Logfile of random's system information tool 1.06 (written by random/random)
Run by Mériem at 2009-10-30 16:56:18
Microsoft
Windows Vista
Édition Familiale Premium Service Pack 1
System drive C: has 187 GB (80%) free of 233 GB
Total RAM: 2813 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:56:46, on 30/10/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal
Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Users\MRIEM~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Mériem\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Mériem.exe
C:\Program Files\Mozilla Firefox\firefox.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=0609&m=aspire_7530
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=0609&m=aspire_7530
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=0609&m=aspire_7530
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=0609&m=aspire_7530
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE Systemboot
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SolidWorks_CheckForUpdates] "C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\partner.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 11296 bytes
======Scheduled tasks folder======
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-10-02 246800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll [2009-09-16 62784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-05-14 312880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-26 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-27 762864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-02-13 150032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-10-26 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-02-13 150032]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-05-14 142896]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-26 256112]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-20 6144000]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-09 24064]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-05-14 526896]
"eAudio"=C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-05-30 544768]
"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-25 28672]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-02-13 1033512]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-07-16 821768]
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-05-09 397312]
"eRecoveryService"= []
"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-05-12 147456]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2008-05-12 167936]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-05-12 167936]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-09-17 645328]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"SolidWorks_CheckForUpdates"=C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe [2009-03-19 7308584]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-17 13552160]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-12-17 92704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-26 68856]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-10-30 16:34:54 ----A---- C:\Windows\system32\nvexpbar.dll
2009-10-30 16:32:24 ----D---- C:\Program Files\Microsoft Silverlight
2009-10-30 15:52:48 ----D---- C:\Users\Mériem\AppData\Roaming\Malwarebytes
2009-10-30 15:52:35 ----D---- C:\ProgramData\Malwarebytes
2009-10-30 15:52:33 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-30 12:16:20 ----D---- C:\rsit
2009-10-30 11:24:43 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-10-29 22:32:08 ----D---- C:\Users\Mériem\AppData\Roaming\SolidWorks
2009-10-29 22:24:23 ----A---- C:\Windows\eDrawingOfficeAutomator.INI
2009-10-29 22:15:19 ----D---- C:\Program Files\Common Files\SolidWorks Shared
2009-10-29 22:14:56 ----D---- C:\Program Files\AGEIA Technologies
2009-10-29 22:14:55 ----D---- C:\ProgramData\SolidWorks
2009-10-29 22:14:55 ----D---- C:\Program Files\SolidWorks Corp
2009-10-29 22:13:35 ----D---- C:\Program Files\MSECache
2009-10-29 22:12:21 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-10-29 21:41:15 ----D---- C:\SolidWorks Data
2009-10-29 21:37:47 ----D---- C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks
2009-10-29 21:28:49 ----D---- C:\Windows\SolidWorks
2009-10-29 21:28:48 ----D---- C:\Users\Mériem\AppData\Roaming\IM
2009-10-29 21:03:54 ----D---- C:\ProgramData\Apple Computer
2009-10-29 21:03:54 ----D---- C:\Program Files\QuickTime
2009-10-29 21:03:02 ----D---- C:\Program Files\Common Files\Apple
2009-10-29 21:02:49 ----D---- C:\ProgramData\Apple
2009-10-29 21:02:49 ----D---- C:\Program Files\Apple Software Update
2009-10-29 19:37:51 ----A---- C:\lopR.txt
2009-10-29 19:36:22 ----D---- C:\Lop SD
2009-10-29 10:08:25 ----D---- C:\Program Files\Trend Micro
2009-10-28 17:48:07 ----A---- C:\Windows\system32\jscript.dll
2009-10-28 11:37:00 ----A---- C:\Windows\system32\occache.dll
2009-10-28 11:37:00 ----A---- C:\Windows\system32\jsproxy.dll
2009-10-28 11:36:59 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-10-28 11:36:59 ----A---- C:\Windows\system32\msfeeds.dll
2009-10-28 11:36:59 ----A---- C:\Windows\system32\iepeers.dll
2009-10-28 11:36:58 ----A---- C:\Windows\system32\ieui.dll
2009-10-28 11:36:58 ----A---- C:\Windows\system32\iesetup.dll
2009-10-28 11:36:57 ----A---- C:\Windows\system32\wininet.dll
2009-10-28 11:36:57 ----A---- C:\Windows\system32\iernonce.dll
2009-10-28 11:36:56 ----A---- C:\Windows\system32\msfeedssync.exe
2009-10-28 11:36:56 ----A---- C:\Windows\system32\ieUnatt.exe
2009-10-28 11:36:56 ----A---- C:\Windows\system32\iertutil.dll
2009-10-28 11:36:56 ----A---- C:\Windows\system32\iedkcs32.dll
2009-10-28 11:36:56 ----A---- C:\Windows\system32\ie4uinit.exe
2009-10-28 11:36:55 ----A---- C:\Windows\system32\urlmon.dll
2009-10-28 11:36:55 ----A---- C:\Windows\system32\iesysprep.dll
2009-10-28 11:36:54 ----A---- C:\Windows\system32\ieframe.dll
2009-10-28 11:36:53 ----A---- C:\Windows\system32\mshtml.dll
2009-10-28 11:35:11 ----A---- C:\Windows\system32\mshtmled.dll
2009-10-28 11:35:10 ----A---- C:\Windows\system32\mshtmler.dll
2009-10-28 11:35:10 ----A---- C:\Windows\system32\icardie.dll
2009-10-28 11:35:10 ----A---- C:\Windows\system32\admparse.dll
2009-10-28 11:35:09 ----A---- C:\Windows\system32\msls31.dll
2009-10-28 11:35:09 ----A---- C:\Windows\system32\corpol.dll
2009-10-28 11:35:08 ----A---- C:\Windows\system32\imgutil.dll
2009-10-28 11:35:08 ----A---- C:\Windows\system32\ieakeng.dll
2009-10-28 11:35:08 ----A---- C:\Windows\system32\dxtrans.dll
2009-10-28 11:35:08 ----A---- C:\Windows\system32\dxtmsft.dll
2009-10-28 11:35:07 ----A---- C:\Windows\system32\licmgr10.dll
2009-10-28 11:35:07 ----A---- C:\Windows\system32\inseng.dll
2009-10-28 11:35:06 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-10-28 11:35:06 ----A---- C:\Windows\system32\wextract.exe
2009-10-28 11:35:06 ----A---- C:\Windows\system32\webcheck.dll
2009-10-28 11:35:06 ----A---- C:\Windows\system32\msrating.dll
2009-10-28 11:35:06 ----A---- C:\Windows\system32\ieakui.dll
2009-10-28 11:35:06 ----A---- C:\Windows\system32\ieaksie.dll
2009-10-28 11:35:05 ----A---- C:\Windows\system32\pngfilt.dll
2009-10-28 11:35:05 ----A---- C:\Windows\system32\mstime.dll
2009-10-28 11:35:05 ----A---- C:\Windows\system32\advpack.dll
2009-10-28 11:35:04 ----A---- C:\Windows\system32\vbscript.dll
2009-10-28 11:35:04 ----A---- C:\Windows\system32\ieapfltr.dll
2009-10-28 11:35:03 ----A---- C:\Windows\system32\url.dll
2009-10-28 11:35:01 ----A---- C:\Windows\system32\mshta.exe
2009-10-28 11:35:01 ----A---- C:\Windows\system32\iexpress.exe
2009-10-28 11:35:00 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-10-28 11:35:00 ----A---- C:\Windows\system32\SetDepNx.exe
2009-10-28 11:35:00 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-10-28 11:35:00 ----A---- C:\Windows\system32\PDMSetup.exe
2009-10-28 10:01:21 ----A---- C:\Windows\system32\infocardapi.dll
2009-10-28 10:01:19 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-10-28 10:01:18 ----A---- C:\Windows\system32\icardagt.exe
2009-10-28 10:01:17 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-10-28 10:01:17 ----A---- C:\Windows\system32\icardres.dll
2009-10-28 10:01:14 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-10-28 10:01:08 ----A---- C:\Windows\system32\PresentationHost.exe
2009-10-28 09:51:44 ----A---- C:\Windows\system32\dfshim.dll
2009-10-28 09:51:34 ----A---- C:\Windows\system32\mscoree.dll
2009-10-28 09:51:31 ----A---- C:\Windows\system32\netfxperf.dll
2009-10-28 09:50:57 ----A---- C:\Windows\system32\mscorier.dll
2009-10-28 09:50:36 ----A---- C:\Windows\system32\mscories.dll
2009-10-27 18:23:36 ----A---- C:\Windows\system32\wmp.dll
2009-10-27 18:23:34 ----A---- C:\Windows\system32\unregmp2.exe
2009-10-27 18:23:31 ----A---- C:\Windows\system32\wmploc.DLL
2009-10-27 18:15:59 ----A---- C:\Windows\system32\wups2.dll
2009-10-27 18:15:59 ----A---- C:\Windows\system32\wuauclt.exe
2009-10-27 18:15:58 ----A---- C:\Windows\system32\wucltux.dll
2009-10-27 18:15:58 ----A---- C:\Windows\system32\wuaueng.dll
2009-10-27 18:15:35 ----A---- C:\Windows\system32\wups.dll
2009-10-27 18:15:35 ----A---- C:\Windows\system32\wudriver.dll
2009-10-27 18:15:35 ----A---- C:\Windows\system32\wuapi.dll
2009-10-27 18:15:27 ----A---- C:\Windows\system32\wuwebv.dll
2009-10-27 18:15:27 ----A---- C:\Windows\system32\wuapp.exe
2009-10-27 13:58:50 ----D---- C:\Users\Mériem\AppData\Roaming\skypePM
2009-10-27 13:57:37 ----D---- C:\Users\Mériem\AppData\Roaming\Skype
2009-10-27 13:56:38 ----D---- C:\Program Files\Common Files\Skype
2009-10-27 13:56:34 ----RD---- C:\Program Files\Skype
2009-10-27 13:56:29 ----D---- C:\ProgramData\Skype
2009-10-27 13:28:15 ----D---- C:\Program Files\PhotoFiltre
2009-10-27 10:49:44 ----SHD---- C:\Users\Mériem\AppData\Roaming\.#
2009-10-27 10:23:09 ----A---- C:\Windows\system32\tzres.dll
2009-10-26 22:38:55 ----D---- C:\Users\Mériem\AppData\Roaming\Big Fish Games
2009-10-26 22:38:49 ----AD---- C:\ProgramData\TEMP
2009-10-26 22:37:10 ----D---- C:\Users\Mériem\AppData\Roaming\CyberLink
2009-10-26 21:16:27 ----D---- C:\ProgramData\Messenger Plus!
2009-10-26 21:03:59 ----D---- C:\Users\Mériem\AppData\Roaming\Windows Live Writer
2009-10-26 20:55:28 ----D---- C:\EGIS_Drive
2009-10-26 20:48:34 ----A---- C:\Windows\system32\winhttp.dll
2009-10-26 20:48:31 ----A---- C:\Windows\system32\atl.dll
2009-10-26 20:48:20 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-10-26 20:48:19 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-10-26 20:47:23 ----A---- C:\Windows\system32\netiohlp.dll
2009-10-26 20:47:22 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-10-26 20:47:22 ----A---- C:\Windows\system32\ARP.EXE
2009-10-26 20:47:21 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-10-26 20:47:20 ----A---- C:\Windows\system32\MRINFO.EXE
2009-10-26 20:47:20 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-10-26 20:47:20 ----A---- C:\Windows\system32\finger.exe
2009-10-26 20:47:19 ----A---- C:\Windows\system32\ROUTE.EXE
2009-10-26 20:47:18 ----A---- C:\Windows\system32\netevent.dll
2009-10-26 20:46:29 ----D---- C:\ProgramData\meet01book
2009-10-26 20:46:25 ----A---- C:\Windows\system32\wlanmsm.dll
2009-10-26 20:46:25 ----A---- C:\Windows\system32\L2SecHC.dll
2009-10-26 20:46:24 ----A---- C:\Windows\system32\wlansvc.dll
2009-10-26 20:46:24 ----A---- C:\Windows\system32\wlansec.dll
2009-10-26 20:46:21 ----A---- C:\Windows\system32\msdtcprx.dll
2009-10-26 20:46:20 ----A---- C:\Windows\system32\xolehlp.dll
2009-10-26 20:46:14 ----D---- C:\Program Files\Messenger Plus! Live
2009-10-26 20:45:52 ----A---- C:\Windows\system32\EncDec.dll
2009-10-26 20:45:50 ----A---- C:\Windows\system32\psisdecd.dll
2009-10-26 20:45:40 ----A---- C:\Windows\system32\kernel32.dll
2009-10-26 20:45:39 ----A---- C:\Windows\system32\apilogen.dll
2009-10-26 20:45:39 ----A---- C:\Windows\system32\amxread.dll
2009-10-26 20:45:33 ----A---- C:\Windows\system32\wdigest.dll
2009-10-26 20:45:33 ----A---- C:\Windows\system32\msv1_0.dll
2009-10-26 20:45:33 ----A---- C:\Windows\system32\lsasrv.dll
2009-10-26 20:45:32 ----A---- C:\Windows\system32\secur32.dll
2009-10-26 20:45:32 ----A---- C:\Windows\system32\lsass.exe
2009-10-26 20:45:26 ----A---- C:\Windows\system32\rpcss.dll
2009-10-26 20:45:24 ----A---- C:\Windows\system32\sdohlp.dll
2009-10-26 20:45:24 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-10-26 20:45:24 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-10-26 20:45:24 ----A---- C:\Windows\system32\iasrecst.dll
2009-10-26 20:45:24 ----A---- C:\Windows\system32\iashost.exe
2009-10-26 20:45:24 ----A---- C:\Windows\system32\iasdatastore.dll
2009-10-26 20:45:24 ----A---- C:\Windows\system32\iasads.dll
2009-10-26 20:45:19 ----A---- C:\Windows\system32\kerberos.dll
2009-10-26 20:45:18 ----A---- C:\Windows\system32\schannel.dll
2009-10-26 20:45:11 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-10-26 20:45:11 ----A---- C:\Windows\system32\mf.dll
2009-10-26 20:45:04 ----A---- C:\Windows\system32\wmpdxm.dll
2009-10-26 20:45:03 ----A---- C:\Windows\system32\spwmp.dll
2009-10-26 20:45:03 ----A---- C:\Windows\system32\dxmasf.dll
2009-10-26 20:44:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-10-26 20:44:58 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-10-26 20:44:54 ----A---- C:\Windows\system32\mstscax.dll
2009-10-26 20:44:51 ----A---- C:\Windows\system32\t2embed.dll
2009-10-26 20:44:51 ----A---- C:\Windows\system32\fontsub.dll
2009-10-26 20:44:51 ----A---- C:\Windows\system32\dciman32.dll
2009-10-26 20:44:51 ----A---- C:\Windows\system32\atmfd.dll
2009-10-26 20:44:47 ----A---- C:\Windows\system32\avifil32.dll
2009-10-26 20:44:45 ----A---- C:\Windows\system32\localspl.dll
2009-10-26 20:44:33 ----A---- C:\Windows\system32\wkssvc.dll
2009-10-26 20:44:27 ----A---- C:\Windows\explorer.exe
2009-10-26 20:44:25 ----A---- C:\Windows\system32\msasn1.dll
2009-10-26 20:44:21 ----A---- C:\Windows\system32\rpcrt4.dll
2009-10-26 20:38:26 ----D---- C:\Program Files\Microsoft
2009-10-26 20:35:34 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-10-26 20:32:33 ----D---- C:\Users\Mériem\AppData\Roaming\Mozilla
2009-10-26 20:32:14 ----D---- C:\Program Files\Mozilla Firefox
2009-10-26 20:30:04 ----D---- C:\Users\Mériem\AppData\Roaming\Adobe
2009-10-26 20:25:42 ----D---- C:\Users\Mériem\AppData\Roaming\Google
2009-10-26 18:38:59 ----D---- C:\Users\Mériem\AppData\Roaming\Macromedia
2009-10-26 18:38:30 ----D---- C:\Users\Mériem\AppData\Roaming\Identities
2009-10-26 18:37:26 ----D---- C:\ProgramData\Partner
2009-10-26 18:36:09 ----D---- C:\ACERSW
2009-10-26 18:35:52 ----D---- C:\ProgramData\Google
2009-10-26 18:35:36 ----SD---- C:\Users\Mériem\AppData\Roaming\Microsoft
2009-10-26 18:35:36 ----D---- C:\Users\Mériem\AppData\Roaming\Media Center Programs
2009-10-26 18:35:36 ----D---- C:\Users\Mériem\AppData\Roaming\Acer GameZone Console
2009-10-26 18:32:31 ----SHD---- C:\ProgramData\Modèles
2009-10-26 18:32:31 ----SHD---- C:\ProgramData\Menu Démarrer
2009-10-26 18:32:31 ----SHD---- C:\ProgramData\Favoris
2009-10-26 18:32:31 ----SHD---- C:\ProgramData\Bureau
2009-10-26 18:32:31 ----SHD---- C:\Program Files\Fichiers communs
======List of files/folders modified in the last 1 months======
2009-10-30 16:56:21 ----D---- C:\Windows\Temp
2009-10-30 16:52:59 ----D---- C:\Windows
2009-10-30 16:45:20 ----D---- C:\Windows\system32\WDI
2009-10-30 16:43:33 ----D---- C:\Windows\System32
2009-10-30 16:36:15 ----SHD---- C:\Windows\Installer
2009-10-30 16:35:57 ----D---- C:\Windows\winsxs
2009-10-30 16:35:26 ----D---- C:\ProgramData\NVIDIA
2009-10-30 16:34:30 ----D---- C:\Windows\system32\drivers
2009-10-30 16:34:12 ----D---- C:\Windows\system32\catroot2
2009-10-30 16:34:12 ----D---- C:\Windows\system32\catroot
2009-10-30 16:34:07 ----D---- C:\Windows\inf
2009-10-30 16:32:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-10-30 16:32:24 ----RD---- C:\Program Files
2009-10-30 16:31:53 ----D---- C:\Program Files\Common Files\microsoft shared
2009-10-30 16:30:57 ----SHD---- C:\System Volume Information
2009-10-30 15:52:35 ----HD---- C:\ProgramData
2009-10-30 09:59:56 ----D---- C:\Windows\Microsoft.NET
2009-10-30 09:59:34 ----RSD---- C:\Windows\assembly
2009-10-29 22:19:58 ----D---- C:\ProgramData\Microsoft Help
2009-10-29 22:16:31 ----RSD---- C:\Windows\Fonts
2009-10-29 22:15:19 ----D---- C:\Program Files\Common Files
2009-10-29 22:15:03 ----HD---- C:\Windows\system32\GroupPolicy
2009-10-29 22:15:02 ----D---- C:\Program Files\Common Files\DESIGNER
2009-10-29 22:14:57 ----D---- C:\Program Files\Microsoft Office
2009-10-29 22:13:23 ----SD---- C:\ProgramData\Microsoft
2009-10-29 21:41:53 ----D---- C:\Windows\system32\Tasks
2009-10-29 21:04:43 ----D---- C:\Program Files\Internet Explorer
2009-10-29 12:48:50 ----D---- C:\Windows\Prefetch
2009-10-28 13:13:43 ----D---- C:\Windows\rescache
2009-10-28 11:45:03 ----D---- C:\Windows\system32\migration
2009-10-28 11:45:01 ----D---- C:\Windows\system32\fr-FR
2009-10-28 11:44:57 ----D---- C:\Windows\system32\en-US
2009-10-28 11:44:57 ----D---- C:\Windows\PolicyDefinitions
2009-10-28 11:37:55 ----D---- C:\Windows\Debug
2009-10-28 10:55:48 ----D---- C:\Windows\system32\XPSViewer
2009-10-28 10:55:48 ----D---- C:\Windows\system32\wbem
2009-10-28 10:24:16 ----D---- C:\Program Files\Microsoft Works
2009-10-28 09:28:05 ----D---- C:\Program Files\McAfee
2009-10-27 18:43:13 ----D---- C:\Program Files\Windows Media Player
2009-10-27 10:27:55 ----D---- C:\Program Files\Windows Mail
2009-10-27 10:27:54 ----D---- C:\Windows\ehome
2009-10-27 10:27:47 ----D---- C:\Windows\system32\manifeststore
2009-10-27 10:27:47 ----D---- C:\Windows\AppPatch
2009-10-27 10:21:06 ----D---- C:\ProgramData\CyberLink
2009-10-27 10:06:47 ----D---- C:\ProgramData\McAfee
2009-10-27 10:05:30 ----D---- C:\Windows\SoftwareDistribution
2009-10-26 21:14:41 ----D---- C:\Program Files\Google
2009-10-26 20:41:30 ----D---- C:\Program Files\Windows Live
2009-10-26 19:39:20 ----D---- C:\ACER
2009-10-26 18:38:48 ----SHD---- C:\$RECYCLE.BIN
2009-10-26 18:38:11 ----D---- C:\Windows\system32\OEM
2009-10-26 18:36:21 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-26 18:36:21 ----D---- C:\Program Files\Acer
2009-10-26 18:35:35 ----RD---- C:\Users
2009-10-26 18:32:31 ----D---- C:\Program Files\Windows NT
2009-10-02 11:01:58 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-09-16 214664]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2009-07-16 130424]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-05-09 61424]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-03-21 15392]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-05-26 12672]
R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-05-14 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-05-14 60464]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-05-26 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-30 1184768]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-04-07 210432]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-05-26 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-05-26 207872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-20 2143136]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-09-16 79816]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2009-09-16 35272]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-09-16 40552]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-12-29 45600]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-17 7580544]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-10-21 14848]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-05-06 62976]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-02-13 196784]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-05-26 661504]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 Ltn_stk7070P;PCTV LITEON based TV tuner device; C:\Windows\system32\DRIVERS\Ltn_stk7070P.sys [2008-02-04 542976]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-09-16 34248]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-05-14 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-03-11 210216]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-09-17 865832]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-07-07 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-07-08 359952]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-09-16 144704]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-09-15 894136]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-10-02 26640]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-17 203296]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-05-26 386560]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-09-16 606736]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2009-03-19 83240]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-09 24064]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-26 182768]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-09-16 365072]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Partner Service;Partner Service; C:\ProgramData\Partner\partner.exe [2009-10-26 110576]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2009-10-29 79360]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
-----------------EOF-----------------
La sécurité
Aide à la désinfection
Sujets résolus ou anciens
![[Fermé] Lop Swizzor - Pub toutes les 5 minutes .... Icon_minitime](https://2img.net/i/fa/icon_minitime.gif){kind=icon}
Mer 28 Oct 2009 - 18:02
Télécharge HijackThis
![[Fermé] Lop Swizzor - Pub toutes les 5 minutes .... Mini_091031052644554286](https://nsa11.casimages.com/img/2009/10/31/mini_091031052644554286.gif)
![[Fermé] Lop Swizzor - Pub toutes les 5 minutes .... Icon_biggrin](https://2img.net/i/fa/i/smiles/icon_biggrin.png){kind=icon}
Merci.
