Renos.js
Dernière réponse : dans Sécurité
Bonjour. Un virus apparait toutes les 10 minutes sur mon pc, le Renos.JS
pourtant je le supprime à chaque fois grace à mon antivirus, mais rien n'y fait. Pouvez-vous m'aider s'il vous plait?
pourtant je le supprime à chaque fois grace à mon antivirus, mais rien n'y fait. Pouvez-vous m'aider s'il vous plait?
Autres pages sur : renos
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
Clique sur Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Samuel at 2009-10-20 17:46:48
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 255 GB (86%) free of 295 GB
Total RAM: 3066 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:46:59, on 20/10/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Users\Samuel\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\Explorer.EXE
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conime.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Samuel\Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Samuel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=v...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=v...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=v...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\partner.exe
--
End of file - 8618 bytes
======Scheduled tasks folder======
C:\Windows\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
C:\Windows\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\partner.dll [2009-10-01 157168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-03 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-13 762864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-10-03 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-02 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-03 256112]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-01-21 156968]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2009-01-21 202024]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-06-02 98304]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-02-19 6793760]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-02-19 1833504]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-09-17 200704]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2009-02-24 204800]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-06-25 1069576]
"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2009-06-23 440864]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-12-26 173288]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-10-01 30192]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-02 149280]
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2009-09-13 1048392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-01 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{625b8c15-ba75-11de-9379-001f16cb84ee}]
shell\AutoRun\command - E:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6a054a10-bae2-11de-a434-001f16cb84ee}]
shell\AutoRun\command - F:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7769501f-a349-11de-9c96-806e6f6e6963}]
shell\AutoRun\command - D:\Launch.exe
======List of files/folders created in the last 1 months======
2009-10-20 17:46:48 ----D---- C:\rsit
2009-10-20 17:46:48 ----D---- C:\Program Files\trend micro
2009-10-20 17:28:59 ----D---- C:\Program Files\ASIO4ALL v2
2009-10-20 17:25:24 ----SHD---- C:\Config.Msi
2009-10-20 17:23:00 ----D---- C:\ProgramData\PC Drivers HeadQuarters
2009-10-20 16:37:41 ----D---- C:\Program Files\Phrazor
2009-10-17 22:50:08 ----A---- C:\Windows\msa.exe
2009-10-17 22:49:57 ----A---- C:\Windows\system32\msxml71.dll
2009-10-17 20:42:29 ----RHD---- C:\Users\Samuel\AppData\Roaming\SecuROM
2009-10-17 20:01:48 ----D---- C:\ProgramData\DAEMON Tools Lite
2009-10-17 20:01:46 ----D---- C:\Program Files\DAEMON Tools Toolbar
2009-10-17 20:01:41 ----D---- C:\Program Files\DAEMON Tools Lite
2009-10-17 20:01:20 ----D---- C:\Users\Samuel\AppData\Roaming\DAEMON Tools Lite
2009-10-16 18:55:10 ----D---- C:\Program Files\Alcohol Soft
2009-10-16 00:25:03 ----D---- C:\ProgramData\MumboJumbo
2009-10-16 00:24:12 ----SHD---- C:\Users\Samuel\AppData\Roaming\.#
2009-10-14 22:18:36 ----D---- C:\Users\Samuel\AppData\Roaming\Audacity
2009-10-14 22:18:22 ----D---- C:\Program Files\Audacity 1.3 Beta (Unicode)
2009-10-14 18:54:01 ----D---- C:\Program Files\VstPlugins
2009-10-14 18:40:13 ----D---- C:\Users\Samuel\AppData\Roaming\Ableton
2009-10-14 18:40:01 ----A---- C:\Windows\system32\gdiplus.dll
2009-10-12 22:05:57 ----D---- C:\ProgramData\DAEMON Tools Pro
2009-10-10 13:04:06 ----D---- C:\Users\Samuel\AppData\Roaming\DAEMON Tools Pro
2009-10-09 19:36:40 ----A---- C:\Windows\system32\infocardapi.dll
2009-10-09 19:36:39 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-10-09 19:36:38 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-10-09 19:36:38 ----A---- C:\Windows\system32\icardres.dll
2009-10-09 19:36:38 ----A---- C:\Windows\system32\icardagt.exe
2009-10-09 19:36:36 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-10-09 19:36:32 ----A---- C:\Windows\system32\PresentationHost.exe
2009-10-09 19:28:44 ----A---- C:\Windows\system32\xinput1_3.dll
2009-10-09 19:28:44 ----A---- C:\Windows\system32\xactengine2_7.dll
2009-10-09 19:28:44 ----A---- C:\Windows\system32\d3dx9_33.dll
2009-10-09 19:28:43 ----A---- C:\Windows\system32\xactengine2_6.dll
2009-10-09 19:28:43 ----A---- C:\Windows\system32\xactengine2_5.dll
2009-10-09 19:28:42 ----A---- C:\Windows\system32\xactengine2_4.dll
2009-10-09 19:28:42 ----A---- C:\Windows\system32\x3daudio1_1.dll
2009-10-09 19:28:41 ----A---- C:\Windows\system32\xinput1_2.dll
2009-10-09 19:28:41 ----A---- C:\Windows\system32\xactengine2_3.dll
2009-10-09 19:28:41 ----A---- C:\Windows\system32\d3dx9_31.dll
2009-10-09 19:28:40 ----A---- C:\Windows\system32\xactengine2_2.dll
2009-10-09 19:26:23 ----D---- C:\ProgramData\WindowsSearch
2009-10-09 19:24:26 ----D---- C:\Program Files\Eidos
2009-10-09 19:20:16 ----D---- C:\Program Files\7-Zip
2009-10-07 17:47:16 ----D---- C:\Program Files\Ask.com
2009-10-07 17:45:56 ----D---- C:\Program Files\uTorrent
2009-10-07 17:44:29 ----D---- C:\Users\Samuel\AppData\Roaming\uTorrent
2009-10-07 17:42:39 ----A---- C:\Windows\MegaManager.INI
2009-10-06 18:16:02 ----D---- C:\Users\Samuel\AppData\Roaming\Auslogics
2009-10-06 18:10:20 ----D---- C:\Program Files\Auslogics
2009-10-06 17:41:12 ----D---- C:\Users\Samuel\AppData\Roaming\JkDefragStarter
2009-10-06 17:13:42 ----D---- C:\Users\Samuel\AppData\Roaming\WinRAR
2009-10-06 17:13:21 ----D---- C:\Program Files\WinRAR
2009-10-03 18:31:43 ----D---- C:\Users\Samuel\AppData\Roaming\InstallShield
2009-10-03 00:55:14 ----N---- C:\Windows\system32\MpSigStub.exe
2009-10-03 00:48:33 ----D---- C:\Program Files\Microsoft Security Essentials
2009-10-03 00:37:21 ----A---- C:\Windows\system32\dfshim.dll
2009-10-03 00:37:16 ----A---- C:\Windows\system32\mscoree.dll
2009-10-03 00:37:15 ----A---- C:\Windows\system32\netfxperf.dll
2009-10-03 00:36:56 ----A---- C:\Windows\system32\mscorier.dll
2009-10-03 00:36:49 ----A---- C:\Windows\system32\mscories.dll
2009-10-03 00:15:33 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-10-03 00:15:31 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-10-02 23:55:49 ----A---- C:\Windows\system32\wups2.dll
2009-10-02 23:55:49 ----A---- C:\Windows\system32\wucltux.dll
2009-10-02 23:55:49 ----A---- C:\Windows\system32\wuauclt.exe
2009-10-02 23:55:48 ----A---- C:\Windows\system32\wuaueng.dll
2009-10-02 23:55:34 ----A---- C:\Windows\system32\wups.dll
2009-10-02 23:55:34 ----A---- C:\Windows\system32\wudriver.dll
2009-10-02 23:55:33 ----A---- C:\Windows\system32\wuapi.dll
2009-10-02 23:55:27 ----A---- C:\Windows\system32\wuwebv.dll
2009-10-02 23:55:27 ----A---- C:\Windows\system32\wuapp.exe
2009-10-02 19:18:11 ----A---- C:\Windows\system32\xinput1_1.dll
2009-10-02 19:18:11 ----A---- C:\Windows\system32\xactengine2_1.dll
2009-10-02 19:18:04 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-10-02 19:18:03 ----A---- C:\Windows\system32\xactengine2_0.dll
2009-10-02 19:18:03 ----A---- C:\Windows\system32\x3daudio1_0.dll
2009-10-02 19:18:03 ----A---- C:\Windows\system32\d3dx9_29.dll
2009-10-02 19:17:54 ----A---- C:\Windows\system32\d3dx9_28.dll
2009-10-02 19:17:53 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-10-02 19:17:53 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-10-02 19:17:52 ----A---- C:\Windows\system32\d3dx9_25.dll
2009-10-02 19:17:52 ----A---- C:\Windows\system32\d3dx9_24.dll
2009-10-02 18:57:22 ----D---- C:\Program Files\SEGA
2009-10-02 01:22:39 ----A---- C:\Windows\system32\javaws.exe
2009-10-02 01:22:39 ----A---- C:\Windows\system32\javaw.exe
2009-10-02 01:22:39 ----A---- C:\Windows\system32\java.exe
2009-10-02 01:22:39 ----A---- C:\Windows\system32\deploytk.dll
2009-10-02 01:22:19 ----D---- C:\Program Files\Java
2009-10-01 23:58:05 ----D---- C:\Users\Samuel\AppData\Roaming\vlc
2009-10-01 23:55:57 ----D---- C:\Program Files\VideoLAN
2009-10-01 18:41:38 ----D---- C:\Users\Samuel\AppData\Roaming\Adobe
2009-10-01 18:00:08 ----D---- C:\Users\Samuel\AppData\Roaming\eSobi
2009-10-01 17:54:34 ----D---- C:\Program Files\Common Files\DESIGNER
2009-10-01 17:47:54 ----D---- C:\Users\Samuel\AppData\Roaming\ATI
2009-10-01 17:47:38 ----D---- C:\Users\Samuel\AppData\Roaming\PowerCinema
2009-10-01 17:47:00 ----D---- C:\ProgramData\EgisTec
2009-10-01 17:46:51 ----D---- C:\Users\Samuel\AppData\Roaming\Macromedia
2009-10-01 17:46:18 ----D---- C:\Users\Samuel\AppData\Roaming\Identities
2009-10-01 17:46:13 ----D---- C:\Users\Samuel\AppData\Roaming\Google
2009-10-01 17:46:11 ----D---- C:\ProgramData\Partner
2009-10-01 17:46:09 ----D---- C:\ProgramData\Google
2009-10-01 17:46:00 ----D---- C:\Program Files\Google
2009-10-01 17:45:28 ----SD---- C:\Users\Samuel\AppData\Roaming\Microsoft
2009-10-01 17:45:28 ----D---- C:\Users\Samuel\AppData\Roaming\Media Center Programs
2009-10-01 17:45:28 ----D---- C:\Users\Samuel\AppData\Roaming\Acer GameZone Console
2009-10-01 17:45:09 ----SHD---- C:\ProgramData\Modèles
2009-10-01 17:45:09 ----SHD---- C:\ProgramData\Menu Démarrer
2009-10-01 17:45:09 ----SHD---- C:\ProgramData\Favoris
2009-10-01 17:45:09 ----SHD---- C:\ProgramData\Documents
2009-10-01 17:45:09 ----SHD---- C:\ProgramData\Bureau
2009-10-01 17:45:09 ----SHD---- C:\ProgramData\Application Data
2009-10-01 17:45:09 ----SHD---- C:\Program Files\Fichiers communs
2009-10-01 17:45:08 ----SHD---- C:\Documents and Settings
======List of files/folders modified in the last 1 months======
2009-10-20 17:46:48 ----RD---- C:\Program Files
2009-10-20 17:46:38 ----D---- C:\Windows\Temp
2009-10-20 17:25:26 ----SHD---- C:\Windows\Installer
2009-10-20 17:23:20 ----RSD---- C:\Windows\assembly
2009-10-20 17:23:00 ----HD---- C:\ProgramData
2009-10-20 17:00:01 ----D---- C:\Windows\Tasks
2009-10-20 16:38:06 ----D---- C:\Windows\Prefetch
2009-10-19 13:17:21 ----D---- C:\Windows\System32
2009-10-19 13:17:21 ----D---- C:\Windows\inf
2009-10-19 13:17:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-10-18 12:42:40 ----D---- C:\Windows\Microsoft.NET
2009-10-18 09:21:44 ----D---- C:\Windows\system32\Tasks
2009-10-17 22:50:08 ----D---- C:\Windows
2009-10-17 22:32:37 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-17 08:02:10 ----D---- C:\Windows\system32\WDI
2009-10-16 00:30:01 ----AD---- C:\ProgramData\Temp
2009-10-12 22:20:46 ----D---- C:\Windows\rescache
2009-10-12 22:03:33 ----D---- C:\Windows\system32\fr-FR
2009-10-10 13:04:07 ----D---- C:\Windows\system32\drivers
2009-10-09 19:45:19 ----D---- C:\Windows\winsxs
2009-10-09 19:45:11 ----D---- C:\Windows\system32\catroot2
2009-10-09 19:45:11 ----D---- C:\Windows\system32\catroot
2009-10-09 19:40:13 ----D---- C:\Windows\system32\XPSViewer
2009-10-09 19:40:13 ----D---- C:\Windows\system32\wbem
2009-10-09 19:40:13 ----D---- C:\Windows\system32\en-US
2009-10-06 18:25:23 ----D---- C:\Windows\Debug
2009-10-06 18:10:57 ----D---- C:\Program Files\Common Files
2009-10-06 18:10:56 ----D---- C:\Windows\Help
2009-10-03 18:40:33 ----SHD---- C:\System Volume Information
2009-10-03 01:28:40 ----D---- C:\Program Files\NewTech Infosystems
2009-10-03 01:24:45 ----D---- C:\Program Files\Acer
2009-10-03 01:16:39 ----D---- C:\ProgramData\McAfee
2009-10-03 00:57:15 ----D---- C:\Windows\AppPatch
2009-10-03 00:48:38 ----SD---- C:\ProgramData\Microsoft
2009-10-03 00:36:14 ----D---- C:\Windows\SoftwareDistribution
2009-10-03 00:35:40 ----D---- C:\Windows\ehome
2009-10-02 20:35:16 ----D---- C:\Windows\Logs
2009-10-01 18:09:17 ----D---- C:\ProgramData\Microsoft Help
2009-10-01 18:00:23 ----D---- C:\ProgramData\eSobi
2009-10-01 17:55:10 ----D---- C:\Program Files\Common Files\microsoft shared
2009-10-01 17:54:44 ----D---- C:\Program Files\Microsoft Works
2009-10-01 17:54:22 ----RSD---- C:\Windows\Fonts
2009-10-01 17:52:34 ----D---- C:\Windows\system32\NDF
2009-10-01 17:52:07 ----D---- C:\Windows\ShellNew
2009-10-01 17:49:00 ----D---- C:\Elements
2009-10-01 17:46:43 ----SHD---- C:\$RECYCLE.BIN
2009-10-01 17:46:11 ----D---- C:\Acer
2009-10-01 17:45:27 ----RD---- C:\Users
2009-10-01 17:45:09 ----D---- C:\Program Files\Windows NT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2009-06-18 142832]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-01 1202560]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-02-23 195120]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-03-30 1124864]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-06-03 4934144]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-02-19 2323680]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2008-09-04 223232]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2009-06-18 42480]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\Drivers\NTIDrvr.sys [2009-03-26 15360]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-11-12 154272]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 atk0ogbz;atk0ogbz; C:\Windows\system32\drivers\atk0ogbz.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-21 30720]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-06-03 176128]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-12-18 75048]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-06-23 707104]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MsMpSvc;@c:\Program Files\Microsoft Security Essentials\MpAsDesc.dll,-241; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-07-02 17904]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-10-01 30192]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-03 182768]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Partner Service;Partner Service; C:\ProgramData\Partner\partner.exe [2009-10-01 110576]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-10-20 17:47:00
======Uninstall list======
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\Setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\Setup.exe" -uninstall
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
7-Zip 9.07 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
Acer Arcade Deluxe-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall
Acer Arcade Deluxe-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall
Acer Crystal Eye webcam Ver:1.1.74.216-->C:\Program Files\InstallShield Installation Information\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}\setup.exe -runfromtemp -l0x040c -removeonly
Acer eRecovery Management-->"C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x040c -removeonly
Acer GridVista-->C:\Windows\GVUni.exe GridV.UNI
Acer PowerSmart Manager-->"C:\Program Files\InstallShield Installation Information\{3DB0448D-AD82-4923-B305-D001E521A964}\setup.exe" -runfromtemp -l0x040c -removeonly
Acer ScreenSaver-->C:\Windows\Screensavers\Acer\Uninstall.exe
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Agere Systems HDA Modem-->agrsmdel
Airport Mania First Flight-->"C:\Program Files\Acer GameZone\Airport Mania First Flight\Uninstall.exe" "C:\Program Files\Acer GameZone\Airport Mania First Flight\install.log"
ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
Audacity 1.3.9 (Unicode)-->"C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"
Auslogics Disk Defrag-->"C:\Program Files\Auslogics\Auslogics Disk Defrag\unins000.exe"
Broadcom Gigabit NetLink Controller-->MsiExec.exe /X{9AF0B106-56F1-461B-A270-95BC1682E282}
C:\Program Files\Acer GameZone\GameConsole-->"C:\Program Files\Acer GameZone\GameConsole\unins000.exe"
Cake Mania 2-->"C:\Program Files\Acer GameZone\Cake Mania 2\Uninstall.exe" "C:\Program Files\Acer GameZone\Cake Mania 2\install.log"
Catalyst Control Center - Branding-->MsiExec.exe /I{51B83F5C-5660-4B73-AB18-C68993FEDEB3}
Championship Manager L'Entraîneur 2010 (Données Patch de septembre)-->"C:\Program Files\InstallShield Installation Information\{14592A8E-4DA6-4338-A9D5-E16449647EC3}\setup.exe" -runfromtemp -l0x040c -removeonly
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Cooking Dash-->"C:\Program Files\Acer GameZone\Cooking Dash\Uninstall.exe" "C:\Program Files\Acer GameZone\Cooking Dash\install.log"
Cradle of Rome-->"C:\Program Files\Acer GameZone\Cradle of Rome\Uninstall.exe" "C:\Program Files\Acer GameZone\Cradle of Rome\install.log"
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Dairy Dash-->"C:\Program Files\Acer GameZone\Dairy Dash\Uninstall.exe" "C:\Program Files\Acer GameZone\Dairy Dash\install.log"
Dream Day Honeymoon-->"C:\Program Files\Acer GameZone\Dream Day Honeymoon\Uninstall.exe" "C:\Program Files\Acer GameZone\Dream Day Honeymoon\install.log"
Dream Day Wedding-->"C:\Program Files\Acer GameZone\Dream Day Wedding\Uninstall.exe" "C:\Program Files\Acer GameZone\Dream Day Wedding\install.log"
eSobi v2-->C:\Program Files\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x040c
Galapago-->"C:\Program Files\Acer GameZone\Galapago\Uninstall.exe" "C:\Program Files\Acer GameZone\Galapago\install.log"
Galerie de photos Windows Live-->MsiExec.exe /X{43563ACB-371B-4C58-8979-B192B390424C}
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Jewel Quest Solitaire-->"C:\Program Files\Acer GameZone\Jewel Quest Solitaire\Uninstall.exe" "C:\Program Files\Acer GameZone\Jewel Quest Solitaire\install.log"
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
Launch Manager-->C:\Windows\UNINST32.EXE LManager.UNI
L'Entraîneur 2010-->"C:\Program Files\InstallShield Installation Information\{5CA7899B-FFEC-4254-A05B-448420831F37}\setup.exe" -runfromtemp -l0x040c -removeonly
Luxor 2-->"C:\Program Files\Acer GameZone\Luxor 2\Uninstall.exe" "C:\Program Files\Acer GameZone\Luxor 2\install.log"
Mahjong Escape Ancient China-->"C:\Program Files\Acer GameZone\Mahjong Escape Ancient China\Uninstall.exe" "C:\Program Files\Acer GameZone\Mahjong Escape Ancient China\install.log"
Medieval II Total War-->C:\Program Files\InstallShield Installation Information\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}\Setup.exe -runfromtemp -l0x040c -removeonly
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Antimalware Service FR-FR Language Pack-->MsiExec.exe /X{A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}
Microsoft Antimalware-->MsiExec.exe /X{A0A77CDC-2419-4D5C-AD2C-E09E5926B806}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Essentials\setup.exe /x
Microsoft Security Essentials-->MsiExec.exe /I{48B3FB4D-CE22-488C-8E9F-24EBB77EAC0F}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Works-->MsiExec.exe /I{0214A441-A4AB-43A8-8DEF-2F73C5364673}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NTI Backup Now 5-->C:\Program Files\InstallShield Installation Information\{12EFA1A4-AC3B-443C-8143-237EDE760403}\setup.exe -runfromtemp -l0x040c
NTI Media Maker 8-->C:\Program Files\InstallShield Installation Information\{2413930C-8309-47A6-BC61-5EF27A4222BC}\setup.exe -runfromtemp -l0x040c
Ocean Express-->"C:\Program Files\Acer GameZone\Ocean Express\Uninstall.exe" "C:\Program Files\Acer GameZone\Ocean Express\install.log"
Orion-->MsiExec.exe /X{5B63A470-9334-44D1-AF61-6CE2DB565AE9}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Parking Dash-->"C:\Program Files\Acer GameZone\Parking Dash\Uninstall.exe" "C:\Program Files\Acer GameZone\Parking Dash\install.log"
Puzzle Express-->"C:\Program Files\Acer GameZone\Puzzle Express\Uninstall.exe" "C:\Program Files\Acer GameZone\Puzzle Express\install.log"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek USB 2.0 Card Reader-->C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\Setup.exe -runfromtemp -l0x0009 -removeonly
Tradewinds 2-->"C:\Program Files\Acer GameZone\Tradewinds 2\Uninstall.exe" "C:\Program Files\Acer GameZone\Tradewinds 2\install.log"
Tri-Peaks Solitaire To Go-->"C:\Program Files\Acer GameZone\Tri-Peaks Solitaire To Go\Uninstall.exe" "C:\Program Files\Acer GameZone\Tri-Peaks Solitaire To Go\install.log"
Turbo Pizza-->"C:\Program Files\Acer GameZone\Turbo Pizza\Uninstall.exe" "C:\Program Files\Acer GameZone\Turbo Pizza\install.log"
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
VLC media player 1.0.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Wedding Dash-->"C:\Program Files\Acer GameZone\Wedding Dash\Uninstall.exe" "C:\Program Files\Acer GameZone\Wedding Dash\install.log"
Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Zuma Deluxe-->"C:\Program Files\Acer GameZone\Zuma Deluxe\Uninstall.exe" "C:\Program Files\Acer GameZone\Zuma Deluxe\install.log"
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: PC-de-Samuel
Event Code: 134
Message: NtpClient n'a pas pu définir d'homologue manuel à utiliser comme source de temps en raison d'une erreur de résolution DNS sur " time.windows.com,0x9 ". NtpClient réessaiera dans 15 minutes, et à nouveau une fois le double de l'intervalle de nouvelle tentative écoulé. L'erreur était : Hôte inconnu. (0x80072AF9)
Record Number: 36925
Source Name: Microsoft-Windows-Time-Service
Time Written: 20091020061904.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Samuel
Event Code: 134
Message: NtpClient n'a pas pu définir d'homologue manuel à utiliser comme source de temps en raison d'une erreur de résolution DNS sur " time.windows.com,0x9 ". NtpClient réessaiera dans 15 minutes, et à nouveau une fois le double de l'intervalle de nouvelle tentative écoulé. L'erreur était : Hôte inconnu. (0x80072AF9)
Record Number: 36926
Source Name: Microsoft-Windows-Time-Service
Time Written: 20091020061906.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Samuel
Event Code: 134
Message: NtpClient n'a pas pu définir d'homologue manuel à utiliser comme source de temps en raison d'une erreur de résolution DNS sur " time.windows.com,0x9 ". NtpClient réessaiera dans 15 minutes, et à nouveau une fois le double de l'intervalle de nouvelle tentative écoulé. L'erreur était : Hôte inconnu. (0x80072AF9)
Record Number: 36928
Source Name: Microsoft-Windows-Time-Service
Time Written: 20091020141324.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Samuel
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 36939
Source Name: Tcpip
Time Written: 20091020143430.219000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Samuel
Event Code: 1006
Message: Microsoft Antimalware a détecté un logiciel espion ou un autre logiciel potentiellement indésirable.
Pour plus d'informations, consultez les informations suivantes :
http://go.microsoft.com/fwlink/?linkid=37020&name=Troja...
Nom : TrojanDownloader:Win32/Renos.JS
ID : 2147628360
Gravité : Élevé
Catégorie : Cheval de Troie téléchargeur
Chemin d'accès : process![:p]( ":p")
id:1444
Origine de la détection : Inconnu
Type de détection : Concret
Source de la détection : Protection en temps réel
État : En cours d'exécution
Utilisateur : Unknown\Unknown
Nom du processus : Unknown
Version de la signature : AV: 1.67.916.0, AS: 1.67.916.0
Version du moteur : 1.1.5101.0
Record Number: 36942
Source Name: Microsoft Antimalware
Time Written: 20091020150129.000000-000
Event Type: Avertissement
User:
=====Application event log=====
Computer Name: PC-de-Samuel
Event Code: 1002
Message: Le programme Explorer.EXE version 6.0.6001.18164 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : ba0 Heure de début : 01ca4fd5830cd63b Heure de fin : 47971
Record Number: 2352
Source Name: Application Hang
Time Written: 20091018095348.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Samuel
Event Code: 1002
Message: Le programme daemon.exe version 4.30.4.27 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 938 Heure de début : 01ca4fd9eb9e328b Heure de fin : 21398
Record Number: 2353
Source Name: Application Hang
Time Written: 20091018100323.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Samuel
Event Code: 1015
Message: L'ID événement 3013 du service Windows Search a été supprimé 7 fois depuis 11:31:00. Cet événement est utilisé pour supprimer les événements du service Windows Search qui se sont produits fréquemment dans une courte période. Voir l'ID événement 3013 pour plus de détails sur cet événement.
Record Number: 2354
Source Name: Microsoft-Windows-Search
Time Written: 20091018100403.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Samuel
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 2377
Source Name: Microsoft-Windows-WMI
Time Written: 20091019111238.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Samuel
Event Code: 1002
Message: Le programme Explorer.EXE version 6.0.6001.18164 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : ae0 Heure de début : 01ca50ace5f5b1a3 Heure de fin : 0
Record Number: 2383
Source Name: Application Hang
Time Written: 20091020143108.000000-000
Event Type: Erreur
User:
=====Security event log=====
Computer Name: PC-de-Samuel
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4271
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091020154658.290000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Samuel
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4272
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091020154658.335000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Samuel
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4273
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091020154658.382000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Samuel
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4274
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091020154658.437000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Samuel
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4275
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091020154658.484000-000
Event Type: Échec de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\PROGRA~1\DISKEE~1\DISKEE~1\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"Pathtem"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"NTIPath"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\;
-----------------EOF-----------------
Run by Samuel at 2009-10-20 17:46:48
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 255 GB (86%) free of 295 GB
Total RAM: 3066 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:46:59, on 20/10/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Users\Samuel\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\Explorer.EXE
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conime.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samuel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Samuel\Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Samuel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=v...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=v...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=v...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\partner.exe
--
End of file - 8618 bytes
======Scheduled tasks folder======
C:\Windows\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
C:\Windows\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\partner.dll [2009-10-01 157168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-03 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-13 762864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-10-03 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-02 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-03 256112]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-01-21 156968]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2009-01-21 202024]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-06-02 98304]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-02-19 6793760]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-02-19 1833504]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-09-17 200704]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2009-02-24 204800]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-06-25 1069576]
"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2009-06-23 440864]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-12-26 173288]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-10-01 30192]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-02 149280]
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2009-09-13 1048392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-01 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{625b8c15-ba75-11de-9379-001f16cb84ee}]
shell\AutoRun\command - E:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6a054a10-bae2-11de-a434-001f16cb84ee}]
shell\AutoRun\command - F:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7769501f-a349-11de-9c96-806e6f6e6963}]
shell\AutoRun\command - D:\Launch.exe
======List of files/folders created in the last 1 months======
2009-10-20 17:46:48 ----D---- C:\rsit
2009-10-20 17:46:48 ----D---- C:\Program Files\trend micro
2009-10-20 17:28:59 ----D---- C:\Program Files\ASIO4ALL v2
2009-10-20 17:25:24 ----SHD---- C:\Config.Msi
2009-10-20 17:23:00 ----D---- C:\ProgramData\PC Drivers HeadQuarters
2009-10-20 16:37:41 ----D---- C:\Program Files\Phrazor
2009-10-17 22:50:08 ----A---- C:\Windows\msa.exe
2009-10-17 22:49:57 ----A---- C:\Windows\system32\msxml71.dll
2009-10-17 20:42:29 ----RHD---- C:\Users\Samuel\AppData\Roaming\SecuROM
2009-10-17 20:01:48 ----D---- C:\ProgramData\DAEMON Tools Lite
2009-10-17 20:01:46 ----D---- C:\Program Files\DAEMON Tools Toolbar
2009-10-17 20:01:41 ----D---- C:\Program Files\DAEMON Tools Lite
2009-10-17 20:01:20 ----D---- C:\Users\Samuel\AppData\Roaming\DAEMON Tools Lite
2009-10-16 18:55:10 ----D---- C:\Program Files\Alcohol Soft
2009-10-16 00:25:03 ----D---- C:\ProgramData\MumboJumbo
2009-10-16 00:24:12 ----SHD---- C:\Users\Samuel\AppData\Roaming\.#
2009-10-14 22:18:36 ----D---- C:\Users\Samuel\AppData\Roaming\Audacity
2009-10-14 22:18:22 ----D---- C:\Program Files\Audacity 1.3 Beta (Unicode)
2009-10-14 18:54:01 ----D---- C:\Program Files\VstPlugins
2009-10-14 18:40:13 ----D---- C:\Users\Samuel\AppData\Roaming\Ableton
2009-10-14 18:40:01 ----A---- C:\Windows\system32\gdiplus.dll
2009-10-12 22:05:57 ----D---- C:\ProgramData\DAEMON Tools Pro
2009-10-10 13:04:06 ----D---- C:\Users\Samuel\AppData\Roaming\DAEMON Tools Pro
2009-10-09 19:36:40 ----A---- C:\Windows\system32\infocardapi.dll
2009-10-09 19:36:39 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-10-09 19:36:38 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-10-09 19:36:38 ----A---- C:\Windows\system32\icardres.dll
2009-10-09 19:36:38 ----A---- C:\Windows\system32\icardagt.exe
2009-10-09 19:36:36 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-10-09 19:36:32 ----A---- C:\Windows\system32\PresentationHost.exe
2009-10-09 19:28:44 ----A---- C:\Windows\system32\xinput1_3.dll
2009-10-09 19:28:44 ----A---- C:\Windows\system32\xactengine2_7.dll
2009-10-09 19:28:44 ----A---- C:\Windows\system32\d3dx9_33.dll
2009-10-09 19:28:43 ----A---- C:\Windows\system32\xactengine2_6.dll
2009-10-09 19:28:43 ----A---- C:\Windows\system32\xactengine2_5.dll
2009-10-09 19:28:42 ----A---- C:\Windows\system32\xactengine2_4.dll
2009-10-09 19:28:42 ----A---- C:\Windows\system32\x3daudio1_1.dll
2009-10-09 19:28:41 ----A---- C:\Windows\system32\xinput1_2.dll
2009-10-09 19:28:41 ----A---- C:\Windows\system32\xactengine2_3.dll
2009-10-09 19:28:41 ----A---- C:\Windows\system32\d3dx9_31.dll
2009-10-09 19:28:40 ----A---- C:\Windows\system32\xactengine2_2.dll
2009-10-09 19:26:23 ----D---- C:\ProgramData\WindowsSearch
2009-10-09 19:24:26 ----D---- C:\Program Files\Eidos
2009-10-09 19:20:16 ----D---- C:\Program Files\7-Zip
2009-10-07 17:47:16 ----D---- C:\Program Files\Ask.com
2009-10-07 17:45:56 ----D---- C:\Program Files\uTorrent
2009-10-07 17:44:29 ----D---- C:\Users\Samuel\AppData\Roaming\uTorrent
2009-10-07 17:42:39 ----A---- C:\Windows\MegaManager.INI
2009-10-06 18:16:02 ----D---- C:\Users\Samuel\AppData\Roaming\Auslogics
2009-10-06 18:10:20 ----D---- C:\Program Files\Auslogics
2009-10-06 17:41:12 ----D---- C:\Users\Samuel\AppData\Roaming\JkDefragStarter
2009-10-06 17:13:42 ----D---- C:\Users\Samuel\AppData\Roaming\WinRAR
2009-10-06 17:13:21 ----D---- C:\Program Files\WinRAR
2009-10-03 18:31:43 ----D---- C:\Users\Samuel\AppData\Roaming\InstallShield
2009-10-03 00:55:14 ----N---- C:\Windows\system32\MpSigStub.exe
2009-10-03 00:48:33 ----D---- C:\Program Files\Microsoft Security Essentials
2009-10-03 00:37:21 ----A---- C:\Windows\system32\dfshim.dll
2009-10-03 00:37:16 ----A---- C:\Windows\system32\mscoree.dll
2009-10-03 00:37:15 ----A---- C:\Windows\system32\netfxperf.dll
2009-10-03 00:36:56 ----A---- C:\Windows\system32\mscorier.dll
2009-10-03 00:36:49 ----A---- C:\Windows\system32\mscories.dll
2009-10-03 00:15:33 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-10-03 00:15:31 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-10-02 23:55:49 ----A---- C:\Windows\system32\wups2.dll
2009-10-02 23:55:49 ----A---- C:\Windows\system32\wucltux.dll
2009-10-02 23:55:49 ----A---- C:\Windows\system32\wuauclt.exe
2009-10-02 23:55:48 ----A---- C:\Windows\system32\wuaueng.dll
2009-10-02 23:55:34 ----A---- C:\Windows\system32\wups.dll
2009-10-02 23:55:34 ----A---- C:\Windows\system32\wudriver.dll
2009-10-02 23:55:33 ----A---- C:\Windows\system32\wuapi.dll
2009-10-02 23:55:27 ----A---- C:\Windows\system32\wuwebv.dll
2009-10-02 23:55:27 ----A---- C:\Windows\system32\wuapp.exe
2009-10-02 19:18:11 ----A---- C:\Windows\system32\xinput1_1.dll
2009-10-02 19:18:11 ----A---- C:\Windows\system32\xactengine2_1.dll
2009-10-02 19:18:04 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-10-02 19:18:03 ----A---- C:\Windows\system32\xactengine2_0.dll
2009-10-02 19:18:03 ----A---- C:\Windows\system32\x3daudio1_0.dll
2009-10-02 19:18:03 ----A---- C:\Windows\system32\d3dx9_29.dll
2009-10-02 19:17:54 ----A---- C:\Windows\system32\d3dx9_28.dll
2009-10-02 19:17:53 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-10-02 19:17:53 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-10-02 19:17:52 ----A---- C:\Windows\system32\d3dx9_25.dll
2009-10-02 19:17:52 ----A---- C:\Windows\system32\d3dx9_24.dll
2009-10-02 18:57:22 ----D---- C:\Program Files\SEGA
2009-10-02 01:22:39 ----A---- C:\Windows\system32\javaws.exe
2009-10-02 01:22:39 ----A---- C:\Windows\system32\javaw.exe
2009-10-02 01:22:39 ----A---- C:\Windows\system32\java.exe
2009-10-02 01:22:39 ----A---- C:\Windows\system32\deploytk.dll
2009-10-02 01:22:19 ----D---- C:\Program Files\Java
2009-10-01 23:58:05 ----D---- C:\Users\Samuel\AppData\Roaming\vlc
2009-10-01 23:55:57 ----D---- C:\Program Files\VideoLAN
2009-10-01 18:41:38 ----D---- C:\Users\Samuel\AppData\Roaming\Adobe
2009-10-01 18:00:08 ----D---- C:\Users\Samuel\AppData\Roaming\eSobi
2009-10-01 17:54:34 ----D---- C:\Program Files\Common Files\DESIGNER
2009-10-01 17:47:54 ----D---- C:\Users\Samuel\AppData\Roaming\ATI
2009-10-01 17:47:38 ----D---- C:\Users\Samuel\AppData\Roaming\PowerCinema
2009-10-01 17:47:00 ----D---- C:\ProgramData\EgisTec
2009-10-01 17:46:51 ----D---- C:\Users\Samuel\AppData\Roaming\Macromedia
2009-10-01 17:46:18 ----D---- C:\Users\Samuel\AppData\Roaming\Identities
2009-10-01 17:46:13 ----D---- C:\Users\Samuel\AppData\Roaming\Google
2009-10-01 17:46:11 ----D---- C:\ProgramData\Partner
2009-10-01 17:46:09 ----D---- C:\ProgramData\Google
2009-10-01 17:46:00 ----D---- C:\Program Files\Google
2009-10-01 17:45:28 ----SD---- C:\Users\Samuel\AppData\Roaming\Microsoft
2009-10-01 17:45:28 ----D---- C:\Users\Samuel\AppData\Roaming\Media Center Programs
2009-10-01 17:45:28 ----D---- C:\Users\Samuel\AppData\Roaming\Acer GameZone Console
2009-10-01 17:45:09 ----SHD---- C:\ProgramData\Modèles
2009-10-01 17:45:09 ----SHD---- C:\ProgramData\Menu Démarrer
2009-10-01 17:45:09 ----SHD---- C:\ProgramData\Favoris
2009-10-01 17:45:09 ----SHD---- C:\ProgramData\Documents
2009-10-01 17:45:09 ----SHD---- C:\ProgramData\Bureau
2009-10-01 17:45:09 ----SHD---- C:\ProgramData\Application Data
2009-10-01 17:45:09 ----SHD---- C:\Program Files\Fichiers communs
2009-10-01 17:45:08 ----SHD---- C:\Documents and Settings
======List of files/folders modified in the last 1 months======
2009-10-20 17:46:48 ----RD---- C:\Program Files
2009-10-20 17:46:38 ----D---- C:\Windows\Temp
2009-10-20 17:25:26 ----SHD---- C:\Windows\Installer
2009-10-20 17:23:20 ----RSD---- C:\Windows\assembly
2009-10-20 17:23:00 ----HD---- C:\ProgramData
2009-10-20 17:00:01 ----D---- C:\Windows\Tasks
2009-10-20 16:38:06 ----D---- C:\Windows\Prefetch
2009-10-19 13:17:21 ----D---- C:\Windows\System32
2009-10-19 13:17:21 ----D---- C:\Windows\inf
2009-10-19 13:17:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-10-18 12:42:40 ----D---- C:\Windows\Microsoft.NET
2009-10-18 09:21:44 ----D---- C:\Windows\system32\Tasks
2009-10-17 22:50:08 ----D---- C:\Windows
2009-10-17 22:32:37 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-17 08:02:10 ----D---- C:\Windows\system32\WDI
2009-10-16 00:30:01 ----AD---- C:\ProgramData\Temp
2009-10-12 22:20:46 ----D---- C:\Windows\rescache
2009-10-12 22:03:33 ----D---- C:\Windows\system32\fr-FR
2009-10-10 13:04:07 ----D---- C:\Windows\system32\drivers
2009-10-09 19:45:19 ----D---- C:\Windows\winsxs
2009-10-09 19:45:11 ----D---- C:\Windows\system32\catroot2
2009-10-09 19:45:11 ----D---- C:\Windows\system32\catroot
2009-10-09 19:40:13 ----D---- C:\Windows\system32\XPSViewer
2009-10-09 19:40:13 ----D---- C:\Windows\system32\wbem
2009-10-09 19:40:13 ----D---- C:\Windows\system32\en-US
2009-10-06 18:25:23 ----D---- C:\Windows\Debug
2009-10-06 18:10:57 ----D---- C:\Program Files\Common Files
2009-10-06 18:10:56 ----D---- C:\Windows\Help
2009-10-03 18:40:33 ----SHD---- C:\System Volume Information
2009-10-03 01:28:40 ----D---- C:\Program Files\NewTech Infosystems
2009-10-03 01:24:45 ----D---- C:\Program Files\Acer
2009-10-03 01:16:39 ----D---- C:\ProgramData\McAfee
2009-10-03 00:57:15 ----D---- C:\Windows\AppPatch
2009-10-03 00:48:38 ----SD---- C:\ProgramData\Microsoft
2009-10-03 00:36:14 ----D---- C:\Windows\SoftwareDistribution
2009-10-03 00:35:40 ----D---- C:\Windows\ehome
2009-10-02 20:35:16 ----D---- C:\Windows\Logs
2009-10-01 18:09:17 ----D---- C:\ProgramData\Microsoft Help
2009-10-01 18:00:23 ----D---- C:\ProgramData\eSobi
2009-10-01 17:55:10 ----D---- C:\Program Files\Common Files\microsoft shared
2009-10-01 17:54:44 ----D---- C:\Program Files\Microsoft Works
2009-10-01 17:54:22 ----RSD---- C:\Windows\Fonts
2009-10-01 17:52:34 ----D---- C:\Windows\system32\NDF
2009-10-01 17:52:07 ----D---- C:\Windows\ShellNew
2009-10-01 17:49:00 ----D---- C:\Elements
2009-10-01 17:46:43 ----SHD---- C:\$RECYCLE.BIN
2009-10-01 17:46:11 ----D---- C:\Acer
2009-10-01 17:45:27 ----RD---- C:\Users
2009-10-01 17:45:09 ----D---- C:\Program Files\Windows NT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2009-06-18 142832]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-01 1202560]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-02-23 195120]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-03-30 1124864]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-06-03 4934144]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-02-19 2323680]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2008-09-04 223232]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2009-06-18 42480]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\Drivers\NTIDrvr.sys [2009-03-26 15360]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-11-12 154272]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 atk0ogbz;atk0ogbz; C:\Windows\system32\drivers\atk0ogbz.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-21 30720]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-06-03 176128]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-12-18 75048]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-06-23 707104]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MsMpSvc;@c:\Program Files\Microsoft Security Essentials\MpAsDesc.dll,-241; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-07-02 17904]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-10-01 30192]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-03 182768]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Partner Service;Partner Service; C:\ProgramData\Partner\partner.exe [2009-10-01 110576]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-10-20 17:47:00
======Uninstall list======
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\Setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\Setup.exe" -uninstall
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
7-Zip 9.07 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
Acer Arcade Deluxe-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall
Acer Arcade Deluxe-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall
Acer Crystal Eye webcam Ver:1.1.74.216-->C:\Program Files\InstallShield Installation Information\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}\setup.exe -runfromtemp -l0x040c -removeonly
Acer eRecovery Management-->"C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x040c -removeonly
Acer GridVista-->C:\Windows\GVUni.exe GridV.UNI
Acer PowerSmart Manager-->"C:\Program Files\InstallShield Installation Information\{3DB0448D-AD82-4923-B305-D001E521A964}\setup.exe" -runfromtemp -l0x040c -removeonly
Acer ScreenSaver-->C:\Windows\Screensavers\Acer\Uninstall.exe
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Agere Systems HDA Modem-->agrsmdel
Airport Mania First Flight-->"C:\Program Files\Acer GameZone\Airport Mania First Flight\Uninstall.exe" "C:\Program Files\Acer GameZone\Airport Mania First Flight\install.log"
ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
Audacity 1.3.9 (Unicode)-->"C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"
Auslogics Disk Defrag-->"C:\Program Files\Auslogics\Auslogics Disk Defrag\unins000.exe"
Broadcom Gigabit NetLink Controller-->MsiExec.exe /X{9AF0B106-56F1-461B-A270-95BC1682E282}
C:\Program Files\Acer GameZone\GameConsole-->"C:\Program Files\Acer GameZone\GameConsole\unins000.exe"
Cake Mania 2-->"C:\Program Files\Acer GameZone\Cake Mania 2\Uninstall.exe" "C:\Program Files\Acer GameZone\Cake Mania 2\install.log"
Catalyst Control Center - Branding-->MsiExec.exe /I{51B83F5C-5660-4B73-AB18-C68993FEDEB3}
Championship Manager L'Entraîneur 2010 (Données Patch de septembre)-->"C:\Program Files\InstallShield Installation Information\{14592A8E-4DA6-4338-A9D5-E16449647EC3}\setup.exe" -runfromtemp -l0x040c -removeonly
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Cooking Dash-->"C:\Program Files\Acer GameZone\Cooking Dash\Uninstall.exe" "C:\Program Files\Acer GameZone\Cooking Dash\install.log"
Cradle of Rome-->"C:\Program Files\Acer GameZone\Cradle of Rome\Uninstall.exe" "C:\Program Files\Acer GameZone\Cradle of Rome\install.log"
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Dairy Dash-->"C:\Program Files\Acer GameZone\Dairy Dash\Uninstall.exe" "C:\Program Files\Acer GameZone\Dairy Dash\install.log"
Dream Day Honeymoon-->"C:\Program Files\Acer GameZone\Dream Day Honeymoon\Uninstall.exe" "C:\Program Files\Acer GameZone\Dream Day Honeymoon\install.log"
Dream Day Wedding-->"C:\Program Files\Acer GameZone\Dream Day Wedding\Uninstall.exe" "C:\Program Files\Acer GameZone\Dream Day Wedding\install.log"
eSobi v2-->C:\Program Files\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x040c
Galapago-->"C:\Program Files\Acer GameZone\Galapago\Uninstall.exe" "C:\Program Files\Acer GameZone\Galapago\install.log"
Galerie de photos Windows Live-->MsiExec.exe /X{43563ACB-371B-4C58-8979-B192B390424C}
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Jewel Quest Solitaire-->"C:\Program Files\Acer GameZone\Jewel Quest Solitaire\Uninstall.exe" "C:\Program Files\Acer GameZone\Jewel Quest Solitaire\install.log"
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
Launch Manager-->C:\Windows\UNINST32.EXE LManager.UNI
L'Entraîneur 2010-->"C:\Program Files\InstallShield Installation Information\{5CA7899B-FFEC-4254-A05B-448420831F37}\setup.exe" -runfromtemp -l0x040c -removeonly
Luxor 2-->"C:\Program Files\Acer GameZone\Luxor 2\Uninstall.exe" "C:\Program Files\Acer GameZone\Luxor 2\install.log"
Mahjong Escape Ancient China-->"C:\Program Files\Acer GameZone\Mahjong Escape Ancient China\Uninstall.exe" "C:\Program Files\Acer GameZone\Mahjong Escape Ancient China\install.log"
Medieval II Total War-->C:\Program Files\InstallShield Installation Information\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}\Setup.exe -runfromtemp -l0x040c -removeonly
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Antimalware Service FR-FR Language Pack-->MsiExec.exe /X{A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}
Microsoft Antimalware-->MsiExec.exe /X{A0A77CDC-2419-4D5C-AD2C-E09E5926B806}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Essentials\setup.exe /x
Microsoft Security Essentials-->MsiExec.exe /I{48B3FB4D-CE22-488C-8E9F-24EBB77EAC0F}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Works-->MsiExec.exe /I{0214A441-A4AB-43A8-8DEF-2F73C5364673}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NTI Backup Now 5-->C:\Program Files\InstallShield Installation Information\{12EFA1A4-AC3B-443C-8143-237EDE760403}\setup.exe -runfromtemp -l0x040c
NTI Media Maker 8-->C:\Program Files\InstallShield Installation Information\{2413930C-8309-47A6-BC61-5EF27A4222BC}\setup.exe -runfromtemp -l0x040c
Ocean Express-->"C:\Program Files\Acer GameZone\Ocean Express\Uninstall.exe" "C:\Program Files\Acer GameZone\Ocean Express\install.log"
Orion-->MsiExec.exe /X{5B63A470-9334-44D1-AF61-6CE2DB565AE9}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Parking Dash-->"C:\Program Files\Acer GameZone\Parking Dash\Uninstall.exe" "C:\Program Files\Acer GameZone\Parking Dash\install.log"
Puzzle Express-->"C:\Program Files\Acer GameZone\Puzzle Express\Uninstall.exe" "C:\Program Files\Acer GameZone\Puzzle Express\install.log"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek USB 2.0 Card Reader-->C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\Setup.exe -runfromtemp -l0x0009 -removeonly
Tradewinds 2-->"C:\Program Files\Acer GameZone\Tradewinds 2\Uninstall.exe" "C:\Program Files\Acer GameZone\Tradewinds 2\install.log"
Tri-Peaks Solitaire To Go-->"C:\Program Files\Acer GameZone\Tri-Peaks Solitaire To Go\Uninstall.exe" "C:\Program Files\Acer GameZone\Tri-Peaks Solitaire To Go\install.log"
Turbo Pizza-->"C:\Program Files\Acer GameZone\Turbo Pizza\Uninstall.exe" "C:\Program Files\Acer GameZone\Turbo Pizza\install.log"
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
VLC media player 1.0.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Wedding Dash-->"C:\Program Files\Acer GameZone\Wedding Dash\Uninstall.exe" "C:\Program Files\Acer GameZone\Wedding Dash\install.log"
Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Zuma Deluxe-->"C:\Program Files\Acer GameZone\Zuma Deluxe\Uninstall.exe" "C:\Program Files\Acer GameZone\Zuma Deluxe\install.log"
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: PC-de-Samuel
Event Code: 134
Message: NtpClient n'a pas pu définir d'homologue manuel à utiliser comme source de temps en raison d'une erreur de résolution DNS sur " time.windows.com,0x9 ". NtpClient réessaiera dans 15 minutes, et à nouveau une fois le double de l'intervalle de nouvelle tentative écoulé. L'erreur était : Hôte inconnu. (0x80072AF9)
Record Number: 36925
Source Name: Microsoft-Windows-Time-Service
Time Written: 20091020061904.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Samuel
Event Code: 134
Message: NtpClient n'a pas pu définir d'homologue manuel à utiliser comme source de temps en raison d'une erreur de résolution DNS sur " time.windows.com,0x9 ". NtpClient réessaiera dans 15 minutes, et à nouveau une fois le double de l'intervalle de nouvelle tentative écoulé. L'erreur était : Hôte inconnu. (0x80072AF9)
Record Number: 36926
Source Name: Microsoft-Windows-Time-Service
Time Written: 20091020061906.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Samuel
Event Code: 134
Message: NtpClient n'a pas pu définir d'homologue manuel à utiliser comme source de temps en raison d'une erreur de résolution DNS sur " time.windows.com,0x9 ". NtpClient réessaiera dans 15 minutes, et à nouveau une fois le double de l'intervalle de nouvelle tentative écoulé. L'erreur était : Hôte inconnu. (0x80072AF9)
Record Number: 36928
Source Name: Microsoft-Windows-Time-Service
Time Written: 20091020141324.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Samuel
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 36939
Source Name: Tcpip
Time Written: 20091020143430.219000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Samuel
Event Code: 1006
Message: Microsoft Antimalware a détecté un logiciel espion ou un autre logiciel potentiellement indésirable.
Pour plus d'informations, consultez les informations suivantes :
http://go.microsoft.com/fwlink/?linkid=37020&name=Troja...
Nom : TrojanDownloader:Win32/Renos.JS
ID : 2147628360
Gravité : Élevé
Catégorie : Cheval de Troie téléchargeur
Chemin d'accès : process
id:1444Origine de la détection : Inconnu
Type de détection : Concret
Source de la détection : Protection en temps réel
État : En cours d'exécution
Utilisateur : Unknown\Unknown
Nom du processus : Unknown
Version de la signature : AV: 1.67.916.0, AS: 1.67.916.0
Version du moteur : 1.1.5101.0
Record Number: 36942
Source Name: Microsoft Antimalware
Time Written: 20091020150129.000000-000
Event Type: Avertissement
User:
=====Application event log=====
Computer Name: PC-de-Samuel
Event Code: 1002
Message: Le programme Explorer.EXE version 6.0.6001.18164 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : ba0 Heure de début : 01ca4fd5830cd63b Heure de fin : 47971
Record Number: 2352
Source Name: Application Hang
Time Written: 20091018095348.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Samuel
Event Code: 1002
Message: Le programme daemon.exe version 4.30.4.27 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 938 Heure de début : 01ca4fd9eb9e328b Heure de fin : 21398
Record Number: 2353
Source Name: Application Hang
Time Written: 20091018100323.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Samuel
Event Code: 1015
Message: L'ID événement 3013 du service Windows Search a été supprimé 7 fois depuis 11:31:00. Cet événement est utilisé pour supprimer les événements du service Windows Search qui se sont produits fréquemment dans une courte période. Voir l'ID événement 3013 pour plus de détails sur cet événement.
Record Number: 2354
Source Name: Microsoft-Windows-Search
Time Written: 20091018100403.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Samuel
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 2377
Source Name: Microsoft-Windows-WMI
Time Written: 20091019111238.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Samuel
Event Code: 1002
Message: Le programme Explorer.EXE version 6.0.6001.18164 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : ae0 Heure de début : 01ca50ace5f5b1a3 Heure de fin : 0
Record Number: 2383
Source Name: Application Hang
Time Written: 20091020143108.000000-000
Event Type: Erreur
User:
=====Security event log=====
Computer Name: PC-de-Samuel
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4271
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091020154658.290000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Samuel
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4272
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091020154658.335000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Samuel
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4273
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091020154658.382000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Samuel
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4274
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091020154658.437000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Samuel
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4275
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091020154658.484000-000
Event Type: Échec de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\PROGRA~1\DISKEE~1\DISKEE~1\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"Pathtem"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"NTIPath"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\;
-----------------EOF-----------------
Citation :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumInfection par Win32/Renos.HQ
- ForumTrojandownloader:Win32/renos.jw
- Forum[Résolu]Virus: Renos, fakealert et infected.webpage.gen
- Forum[Résolu]Trojandownloader:Win32/Renos.JM
- ForumWin32/renos.jm.....
- ForumAidez moi: Probleme avec un trojan Win32 Renos!
- Forum[Résolu] Renos.JS (Trojan)
- Forum[Résolu]...Besoin d'aide WIN32/RENOS
- ForumVIRUS TROJAN WIN 32/RENOS.DZ
- Voir plus
