Virus sur system32
dawwood
Messages postés
60
Statut
Membre
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
Hier en voulant télécharger un ebook gratuitement je me suis pris un virus sur l'exe "yp", antivir me dit qu'il est situé sur system32/sshnas21.dll , pourriez vous me dire comment faire pour l'éradiquer merci ...
Hier en voulant télécharger un ebook gratuitement je me suis pris un virus sur l'exe "yp", antivir me dit qu'il est situé sur system32/sshnas21.dll , pourriez vous me dire comment faire pour l'éradiquer merci ...
A voir également:
- Virus sur system32
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Message virus iphone ✓ - Forum Virus
5 réponses
salut jlpjlp!
j ai fait ce que tu as dit je te colle le rapport merci :
Malwarebytes' Anti-Malware 1.28
Database version: 1221
Windows 6.0.6002 Service Pack 2
24/02/2010 18:25:51
mbam-log-2010-02-24 (18-25-42).txt
Scan type: Quick Scan
Objects scanned: 47759
Time elapsed: 6 minute(s), 13 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> No action taken.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
j ai fait ce que tu as dit je te colle le rapport merci :
Malwarebytes' Anti-Malware 1.28
Database version: 1221
Windows 6.0.6002 Service Pack 2
24/02/2010 18:25:51
mbam-log-2010-02-24 (18-25-42).txt
Scan type: Quick Scan
Objects scanned: 47759
Time elapsed: 6 minute(s), 13 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> No action taken.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
j'avais dis de mettre à jour et seulement ensuite de faire une analyse et nous coller le rapport!
recommence !!!
et colle le rapport
________________
puis
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
recommence !!!
et colle le rapport
________________
puis
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
voici le log.txt rsit1
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
C:\PROGRA~1\Google\GOOGLE~4\GOOGLE~1.EXE [2008-11-05 161264]
C:\Users\DAWOOD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\cssdll32.dll C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=1
"EnableUIADesktopToggle"=0
"UacDisableNotify"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=FFFFFFFF
"HonorAutoRunSetting"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\PPStream\PPStream.exe"="C:\Program Files\PPStream\PPStream.exe:*:Enabled:PPSÍøÂçµçÊÓ"
"C:\Program Files\PPStream\PPSAP.exe"="C:\Program Files\PPStream\PPSAP.exe:*:Enabled:PPS ÍøÂç¼ÓËÙÆ÷"
"C:\Program Files\PPMate\PPMate\ppmate.exe"="C:\Program Files\PPMate\PPMate\ppmate.exe:*:Enabled:PPMate"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5c655cc-44fa-11de-8838-001060d13545}]
shell\AutoRun\command - G:\AurLaunch\LaunchScreen.exe
======List of files/folders created in the last 1 months======
2010-02-24 18:59:43 ----D---- C:\rsit
2010-02-24 18:47:24 ----A---- C:\Windows\isRS-000.tmp
2010-02-21 21:16:05 ----A---- C:\Windows\msa.exe
2010-02-20 03:19:17 ----D---- C:\Users\DAWOOD\AppData\Roaming\Usenet.nl
2010-02-20 03:19:04 ----D---- C:\Program Files\Usenet.nl
2010-02-12 16:46:26 ----D---- C:\ProgramData\TechSmith
2010-02-12 16:46:25 ----D---- C:\Program Files\QuickTime
2010-02-12 16:46:01 ----D---- C:\Program Files\Common Files\TechSmith Shared
2010-02-12 16:45:59 ----D---- C:\Program Files\TechSmith
2010-02-10 14:06:54 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-10 14:06:54 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-10 14:06:36 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 14:06:35 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 14:06:35 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 14:06:35 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 14:06:35 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 14:06:35 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 14:06:35 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 14:06:34 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-10 14:06:34 ----A---- C:\Windows\system32\avifil32.dll
======List of files/folders modified in the last 1 months======
2010-02-24 18:59:56 ----D---- C:\Windows\Prefetch
2010-02-24 18:58:12 ----D---- C:\Windows\Tasks
2010-02-24 18:55:39 ----D---- C:\Program Files\Mozilla Firefox
2010-02-24 18:55:12 ----D---- C:\Windows\System32
2010-02-24 18:53:24 ----D---- C:\Windows\temp
2010-02-24 18:52:40 ----D---- C:\Windows
2010-02-24 18:52:32 ----D---- C:\Windows\system32\Tasks
2010-02-24 18:51:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-24 18:47:21 ----D---- C:\Windows\system32\drivers
2010-02-24 18:10:28 ----D---- C:\Users\DAWOOD\AppData\Roaming\OpenOffice.org2
2010-02-24 15:06:47 ----SHD---- C:\System Volume Information
2010-02-24 14:18:47 ----D---- C:\Windows\system32\catroot
2010-02-24 14:18:42 ----D---- C:\Windows\system32\catroot2
2010-02-24 14:18:40 ----D---- C:\Windows\winsxs
2010-02-22 18:31:02 ----D---- C:\jv
2010-02-22 02:50:59 ----D---- C:\outi
2010-02-22 01:55:29 ----SD---- C:\Users\DAWOOD\AppData\Roaming\Microsoft
2010-02-20 20:10:54 ----A---- C:\Windows\NeroDigital.ini
2010-02-20 03:19:04 ----D---- C:\Program Files
2010-02-12 16:47:02 ----SHD---- C:\Windows\Installer
2010-02-12 16:47:00 ----D---- C:\Windows\system32\QuickTime
2010-02-12 16:46:26 ----D---- C:\ProgramData
2010-02-12 16:46:01 ----D---- C:\Program Files\Common Files
2010-02-12 00:09:40 ----D---- C:\Program Files\Windows Live Safety Center
2010-02-11 04:54:56 ----D---- C:\Program Files\Windows Mail
2010-02-11 03:04:44 ----D---- C:\Windows\Debug
2010-02-11 03:03:51 ----D---- C:\ProgramData\Microsoft Help
2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe
2010-02-01 11:40:54 ----D---- C:\Windows\system32\LogFiles
2010-01-29 09:27:19 ----D---- C:\Program Files\Veetle
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2009-04-16 108560]
R1 cmdHlp;COMODO Firewall Pro Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2008-11-20 25104]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-07-15 28520]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-05-28 279712]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-10 56816]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-05-28 25888]
R3 BthEnum;Service d'énumérateur Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 22528]
R3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-18 92160]
R3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-10 29696]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
R3 Inspect;Comodo Firewall Network Driver; C:\Windows\system32\DRIVERS\inspect.sys [2008-11-01 72720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-10 1775712]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-04-04 46592]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-01-07 19160]
R3 NETw5v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits ; C:\Windows\system32\DRIVERS\NETw5v32.sys [2009-09-15 6000640]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-08-28 9616704]
R3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 148992]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-18 11264]
S2 MBAMDrvService;MBAMDrvService; \??\C:\Windows\system32\drivers\mbam.sys [2010-01-07 19160]
S3 abjgd4cn;abjgd4cn; C:\Windows\system32\drivers\abjgd4cn.sys []
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-10 507904]
S3 Cam5603D;WebCam; C:\Windows\System32\Drivers\BisonCam.sys [2007-04-19 788400]
S3 catchme;catchme; C:\Windows\system32\drivers\catchme.sys []
S3 cpuz130;cpuz130; C:\Windows\system32\drivers\cpuz130.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-09-23 14336]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 dump_wmimmc;dump_wmimmc; C:\Windows\system32\drivers\dump_wmimmc.sys []
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2008-09-17 27672]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2008-03-13 2555392]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RivaTuner32;RivaTuner32; \??\C:\Program Files\RivaTuner v2.24\RivaTuner32.sys [2009-02-25 9088]
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\Windows\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360]
S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\se59mdm.sys [2006-09-05 97088]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-10 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 nvatabus;nvatabus; C:\Windows\system32\drivers\nvatabus.sys [2006-07-14 105088]
S4 viamraid;viamraid; C:\Windows\system32\drivers\viamraid.sys [2006-03-31 100992]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-15 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\Firewall\cmdagent.exe [2009-04-16 700152]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-09-21 858384]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-05-03 355096]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-01-07 236368]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-08-27 215656]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-06-02 66872]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-09-21 473360]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-20 262247]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler; C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [2006-12-08 204800]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2009-10-16 604488]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-20 182768]
S2 vvdsvc;VJVodClientServices; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-12-24 72704]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-07 29744]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-02-26 267824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2009-09-17 651776]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-10-16 361288]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S4 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S4 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe []
l info txt :
info.txt logfile of random's system information tool 1.06 2010-02-24 19:00:25
======Uninstall list======
@promt Professional 8 EFFE Trial-->MsiExec.exe /I{661E7BE6-5239-4293-BA67-E7B804353910}
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
A Geeks Toy-->MsiExec.exe /I{EEDA9217-C519-4AC4-A99F-D835736B9212}
Acrobat.com-->msiexec /qb /x {27F00C63-449B-2FAB-CBE8-24AB80E17449}
Acrobat.com-->MsiExec.exe /I{27F00C63-449B-2FAB-CBE8-24AB80E17449}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Reader 9.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
AnalogX Scratch-->C:\Program Files\AnalogX\Scratch\scratchu.exe
Antidote RX v2-->MsiExec.exe /X{A474EA56-5DBD-4181-8230-806A4762EA7F}
ApprentiClavier-->C:\Windows\ApprentiClavier_uninstall.exe
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Bet Angel - Basic-->MsiExec.exe /I{93D2FB09-C348-42FE-B430-4B14FA8A15B7}
Bet Angel - Professional-->MsiExec.exe /I{934ADE09-500E-486D-9363-C7C279CB805A}
BitTorrent-->C:\Program Files\BitTorrent\uninst.exe
Camtasia Studio 6-->MsiExec.exe /I{A589DA26-51BD-475D-8C32-E19E34145842}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CleanUp!-->C:\Program Files\CleanUp!\uninstall.exe
COMODO Firewall Pro-->C:\Program Files\COMODO\Firewall\cfpconfg.exe -u
COMODO SafeSurf-->C:\Program Files\COMODO\SafeSurf\cssconfg.exe -u
ConvertHelper 2.2-->"C:\Program Files\ConvertHelper\unins000.exe"
Dico de Rimes-->c:\rimes\Uninstal.exe
Disc2Phone-->MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
eMule-->"C:\Program Files\eMule\Uninstall.exe"
eMusic - 50 Free MP3 offer-->"C:\Program Files\Winamp\eMusic\Uninst-eMusic-promotion.exe"
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Everest Poker (Remove Only)-->C:\Program Files\Everest Poker\cstart.exe /uninstall
EVEREST Ultimate Edition v5.30-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
FairBot-->"C:\Program Files\FairBot\unins000.exe"
FirstSteps Diagnostics-->MsiExec.exe /X{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}
free-downloads.net Toolbar-->C:\PROGRA~1\FREE-D~1.NET\UNWISE.EXE /U C:\PROGRA~1\FREE-D~1.NET\INSTALL.LOG
Full Pack Codecs-->C:\Program Files\Full Pack Codecs\uninst.exe
Futuremark SystemInfo-->"C:\Program Files\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0009 -removeonly
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x040c -removeonly
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel PROSet Wireless-->Intel PROSet Wireless
Intel® Turbo Memory et Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
IZArc 3.81-->"C:\Program Files\IZArc\unins002.exe"
IZArc Command Line Add-On 1.1-->"C:\Program Files\IZArc\unins001.exe"
Jargon Informatique-->C:\Program Files\Jargon Informatique\uninstall.exe
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
JMB36X Raid Configurer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\SETUP.exe" -l0x40c -removeonly
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
jv16 PowerTools 1.3-->"C:\Program Files\jv16 PowerTools\unins000.exe"
K-Lite Codec Pack 4.3.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\LHTTSFRF.inf, Uninstall
Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\tv_enua.inf, Uninstall
Logiciel Intel(R) PROSet/Wireless WiFi-->MsiExec.exe /I{43507E5B-94A0-4E56-9C7B-FAAAFBDB5904}
LOTO PRO Alchimie (Version d'évaluation)-->MsiExec.exe /I{70862F16-E001-4B6C-A162-0C64CAFF32E6}
Ma-Config.com-->MsiExec.exe /X{425FFD94-36BD-4933-881B-FE0B9DADF2B7}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MaxType LITE 1.6.22-->"C:\Program Files\MaxType LITE\unins000.exe"
MediaCoder 0.6.1-->C:\Program Files\MediaCoder\uninst.exe
Mega Manager-->C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe -runfromtemp -l0x0009 -removeonly
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Age of Empires II Trial Version-->"C:\Program Files\Microsoft Games\Age of Empires II Trial\UNINSTAL.EXE" /runtemp /uninstall
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{A1C962E2-2426-49C6-A38B-9A07E40D607C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Excel Viewer-->MsiExec.exe /I{95120000-003F-040C-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional 2007-->MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Office Word Viewer 2003-->MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual Studio 2005 Tools for Office Runtime-->MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Motorola SM56 Data Fax Modem-->rundll32.exe sm56co6a.dll,SM56UnInstaller
Mozilla Firefox (3.5.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Nero 7 Essentials-->MsiExec.exe /X{81CD6232-10F5-4832-B3DA-1B88B1571036}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{1597D0AE-34A7-4A8B-A395-2E30EB745470}
Nokia Ovi Application Installer 6.85.3011-->msiexec /qn /x {42B74521-4706-412A-9A27-AED12B83E886}
Nokia Ovi Application Installer-->MsiExec.exe /I{42B74521-4706-412A-9A27-AED12B83E886}
Nokia Ovi Content Copier 6.85.3011-->msiexec /qn /x {6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
Nokia Ovi Content Copier-->MsiExec.exe /X{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
Nokia Ovi One Touch Access 6.85.3019-->msiexec /qn /x {C4B045DB-C2C0-4A05-8DA5-754B4733EE31}
Nokia Ovi One Touch Access-->MsiExec.exe /I{C4B045DB-C2C0-4A05-8DA5-754B4733EE31}
Nokia Ovi System Utilities 6.85.3018-->msiexec /qn /x {F9EA1C47-64A6-45E4-9A80-8CC1575B971D}
Nokia Ovi System Utilities-->MsiExec.exe /X{F9EA1C47-64A6-45E4-9A80-8CC1575B971D}
Nokia_Multimedia_Common_Components_2_5-->MsiExec.exe /I{3762698E-E9DF-4DD8-99F1-8192D0F8EE06}
NVIDIA PhysX-->MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
OpenOffice.org 2.3-->MsiExec.exe /I{B087B0C3-F595-485A-B86B-73326BA8693A}
Opera 9.52-->MsiExec.exe /X{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7}
OSDInstall-->MsiExec.exe /I{EB863CFD-6889-47B0-9D79-492DE0D07EE7}
OtsTurntables Free 1.00.027-->"C:\Windows\OTS_UI.EXE" "C:\OtsLabs\OtsTTfre.osi"
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Patch Team PRO-EVO v1.00 - Part Commentaires-->"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\unins000.exe"
Patch Team PRO-EVO v1.00 - Part Stadiums-->"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\unins001.exe"
Patch Team PRO-EVO v1.00-->"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\unins002.exe"
PC Connectivity Solution-->MsiExec.exe /I{9D6B740F-D9A2-45A6-BDC4-0A453D499FE6}
PC Tap-->MsiExec.exe /X{9A9AFE08-7245-4DFC-B8AF-C337418BD4E2}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
PowerDV-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall
Pro Evolution Soccer 2009-->MsiExec.exe /X{A8DB611A-D80E-450D-85F6-3ACDD164BE31}
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
RivaTuner v2.24-->"C:\Program Files\RivaTuner v2.24\uninstall.exe"
RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x040c -removeonly
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Soccer Mystic - Professional-->MsiExec.exe /I{C4F1DA1D-D647-41A1-A95E-B94885557709}
Softonic-Eng7 Toolbar-->C:\PROGRA~1\SOFTON~1\UNWISE.EXE /U C:\PROGRA~1\SOFTON~1\INSTALL.LOG
Sony ACID Pro 6.0-->MsiExec.exe /X{C2714A90-DE36-4C69-9B89-E43ACD8C0235}
Sony Media Manager 2.1-->MsiExec.exe /X{DD10F763-CDF6-46CD-9254-C8CE5E91B53E}
SopCast 3.0.3-->C:\Program Files\SopCast\uninst.exe
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster v3.5.1-->"C:\Program Files\SpywareBlaster\unins000.exe"
StarOffice 8 Product Update 11-->MsiExec.exe /X{3D15064D-4371-4FCC-B9E6-F79D6CBFDDD4}
StarOffice 8-->MsiExec.exe /I{6CE331D7-776E-4C06-9EF3-3999175A5E19}
Stream Torrent 1.0-->"C:\Program Files\StreamTorrent 1.0\uninstall.exe"
Streamripper (Remove only)-->C:\Program Files\Streamripper\Uninstall.exe
STREET FIGHTER IV-->MsiExec.exe /X{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}
SUPER © Version 2009.bld.35 (Jan 5, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
tazti-->MsiExec.exe /I{3B23DF51-DB1D-4083-BC33-672B5FC424C5}
TELL ME MORE Communication-->"D:\Incoming\Tell Me More\Tell me More English Performance v9.0.7z\Bin\unsetup.exe" -file "D:\Incoming\Tell Me More\Tell me More English Performance v9.0.7z\unsetup.aui"
The Witcher Enhanced Edition-->"C:\Program Files\InstallShield Installation Information\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}\setup.exe" -runfromtemp -l0x040c -removeonly
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
TVUPlayer 2.4.9.1-->C:\Program Files\TVUPlayer\uninst.exe
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Outlook 2007 Junk Email Filter (kb977719)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C0C92202-5215-4EFA-B0B9-B3A0DEABCDF1}
USB GAME PAD-->C:\Program Files\InstallShield Installation Information\{FEC7CD2E-2BB5-40C3-9592-078F64677E6C}\setup.exe -runfromtemp -l0x0009 -removeonly
Usenet.nl-->"C:\Program Files\Usenet.nl\unins000.exe"
UseNeXT-->"C:\Program Files\UseNeXT\unins000.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Veetle TV 0.9.16-->C:\Program Files\Veetle\UninstallVeetleTV.exe
Version d'évaluation de Microsoft Office Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL
Video Download Studio 3.2.3-->"C:\Program Files\aHisoft\Video Download Studio\unins000.exe"
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Visual Studio 2005 Tools pour Office Second Edition Runtime-->C:\Program Files\Common Files\Microsoft Shared\VSTO\8.0\Microsoft Visual Studio 2005 Tools for Office Runtime\install.exe
WebCam-->C:\Program Files\InstallShield Installation Information\{4A57592C-FF92-4083-97A9-92783BD5AFB4}\SETUP.exe -runfromtemp -l0x040c -removeonly
Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Movie Maker 2.6-->MsiExec.exe /X{B3DAF54F-DB25-4586-9EF1-96D24BB14088}
XnView 1.94.1-->"C:\Program Files\XnView\unins000.exe"
=====HijackThis Backups=====
O3 - Toolbar: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file) [2009-09-21]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = [2009-09-21]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = [2009-09-21]
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') [2009-09-21]
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-09-21]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF [2009-09-21]
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [2009-09-21]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp [2009-09-21]
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount [2009-09-21]
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [2009-09-21]
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-09-21]
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" [2009-09-21]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [2009-09-21]
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent [2009-09-24]
======Hosts File======
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com
======Security center information======
FW: COMODO Firewall
AS: COMODO Defense+
AS: Avira AntiVir PersonalEdition (outdated)
AS: Windows Defender (disabled)
======System event log======
Computer Name: TimaC
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB972036(Update) à l’état Installation demandée(Install Requested)
Record Number: 201350
Source Name: Microsoft-Windows-Servicing
Time Written: 20090903010149.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: TimaC
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB972036(Update) à l’état Installation demandée(Install Requested)
Record Number: 201346
Source Name: Microsoft-Windows-Servicing
Time Written: 20090903010149.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: TimaC
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB972036(Update) à l’état Installation demandée(Install Requested)
Record Number: 201342
Source Name: Microsoft-Windows-Servicing
Time Written: 20090903010149.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: TimaC
Event Code: 4374
Message: Windows Servicing a déterminé que ce package KB972036(Update) n’est pas applicable à ce système.
Record Number: 201202
Source Name: Microsoft-Windows-Servicing
Time Written: 20090903010124.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: TimaC
Event Code: 4374
Message: Windows Servicing a déterminé que ce package KB972036(Update) n’est pas applicable à ce système.
Record Number: 201201
Source Name: Microsoft-Windows-Servicing
Time Written: 20090903010124.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: TimaC
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-2297984888-1505007607-2599217642-1000:
Process 964 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2297984888-1505007607-2599217642-1000
Record Number: 26993
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20080806225420.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: TimaC
Event Code: 1008
Message: Le service Windows Search tente de supprimer l’ancien catalogue.
Record Number: 26975
Source Name: Microsoft-Windows-Search
Time Written: 20080806200224.000000-000
Event Type: Avertissement
User:
Computer Name: TimaC
Event Code: 1008
Message: Le service Windows Search tente de supprimer l’ancien catalogue.
Record Number: 26968
Source Name: Microsoft-Windows-Search
Time Written: 20080806200151.000000-000
Event Type: Avertissement
User:
Computer Name: TimaC
Event Code: 3058
Message: Impossible d'initialiser l'application.
Contexte : Application Windows
Détails :
Impossible de lire la valeur de registre car la configuration n'est pas valide. Recréez la configuration d'index de contenu en supprimant l'index de contenu. (0x80040d03)
Record Number: 26967
Source Name: Microsoft-Windows-Search
Time Written: 20080806200151.000000-000
Event Type: Erreur
User:
Computer Name: TimaC
Event Code: 3028
Message: Impossible d'initialiser l'objet rassembleur.
Contexte : Application Windows, Catalogue SystemIndex
Détails :
Impossible de lire la valeur de registre car la configuration n'est pas valide. Recréez la configuration d'index de contenu en supprimant l'index de contenu. (0x80040d03)
Record Number: 26966
Source Name: Microsoft-Windows-Search
Time Written: 20080806200151.000000-000
Event Type: Erreur
User:
=====Security event log=====
Computer Name: TimaC
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : TIMAC$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\quartz.dll
ID du handle : 0x18
Informations sur le processus :
ID du processus : 0x11f4
Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 54343
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090629093254.784723-000
Event Type: Succès de l'audit
User:
Computer Name: TimaC
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : TIMAC$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\imkr80.ime
ID du handle : 0x18
Informations sur le processus :
ID du processus : 0x11f4
Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 54342
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090629093254.737923-000
Event Type: Succès de l'audit
User:
Computer Name: TimaC
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : TIMAC$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\wmpeffects.dll
ID du handle : 0x18
Informations sur le processus :
ID du processus : 0x11f4
Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 54341
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090629093254.706723-000
Event Type: Succès de l'audit
User:
Computer Name: TimaC
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : TIMAC$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\photowiz.dll
ID du handle : 0x18
Informations sur le processus :
ID du processus : 0x11f4
Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 54340
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090629093254.628723-000
Event Type: Succès de l'audit
User:
Computer Name: TimaC
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : TIMAC$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\ulib.dll
ID du handle : 0x18
Informations sur le processus :
ID du processus : 0x11f4
Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 54339
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090629093254.597523-000
Event Type: Succès de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Nokia\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\Microsoft SQL Server\80\Tools\Binn;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"RGSCLauncher"=C:\Program Files\Rockstar Games\Rockstar Games Social Club
et enfin le rapport malware bytes merci beaucoup !
Database version: 3510
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005
24/02/2010 19:17:31
mbam-log-2010-02-24 (19-17-22).txt
Scan type: Quick Scan
Objects scanned: 103013
Time elapsed: 8 minute(s), 27 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3
Memory Processes Infected:
C:\Windows\msa.exe (Trojan.Agent) -> No action taken.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\losalamos (Trojan.FakeAlert) -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> No action taken.
C:\Windows\msa.exe (Trojan.Agent) -> No action taken.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
C:\PROGRA~1\Google\GOOGLE~4\GOOGLE~1.EXE [2008-11-05 161264]
C:\Users\DAWOOD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\cssdll32.dll C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=1
"EnableUIADesktopToggle"=0
"UacDisableNotify"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=FFFFFFFF
"HonorAutoRunSetting"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\PPStream\PPStream.exe"="C:\Program Files\PPStream\PPStream.exe:*:Enabled:PPSÍøÂçµçÊÓ"
"C:\Program Files\PPStream\PPSAP.exe"="C:\Program Files\PPStream\PPSAP.exe:*:Enabled:PPS ÍøÂç¼ÓËÙÆ÷"
"C:\Program Files\PPMate\PPMate\ppmate.exe"="C:\Program Files\PPMate\PPMate\ppmate.exe:*:Enabled:PPMate"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5c655cc-44fa-11de-8838-001060d13545}]
shell\AutoRun\command - G:\AurLaunch\LaunchScreen.exe
======List of files/folders created in the last 1 months======
2010-02-24 18:59:43 ----D---- C:\rsit
2010-02-24 18:47:24 ----A---- C:\Windows\isRS-000.tmp
2010-02-21 21:16:05 ----A---- C:\Windows\msa.exe
2010-02-20 03:19:17 ----D---- C:\Users\DAWOOD\AppData\Roaming\Usenet.nl
2010-02-20 03:19:04 ----D---- C:\Program Files\Usenet.nl
2010-02-12 16:46:26 ----D---- C:\ProgramData\TechSmith
2010-02-12 16:46:25 ----D---- C:\Program Files\QuickTime
2010-02-12 16:46:01 ----D---- C:\Program Files\Common Files\TechSmith Shared
2010-02-12 16:45:59 ----D---- C:\Program Files\TechSmith
2010-02-10 14:06:54 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-10 14:06:54 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-10 14:06:36 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 14:06:35 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 14:06:35 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 14:06:35 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 14:06:35 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 14:06:35 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 14:06:35 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 14:06:34 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-10 14:06:34 ----A---- C:\Windows\system32\avifil32.dll
======List of files/folders modified in the last 1 months======
2010-02-24 18:59:56 ----D---- C:\Windows\Prefetch
2010-02-24 18:58:12 ----D---- C:\Windows\Tasks
2010-02-24 18:55:39 ----D---- C:\Program Files\Mozilla Firefox
2010-02-24 18:55:12 ----D---- C:\Windows\System32
2010-02-24 18:53:24 ----D---- C:\Windows\temp
2010-02-24 18:52:40 ----D---- C:\Windows
2010-02-24 18:52:32 ----D---- C:\Windows\system32\Tasks
2010-02-24 18:51:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-24 18:47:21 ----D---- C:\Windows\system32\drivers
2010-02-24 18:10:28 ----D---- C:\Users\DAWOOD\AppData\Roaming\OpenOffice.org2
2010-02-24 15:06:47 ----SHD---- C:\System Volume Information
2010-02-24 14:18:47 ----D---- C:\Windows\system32\catroot
2010-02-24 14:18:42 ----D---- C:\Windows\system32\catroot2
2010-02-24 14:18:40 ----D---- C:\Windows\winsxs
2010-02-22 18:31:02 ----D---- C:\jv
2010-02-22 02:50:59 ----D---- C:\outi
2010-02-22 01:55:29 ----SD---- C:\Users\DAWOOD\AppData\Roaming\Microsoft
2010-02-20 20:10:54 ----A---- C:\Windows\NeroDigital.ini
2010-02-20 03:19:04 ----D---- C:\Program Files
2010-02-12 16:47:02 ----SHD---- C:\Windows\Installer
2010-02-12 16:47:00 ----D---- C:\Windows\system32\QuickTime
2010-02-12 16:46:26 ----D---- C:\ProgramData
2010-02-12 16:46:01 ----D---- C:\Program Files\Common Files
2010-02-12 00:09:40 ----D---- C:\Program Files\Windows Live Safety Center
2010-02-11 04:54:56 ----D---- C:\Program Files\Windows Mail
2010-02-11 03:04:44 ----D---- C:\Windows\Debug
2010-02-11 03:03:51 ----D---- C:\ProgramData\Microsoft Help
2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe
2010-02-01 11:40:54 ----D---- C:\Windows\system32\LogFiles
2010-01-29 09:27:19 ----D---- C:\Program Files\Veetle
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2009-04-16 108560]
R1 cmdHlp;COMODO Firewall Pro Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2008-11-20 25104]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-07-15 28520]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-05-28 279712]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-10 56816]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-05-28 25888]
R3 BthEnum;Service d'énumérateur Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 22528]
R3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-18 92160]
R3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-10 29696]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
R3 Inspect;Comodo Firewall Network Driver; C:\Windows\system32\DRIVERS\inspect.sys [2008-11-01 72720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-10 1775712]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-04-04 46592]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-01-07 19160]
R3 NETw5v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits ; C:\Windows\system32\DRIVERS\NETw5v32.sys [2009-09-15 6000640]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-08-28 9616704]
R3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 148992]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-18 11264]
S2 MBAMDrvService;MBAMDrvService; \??\C:\Windows\system32\drivers\mbam.sys [2010-01-07 19160]
S3 abjgd4cn;abjgd4cn; C:\Windows\system32\drivers\abjgd4cn.sys []
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-10 507904]
S3 Cam5603D;WebCam; C:\Windows\System32\Drivers\BisonCam.sys [2007-04-19 788400]
S3 catchme;catchme; C:\Windows\system32\drivers\catchme.sys []
S3 cpuz130;cpuz130; C:\Windows\system32\drivers\cpuz130.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-09-23 14336]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 dump_wmimmc;dump_wmimmc; C:\Windows\system32\drivers\dump_wmimmc.sys []
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2008-09-17 27672]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2008-03-13 2555392]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RivaTuner32;RivaTuner32; \??\C:\Program Files\RivaTuner v2.24\RivaTuner32.sys [2009-02-25 9088]
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\Windows\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360]
S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\se59mdm.sys [2006-09-05 97088]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-10 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 nvatabus;nvatabus; C:\Windows\system32\drivers\nvatabus.sys [2006-07-14 105088]
S4 viamraid;viamraid; C:\Windows\system32\drivers\viamraid.sys [2006-03-31 100992]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-15 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\Firewall\cmdagent.exe [2009-04-16 700152]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-09-21 858384]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-05-03 355096]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-01-07 236368]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-08-27 215656]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-06-02 66872]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-09-21 473360]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-20 262247]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler; C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [2006-12-08 204800]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2009-10-16 604488]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-20 182768]
S2 vvdsvc;VJVodClientServices; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-12-24 72704]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-07 29744]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-02-26 267824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2009-09-17 651776]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-10-16 361288]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S4 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S4 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe []
l info txt :
info.txt logfile of random's system information tool 1.06 2010-02-24 19:00:25
======Uninstall list======
@promt Professional 8 EFFE Trial-->MsiExec.exe /I{661E7BE6-5239-4293-BA67-E7B804353910}
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
A Geeks Toy-->MsiExec.exe /I{EEDA9217-C519-4AC4-A99F-D835736B9212}
Acrobat.com-->msiexec /qb /x {27F00C63-449B-2FAB-CBE8-24AB80E17449}
Acrobat.com-->MsiExec.exe /I{27F00C63-449B-2FAB-CBE8-24AB80E17449}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Reader 9.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
AnalogX Scratch-->C:\Program Files\AnalogX\Scratch\scratchu.exe
Antidote RX v2-->MsiExec.exe /X{A474EA56-5DBD-4181-8230-806A4762EA7F}
ApprentiClavier-->C:\Windows\ApprentiClavier_uninstall.exe
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Bet Angel - Basic-->MsiExec.exe /I{93D2FB09-C348-42FE-B430-4B14FA8A15B7}
Bet Angel - Professional-->MsiExec.exe /I{934ADE09-500E-486D-9363-C7C279CB805A}
BitTorrent-->C:\Program Files\BitTorrent\uninst.exe
Camtasia Studio 6-->MsiExec.exe /I{A589DA26-51BD-475D-8C32-E19E34145842}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CleanUp!-->C:\Program Files\CleanUp!\uninstall.exe
COMODO Firewall Pro-->C:\Program Files\COMODO\Firewall\cfpconfg.exe -u
COMODO SafeSurf-->C:\Program Files\COMODO\SafeSurf\cssconfg.exe -u
ConvertHelper 2.2-->"C:\Program Files\ConvertHelper\unins000.exe"
Dico de Rimes-->c:\rimes\Uninstal.exe
Disc2Phone-->MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
eMule-->"C:\Program Files\eMule\Uninstall.exe"
eMusic - 50 Free MP3 offer-->"C:\Program Files\Winamp\eMusic\Uninst-eMusic-promotion.exe"
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Everest Poker (Remove Only)-->C:\Program Files\Everest Poker\cstart.exe /uninstall
EVEREST Ultimate Edition v5.30-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
FairBot-->"C:\Program Files\FairBot\unins000.exe"
FirstSteps Diagnostics-->MsiExec.exe /X{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}
free-downloads.net Toolbar-->C:\PROGRA~1\FREE-D~1.NET\UNWISE.EXE /U C:\PROGRA~1\FREE-D~1.NET\INSTALL.LOG
Full Pack Codecs-->C:\Program Files\Full Pack Codecs\uninst.exe
Futuremark SystemInfo-->"C:\Program Files\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0009 -removeonly
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x040c -removeonly
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel PROSet Wireless-->Intel PROSet Wireless
Intel® Turbo Memory et Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
IZArc 3.81-->"C:\Program Files\IZArc\unins002.exe"
IZArc Command Line Add-On 1.1-->"C:\Program Files\IZArc\unins001.exe"
Jargon Informatique-->C:\Program Files\Jargon Informatique\uninstall.exe
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
JMB36X Raid Configurer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\SETUP.exe" -l0x40c -removeonly
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
jv16 PowerTools 1.3-->"C:\Program Files\jv16 PowerTools\unins000.exe"
K-Lite Codec Pack 4.3.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\LHTTSFRF.inf, Uninstall
Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\tv_enua.inf, Uninstall
Logiciel Intel(R) PROSet/Wireless WiFi-->MsiExec.exe /I{43507E5B-94A0-4E56-9C7B-FAAAFBDB5904}
LOTO PRO Alchimie (Version d'évaluation)-->MsiExec.exe /I{70862F16-E001-4B6C-A162-0C64CAFF32E6}
Ma-Config.com-->MsiExec.exe /X{425FFD94-36BD-4933-881B-FE0B9DADF2B7}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MaxType LITE 1.6.22-->"C:\Program Files\MaxType LITE\unins000.exe"
MediaCoder 0.6.1-->C:\Program Files\MediaCoder\uninst.exe
Mega Manager-->C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe -runfromtemp -l0x0009 -removeonly
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Age of Empires II Trial Version-->"C:\Program Files\Microsoft Games\Age of Empires II Trial\UNINSTAL.EXE" /runtemp /uninstall
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{A1C962E2-2426-49C6-A38B-9A07E40D607C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Excel Viewer-->MsiExec.exe /I{95120000-003F-040C-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional 2007-->MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Office Word Viewer 2003-->MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual Studio 2005 Tools for Office Runtime-->MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Motorola SM56 Data Fax Modem-->rundll32.exe sm56co6a.dll,SM56UnInstaller
Mozilla Firefox (3.5.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Nero 7 Essentials-->MsiExec.exe /X{81CD6232-10F5-4832-B3DA-1B88B1571036}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{1597D0AE-34A7-4A8B-A395-2E30EB745470}
Nokia Ovi Application Installer 6.85.3011-->msiexec /qn /x {42B74521-4706-412A-9A27-AED12B83E886}
Nokia Ovi Application Installer-->MsiExec.exe /I{42B74521-4706-412A-9A27-AED12B83E886}
Nokia Ovi Content Copier 6.85.3011-->msiexec /qn /x {6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
Nokia Ovi Content Copier-->MsiExec.exe /X{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
Nokia Ovi One Touch Access 6.85.3019-->msiexec /qn /x {C4B045DB-C2C0-4A05-8DA5-754B4733EE31}
Nokia Ovi One Touch Access-->MsiExec.exe /I{C4B045DB-C2C0-4A05-8DA5-754B4733EE31}
Nokia Ovi System Utilities 6.85.3018-->msiexec /qn /x {F9EA1C47-64A6-45E4-9A80-8CC1575B971D}
Nokia Ovi System Utilities-->MsiExec.exe /X{F9EA1C47-64A6-45E4-9A80-8CC1575B971D}
Nokia_Multimedia_Common_Components_2_5-->MsiExec.exe /I{3762698E-E9DF-4DD8-99F1-8192D0F8EE06}
NVIDIA PhysX-->MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
OpenOffice.org 2.3-->MsiExec.exe /I{B087B0C3-F595-485A-B86B-73326BA8693A}
Opera 9.52-->MsiExec.exe /X{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7}
OSDInstall-->MsiExec.exe /I{EB863CFD-6889-47B0-9D79-492DE0D07EE7}
OtsTurntables Free 1.00.027-->"C:\Windows\OTS_UI.EXE" "C:\OtsLabs\OtsTTfre.osi"
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Patch Team PRO-EVO v1.00 - Part Commentaires-->"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\unins000.exe"
Patch Team PRO-EVO v1.00 - Part Stadiums-->"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\unins001.exe"
Patch Team PRO-EVO v1.00-->"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\unins002.exe"
PC Connectivity Solution-->MsiExec.exe /I{9D6B740F-D9A2-45A6-BDC4-0A453D499FE6}
PC Tap-->MsiExec.exe /X{9A9AFE08-7245-4DFC-B8AF-C337418BD4E2}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
PowerDV-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall
Pro Evolution Soccer 2009-->MsiExec.exe /X{A8DB611A-D80E-450D-85F6-3ACDD164BE31}
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
RivaTuner v2.24-->"C:\Program Files\RivaTuner v2.24\uninstall.exe"
RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x040c -removeonly
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Soccer Mystic - Professional-->MsiExec.exe /I{C4F1DA1D-D647-41A1-A95E-B94885557709}
Softonic-Eng7 Toolbar-->C:\PROGRA~1\SOFTON~1\UNWISE.EXE /U C:\PROGRA~1\SOFTON~1\INSTALL.LOG
Sony ACID Pro 6.0-->MsiExec.exe /X{C2714A90-DE36-4C69-9B89-E43ACD8C0235}
Sony Media Manager 2.1-->MsiExec.exe /X{DD10F763-CDF6-46CD-9254-C8CE5E91B53E}
SopCast 3.0.3-->C:\Program Files\SopCast\uninst.exe
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster v3.5.1-->"C:\Program Files\SpywareBlaster\unins000.exe"
StarOffice 8 Product Update 11-->MsiExec.exe /X{3D15064D-4371-4FCC-B9E6-F79D6CBFDDD4}
StarOffice 8-->MsiExec.exe /I{6CE331D7-776E-4C06-9EF3-3999175A5E19}
Stream Torrent 1.0-->"C:\Program Files\StreamTorrent 1.0\uninstall.exe"
Streamripper (Remove only)-->C:\Program Files\Streamripper\Uninstall.exe
STREET FIGHTER IV-->MsiExec.exe /X{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}
SUPER © Version 2009.bld.35 (Jan 5, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
tazti-->MsiExec.exe /I{3B23DF51-DB1D-4083-BC33-672B5FC424C5}
TELL ME MORE Communication-->"D:\Incoming\Tell Me More\Tell me More English Performance v9.0.7z\Bin\unsetup.exe" -file "D:\Incoming\Tell Me More\Tell me More English Performance v9.0.7z\unsetup.aui"
The Witcher Enhanced Edition-->"C:\Program Files\InstallShield Installation Information\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}\setup.exe" -runfromtemp -l0x040c -removeonly
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
TVUPlayer 2.4.9.1-->C:\Program Files\TVUPlayer\uninst.exe
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Outlook 2007 Junk Email Filter (kb977719)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C0C92202-5215-4EFA-B0B9-B3A0DEABCDF1}
USB GAME PAD-->C:\Program Files\InstallShield Installation Information\{FEC7CD2E-2BB5-40C3-9592-078F64677E6C}\setup.exe -runfromtemp -l0x0009 -removeonly
Usenet.nl-->"C:\Program Files\Usenet.nl\unins000.exe"
UseNeXT-->"C:\Program Files\UseNeXT\unins000.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Veetle TV 0.9.16-->C:\Program Files\Veetle\UninstallVeetleTV.exe
Version d'évaluation de Microsoft Office Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL
Video Download Studio 3.2.3-->"C:\Program Files\aHisoft\Video Download Studio\unins000.exe"
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Visual Studio 2005 Tools pour Office Second Edition Runtime-->C:\Program Files\Common Files\Microsoft Shared\VSTO\8.0\Microsoft Visual Studio 2005 Tools for Office Runtime\install.exe
WebCam-->C:\Program Files\InstallShield Installation Information\{4A57592C-FF92-4083-97A9-92783BD5AFB4}\SETUP.exe -runfromtemp -l0x040c -removeonly
Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Movie Maker 2.6-->MsiExec.exe /X{B3DAF54F-DB25-4586-9EF1-96D24BB14088}
XnView 1.94.1-->"C:\Program Files\XnView\unins000.exe"
=====HijackThis Backups=====
O3 - Toolbar: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file) [2009-09-21]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = [2009-09-21]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = [2009-09-21]
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') [2009-09-21]
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-09-21]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF [2009-09-21]
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [2009-09-21]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp [2009-09-21]
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount [2009-09-21]
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [2009-09-21]
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-09-21]
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" [2009-09-21]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [2009-09-21]
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent [2009-09-24]
======Hosts File======
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com
======Security center information======
FW: COMODO Firewall
AS: COMODO Defense+
AS: Avira AntiVir PersonalEdition (outdated)
AS: Windows Defender (disabled)
======System event log======
Computer Name: TimaC
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB972036(Update) à l’état Installation demandée(Install Requested)
Record Number: 201350
Source Name: Microsoft-Windows-Servicing
Time Written: 20090903010149.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: TimaC
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB972036(Update) à l’état Installation demandée(Install Requested)
Record Number: 201346
Source Name: Microsoft-Windows-Servicing
Time Written: 20090903010149.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: TimaC
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB972036(Update) à l’état Installation demandée(Install Requested)
Record Number: 201342
Source Name: Microsoft-Windows-Servicing
Time Written: 20090903010149.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: TimaC
Event Code: 4374
Message: Windows Servicing a déterminé que ce package KB972036(Update) n’est pas applicable à ce système.
Record Number: 201202
Source Name: Microsoft-Windows-Servicing
Time Written: 20090903010124.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: TimaC
Event Code: 4374
Message: Windows Servicing a déterminé que ce package KB972036(Update) n’est pas applicable à ce système.
Record Number: 201201
Source Name: Microsoft-Windows-Servicing
Time Written: 20090903010124.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: TimaC
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-2297984888-1505007607-2599217642-1000:
Process 964 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2297984888-1505007607-2599217642-1000
Record Number: 26993
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20080806225420.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: TimaC
Event Code: 1008
Message: Le service Windows Search tente de supprimer l’ancien catalogue.
Record Number: 26975
Source Name: Microsoft-Windows-Search
Time Written: 20080806200224.000000-000
Event Type: Avertissement
User:
Computer Name: TimaC
Event Code: 1008
Message: Le service Windows Search tente de supprimer l’ancien catalogue.
Record Number: 26968
Source Name: Microsoft-Windows-Search
Time Written: 20080806200151.000000-000
Event Type: Avertissement
User:
Computer Name: TimaC
Event Code: 3058
Message: Impossible d'initialiser l'application.
Contexte : Application Windows
Détails :
Impossible de lire la valeur de registre car la configuration n'est pas valide. Recréez la configuration d'index de contenu en supprimant l'index de contenu. (0x80040d03)
Record Number: 26967
Source Name: Microsoft-Windows-Search
Time Written: 20080806200151.000000-000
Event Type: Erreur
User:
Computer Name: TimaC
Event Code: 3028
Message: Impossible d'initialiser l'objet rassembleur.
Contexte : Application Windows, Catalogue SystemIndex
Détails :
Impossible de lire la valeur de registre car la configuration n'est pas valide. Recréez la configuration d'index de contenu en supprimant l'index de contenu. (0x80040d03)
Record Number: 26966
Source Name: Microsoft-Windows-Search
Time Written: 20080806200151.000000-000
Event Type: Erreur
User:
=====Security event log=====
Computer Name: TimaC
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : TIMAC$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\quartz.dll
ID du handle : 0x18
Informations sur le processus :
ID du processus : 0x11f4
Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 54343
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090629093254.784723-000
Event Type: Succès de l'audit
User:
Computer Name: TimaC
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : TIMAC$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\imkr80.ime
ID du handle : 0x18
Informations sur le processus :
ID du processus : 0x11f4
Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 54342
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090629093254.737923-000
Event Type: Succès de l'audit
User:
Computer Name: TimaC
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : TIMAC$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\wmpeffects.dll
ID du handle : 0x18
Informations sur le processus :
ID du processus : 0x11f4
Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 54341
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090629093254.706723-000
Event Type: Succès de l'audit
User:
Computer Name: TimaC
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : TIMAC$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\photowiz.dll
ID du handle : 0x18
Informations sur le processus :
ID du processus : 0x11f4
Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 54340
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090629093254.628723-000
Event Type: Succès de l'audit
User:
Computer Name: TimaC
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : TIMAC$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\ulib.dll
ID du handle : 0x18
Informations sur le processus :
ID du processus : 0x11f4
Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 54339
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090629093254.597523-000
Event Type: Succès de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Nokia\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\Microsoft SQL Server\80\Tools\Binn;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"RGSCLauncher"=C:\Program Files\Rockstar Games\Rockstar Games Social Club
et enfin le rapport malware bytes merci beaucoup !
Database version: 3510
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005
24/02/2010 19:17:31
mbam-log-2010-02-24 (19-17-22).txt
Scan type: Quick Scan
Objects scanned: 103013
Time elapsed: 8 minute(s), 27 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3
Memory Processes Infected:
C:\Windows\msa.exe (Trojan.Agent) -> No action taken.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\losalamos (Trojan.FakeAlert) -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> No action taken.
C:\Windows\msa.exe (Trojan.Agent) -> No action taken.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
malwarebyte antimalwre n'est pas encore à jour !!! mets le a jour !
puis remets le rapport
ensuite remets les rapports rsit et complets cette fois!!!!
puis remets le rapport
ensuite remets les rapports rsit et complets cette fois!!!!
