNWISE.EXE /U C:\PROGRA~1\FREE-D~1.NET\INSTALL.LOG
    Full Pack Codecs-->C:\Program Files\Full Pack Codecs\uninst.exe
    Futuremark SystemInfo-->"C:\Program Files\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0009 -removeonly
    Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
    GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
    GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
    Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
    Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
    Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x040c -removeonly
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    Intel PROSet Wireless-->Intel PROSet Wireless
    Intel® Turbo Memory et Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
    IZArc 3.81-->"C:\Program Files\IZArc\unins002.exe"
    IZArc Command Line Add-On 1.1-->"C:\Program Files\IZArc\unins001.exe"
    Jargon Informatique-->C:\Program Files\Jargon Informatique\uninstall.exe
    Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
    JMB36X Raid Configurer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\SETUP.exe" -l0x40c -removeonly
    Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
    jv16 PowerTools 1.3-->"C:\Program Files\jv16 PowerTools\unins000.exe"
    K-Lite Codec Pack 4.3.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\LHTTSFRF.inf, Uninstall
    Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\tv_enua.inf, Uninstall
    Logiciel Intel(R) PROSet/Wireless WiFi-->MsiExec.exe /I{43507E5B-94A0-4E56-9C7B-FAAAFBDB5904}
    LOTO PRO Alchimie (Version d'évaluation)-->MsiExec.exe /I{70862F16-E001-4B6C-A162-0C64CAFF32E6}
    Ma-Config.com-->MsiExec.exe /X{425FFD94-36BD-4933-881B-FE0B9DADF2B7}
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    MaxType LITE 1.6.22-->"C:\Program Files\MaxType LITE\unins000.exe"
    MediaCoder 0.6.1-->C:\Program Files\MediaCoder\uninst.exe
    Mega Manager-->C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe -runfromtemp -l0x0009 -removeonly
    Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Age of Empires II Trial Version-->"C:\Program Files\Microsoft Games\Age of Empires II Trial\UNINSTAL.EXE" /runtemp /uninstall
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
    Microsoft Games for Windows - LIVE-->MsiExec.exe /X{A1C962E2-2426-49C6-A38B-9A07E40D607C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Office Excel Viewer-->MsiExec.exe /I{95120000-003F-040C-0000-0000000FF1CE}
    Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
    Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office Professional 2007-->MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Office Word Viewer 2003-->MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Visual Studio 2005 Tools for Office Runtime-->MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7}
    Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
    Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
    Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
    Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
    Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    Motorola SM56 Data Fax Modem-->rundll32.exe sm56co6a.dll,SM56UnInstaller
    Mozilla Firefox (3.5.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
    Nero 7 Essentials-->MsiExec.exe /X{81CD6232-10F5-4832-B3DA-1B88B1571036}
    Nokia Connectivity Cable Driver-->MsiExec.exe /I{1597D0AE-34A7-4A8B-A395-2E30EB745470}
    Nokia Ovi Application Installer 6.85.3011-->msiexec /qn /x {42B74521-4706-412A-9A27-AED12B83E886}
    Nokia Ovi Application Installer-->MsiExec.exe /I{42B74521-4706-412A-9A27-AED12B83E886}
    Nokia Ovi Content Copier 6.85.3011-->msiexec /qn /x {6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
    Nokia Ovi Content Copier-->MsiExec.exe /X{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
    Nokia Ovi One Touch Access 6.85.3019-->msiexec /qn /x {C4B045DB-C2C0-4A05-8DA5-754B4733EE31}
    Nokia Ovi One Touch Access-->MsiExec.exe /I{C4B045DB-C2C0-4A05-8DA5-754B4733EE31}
    Nokia Ovi System Utilities 6.85.3018-->msiexec /qn /x {F9EA1C47-64A6-45E4-9A80-8CC1575B971D}
    Nokia Ovi System Utilities-->MsiExec.exe /X{F9EA1C47-64A6-45E4-9A80-8CC1575B971D}
    Nokia_Multimedia_Common_Components_2_5-->MsiExec.exe /I{3762698E-E9DF-4DD8-99F1-8192D0F8EE06}
    NVIDIA PhysX-->MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
    OpenOffice.org 2.3-->MsiExec.exe /I{B087B0C3-F595-485A-B86B-73326BA8693A}
    Opera 9.52-->MsiExec.exe /X{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7}
    OSDInstall-->MsiExec.exe /I{EB863CFD-6889-47B0-9D79-492DE0D07EE7}
    OtsTurntables Free 1.00.027-->"C:\Windows\OTS_UI.EXE" "C:\OtsLabs\OtsTTfre.osi"
    Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
    Patch Team PRO-EVO v1.00 - Part Commentaires-->"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\unins000.exe"
    Patch Team PRO-EVO v1.00 - Part Stadiums-->"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\unins001.exe"
    Patch Team PRO-EVO v1.00-->"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\unins002.exe"
    PC Connectivity Solution-->MsiExec.exe /I{9D6B740F-D9A2-45A6-BDC4-0A453D499FE6}
    PC Tap-->MsiExec.exe /X{9A9AFE08-7245-4DFC-B8AF-C337418BD4E2}
    Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
    PowerDV-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall
    Pro Evolution Soccer 2009-->MsiExec.exe /X{A8DB611A-D80E-450D-85F6-3ACDD164BE31}
    PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
    RivaTuner v2.24-->"C:\Program Files\RivaTuner v2.24\uninstall.exe"
    RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
    Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x040c -removeonly
    Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
    Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
    Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
    Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
    Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
    Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
    Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
    Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
    Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
    Soccer Mystic - Professional-->MsiExec.exe /I{C4F1DA1D-D647-41A1-A95E-B94885557709}
    Softonic-Eng7 Toolbar-->C:\PROGRA~1\SOFTON~1\UNWISE.EXE /U C:\PROGRA~1\SOFTON~1\INSTALL.LOG
    Sony ACID Pro 6.0-->MsiExec.exe /X{C2714A90-DE36-4C69-9B89-E43ACD8C0235}
    Sony Media Manager 2.1-->MsiExec.exe /X{DD10F763-CDF6-46CD-9254-C8CE5E91B53E}
    SopCast 3.0.3-->C:\Program Files\SopCast\uninst.exe
    SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    SpywareBlaster v3.5.1-->"C:\Program Files\SpywareBlaster\unins000.exe"
    StarOffice 8 Product Update 11-->MsiExec.exe /X{3D15064D-4371-4FCC-B9E6-F79D6CBFDDD4}
    StarOffice 8-->MsiExec.exe /I{6CE331D7-776E-4C06-9EF3-3999175A5E19}
    Stream Torrent 1.0-->"C:\Program Files\StreamTorrent 1.0\uninstall.exe"
    Streamripper (Remove only)-->C:\Program Files\Streamripper\Uninstall.exe
    STREET FIGHTER IV-->MsiExec.exe /X{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}
    SUPER © Version 2009.bld.35 (Jan 5, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
    System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
    tazti-->MsiExec.exe /I{3B23DF51-DB1D-4083-BC33-672B5FC424C5}
    TELL ME MORE Communication-->"D:\Incoming\Tell Me More\Tell me More English Performance v9.0.7z\Bin\unsetup.exe" -file "D:\Incoming\Tell Me More\Tell me More English Performance v9.0.7z\unsetup.aui"
    The Witcher Enhanced Edition-->"C:\Program Files\InstallShield Installation Information\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}\setup.exe" -runfromtemp -l0x040c -removeonly
    TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
    TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
    TVUPlayer 2.4.9.1-->C:\Program Files\TVUPlayer\uninst.exe
    Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
    Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
    Update for Outlook 2007 Junk Email Filter (kb977719)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C0C92202-5215-4EFA-B0B9-B3A0DEABCDF1}
    USB GAME PAD-->C:\Program Files\InstallShield Installation Information\{FEC7CD2E-2BB5-40C3-9592-078F64677E6C}\setup.exe -runfromtemp -l0x0009 -removeonly
    Usenet.nl-->"C:\Program Files\Usenet.nl\unins000.exe"
    UseNeXT-->"C:\Program Files\UseNeXT\unins000.exe"
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    Veetle TV 0.9.16-->C:\Program Files\Veetle\UninstallVeetleTV.exe
    Version d'évaluation de Microsoft Office Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL
    Video Download Studio 3.2.3-->"C:\Program Files\aHisoft\Video Download Studio\unins000.exe"
    VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Visual Studio 2005 Tools pour Office Second Edition Runtime-->C:\Program Files\Common Files\Microsoft Shared\VSTO\8.0\Microsoft Visual Studio 2005 Tools for Office Runtime\install.exe
    WebCam-->C:\Program Files\InstallShield Installation Information\{4A57592C-FF92-4083-97A9-92783BD5AFB4}\SETUP.exe -runfromtemp -l0x040c -removeonly
    Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe"
    Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
    Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
    Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
    Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
    Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354}
    Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
    Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
    Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
    Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    Windows Movie Maker 2.6-->MsiExec.exe /X{B3DAF54F-DB25-4586-9EF1-96D24BB14088}
    XnView 1.94.1-->"C:\Program Files\XnView\unins000.exe"

    =====HijackThis Backups=====

    O3 - Toolbar: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file) [2009-09-21]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = [2009-09-21]
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = [2009-09-21]
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') [2009-09-21]
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-09-21]
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF [2009-09-21]
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [2009-09-21]
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp [2009-09-21]
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount [2009-09-21]
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [2009-09-21]
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-09-21]
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" [2009-09-21]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [2009-09-21]
    O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent [2009-09-24]

    ======Hosts File======

    127.0.0.1 007guard.com
    127.0.0.1 www.007guard.com
    127.0.0.1 008i.com
    127.0.0.1 008k.com
    127.0.0.1 www.008k.com
    127.0.0.1 00hq.com
    127.0.0.1 www.00hq.com
    127.0.0.1 010402.com
    127.0.0.1 032439.com
    127.0.0.1 www.032439.com

    ======Security center information======

    FW: COMODO Firewall
    AS: COMODO Defense+
    AS: Avira AntiVir PersonalEdition (outdated)
    AS: Windows Defender (disabled)

    ======System event log======

    Computer Name: TimaC
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB972036(Update) à l’état Installation demandée(Install Requested)
    Record Number: 201350
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090903010149.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: TimaC
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB972036(Update) à l’état Installation demandée(Install Requested)
    Record Number: 201346
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090903010149.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: TimaC
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB972036(Update) à l’état Installation demandée(Install Requested)
    Record Number: 201342
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090903010149.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: TimaC
    Event Code: 4374
    Message: Windows Servicing a déterminé que ce package KB972036(Update) n’est pas applicable à ce système.
    Record Number: 201202
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090903010124.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: TimaC
    Event Code: 4374
    Message: Windows Servicing a déterminé que ce package KB972036(Update) n’est pas applicable à ce système.
    Record Number: 201201
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090903010124.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    =====Application event log=====

    Computer Name: TimaC
    Event Code: 1530
    Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.

    DÉTAIL -
    1 user registry handles leaked from \Registry\User\S-1-5-21-2297984888-1505007607-2599217642-1000:
    Process 964 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2297984888-1505007607-2599217642-1000

    Record Number: 26993
    Source Name: Microsoft-Windows-User Profiles Service
    Time Written: 20080806225420.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: TimaC
    Event Code: 1008
    Message: Le service Windows Search tente de supprimer l’ancien catalogue.

    Record Number: 26975
    Source Name: Microsoft-Windows-Search
    Time Written: 20080806200224.000000-000
    Event Type: Avertissement
    User:

    Computer Name: TimaC
    Event Code: 1008
    Message: Le service Windows Search tente de supprimer l’ancien catalogue.

    Record Number: 26968
    Source Name: Microsoft-Windows-Search
    Time Written: 20080806200151.000000-000
    Event Type: Avertissement
    User:

    Computer Name: TimaC
    Event Code: 3058
    Message: Impossible d'initialiser l'application.

    Contexte : Application Windows

    Détails :
    Impossible de lire la valeur de registre car la configuration n'est pas valide. Recréez la configuration d'index de contenu en supprimant l'index de contenu. (0x80040d03)

    Record Number: 26967
    Source Name: Microsoft-Windows-Search
    Time Written: 20080806200151.000000-000
    Event Type: Erreur
    User:

    Computer Name: TimaC
    Event Code: 3028
    Message: Impossible d'initialiser l'objet rassembleur.

    Contexte : Application Windows, Catalogue SystemIndex

    Détails :
    Impossible de lire la valeur de registre car la configuration n'est pas valide. Recréez la configuration d'index de contenu en supprimant l'index de contenu. (0x80040d03)

    Record Number: 26966
    Source Name: Microsoft-Windows-Search
    Time Written: 20080806200151.000000-000
    Event Type: Erreur
    User:

    =====Security event log=====

    Computer Name: TimaC
    Event Code: 4907
    Message: Les paramètres d’audit sur l’objet ont changé.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : TIMAC$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7

    Objet :
    Serveur de l’objet : Security
    Type d’objet : File
    Nom de l’objet : C:\Windows\System32\quartz.dll
    ID du handle : 0x18

    Informations sur le processus :
    ID du processus : 0x11f4
    Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe

    Paramètres d’audit :
    Descripteur de sécurité d’origine :
    Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
    Record Number: 54343
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090629093254.784723-000
    Event Type: Succès de l'audit
    User:

    Computer Name: TimaC
    Event Code: 4907
    Message: Les paramètres d’audit sur l’objet ont changé.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : TIMAC$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7

    Objet :
    Serveur de l’objet : Security
    Type d’objet : File
    Nom de l’objet : C:\Windows\System32\imkr80.ime
    ID du handle : 0x18

    Informations sur le processus :
    ID du processus : 0x11f4
    Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe

    Paramètres d’audit :
    Descripteur de sécurité d’origine :
    Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
    Record Number: 54342
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090629093254.737923-000
    Event Type: Succès de l'audit
    User:

    Computer Name: TimaC
    Event Code: 4907
    Message: Les paramètres d’audit sur l’objet ont changé.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : TIMAC$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7

    Objet :
    Serveur de l’objet : Security
    Type d’objet : File
    Nom de l’objet : C:\Windows\System32\wmpeffects.dll
    ID du handle : 0x18

    Informations sur le processus :
    ID du processus : 0x11f4
    Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe

    Paramètres d’audit :
    Descripteur de sécurité d’origine :
    Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
    Record Number: 54341
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090629093254.706723-000
    Event Type: Succès de l'audit
    User:

    Computer Name: TimaC
    Event Code: 4907
    Message: Les paramètres d’audit sur l’objet ont changé.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : TIMAC$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7

    Objet :
    Serveur de l’objet : Security
    Type d’objet : File
    Nom de l’objet : C:\Windows\System32\photowiz.dll
    ID du handle : 0x18

    Informations sur le processus :
    ID du processus : 0x11f4
    Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe

    Paramètres d’audit :
    Descripteur de sécurité d’origine :
    Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
    Record Number: 54340
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090629093254.628723-000
    Event Type: Succès de l'audit
    User:

    Computer Name: TimaC
    Event Code: 4907
    Message: Les paramètres d’audit sur l’objet ont changé.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : TIMAC$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7

    Objet :
    Serveur de l’objet : Security
    Type d’objet : File
    Nom de l’objet : C:\Windows\System32\ulib.dll
    ID du handle : 0x18

    Informations sur le processus :
    ID du processus : 0x11f4
    Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe

    Paramètres d’audit :
    Descripteur de sécurité d’origine :
    Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
    Record Number: 54339
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090629093254.597523-000
    Event Type: Succès de l'audit
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=C:\Program Files\Nokia\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\Microsoft SQL Server\80\Tools\Binn;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=x86
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
    "PROCESSOR_REVISION"=0f0d
    "NUMBER_OF_PROCESSORS"=2
    "RGSCLauncher"=C:\Program Files\Rockstar Games\Rockstar Games Social Club

    et enfin le rapport malware bytes merci beaucoup !

    Database version: 3510
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 7.0.6002.18005

    24/02/2010 19:17:31
    mbam-log-2010-02-24 (19-17-22).txt

    Scan type: Quick Scan
    Objects scanned: 103013
    Time elapsed: 8 minute(s), 27 second(s)

    Memory Processes Infected: 1
    Memory Modules Infected: 0
    Registry Keys Infected: 2
    Registry Values Infected: 1
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 3

    Memory Processes Infected:
    C:\Windows\msa.exe (Trojan.Agent) -> No action taken.

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.

    Registry Values Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\losalamos (Trojan.FakeAlert) -> No action taken.

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> No action taken.
    C:\Windows\msa.exe (Trojan.Agent) -> No action taken.
    C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    malwarebyte antimalwre n'est pas encore à jour !!! mets le a jour !

    puis remets le rapport

    ensuite remets les rapports rsit et complets cette fois!!!!
    0