Raports log et info de rsi 1.06
Fermé
blacrolf
-
toptitbal Messages postés 5341 Date d'inscription Statut Contributeur sécurité Dernière intervention -
toptitbal Messages postés 5341 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Bonjour,
j ai recu des raports de random's system information tool 1.06 et je voulais savoir la procedure a suivre merci vola le premier message info
info.txt logfile of random's system information tool 1.06 2009-09-12 11:21:09
======Uninstall list======
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0C0A-0000-0000000FF1CE} /uninstall {2CC8520D-6A74-4CCA-9539-8E774E2B50D1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0C0A-0000-0000000FF1CE} /uninstall {2CC8520D-6A74-4CCA-9539-8E774E2B50D1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0C0A-0000-0000000FF1CE} /uninstall {2CC8520D-6A74-4CCA-9539-8E774E2B50D1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0403-0000-0000000FF1CE} /uninstall {A5B6B786-2D6F-4B75-940F-42B32D01D146}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0416-0000-0000000FF1CE} /uninstall {669EB263-0AFE-4FCB-A068-DB082CA6273C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0C0A-0000-0000000FF1CE} /uninstall {35B14BD6-6042-4A55-B326-58309DC8C72A}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0C0A-0000-0000000FF1CE} /uninstall {2CC8520D-6A74-4CCA-9539-8E774E2B50D1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Acer Assist-->C:\Program Files\Acer\Acer Assist\uninstall.exe
Acer eDataSecurity Management-->C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSnstHelper.exe -Operation UNINSTALL
Acer Empowering Technology-->"C:\Program Files\InstallShield Installation Information\{8F1B6239-FEA0-450A-A950-B05276CE177C}\setup.exe" -runfromtemp -l0x000a -removeonly
Acer eRecovery Management-->"C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x000a -removeonly
Acer Registration-->C:\Program Files\Acer\Acer Registration\uninstall.exe
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9 - Español-->MsiExec.exe /I{AC76BA86-7AD7-1034-7B44-A90000000001}
Agatha Christie Peril at End House-->"C:\Program Files\Acer GameZone\Agatha Christie Peril at End House\Uninstall.exe" "C:\Program Files\Acer GameZone\Agatha Christie Peril at End House\install.log"
Alice Greenfingers-->"C:\Program Files\Acer GameZone\Alice Greenfingers\Uninstall.exe" "C:\Program Files\Acer GameZone\Alice Greenfingers\install.log"
Alien Shooter-->"C:\Program Files\Acer GameZone\Alien Shooter\Uninstall.exe" "C:\Program Files\Acer GameZone\Alien Shooter\install.log"
Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
AV Input Selection-->MsiExec.exe /X{F429ED71-4A8B-457A-85E4-F6398CE73E58}
Beetle Junior-->"C:\Program Files\Acer GameZone\Beetle Junior\Uninstall.exe" "C:\Program Files\Acer GameZone\Beetle Junior\install.log"
C:\Program Files\Acer GameZone\GameConsole-->"C:\Program Files\Acer GameZone\GameConsole\unins000.exe"
Cake Mania-->"C:\Program Files\Acer GameZone\Cake Mania\Uninstall.exe" "C:\Program Files\Acer GameZone\Cake Mania\install.log"
Carbonite Online Backup Setup-->"C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /uninstall
Chicken Invaders 2-->"C:\Program Files\Acer GameZone\Chicken Invaders 2\Uninstall.exe" "C:\Program Files\Acer GameZone\Chicken Invaders 2\install.log"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Dream Day First Home-->"C:\Program Files\Acer GameZone\Dream Day First Home\Uninstall.exe" "C:\Program Files\Acer GameZone\Dream Day First Home\install.log"
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
eSobi v2-->C:\Program Files\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x040a
Galapago-->"C:\Program Files\Acer GameZone\Galapago\Uninstall.exe" "C:\Program Files\Acer GameZone\Galapago\install.log"
Galería fotográfica de Windows Live-->MsiExec.exe /X{6389C9DB-495C-4A86-A5E1-D32227A621B6}
Go-Go Gourmet-->"C:\Program Files\Acer GameZone\Go-Go Gourmet\Uninstall.exe" "C:\Program Files\Acer GameZone\Go-Go Gourmet\install.log"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Heroes of Hellas-->"C:\Program Files\Acer GameZone\Heroes of Hellas\Uninstall.exe" "C:\Program Files\Acer GameZone\Heroes of Hellas\install.log"
Herramienta de carga de Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hitman 2: Silent Assassin-->C:\PROGRA~1\EIDOSI~1\HITMAN~1\uninstall.exe
Les Sims™ 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe" -runfromtemp -l0x040c -removeonly
Magic Farm-->"C:\Program Files\Acer GameZone\Magic Farm\Uninstall.exe" "C:\Program Files\Acer GameZone\Magic Farm\install.log"
Magic Match Adventures-->"C:\Program Files\Acer GameZone\Magic Match Adventures\Uninstall.exe" "C:\Program Files\Acer GameZone\Magic Match Adventures\install.log"
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
Microsoft Office Excel MUI (Spanish) 2007-->MsiExec.exe /X{90120000-0016-0C0A-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Spanish) 2007-->MsiExec.exe /X{90120000-00A1-0C0A-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Spanish) 2007-->MsiExec.exe /X{90120000-0018-0C0A-0000-0000000FF1CE}
Microsoft Office Proof (Basque) 2007-->MsiExec.exe /X{90120000-001F-042D-0000-0000000FF1CE}
Microsoft Office Proof (Catalan) 2007-->MsiExec.exe /X{90120000-001F-0403-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Galician) 2007-->MsiExec.exe /X{90120000-001F-0456-0000-0000000FF1CE}
Microsoft Office Proof (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Spanish) 2007-->MsiExec.exe /X{90120000-002C-0C0A-0000-0000000FF1CE}
Microsoft Office Shared MUI (Spanish) 2007-->MsiExec.exe /X{90120000-006E-0C0A-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (Spanish) 2007-->MsiExec.exe /X{90120000-001B-0C0A-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{80DDC39C-8CB5-49de-9748-36C990922110}
Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Messenger 7.0-->MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600820}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Mystery Solitaire - Secret Island-->"C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\install.log"
Mythic Mahjong-->"C:\Program Files\Acer GameZone\Mythic Mahjong\Uninstall.exe" "C:\Program Files\Acer GameZone\Mythic Mahjong\install.log"
NTI Backup Now 5-->C:\Program Files\InstallShield Installation Information\{12EFA1A4-AC3B-443C-8143-237EDE760403}\setup.exe -runfromtemp -l0x040a
NTI Media Maker 8-->C:\Program Files\InstallShield Installation Information\{2413930C-8309-47A6-BC61-5EF27A4222BC}\setup.exe -runfromtemp -l0x040a
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->"C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -runfromtemp -l0x040a -removeonly
NVIDIA ForceWare Network Access Manager-->MsiExec.exe /I{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
PowerDirector (Acer DT)-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
PowerDirector (Acer DT)-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
PowerDVD 7.0 with 5.1ch-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Putt Mania-->"C:\Program Files\Acer GameZone\Putt Mania\Uninstall.exe" "C:\Program Files\Acer GameZone\Putt Mania\install.log"
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
The Rise of Atlantis-->"C:\Program Files\Acer GameZone\The Rise of Atlantis\Uninstall.exe" "C:\Program Files\Acer GameZone\The Rise of Atlantis\install.log"
Tiks Texas Hold em-->"C:\Program Files\Acer GameZone\Tiks Texas Hold em\Uninstall.exe" "C:\Program Files\Acer GameZone\Tiks Texas Hold em\install.log"
Tom Clancy's Splinter Cell Double Agent-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAD1691A-FA24-4B95-9009-3257B8440ECC}\setup.exe" -l0x40c -removeonly
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Windows Live Asistente para el inicio de sesión-->MsiExec.exe /I{861E28A8-099C-4B12-8F51-BE8F2A3D6346}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{D0F1DC40-37A4-4401-AC80-1FCCF01DEAF5}
Windows Live Sync-->MsiExec.exe /X{3F7D70F3-381C-4136-8BBA-358322578EF8}
Womens Murder Club-->"C:\Program Files\Acer GameZone\Womens Murder Club\Uninstall.exe" "C:\Program Files\Acer GameZone\Womens Murder Club\install.log"
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: nadji1
Event Code: 7036
Message: El servicio Instantáneas de volumen entró en estado "detenido".
Record Number: 21410
Source Name: Service Control Manager
Time Written: 20090912155329.000000-000
Event Type: Información
User:
Computer Name: nadji1
Event Code: 33
Message: Se eliminó la instantánea más antigua del volumen C: para que el uso de espacio de disco del volumen de instantáneas C: no sobrepasara el límite definido por el usuario.
Record Number: 21411
Source Name: volsnap
Time Written: 20090912155410.988606-000
Event Type: Información
User:
Computer Name: nadji1
Event Code: 7036
Message: El servicio Proveedor de instantáneas de software de Microsoft entró en estado "detenido".
Record Number: 21412
Source Name: Service Control Manager
Time Written: 20090912155630.000000-000
Event Type: Información
User:
Computer Name: nadji1
Event Code: 7036
Message: El servicio Windows CardSpace entró en estado "detenido".
Record Number: 21413
Source Name: Service Control Manager
Time Written: 20090912161251.000000-000
Event Type: Información
User:
Computer Name: nadji1
Event Code: 1103
Message: Se asignó correctamente una dirección de red al equipo, por lo que ahora puede conectarse con otros equipos.
Record Number: 21414
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20090912161503.000000-000
Event Type: Información
User:
=====Application event log=====
Computer Name: nadji1
Event Code: 9013
Message: No se pudo iniciar el Administrador de ventanas de escritorio. Una aplicación en ejecución deshabilitó la composición
Record Number: 2830
Source Name: Desktop Window Manager
Time Written: 20090912155612.000000-000
Event Type: Información
User:
Computer Name: nadji1
Event Code: 1000
Message: Aplicación con errores set91A5.tmp, versión 11.0.0.28844, marca de hora 0x4250bcf6, módulo con errores set91A5.tmp, versión 11.0.0.28844, marca de tiempo 0x4250bcf6, código de excepción 0xc0000005, desplazamiento con errores 0x0000742e, Id. de proceso 0x1558, hora de inicio de la aplicación 0x01ca33c24fe2bddf.
Record Number: 2831
Source Name: Application Error
Time Written: 20090912160139.000000-000
Event Type: Error
User:
Computer Name: nadji1
Event Code: 1001
Message: Depósito con errores 651737199, tipo 1
Nombre de evento: APPCRASH
Respuesta Ninguno
Id. de archivo CAB: 0
Firma del problema:
P1: set91A5.tmp
P2: 11.0.0.28844
P3: 4250bcf6
P4: set91A5.tmp
P5: 11.0.0.28844
P6: 4250bcf6
P7: c0000005
P8: 0000742e
P9:
P10:
Archivos adjuntos:
C:\Users\nadji\AppData\Local\Temp\WER932B.tmp.version.txt
Es posible que estos archivos estén disponibles aquí:
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report11f6a5a2
Record Number: 2832
Source Name: Windows Error Reporting
Time Written: 20090912160144.000000-000
Event Type: Información
User:
Computer Name: nadji1
Event Code: 518
Message: El servicio Windows CardSpace ha estado inactivo durante algún tiempo. Se cerró para que los recursos estén disponibles para otros programas.
Record Number: 2833
Source Name: CardSpace 3.0.0.0
Time Written: 20090912161251.000000-000
Event Type: Información
User: NT AUTHORITY\SYSTEM
Computer Name: nadji1
Event Code: 0
Message: El servicio se detuvo correctamente.
Record Number: 2834
Source Name: idsvc
Time Written: 20090912161251.000000-000
Event Type: Información
User:
=====Security event log=====
Computer Name: nadji1
Event Code: 5038
Message: Integridad de código determinó que el hash de imagen de un archivo no es válido. El archivo pudo resultar dañado por una modificación no autorizada o el hash no válido podría indicar un posible error de dispositivo de disco.
Nombre de archivo: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4878
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090912162106.915937-000
Event Type: Error de auditoría
User:
Computer Name: nadji1
Event Code: 5038
Message: Integridad de código determinó que el hash de imagen de un archivo no es válido. El archivo pudo resultar dañado por una modificación no autorizada o el hash no válido podría indicar un posible error de dispositivo de disco.
Nombre de archivo: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4879
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090912162107.025143-000
Event Type: Error de auditoría
User:
Computer Name: nadji1
Event Code: 5038
Message: Integridad de código determinó que el hash de imagen de un archivo no es válido. El archivo pudo resultar dañado por una modificación no autorizada o el hash no válido podría indicar un posible error de dispositivo de disco.
Nombre de archivo: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4880
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090912162107.071945-000
Event Type: Error de auditoría
User:
Computer Name: nadji1
Event Code: 5038
Message: Integridad de código determinó que el hash de imagen de un archivo no es válido. El archivo pudo resultar dañado por una modificación no autorizada o el hash no válido podría indicar un posible error de dispositivo de disco.
Nombre de archivo: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4881
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090912162107.103147-000
Event Type: Error de auditoría
User:
Computer Name: nadji1
Event Code: 5038
Message: Integridad de código determinó que el hash de imagen de un archivo no es válido. El archivo pudo resultar dañado por una modificación no autorizada o el hash no válido podría indicar un posible error de dispositivo de disco.
Nombre de archivo: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4882
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090912162107.118748-000
Event Type: Error de auditoría
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Acer\Empowering Technology\eDataSecurity;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 127 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=7f02
"NUMBER_OF_PROCESSORS"=1
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"Pathtem"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Acer\Empowering Technology\eDataSecurity\;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64
"NTIPath"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Acer\Empowering Technology\eDataSecurity\;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\;
-----------------EOF-----------------
et voila le second message log
Logfile of random's system information tool 1.06 (written by random/random)
Run by nadji at 2009-09-12 11:20:50
Microsoft® Windows Vista™ Home Basic Service Pack 1
System drive C: has 102 GB (71%) free of 144 GB
Total RAM: 1790 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:21:07, on 12/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Cyberlink\PowerDVD\PDVDServ.exe
C:\Program Files\Carbonite\CarbonitePreinstaller.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\nadji\Downloads\RSIT.exe
C:\Program Files\trend micro\nadji.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=080a&s=1&o=vb32&d=1006&m=aspire_x1300
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=080a&s=1&o=vb32&d=1006&m=aspire_x1300
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files\McAfee\MSK\MskAPBho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\bin32\nSvcAppFlt.exe
O23 - Service: Administrador de Google Desktop 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\bin32\nSvcIp.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
--
End of file - 8278 bytes
======Scheduled tasks folder======
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - C:\Program Files\McAfee\MSK\MskAPBho.dll [2008-09-22 246088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2008-09-26 58688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-07-29 312880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Aplicación auxiliar de inicio de sesión - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-11 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-11 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-11 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-07-29 142896]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-11 256112]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-20 1008184]
"Acer Empowering Technology Monitor"=C:\Program Files\Acer\Empowering Technology\SysMonitor.exe [2008-10-01 319488]
"EmpoweringTechnology"=C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe [2008-10-01 323584]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-20 30192]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-07-29 526896]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-01-08 68640]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]
"CarboniteSetupLite"=C:\Program Files\Carbonite\CarbonitePreinstaller.exe [2008-10-02 294544]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-03-26 5369856]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-08 13584928]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2008-09-23 641208]
"Acer Product Registration"=C:\Program Files\Acer\Acer Registration\ACE1.exe [2007-11-26 3387392]
"Acer Assist Launcher"=C:\Program Files\Acer\Acer Assist\launcher.exe [2007-11-19 1261568]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-20 1233920]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-05 68856]
"msnmsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-09-04 6856704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5702f6e8-58ad-11db-8a74-806e6f6e6963}]
shell\AutoRun\command - E:\dvdcheck.exe
shell\directx\command - DirectX9\dxsetup.exe
shell\setup\command - E:\setup.exe
======List of files/folders created in the last 1 months======
2009-09-12 11:20:50 ----D---- C:\rsit
2009-09-12 11:20:50 ----D---- C:\Program Files\trend micro
2009-09-12 10:34:11 ----D---- C:\Program Files\MSN Messenger
2009-09-12 10:27:04 ----SHD---- C:\Config.Msi
2009-09-12 10:06:36 ----D---- C:\Program Files\Mozilla Firefox
2009-09-11 22:14:09 ----D---- C:\Program Files\Eidos Interactive
2009-09-11 21:52:26 ----A---- C:\log.txt
2009-09-11 21:49:28 ----SHD---- C:\$RECYCLE.BIN
2009-09-11 21:49:23 ----A---- C:\ComboFix.txt
2009-09-11 21:39:53 ----A---- C:\Windows\zip.exe
2009-09-11 21:39:53 ----A---- C:\Windows\SWXCACLS.exe
2009-09-11 21:39:53 ----A---- C:\Windows\SWSC.exe
2009-09-11 21:39:53 ----A---- C:\Windows\SWREG.exe
2009-09-11 21:39:53 ----A---- C:\Windows\sed.exe
2009-09-11 21:39:53 ----A---- C:\Windows\PEV.exe
2009-09-11 21:39:53 ----A---- C:\Windows\NIRCMD.exe
2009-09-11 21:39:53 ----A---- C:\Windows\grep.exe
2009-09-11 21:39:47 ----D---- C:\Windows\ERDNT
2009-09-11 21:39:32 ----D---- C:\Qoobox
2009-09-11 19:07:18 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2009-09-11 14:02:43 ----D---- C:\Program Files\Real
2009-09-11 14:02:40 ----D---- C:\Program Files\Common Files\Real
2009-09-11 14:02:39 ----D---- C:\ProgramData\Real
2009-09-11 14:02:28 ----D---- C:\Users\nadji\AppData\Roaming\Real
2009-09-11 12:45:49 ----D---- C:\Users\nadji\AppData\Roaming\Skype
2009-09-10 21:13:00 ----D---- C:\Program Files\Skype
2009-09-10 21:12:53 ----D---- C:\ProgramData\Skype
2009-09-10 16:51:56 ----D---- C:\Users\nadji\AppData\Roaming\IDM
2009-09-10 16:51:55 ----D---- C:\Users\nadji\AppData\Roaming\DMCache
2009-09-10 16:51:49 ----D---- C:\Program Files\Internet Download Manager
2009-09-09 18:50:23 ----D---- C:\Program Files\Microsoft Silverlight
2009-09-09 18:49:30 ----D---- C:\Program Files\Microsoft Sync Framework
2009-09-09 16:04:20 ----D---- C:\Users\nadji\AppData\Roaming\LimeWire
2009-09-09 13:44:34 ----D---- C:\Users\nadji\AppData\Roaming\Mozilla
2009-09-09 13:44:34 ----D---- C:\Program Files\AskBarDis
2009-09-09 13:43:43 ----D---- C:\Users\nadji\AppData\Roaming\uTorrent
2009-09-08 22:09:25 ----D---- C:\Users\nadji\AppData\Roaming\GRETECH
2009-09-08 22:03:36 ----D---- C:\Program Files\GRETECH
2009-09-07 17:05:37 ----D---- C:\Users\nadji\AppData\Roaming\CyberLink
2009-09-06 13:50:22 ----D---- C:\ProgramData\Friends Games
2009-09-06 13:41:41 ----D---- C:\ProgramData\SpinTop Games
2009-09-06 11:33:24 ----D---- C:\Users\nadji\AppData\Roaming\Transcend
2009-09-05 21:50:20 ----D---- C:\ProgramData\TERMINAL Studio
2009-09-05 20:24:17 ----D---- C:\ProgramData\Arcade Lab
2009-09-05 20:12:15 ----D---- C:\ProgramData\Go Go Gourmet
2009-09-05 19:41:49 ----D---- C:\ProgramData\Ubisoft
2009-09-05 18:44:36 ----A---- C:\Windows\system32\xactengine2_2.dll
2009-09-05 18:39:58 ----D---- C:\Users\nadji\AppData\Roaming\Flood Light Games
2009-09-05 18:39:58 ----D---- C:\ProgramData\Flood Light Games
2009-09-05 18:30:10 ----D---- C:\Program Files\Ubisoft
2009-09-05 17:45:44 ----A---- C:\Windows\system32\StringLib.dll
2009-09-05 17:45:44 ----A---- C:\Windows\system32\ANIKINFO.exe
2009-09-05 17:45:43 ----D---- C:\Windows\system32\DATA
2009-09-05 17:37:32 ----D---- C:\Program Files\MSXML 4.0
2009-09-05 17:37:28 ----A---- C:\Windows\system32\xinput1_1.dll
2009-09-05 17:37:28 ----A---- C:\Windows\system32\xactengine2_1.dll
2009-09-05 17:37:24 ----A---- C:\Windows\system32\xactengine2_0.dll
2009-09-05 17:37:24 ----A---- C:\Windows\system32\x3daudio1_0.dll
2009-09-05 17:37:24 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-09-05 17:37:23 ----A---- C:\Windows\system32\d3dx9_29.dll
2009-09-05 17:37:23 ----A---- C:\Windows\system32\d3dx9_28.dll
2009-09-05 17:37:23 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-09-05 17:37:23 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-09-05 17:37:23 ----A---- C:\Windows\system32\d3dx9_25.dll
2009-09-05 17:37:22 ----A---- C:\Windows\system32\d3dx9_24.dll
2009-09-05 17:24:15 ----D---- C:\ProgramData\Electronic Arts
2009-09-05 17:19:48 ----A---- C:\Windows\system32\vp6vfw.dll
2009-09-05 17:19:38 ----A---- C:\Windows\system32\d3dx9_31.dll
2009-09-05 17:12:48 ----AD---- C:\ProgramData\TEMP
2009-09-05 17:11:51 ----D---- C:\Program Files\Electronic Arts
2009-09-05 17:04:49 ----D---- C:\Users\nadji\AppData\Roaming\eSobi
2009-09-05 16:27:57 ----D---- C:\Users\nadji\AppData\Roaming\Google
2009-09-05 16:27:35 ----D---- C:\Users\nadji\AppData\Roaming\Adobe
2009-09-05 16:26:18 ----D---- C:\Users\nadji\AppData\Roaming\Leadertech
2009-09-05 16:26:14 ----D---- C:\Users\nadji\AppData\Roaming\Acer
2009-09-05 16:25:58 ----D---- C:\Users\nadji\AppData\Roaming\Macromedia
2009-09-05 16:25:32 ----D---- C:\Users\nadji\AppData\Roaming\Identities
2009-09-05 16:24:24 ----D---- C:\ACERSW
2009-09-05 16:24:08 ----D---- C:\ProgramData\Google
2009-09-05 16:23:52 ----SD---- C:\Users\nadji\AppData\Roaming\Microsoft
2009-09-05 16:23:52 ----D---- C:\Users\nadji\AppData\Roaming\Acer GameZone Console
2009-09-05 16:20:58 ----SHD---- C:\ProgramData\Plantillas
2009-09-05 16:20:58 ----SHD---- C:\ProgramData\Menú Inicio
2009-09-05 16:20:58 ----SHD---- C:\ProgramData\Favoritos
2009-09-05 16:20:58 ----SHD---- C:\ProgramData\Escritorio
2009-09-05 16:20:58 ----SHD---- C:\ProgramData\Documentos
2009-09-05 16:20:58 ----SHD---- C:\ProgramData\Datos de programa
2009-09-05 16:20:58 ----SHD---- C:\Program Files\Archivos comunes
2009-09-05 16:20:58 ----SHD---- C:\Archivos de programa
======List of files/folders modified in the last 1 months======
2009-09-12 11:21:03 ----D---- C:\Windows\Temp
2009-09-12 11:20:50 ----RD---- C:\Program Files
2009-09-12 10:54:11 ----SHD---- C:\System Volume Information
2009-09-12 10:42:38 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-12 10:42:31 ----SHD---- C:\Windows\Installer
2009-09-12 10:42:31 ----SD---- C:\ProgramData\Microsoft
2009-09-12 10:41:20 ----RSD---- C:\Windows\assembly
2009-09-12 10:41:20 ----D---- C:\Windows\winsxs
2009-09-12 10:40:56 ----D---- C:\Windows\inf
2009-09-12 10:38:31 ----RSD---- C:\Windows\Fonts
2009-09-12 10:27:22 ----D---- C:\Program Files\Windows Live
2009-09-12 10:27:05 ----D---- C:\Windows\System32
2009-09-12 10:06:55 ----D---- C:\Windows
2009-09-12 09:49:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-09-12 09:44:45 ----D---- C:\ProgramData
2009-09-11 23:19:08 ----D---- C:\Windows\system32\catroot2
2009-09-11 21:51:39 ----D---- C:\Windows\system32\NDF
2009-09-11 21:49:51 ----D---- C:\Windows\system32\es-ES
2009-09-11 21:48:07 ----A---- C:\Windows\system.ini
2009-09-11 21:44:16 ----D---- C:\Windows\system32\drivers
2009-09-11 21:44:16 ----D---- C:\Windows\AppPatch
2009-09-11 21:44:15 ----D---- C:\Program Files\Common Files
2009-09-11 21:40:14 ----D---- C:\Program Files\Google
2009-09-11 21:29:33 ----D---- C:\ProgramData\McAfee
2009-09-11 21:29:33 ----D---- C:\Program Files\McAfee
2009-09-11 21:18:53 ----D---- C:\Windows\system32\wbem
2009-09-11 21:18:43 ----D---- C:\Windows\system32\Msdtc
2009-09-11 21:17:06 ----D---- C:\Windows\system32\config
2009-09-11 21:16:30 ----D---- C:\Windows\Tasks
2009-09-11 21:16:30 ----D---- C:\Windows\system32\Tasks
2009-09-11 21:16:30 ----D---- C:\Windows\system32\spool
2009-09-11 21:16:30 ----D---- C:\Windows\system32\migration
2009-09-11 21:16:30 ----D---- C:\Windows\system32\manifeststore
2009-09-11 21:16:30 ----D---- C:\Windows\system32\ias
2009-09-11 21:16:30 ----D---- C:\Windows\system32\CodeIntegrity
2009-09-11 21:16:30 ----D---- C:\Windows\rescache
2009-09-11 21:16:29 ----RSD---- C:\Windows\Media
2009-09-11 21:16:29 ----D---- C:\Windows\Microsoft.NET
2009-09-11 21:16:27 ----SD---- C:\Windows\Downloaded Program Files
2009-09-11 21:16:26 ----D---- C:\Program Files\Windows Media Player
2009-09-11 21:16:24 ----D---- C:\Program Files\Microsoft
2009-09-11 21:16:10 ----D---- C:\Program Files\McAfee.com
2009-09-11 21:16:10 ----D---- C:\Program Files\Internet Explorer
2009-09-11 21:16:09 ----D---- C:\Program Files\Common Files\microsoft shared
2009-09-11 21:16:09 ----D---- C:\Program Files\Common Files\McAfee
2009-09-11 21:16:08 ----D---- C:\ACER
2009-09-11 21:16:00 ----D---- C:\Windows\registration
2009-09-11 19:12:59 ----D---- C:\Windows\system32\catroot
2009-09-09 22:45:58 ----D---- C:\Windows\SoftwareDistribution
2009-09-09 16:10:35 ----D---- C:\Windows\system32\WDI
2009-09-09 15:40:59 ----D---- C:\Windows\Prefetch
2009-09-09 13:23:40 ----D---- C:\ProgramData\NVIDIA
2009-09-08 19:24:18 ----D---- C:\Windows\Logs
2009-09-05 17:05:37 ----D---- C:\ProgramData\eSobi
2009-09-05 16:40:51 ----D---- C:\Program Files\Microsoft Games
2009-09-05 16:39:19 ----D---- C:\Program Files\Common Files\InstallShield
2009-09-05 16:25:59 ----D---- C:\Windows\system32\OEM
2009-09-05 16:25:59 ----D---- C:\Windows\Acer_Normal
2009-09-05 16:24:49 ----D---- C:\Program Files\Acer
2009-09-05 16:23:52 ----RD---- C:\Users
2009-09-05 16:20:58 ----D---- C:\Program Files\Windows NT
2009-09-05 16:20:57 ----D---- C:\Windows\Debug
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2008-09-26 212968]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2008-08-26 130424]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-10-01 12832]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-07-29 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-07-29 60464]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-03-26 2103512]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2008-09-26 79272]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2008-09-26 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2008-09-26 40488]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-03-22 43552]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-08 7391712]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-10-12 13312]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-20 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-20 83328]
S3 catchme;catchme; \??\C:\Users\nadji\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Descodificador de audio DRM del kernel de Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-20 5632]
S3 HdAudAddService;Controlador de la función Microsoft 1.1 UAA para el servicio High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2008-09-26 34216]
S3 MSKSSRV;Proxy de servicio de transmisión por secuencias de Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-20 8192]
S3 MSPCLOCK;Proxy del reloj de transmisión por secuencias de Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-20 5888]
S3 MSPQM;Proxy del administrador de calidad de transmisión por secuencias de Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-20 5504]
S3 MSTEE;Convertidor Tee/Sink-to-Sink de transmisión por secuencias de Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-20 6016]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-07-29 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-10-01 24576]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\bin32\nSvcAppFlt.exe [2008-01-29 598016]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-09-23 792184]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-09-12 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2008-09-10 359248]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2008-09-26 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2008-09-12 884360]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2008-09-22 25416]
R2 nSvcIp;ForceWare IP service; C:\Program Files\bin32\nSvcIp.exe [2008-01-29 163840]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-08 203296]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2008-04-28 241734]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2008-09-26 606736]
S3 GoogleDesktopManager-092308-165331;Administrador de Google Desktop 5.8.809.23506; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-20 30192]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-11 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2008-09-26 363024]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
merci de bien vouloir me repondre
j ai recu des raports de random's system information tool 1.06 et je voulais savoir la procedure a suivre merci vola le premier message info
info.txt logfile of random's system information tool 1.06 2009-09-12 11:21:09
======Uninstall list======
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0C0A-0000-0000000FF1CE} /uninstall {2CC8520D-6A74-4CCA-9539-8E774E2B50D1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0C0A-0000-0000000FF1CE} /uninstall {2CC8520D-6A74-4CCA-9539-8E774E2B50D1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0C0A-0000-0000000FF1CE} /uninstall {2CC8520D-6A74-4CCA-9539-8E774E2B50D1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0403-0000-0000000FF1CE} /uninstall {A5B6B786-2D6F-4B75-940F-42B32D01D146}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0416-0000-0000000FF1CE} /uninstall {669EB263-0AFE-4FCB-A068-DB082CA6273C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0C0A-0000-0000000FF1CE} /uninstall {35B14BD6-6042-4A55-B326-58309DC8C72A}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0C0A-0000-0000000FF1CE} /uninstall {2CC8520D-6A74-4CCA-9539-8E774E2B50D1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Acer Assist-->C:\Program Files\Acer\Acer Assist\uninstall.exe
Acer eDataSecurity Management-->C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSnstHelper.exe -Operation UNINSTALL
Acer Empowering Technology-->"C:\Program Files\InstallShield Installation Information\{8F1B6239-FEA0-450A-A950-B05276CE177C}\setup.exe" -runfromtemp -l0x000a -removeonly
Acer eRecovery Management-->"C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x000a -removeonly
Acer Registration-->C:\Program Files\Acer\Acer Registration\uninstall.exe
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9 - Español-->MsiExec.exe /I{AC76BA86-7AD7-1034-7B44-A90000000001}
Agatha Christie Peril at End House-->"C:\Program Files\Acer GameZone\Agatha Christie Peril at End House\Uninstall.exe" "C:\Program Files\Acer GameZone\Agatha Christie Peril at End House\install.log"
Alice Greenfingers-->"C:\Program Files\Acer GameZone\Alice Greenfingers\Uninstall.exe" "C:\Program Files\Acer GameZone\Alice Greenfingers\install.log"
Alien Shooter-->"C:\Program Files\Acer GameZone\Alien Shooter\Uninstall.exe" "C:\Program Files\Acer GameZone\Alien Shooter\install.log"
Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
AV Input Selection-->MsiExec.exe /X{F429ED71-4A8B-457A-85E4-F6398CE73E58}
Beetle Junior-->"C:\Program Files\Acer GameZone\Beetle Junior\Uninstall.exe" "C:\Program Files\Acer GameZone\Beetle Junior\install.log"
C:\Program Files\Acer GameZone\GameConsole-->"C:\Program Files\Acer GameZone\GameConsole\unins000.exe"
Cake Mania-->"C:\Program Files\Acer GameZone\Cake Mania\Uninstall.exe" "C:\Program Files\Acer GameZone\Cake Mania\install.log"
Carbonite Online Backup Setup-->"C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /uninstall
Chicken Invaders 2-->"C:\Program Files\Acer GameZone\Chicken Invaders 2\Uninstall.exe" "C:\Program Files\Acer GameZone\Chicken Invaders 2\install.log"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Dream Day First Home-->"C:\Program Files\Acer GameZone\Dream Day First Home\Uninstall.exe" "C:\Program Files\Acer GameZone\Dream Day First Home\install.log"
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
eSobi v2-->C:\Program Files\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x040a
Galapago-->"C:\Program Files\Acer GameZone\Galapago\Uninstall.exe" "C:\Program Files\Acer GameZone\Galapago\install.log"
Galería fotográfica de Windows Live-->MsiExec.exe /X{6389C9DB-495C-4A86-A5E1-D32227A621B6}
Go-Go Gourmet-->"C:\Program Files\Acer GameZone\Go-Go Gourmet\Uninstall.exe" "C:\Program Files\Acer GameZone\Go-Go Gourmet\install.log"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Heroes of Hellas-->"C:\Program Files\Acer GameZone\Heroes of Hellas\Uninstall.exe" "C:\Program Files\Acer GameZone\Heroes of Hellas\install.log"
Herramienta de carga de Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hitman 2: Silent Assassin-->C:\PROGRA~1\EIDOSI~1\HITMAN~1\uninstall.exe
Les Sims™ 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe" -runfromtemp -l0x040c -removeonly
Magic Farm-->"C:\Program Files\Acer GameZone\Magic Farm\Uninstall.exe" "C:\Program Files\Acer GameZone\Magic Farm\install.log"
Magic Match Adventures-->"C:\Program Files\Acer GameZone\Magic Match Adventures\Uninstall.exe" "C:\Program Files\Acer GameZone\Magic Match Adventures\install.log"
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
Microsoft Office Excel MUI (Spanish) 2007-->MsiExec.exe /X{90120000-0016-0C0A-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Spanish) 2007-->MsiExec.exe /X{90120000-00A1-0C0A-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Spanish) 2007-->MsiExec.exe /X{90120000-0018-0C0A-0000-0000000FF1CE}
Microsoft Office Proof (Basque) 2007-->MsiExec.exe /X{90120000-001F-042D-0000-0000000FF1CE}
Microsoft Office Proof (Catalan) 2007-->MsiExec.exe /X{90120000-001F-0403-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Galician) 2007-->MsiExec.exe /X{90120000-001F-0456-0000-0000000FF1CE}
Microsoft Office Proof (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Spanish) 2007-->MsiExec.exe /X{90120000-002C-0C0A-0000-0000000FF1CE}
Microsoft Office Shared MUI (Spanish) 2007-->MsiExec.exe /X{90120000-006E-0C0A-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (Spanish) 2007-->MsiExec.exe /X{90120000-001B-0C0A-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{80DDC39C-8CB5-49de-9748-36C990922110}
Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Messenger 7.0-->MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600820}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Mystery Solitaire - Secret Island-->"C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\install.log"
Mythic Mahjong-->"C:\Program Files\Acer GameZone\Mythic Mahjong\Uninstall.exe" "C:\Program Files\Acer GameZone\Mythic Mahjong\install.log"
NTI Backup Now 5-->C:\Program Files\InstallShield Installation Information\{12EFA1A4-AC3B-443C-8143-237EDE760403}\setup.exe -runfromtemp -l0x040a
NTI Media Maker 8-->C:\Program Files\InstallShield Installation Information\{2413930C-8309-47A6-BC61-5EF27A4222BC}\setup.exe -runfromtemp -l0x040a
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->"C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -runfromtemp -l0x040a -removeonly
NVIDIA ForceWare Network Access Manager-->MsiExec.exe /I{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
PowerDirector (Acer DT)-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
PowerDirector (Acer DT)-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
PowerDVD 7.0 with 5.1ch-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Putt Mania-->"C:\Program Files\Acer GameZone\Putt Mania\Uninstall.exe" "C:\Program Files\Acer GameZone\Putt Mania\install.log"
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
The Rise of Atlantis-->"C:\Program Files\Acer GameZone\The Rise of Atlantis\Uninstall.exe" "C:\Program Files\Acer GameZone\The Rise of Atlantis\install.log"
Tiks Texas Hold em-->"C:\Program Files\Acer GameZone\Tiks Texas Hold em\Uninstall.exe" "C:\Program Files\Acer GameZone\Tiks Texas Hold em\install.log"
Tom Clancy's Splinter Cell Double Agent-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAD1691A-FA24-4B95-9009-3257B8440ECC}\setup.exe" -l0x40c -removeonly
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Windows Live Asistente para el inicio de sesión-->MsiExec.exe /I{861E28A8-099C-4B12-8F51-BE8F2A3D6346}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{D0F1DC40-37A4-4401-AC80-1FCCF01DEAF5}
Windows Live Sync-->MsiExec.exe /X{3F7D70F3-381C-4136-8BBA-358322578EF8}
Womens Murder Club-->"C:\Program Files\Acer GameZone\Womens Murder Club\Uninstall.exe" "C:\Program Files\Acer GameZone\Womens Murder Club\install.log"
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: nadji1
Event Code: 7036
Message: El servicio Instantáneas de volumen entró en estado "detenido".
Record Number: 21410
Source Name: Service Control Manager
Time Written: 20090912155329.000000-000
Event Type: Información
User:
Computer Name: nadji1
Event Code: 33
Message: Se eliminó la instantánea más antigua del volumen C: para que el uso de espacio de disco del volumen de instantáneas C: no sobrepasara el límite definido por el usuario.
Record Number: 21411
Source Name: volsnap
Time Written: 20090912155410.988606-000
Event Type: Información
User:
Computer Name: nadji1
Event Code: 7036
Message: El servicio Proveedor de instantáneas de software de Microsoft entró en estado "detenido".
Record Number: 21412
Source Name: Service Control Manager
Time Written: 20090912155630.000000-000
Event Type: Información
User:
Computer Name: nadji1
Event Code: 7036
Message: El servicio Windows CardSpace entró en estado "detenido".
Record Number: 21413
Source Name: Service Control Manager
Time Written: 20090912161251.000000-000
Event Type: Información
User:
Computer Name: nadji1
Event Code: 1103
Message: Se asignó correctamente una dirección de red al equipo, por lo que ahora puede conectarse con otros equipos.
Record Number: 21414
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20090912161503.000000-000
Event Type: Información
User:
=====Application event log=====
Computer Name: nadji1
Event Code: 9013
Message: No se pudo iniciar el Administrador de ventanas de escritorio. Una aplicación en ejecución deshabilitó la composición
Record Number: 2830
Source Name: Desktop Window Manager
Time Written: 20090912155612.000000-000
Event Type: Información
User:
Computer Name: nadji1
Event Code: 1000
Message: Aplicación con errores set91A5.tmp, versión 11.0.0.28844, marca de hora 0x4250bcf6, módulo con errores set91A5.tmp, versión 11.0.0.28844, marca de tiempo 0x4250bcf6, código de excepción 0xc0000005, desplazamiento con errores 0x0000742e, Id. de proceso 0x1558, hora de inicio de la aplicación 0x01ca33c24fe2bddf.
Record Number: 2831
Source Name: Application Error
Time Written: 20090912160139.000000-000
Event Type: Error
User:
Computer Name: nadji1
Event Code: 1001
Message: Depósito con errores 651737199, tipo 1
Nombre de evento: APPCRASH
Respuesta Ninguno
Id. de archivo CAB: 0
Firma del problema:
P1: set91A5.tmp
P2: 11.0.0.28844
P3: 4250bcf6
P4: set91A5.tmp
P5: 11.0.0.28844
P6: 4250bcf6
P7: c0000005
P8: 0000742e
P9:
P10:
Archivos adjuntos:
C:\Users\nadji\AppData\Local\Temp\WER932B.tmp.version.txt
Es posible que estos archivos estén disponibles aquí:
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report11f6a5a2
Record Number: 2832
Source Name: Windows Error Reporting
Time Written: 20090912160144.000000-000
Event Type: Información
User:
Computer Name: nadji1
Event Code: 518
Message: El servicio Windows CardSpace ha estado inactivo durante algún tiempo. Se cerró para que los recursos estén disponibles para otros programas.
Record Number: 2833
Source Name: CardSpace 3.0.0.0
Time Written: 20090912161251.000000-000
Event Type: Información
User: NT AUTHORITY\SYSTEM
Computer Name: nadji1
Event Code: 0
Message: El servicio se detuvo correctamente.
Record Number: 2834
Source Name: idsvc
Time Written: 20090912161251.000000-000
Event Type: Información
User:
=====Security event log=====
Computer Name: nadji1
Event Code: 5038
Message: Integridad de código determinó que el hash de imagen de un archivo no es válido. El archivo pudo resultar dañado por una modificación no autorizada o el hash no válido podría indicar un posible error de dispositivo de disco.
Nombre de archivo: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4878
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090912162106.915937-000
Event Type: Error de auditoría
User:
Computer Name: nadji1
Event Code: 5038
Message: Integridad de código determinó que el hash de imagen de un archivo no es válido. El archivo pudo resultar dañado por una modificación no autorizada o el hash no válido podría indicar un posible error de dispositivo de disco.
Nombre de archivo: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4879
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090912162107.025143-000
Event Type: Error de auditoría
User:
Computer Name: nadji1
Event Code: 5038
Message: Integridad de código determinó que el hash de imagen de un archivo no es válido. El archivo pudo resultar dañado por una modificación no autorizada o el hash no válido podría indicar un posible error de dispositivo de disco.
Nombre de archivo: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4880
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090912162107.071945-000
Event Type: Error de auditoría
User:
Computer Name: nadji1
Event Code: 5038
Message: Integridad de código determinó que el hash de imagen de un archivo no es válido. El archivo pudo resultar dañado por una modificación no autorizada o el hash no válido podría indicar un posible error de dispositivo de disco.
Nombre de archivo: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4881
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090912162107.103147-000
Event Type: Error de auditoría
User:
Computer Name: nadji1
Event Code: 5038
Message: Integridad de código determinó que el hash de imagen de un archivo no es válido. El archivo pudo resultar dañado por una modificación no autorizada o el hash no válido podría indicar un posible error de dispositivo de disco.
Nombre de archivo: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4882
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090912162107.118748-000
Event Type: Error de auditoría
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Acer\Empowering Technology\eDataSecurity;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 127 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=7f02
"NUMBER_OF_PROCESSORS"=1
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"Pathtem"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Acer\Empowering Technology\eDataSecurity\;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64
"NTIPath"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Acer\Empowering Technology\eDataSecurity\;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\;
-----------------EOF-----------------
et voila le second message log
Logfile of random's system information tool 1.06 (written by random/random)
Run by nadji at 2009-09-12 11:20:50
Microsoft® Windows Vista™ Home Basic Service Pack 1
System drive C: has 102 GB (71%) free of 144 GB
Total RAM: 1790 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:21:07, on 12/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Cyberlink\PowerDVD\PDVDServ.exe
C:\Program Files\Carbonite\CarbonitePreinstaller.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\nadji\Downloads\RSIT.exe
C:\Program Files\trend micro\nadji.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=080a&s=1&o=vb32&d=1006&m=aspire_x1300
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=080a&s=1&o=vb32&d=1006&m=aspire_x1300
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files\McAfee\MSK\MskAPBho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\bin32\nSvcAppFlt.exe
O23 - Service: Administrador de Google Desktop 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\bin32\nSvcIp.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
--
End of file - 8278 bytes
======Scheduled tasks folder======
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - C:\Program Files\McAfee\MSK\MskAPBho.dll [2008-09-22 246088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2008-09-26 58688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-07-29 312880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Aplicación auxiliar de inicio de sesión - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-11 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-11 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-11 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-07-29 142896]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-11 256112]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-20 1008184]
"Acer Empowering Technology Monitor"=C:\Program Files\Acer\Empowering Technology\SysMonitor.exe [2008-10-01 319488]
"EmpoweringTechnology"=C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe [2008-10-01 323584]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-20 30192]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-07-29 526896]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-01-08 68640]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]
"CarboniteSetupLite"=C:\Program Files\Carbonite\CarbonitePreinstaller.exe [2008-10-02 294544]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-03-26 5369856]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-08 13584928]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2008-09-23 641208]
"Acer Product Registration"=C:\Program Files\Acer\Acer Registration\ACE1.exe [2007-11-26 3387392]
"Acer Assist Launcher"=C:\Program Files\Acer\Acer Assist\launcher.exe [2007-11-19 1261568]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-20 1233920]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-05 68856]
"msnmsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-09-04 6856704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5702f6e8-58ad-11db-8a74-806e6f6e6963}]
shell\AutoRun\command - E:\dvdcheck.exe
shell\directx\command - DirectX9\dxsetup.exe
shell\setup\command - E:\setup.exe
======List of files/folders created in the last 1 months======
2009-09-12 11:20:50 ----D---- C:\rsit
2009-09-12 11:20:50 ----D---- C:\Program Files\trend micro
2009-09-12 10:34:11 ----D---- C:\Program Files\MSN Messenger
2009-09-12 10:27:04 ----SHD---- C:\Config.Msi
2009-09-12 10:06:36 ----D---- C:\Program Files\Mozilla Firefox
2009-09-11 22:14:09 ----D---- C:\Program Files\Eidos Interactive
2009-09-11 21:52:26 ----A---- C:\log.txt
2009-09-11 21:49:28 ----SHD---- C:\$RECYCLE.BIN
2009-09-11 21:49:23 ----A---- C:\ComboFix.txt
2009-09-11 21:39:53 ----A---- C:\Windows\zip.exe
2009-09-11 21:39:53 ----A---- C:\Windows\SWXCACLS.exe
2009-09-11 21:39:53 ----A---- C:\Windows\SWSC.exe
2009-09-11 21:39:53 ----A---- C:\Windows\SWREG.exe
2009-09-11 21:39:53 ----A---- C:\Windows\sed.exe
2009-09-11 21:39:53 ----A---- C:\Windows\PEV.exe
2009-09-11 21:39:53 ----A---- C:\Windows\NIRCMD.exe
2009-09-11 21:39:53 ----A---- C:\Windows\grep.exe
2009-09-11 21:39:47 ----D---- C:\Windows\ERDNT
2009-09-11 21:39:32 ----D---- C:\Qoobox
2009-09-11 19:07:18 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2009-09-11 14:02:43 ----D---- C:\Program Files\Real
2009-09-11 14:02:40 ----D---- C:\Program Files\Common Files\Real
2009-09-11 14:02:39 ----D---- C:\ProgramData\Real
2009-09-11 14:02:28 ----D---- C:\Users\nadji\AppData\Roaming\Real
2009-09-11 12:45:49 ----D---- C:\Users\nadji\AppData\Roaming\Skype
2009-09-10 21:13:00 ----D---- C:\Program Files\Skype
2009-09-10 21:12:53 ----D---- C:\ProgramData\Skype
2009-09-10 16:51:56 ----D---- C:\Users\nadji\AppData\Roaming\IDM
2009-09-10 16:51:55 ----D---- C:\Users\nadji\AppData\Roaming\DMCache
2009-09-10 16:51:49 ----D---- C:\Program Files\Internet Download Manager
2009-09-09 18:50:23 ----D---- C:\Program Files\Microsoft Silverlight
2009-09-09 18:49:30 ----D---- C:\Program Files\Microsoft Sync Framework
2009-09-09 16:04:20 ----D---- C:\Users\nadji\AppData\Roaming\LimeWire
2009-09-09 13:44:34 ----D---- C:\Users\nadji\AppData\Roaming\Mozilla
2009-09-09 13:44:34 ----D---- C:\Program Files\AskBarDis
2009-09-09 13:43:43 ----D---- C:\Users\nadji\AppData\Roaming\uTorrent
2009-09-08 22:09:25 ----D---- C:\Users\nadji\AppData\Roaming\GRETECH
2009-09-08 22:03:36 ----D---- C:\Program Files\GRETECH
2009-09-07 17:05:37 ----D---- C:\Users\nadji\AppData\Roaming\CyberLink
2009-09-06 13:50:22 ----D---- C:\ProgramData\Friends Games
2009-09-06 13:41:41 ----D---- C:\ProgramData\SpinTop Games
2009-09-06 11:33:24 ----D---- C:\Users\nadji\AppData\Roaming\Transcend
2009-09-05 21:50:20 ----D---- C:\ProgramData\TERMINAL Studio
2009-09-05 20:24:17 ----D---- C:\ProgramData\Arcade Lab
2009-09-05 20:12:15 ----D---- C:\ProgramData\Go Go Gourmet
2009-09-05 19:41:49 ----D---- C:\ProgramData\Ubisoft
2009-09-05 18:44:36 ----A---- C:\Windows\system32\xactengine2_2.dll
2009-09-05 18:39:58 ----D---- C:\Users\nadji\AppData\Roaming\Flood Light Games
2009-09-05 18:39:58 ----D---- C:\ProgramData\Flood Light Games
2009-09-05 18:30:10 ----D---- C:\Program Files\Ubisoft
2009-09-05 17:45:44 ----A---- C:\Windows\system32\StringLib.dll
2009-09-05 17:45:44 ----A---- C:\Windows\system32\ANIKINFO.exe
2009-09-05 17:45:43 ----D---- C:\Windows\system32\DATA
2009-09-05 17:37:32 ----D---- C:\Program Files\MSXML 4.0
2009-09-05 17:37:28 ----A---- C:\Windows\system32\xinput1_1.dll
2009-09-05 17:37:28 ----A---- C:\Windows\system32\xactengine2_1.dll
2009-09-05 17:37:24 ----A---- C:\Windows\system32\xactengine2_0.dll
2009-09-05 17:37:24 ----A---- C:\Windows\system32\x3daudio1_0.dll
2009-09-05 17:37:24 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-09-05 17:37:23 ----A---- C:\Windows\system32\d3dx9_29.dll
2009-09-05 17:37:23 ----A---- C:\Windows\system32\d3dx9_28.dll
2009-09-05 17:37:23 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-09-05 17:37:23 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-09-05 17:37:23 ----A---- C:\Windows\system32\d3dx9_25.dll
2009-09-05 17:37:22 ----A---- C:\Windows\system32\d3dx9_24.dll
2009-09-05 17:24:15 ----D---- C:\ProgramData\Electronic Arts
2009-09-05 17:19:48 ----A---- C:\Windows\system32\vp6vfw.dll
2009-09-05 17:19:38 ----A---- C:\Windows\system32\d3dx9_31.dll
2009-09-05 17:12:48 ----AD---- C:\ProgramData\TEMP
2009-09-05 17:11:51 ----D---- C:\Program Files\Electronic Arts
2009-09-05 17:04:49 ----D---- C:\Users\nadji\AppData\Roaming\eSobi
2009-09-05 16:27:57 ----D---- C:\Users\nadji\AppData\Roaming\Google
2009-09-05 16:27:35 ----D---- C:\Users\nadji\AppData\Roaming\Adobe
2009-09-05 16:26:18 ----D---- C:\Users\nadji\AppData\Roaming\Leadertech
2009-09-05 16:26:14 ----D---- C:\Users\nadji\AppData\Roaming\Acer
2009-09-05 16:25:58 ----D---- C:\Users\nadji\AppData\Roaming\Macromedia
2009-09-05 16:25:32 ----D---- C:\Users\nadji\AppData\Roaming\Identities
2009-09-05 16:24:24 ----D---- C:\ACERSW
2009-09-05 16:24:08 ----D---- C:\ProgramData\Google
2009-09-05 16:23:52 ----SD---- C:\Users\nadji\AppData\Roaming\Microsoft
2009-09-05 16:23:52 ----D---- C:\Users\nadji\AppData\Roaming\Acer GameZone Console
2009-09-05 16:20:58 ----SHD---- C:\ProgramData\Plantillas
2009-09-05 16:20:58 ----SHD---- C:\ProgramData\Menú Inicio
2009-09-05 16:20:58 ----SHD---- C:\ProgramData\Favoritos
2009-09-05 16:20:58 ----SHD---- C:\ProgramData\Escritorio
2009-09-05 16:20:58 ----SHD---- C:\ProgramData\Documentos
2009-09-05 16:20:58 ----SHD---- C:\ProgramData\Datos de programa
2009-09-05 16:20:58 ----SHD---- C:\Program Files\Archivos comunes
2009-09-05 16:20:58 ----SHD---- C:\Archivos de programa
======List of files/folders modified in the last 1 months======
2009-09-12 11:21:03 ----D---- C:\Windows\Temp
2009-09-12 11:20:50 ----RD---- C:\Program Files
2009-09-12 10:54:11 ----SHD---- C:\System Volume Information
2009-09-12 10:42:38 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-12 10:42:31 ----SHD---- C:\Windows\Installer
2009-09-12 10:42:31 ----SD---- C:\ProgramData\Microsoft
2009-09-12 10:41:20 ----RSD---- C:\Windows\assembly
2009-09-12 10:41:20 ----D---- C:\Windows\winsxs
2009-09-12 10:40:56 ----D---- C:\Windows\inf
2009-09-12 10:38:31 ----RSD---- C:\Windows\Fonts
2009-09-12 10:27:22 ----D---- C:\Program Files\Windows Live
2009-09-12 10:27:05 ----D---- C:\Windows\System32
2009-09-12 10:06:55 ----D---- C:\Windows
2009-09-12 09:49:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-09-12 09:44:45 ----D---- C:\ProgramData
2009-09-11 23:19:08 ----D---- C:\Windows\system32\catroot2
2009-09-11 21:51:39 ----D---- C:\Windows\system32\NDF
2009-09-11 21:49:51 ----D---- C:\Windows\system32\es-ES
2009-09-11 21:48:07 ----A---- C:\Windows\system.ini
2009-09-11 21:44:16 ----D---- C:\Windows\system32\drivers
2009-09-11 21:44:16 ----D---- C:\Windows\AppPatch
2009-09-11 21:44:15 ----D---- C:\Program Files\Common Files
2009-09-11 21:40:14 ----D---- C:\Program Files\Google
2009-09-11 21:29:33 ----D---- C:\ProgramData\McAfee
2009-09-11 21:29:33 ----D---- C:\Program Files\McAfee
2009-09-11 21:18:53 ----D---- C:\Windows\system32\wbem
2009-09-11 21:18:43 ----D---- C:\Windows\system32\Msdtc
2009-09-11 21:17:06 ----D---- C:\Windows\system32\config
2009-09-11 21:16:30 ----D---- C:\Windows\Tasks
2009-09-11 21:16:30 ----D---- C:\Windows\system32\Tasks
2009-09-11 21:16:30 ----D---- C:\Windows\system32\spool
2009-09-11 21:16:30 ----D---- C:\Windows\system32\migration
2009-09-11 21:16:30 ----D---- C:\Windows\system32\manifeststore
2009-09-11 21:16:30 ----D---- C:\Windows\system32\ias
2009-09-11 21:16:30 ----D---- C:\Windows\system32\CodeIntegrity
2009-09-11 21:16:30 ----D---- C:\Windows\rescache
2009-09-11 21:16:29 ----RSD---- C:\Windows\Media
2009-09-11 21:16:29 ----D---- C:\Windows\Microsoft.NET
2009-09-11 21:16:27 ----SD---- C:\Windows\Downloaded Program Files
2009-09-11 21:16:26 ----D---- C:\Program Files\Windows Media Player
2009-09-11 21:16:24 ----D---- C:\Program Files\Microsoft
2009-09-11 21:16:10 ----D---- C:\Program Files\McAfee.com
2009-09-11 21:16:10 ----D---- C:\Program Files\Internet Explorer
2009-09-11 21:16:09 ----D---- C:\Program Files\Common Files\microsoft shared
2009-09-11 21:16:09 ----D---- C:\Program Files\Common Files\McAfee
2009-09-11 21:16:08 ----D---- C:\ACER
2009-09-11 21:16:00 ----D---- C:\Windows\registration
2009-09-11 19:12:59 ----D---- C:\Windows\system32\catroot
2009-09-09 22:45:58 ----D---- C:\Windows\SoftwareDistribution
2009-09-09 16:10:35 ----D---- C:\Windows\system32\WDI
2009-09-09 15:40:59 ----D---- C:\Windows\Prefetch
2009-09-09 13:23:40 ----D---- C:\ProgramData\NVIDIA
2009-09-08 19:24:18 ----D---- C:\Windows\Logs
2009-09-05 17:05:37 ----D---- C:\ProgramData\eSobi
2009-09-05 16:40:51 ----D---- C:\Program Files\Microsoft Games
2009-09-05 16:39:19 ----D---- C:\Program Files\Common Files\InstallShield
2009-09-05 16:25:59 ----D---- C:\Windows\system32\OEM
2009-09-05 16:25:59 ----D---- C:\Windows\Acer_Normal
2009-09-05 16:24:49 ----D---- C:\Program Files\Acer
2009-09-05 16:23:52 ----RD---- C:\Users
2009-09-05 16:20:58 ----D---- C:\Program Files\Windows NT
2009-09-05 16:20:57 ----D---- C:\Windows\Debug
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2008-09-26 212968]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2008-08-26 130424]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-10-01 12832]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-07-29 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-07-29 60464]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-03-26 2103512]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2008-09-26 79272]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2008-09-26 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2008-09-26 40488]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-03-22 43552]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-08 7391712]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-10-12 13312]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-20 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-20 83328]
S3 catchme;catchme; \??\C:\Users\nadji\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Descodificador de audio DRM del kernel de Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-20 5632]
S3 HdAudAddService;Controlador de la función Microsoft 1.1 UAA para el servicio High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2008-09-26 34216]
S3 MSKSSRV;Proxy de servicio de transmisión por secuencias de Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-20 8192]
S3 MSPCLOCK;Proxy del reloj de transmisión por secuencias de Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-20 5888]
S3 MSPQM;Proxy del administrador de calidad de transmisión por secuencias de Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-20 5504]
S3 MSTEE;Convertidor Tee/Sink-to-Sink de transmisión por secuencias de Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-20 6016]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-07-29 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-10-01 24576]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\bin32\nSvcAppFlt.exe [2008-01-29 598016]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-09-23 792184]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-09-12 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2008-09-10 359248]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2008-09-26 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2008-09-12 884360]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2008-09-22 25416]
R2 nSvcIp;ForceWare IP service; C:\Program Files\bin32\nSvcIp.exe [2008-01-29 163840]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-08 203296]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2008-04-28 241734]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2008-09-26 606736]
S3 GoogleDesktopManager-092308-165331;Administrador de Google Desktop 5.8.809.23506; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-20 30192]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-11 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2008-09-26 363024]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
merci de bien vouloir me repondre
Configuration: Windows Vista Firefox 3.5.3
A voir également:
- Raports log et info de rsi 1.06
- Info - Guide
- Crystal disk info - Télécharger - Informations & Diagnostic
- Info pc - Guide
- Wifi info view - Télécharger - Divers Réseau & Wi-Fi
- Getting package info failed en français - Forum Huawei
1 réponse
Bonjour
Continue sur cette discussion : https://forums.commentcamarche.net/forum/affich-14351481-raport-combofix#p14352216
Continue sur cette discussion : https://forums.commentcamarche.net/forum/affich-14351481-raport-combofix#p14352216
