certains sites web ne s'ouvrent plus .. Fermé

Question

Bonjour :)

je suis sous windows 7 Ultimate et je n'arrive plus à accéder à certains sites que ce soit sur FIREFOX ou sur INTERNET EXPLORER.

j'ai jeté un coup d'oeil sur le fichier HOSTS. rien à signaler.

j'ai effectué des scan avec les dernières mises à jours de malwarebytes, Trojan remover, Spyware Doctor, Panda (et j'ai aussi vu si son pare-feu ne bloquait pas l'accès aux navigateurs ou à ces sites) et vérifié si le parfeu windows était bien désactivé. et j'ai aussi fait un rapport d'analyse avec HiJackThis au cas ou.

j'ai essayé de créer un nouveau profile sur FIREFOX, de le mettre à jour, de réinitialiser les réglages, de désinstaller les modules complémentaires ou carrément de le désinstaller-réinstaller Firefox, mais toujours le même résultat.

avec un "ping" sur les adresses que je veux ouvrir, il ne se connecte pas du tout (idem pour un "tracert").

En revanche en "mode sans échec avec prise en charge réseau" ou en "mode directory services restore" ces pages s'affichent le plus normalement du monde. 
et quand je redémarre mon pc après avoir utilisé l'un de ses modes, j'arrive à accéder aux sites pour un court moment, ensuite retour à la case départ.

voilà, j'aimerai donc savoir si quelqu'un saurait de quoi il pourrait s'agir et/ou comment régler ce problème.

merci d'avance ;)

Utilisateur anonyme · Answer

Bonjour,
Tu peux poster ton hijackthis stp !

_geNz · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:51:32, on 23/01/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\WebProxy.exe
C:\Windows\system32	askeng.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files\ASUS\AI Direct Link\AsCmd.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe
C:\Program Files\ASUS\AI Direct Link\AsShare.exe
C:\Program Files\InstallShield Installation Information\{818690C7-8DA5-4623-BBA8-A73CFBD44077}\AMBSPISyncService.exe
C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe
C:\Users\Mugen\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe
C:\Program Files\ASUS\AI Suite\CPU Level UpEx\CpuLevelUp.exe
C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\AMBSpiE.exe
C:\Program Files\Panda Security\Panda Global Protection 2010\ApVxdWin.exe
C:\Windows\system32	askhost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Panda Security\Panda Global Protection 2010\PavBckPT.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Mugen\Downloads\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [CTSyncService] C:\Program Files\InstallShield Installation Information\{818690C7-8DA5-4623-BBA8-A73CFBD44077}\AMBSPISyncService.exe /StartRunKey
O4 - HKLM\..\Run: [AMBDef] AMBDef.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [TurboV EVO] "C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe" -b
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up] "C:\Program Files\ASUS\AI Suite\CPU Level UPEx\CpuLevelUp.exe" -r
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Global Protection 2010\Inicio.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O13 - Gopher Prefix: 
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\pavsrvx86.exe
O23 - Service: Panda Host Service (PSHost) - Panda Security International - c:\program files\panda security\panda global protection 2010\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PskSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
O23 - Service: SpeedingHDD - Unknown owner - C:\Program Files\SpeedingHDD\XSrvSetup.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\TPSrv.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

Utilisateur anonyme · Answer

Télécharge Random's System Information Tool (RSIT) : http://images.malwareremoval.com/random/RSIT.exe par random/random et sauvegarde-le sur ton Bureau. Important (Sous Vista) tu dois exécuter RSIT avec les droits d'administrateur, pour cela Clic droit sur RSIT et "Lances en tant qu'administrateur" ==> Double-clique sur RSIT.exe afin de lancer RSIT. ==> Clique sur Continue à l'écran Disclaimer. ==> Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence. ==>Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. ==> Poste le contenu des deux rapports ==> log.txt (<==qui sera affiché) ainsi que de info.txt (<==qui sera réduit dans la Barre des Tâches). Note : Les deux rapports sont également sauvegardés %systemroot%\rsit

_geNz · Answer

Logfile of random's system information tool 1.06 (written by random/random)
Run by Mugen at 2010-01-23 09:58:22
Microsoft Windows 7 Ultimate  Service Pack 2
System drive C: has 809 GB (85%) free of 954 GB
Total RAM: 3062 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:58:26, on 23/01/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\WebProxy.exe
C:\Windows\system32	askeng.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files\ASUS\AI Direct Link\AsCmd.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe
C:\Program Files\ASUS\AI Direct Link\AsShare.exe
C:\Program Files\InstallShield Installation Information\{818690C7-8DA5-4623-BBA8-A73CFBD44077}\AMBSPISyncService.exe
C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe
C:\Users\Mugen\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe
C:\Program Files\ASUS\AI Suite\CPU Level UpEx\CpuLevelUp.exe
C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\AMBSpiE.exe
C:\Program Files\Panda Security\Panda Global Protection 2010\ApVxdWin.exe
C:\Windows\system32	askhost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Panda Security\Panda Global Protection 2010\PavBckPT.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\msdt.exe
C:\Windows\System32\sdiagnhost.exe
C:\Windows\system32\conhost.exe
C:\Users\Mugen\Downloads\RSIT.exe
C:\Windows\system32\DllHost.exe
C:\Users\Mugen\Downloads\Mugen.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [CTSyncService] C:\Program Files\InstallShield Installation Information\{818690C7-8DA5-4623-BBA8-A73CFBD44077}\AMBSPISyncService.exe /StartRunKey
O4 - HKLM\..\Run: [AMBDef] AMBDef.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [TurboV EVO] "C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe" -b
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up] "C:\Program Files\ASUS\AI Suite\CPU Level UPEx\CpuLevelUp.exe" -r
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Global Protection 2010\Inicio.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O13 - Gopher Prefix: 
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\pavsrvx86.exe
O23 - Service: Panda Host Service (PSHost) - Panda Security International - c:\program files\panda security\panda global protection 2010\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PskSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
O23 - Service: SpeedingHDD - Unknown owner - C:\Program Files\SpeedingHDD\XSrvSetup.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\TPSrv.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

_geNz · Answer

info.txt logfile of random's system information tool 1.06 2010-01-23 09:58:34 ======Uninstall list====== -->"C:\Program Files\Creative\SB X-Fi MB\Program\CTZapLdr.exe" /CTZAPLOADER /u /W -->C:\Program Files\Nero\Nero8\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\Windows\UNNeroVision.exe /UNINSTALL -->C:\Windows\UNRecode.exe /UNINSTALL -->MsiExec /X{1C4551A6-4743-4093-91E4-1477CD655043} -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6F3684E3-0FA0-4443-B97D-65117730222E}\setup.exe" -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x40c /remove Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001} AI Direct Link-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C312984C-E386-4C2D-B33E-7B54355FB16E}\Setup.exe" -l0x9 AI Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{310BC5E2-31AF-49BB-904D-E71EB93645DC}\Setup.exe" -l0x40c AMD DnD V1.0.19-->MsiExec.exe /I{87BB78C4-F36D-4D93-A7C7-F80F18219848} Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} ASUSUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x40c ATI AVIVO Codecs-->MsiExec.exe /I{5E992B43-7F22-59E9-4BCF-FD5157F221F9} ATI Catalyst Registration-->MsiExec.exe /X{72736F5F-520D-472A-88CC-7B02872FD34E} Battlestations: Pacific-->MsiExec.exe /I{BBAB6D5D-1DD4-4D46-B5D9-121DCAB17DEC} BitComet 0.70-->C:\Program Files\BitComet\uninst.exe Browser Defender 2.0.6.10-->"C:\Program Files\Spyware Doctor\BDT\unins000.exe" Call of Duty Modern Warfare 2-->"C:\Program Files\Activision\Modern Warfare 2\unins000.exe" Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409 Catalyst Control Center - Branding-->MsiExec.exe /I{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45} Company of Heroes - FAKEMSI-->MsiExec.exe /I{14574B7F-75D1-4718-B7F2-EBF6E2862A35} Company of Heroes - FAKEMSI-->MsiExec.exe /I{199E6632-EB28-4F73-AECB-3E192EB92D18} Company of Heroes - FAKEMSI-->MsiExec.exe /I{25724802-CC14-4B90-9F3B-3D6955EE27B1} Company of Heroes - FAKEMSI-->MsiExec.exe /I{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D} Company of Heroes - FAKEMSI-->MsiExec.exe /I{50193078-F553-4EBA-AA77-64C9FAA12F98} Company of Heroes - FAKEMSI-->MsiExec.exe /I{51D718D1-DA81-4FAD-919F-5C1CE3C33379} Company of Heroes - FAKEMSI-->MsiExec.exe /I{66F78C51-D108-4F0C-A93C-1CBE74CE338F} Company of Heroes - FAKEMSI-->MsiExec.exe /I{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3} Company of Heroes - FAKEMSI-->MsiExec.exe /I{80D03817-7943-4839-8E96-B9F924C5E67D} Company of Heroes - FAKEMSI-->MsiExec.exe /I{97E5205F-EA4F-438F-B211-F1846419F1C1} Company of Heroes - FAKEMSI-->MsiExec.exe /I{99A7722D-9ACB-43F3-A222-ABC7133F159E} Company of Heroes - FAKEMSI-->MsiExec.exe /I{BA801B94-C28D-46EE-B806-E1E021A3D519} Company of Heroes - FAKEMSI-->MsiExec.exe /I{D4D244D1-05E0-4D24-86A2-B2433C435671} Company of Heroes - FAKEMSI-->MsiExec.exe /I{EAF636A9-F664-4703-A659-85A894DA264F} Company of Heroes-->"C:\Program Files\THQ\Company of Heroes\Uninstall_English.exe" CoreAVC Professional Edition (remove only)-->"C:\Program Files\CoreCodec\CoreAVC Professional Edition\CoreAVC Professional Edition-uninstall.exe" CPUID HWMonitor 1.15-->"C:\Program Files\CPUID\HWMonitor\unins000.exe" CSS FULL DZ [Oct 15 2007] v18.1-->C:\Program Files\VALVe\Counter-Strike Source\uninst.exe DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe DHTML Editing Component-->MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9FFD21E2E0} Dragon Age: Origins-->C:\Program Files\Common Files\BioWare\Uninstall Dragon Age.exe Driver Genius Professional Edition-->"C:\Program Files\Driver-Soft\DriverGenius\unins000.exe" EPU-6 Engine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56B83336-FBC1-4C46-8613-90A9E3B440D6}\setup.exe" -l0x40c EVEREST Ultimate Edition v5.02-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe" Grand Dictionnaire Hachette-Oxford-->C:\Program Files\GDHO\Uninstal.exe Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe" Haali Media Splitter-->"C:\Program Files\Haali\MatroskaSplitter\uninstall.exe" HijackThis 2.0.2-->"C:\Users\Mugen\Downloads\HijackThis.exe" /uninstall HydraVision-->MsiExec.exe /X{C6B29F03-4D97-3B4E-D906-70958E6B1448} Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Internet Download Manager-->C:\Program Files\Internet Download Manager\Uninstall.exe IsoBuster 2.6-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe" ISOpen V4.4.1-->"C:\Program Files\ISOpen\unins000.exe" JMicron JMB36X Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x40c -removeonly K-Lite Codec Pack 5.1.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Magic ISO Maker v5.5 (build 0265)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG MagicDisc 2.7.106-->C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669} Microsoft Games for Windows - LIVE-->MsiExec.exe /X{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Mozilla Firefox (3.5.2)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} Nero 8-->MsiExec.exe /X{3C5F1B30-B10B-4579-86DD-D00F662E1036} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NVIDIA PhysX-->MsiExec.exe /X{1C4551A6-4743-4093-91E4-1477CD655043} OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Oxford Advanced Learner's Dictionary - 7th edition-->"C:\Program Files\Oxford\OALD7\uninstall.exe" Panda Global Protection 2010-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{81A25967-DB85-4B48-A8A7-D25AC191DEE4}\SETUP.exe" -l0x40c -removeonly PC Probe II-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\setup.exe" -l0x40c PhotoImpact X3-->C:\Program Files\InstallShield Installation Information\{15803703-25FA-4C01-A062-3F4A59937E87}\setup.exe -runfromtemp -l0x0409 Realtek 8136 8168 8169 Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748} Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} Sound Blaster X-Fi MB-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{818690C7-8DA5-4623-BBA8-A73CFBD44077}\setup.exe" -l0x40c /remove SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe" SPEEDING HDD-->C:\Program Files\SpeedingHDD\Uninstall\setup.exe delpkg Spyware Doctor 7.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357} TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall TurboV EVO-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{491D92A9-69CA-4EB4-81D3-0106F9337957}\setup.exe" -l0x40c VIA Gestionnaire de périphériques de plate-forme-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe Hosts File Missing ======System event log====== Computer Name: Sabaku_No_Mugen Event Code: 134 Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9) Record Number: 532 Source Name: Microsoft-Windows-Time-Service Time Written: 20091109004556.059639-000 Event Type: Warning User: NT AUTHORITY\LOCAL SERVICE Computer Name: Sabaku_No_Mugen Event Code: 134 Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9) Record Number: 530 Source Name: Microsoft-Windows-Time-Service Time Written: 20091109004554.056835-000 Event Type: Warning User: NT AUTHORITY\LOCAL SERVICE Computer Name: Sabaku_No_Mugen Event Code: 134 Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9) Record Number: 527 Source Name: Microsoft-Windows-Time-Service Time Written: 20091109004550.422028-000 Event Type: Warning User: NT AUTHORITY\LOCAL SERVICE Computer Name: Sabaku_No_Mugen Event Code: 134 Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9) Record Number: 525 Source Name: Microsoft-Windows-Time-Service Time Written: 20091109004520.017575-000 Event Type: Warning User: NT AUTHORITY\LOCAL SERVICE Computer Name: 37L4247D28-05 Event Code: 10010 Message: The server {9E175B68-F52A-11D8-B9A5-505054503030} did not register with DCOM within the required timeout. Record Number: 322 Source Name: Microsoft-Windows-DistributedCOM Time Written: 20091109072534.000000-000 Event Type: Error User: =====Application event log===== Computer Name: Sabaku_No_Mugen Event Code: 1530 Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 15 user registry handles leaked from \Registry\User\S-1-5-21-1891825889-2796076080-3759537588-1000: Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000 Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000 Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000 Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000 Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Microsoft\SystemCertificates\Disallowed Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Microsoft\SystemCertificates\SmartCardRoot Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Microsoft\SystemCertificates\My Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Microsoft\SystemCertificates\CA Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Microsoft\SystemCertificates rust Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Microsoft\SystemCertificates\Root Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Policies\Microsoft\SystemCertificates Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Policies\Microsoft\SystemCertificates Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Policies\Microsoft\SystemCertificates Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Policies\Microsoft\SystemCertificates Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Microsoft\SystemCertificates\TrustedPeople Record Number: 478 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20091109160204.387989-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Sabaku_No_Mugen Event Code: 8194 Message: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {f0bd7e9e-0d9e-44b1-81c3-cf094761c799} Record Number: 464 Source Name: VSS Time Written: 20091109160121.000000-000 Event Type: Error User: Computer Name: Sabaku_No_Mugen Event Code: 1530 Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-1891825889-2796076080-3759537588-1000: Process 460 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000 Record Number: 434 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20091109072657.521314-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Sabaku_No_Mugen Event Code: 11 Message: Possible Memory Leak. Application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 808) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (10). User Action: Contact your application vendor for an updated version of the application. Record Number: 421 Source Name: Microsoft-Windows-RPC-Events Time Written: 20091109005517.758931-000 Event Type: Warning User: NT AUTHORITY\LOCAL SERVICE Computer Name: 37L4247D28-05 Event Code: 1008 Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}. Record Number: 86 Source Name: Microsoft-Windows-Search Time Written: 20091109073710.000000-000 Event Type: Warning User: =====Security event log===== Computer Name: Sabaku_No_Mugen Event Code: 4728 Message: A member was added to a security-enabled global group. Subject: Security ID: S-1-5-18 Account Name: WIN-V8O6CTQRT70$ Account Domain: WORKGROUP Logon ID: 0x3e7 Member: Security ID: S-1-5-21-1891825889-2796076080-3759537588-1000 Account Name: - Group: Security ID: S-1-5-21-1891825889-2796076080-3759537588-513 Group Name: None Group Domain: Sabaku_No_Mugen Additional Information: Privileges: - Record Number: 108 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091109004030.381800-000 Event Type: Audit Success User: Computer Name: Sabaku_No_Mugen Event Code: 4616 Message: The system time was changed. Subject: Security ID: S-1-5-18 Account Name: WIN-V8O6CTQRT70$ Account Domain: WORKGROUP Logon ID: 0x3e7 Process Information: Process ID: 0x394 Name: C:\Windows\System32\oobe\msoobe.exe Previous Time: ?2009?-?11?-?09T07:40:42.643488300Z New Time: ?2009?-?11?-?09T00:40:30.257000000Z This event is generated when the system time is changed. It is normal for the Windows Time Service, which runs with System privilege, to change the system time on a regular basis. Other system time changes may be indicative of attempts to tamper with the computer. Record Number: 107 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091109004030.257000-000 Event Type: Audit Success User: Computer Name: Sabaku_No_Mugen Event Code: 4738 Message: A user account was changed. Subject: Security ID: S-1-5-18 Account Name: WIN-V8O6CTQRT70$ Account Domain: WORKGROUP Logon ID: 0x3e7 Target Account: Security ID: S-1-5-21-1891825889-2796076080-3759537588-501 Account Name: Guest Account Domain: Sabaku_No_Mugen Changed Attributes: SAM Account Name: Guest Display Name: User Principal Name: - Home Directory: Home Drive: Script Path: Profile Path: User Workstations: Password Last Set: Account Expires: Primary Group ID: 513 AllowedToDelegateTo: - Old UAC Value: 0x215 New UAC Value: 0x215 User Account Control: - User Parameters: SID History: - Logon Hours: All Additional Information: Privileges: - Record Number: 106 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091109074024.204255-000 Event Type: Audit Success User: Computer Name: Sabaku_No_Mugen Event Code: 4738 Message: A user account was changed. Subject: Security ID: S-1-5-18 Account Name: WIN-V8O6CTQRT70$ Account Domain: WORKGROUP Logon ID: 0x3e7 Target Account: Security ID: S-1-5-21-1891825889-2796076080-3759537588-501 Account Name: Guest Account Domain: Sabaku_No_Mugen Changed Attributes: SAM Account Name: Guest Display Name: User Principal Name: - Home Directory: Home Drive: Script Path: Profile Path: User Workstations: Password Last Set: Account Expires: Primary Group ID: 513 AllowedToDelegateTo: - Old UAC Value: 0x215 New UAC Value: 0x215 User Account Control: - User Parameters: SID History: - Logon Hours: All Additional Information: Privileges: - Record Number: 105 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091109074024.204255-000 Event Type: Audit Success User: Computer Name: Sabaku_No_Mugen Event Code: 4738 Message: A user account was changed. Subject: Security ID: S-1-5-18 Account Name: WIN-V8O6CTQRT70$ Account Domain: WORKGROUP Logon ID: 0x3e7 Target Account: Security ID: S-1-5-21-1891825889-2796076080-3759537588-500 Account Name: Administrator Account Domain: Sabaku_No_Mugen Changed Attributes: SAM Account Name: Administrator Display Name: User Principal Name: - Home Directory: Home Drive: Script Path: Profile Path: User Workstations: Password Last Set: 14/07/2009 05:55:45 Account Expires: Primary Group ID: 513 AllowedToDelegateTo: - Old UAC Value: 0x211 New UAC Value: 0x211 User Account Control: - User Parameters: SID History: - Logon Hours: All Additional Information: Privileges: - Record Number: 104 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091109074024.204255-000 Event Type: Audit Success User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;%SYSTEMROOT%\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC;C:\PROGRAM FILES\SMART PROJECTS\ISOBUSTER;C:\Program Files\Panda Security\Panda Global Protection 2010\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 30 Stepping 5, GenuineIntel "PROCESSOR_REVISION"=1e05 -----------------EOF----------------- Le fichier Info

_geNz · Answer

info.txt logfile of random's system information tool 1.06 2010-01-23 09:58:34 ======Uninstall list====== -->"C:\Program Files\Creative\SB X-Fi MB\Program\CTZapLdr.exe" /CTZAPLOADER /u /W -->C:\Program Files\Nero\Nero8\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\Windows\UNNeroVision.exe /UNINSTALL -->C:\Windows\UNRecode.exe /UNINSTALL -->MsiExec /X{1C4551A6-4743-4093-91E4-1477CD655043} -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6F3684E3-0FA0-4443-B97D-65117730222E}\setup.exe" -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x40c /remove Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001} AI Direct Link-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C312984C-E386-4C2D-B33E-7B54355FB16E}\Setup.exe" -l0x9 AI Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{310BC5E2-31AF-49BB-904D-E71EB93645DC}\Setup.exe" -l0x40c AMD DnD V1.0.19-->MsiExec.exe /I{87BB78C4-F36D-4D93-A7C7-F80F18219848} Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} ASUSUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x40c ATI AVIVO Codecs-->MsiExec.exe /I{5E992B43-7F22-59E9-4BCF-FD5157F221F9} ATI Catalyst Registration-->MsiExec.exe /X{72736F5F-520D-472A-88CC-7B02872FD34E} Battlestations: Pacific-->MsiExec.exe /I{BBAB6D5D-1DD4-4D46-B5D9-121DCAB17DEC} BitComet 0.70-->C:\Program Files\BitComet\uninst.exe Browser Defender 2.0.6.10-->"C:\Program Files\Spyware Doctor\BDT\unins000.exe" Call of Duty Modern Warfare 2-->"C:\Program Files\Activision\Modern Warfare 2\unins000.exe" Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409 Catalyst Control Center - Branding-->MsiExec.exe /I{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45} Company of Heroes - FAKEMSI-->MsiExec.exe /I{14574B7F-75D1-4718-B7F2-EBF6E2862A35} Company of Heroes - FAKEMSI-->MsiExec.exe /I{199E6632-EB28-4F73-AECB-3E192EB92D18} Company of Heroes - FAKEMSI-->MsiExec.exe /I{25724802-CC14-4B90-9F3B-3D6955EE27B1} Company of Heroes - FAKEMSI-->MsiExec.exe /I{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D} Company of Heroes - FAKEMSI-->MsiExec.exe /I{50193078-F553-4EBA-AA77-64C9FAA12F98} Company of Heroes - FAKEMSI-->MsiExec.exe /I{51D718D1-DA81-4FAD-919F-5C1CE3C33379} Company of Heroes - FAKEMSI-->MsiExec.exe /I{66F78C51-D108-4F0C-A93C-1CBE74CE338F} Company of Heroes - FAKEMSI-->MsiExec.exe /I{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3} Company of Heroes - FAKEMSI-->MsiExec.exe /I{80D03817-7943-4839-8E96-B9F924C5E67D} Company of Heroes - FAKEMSI-->MsiExec.exe /I{97E5205F-EA4F-438F-B211-F1846419F1C1} Company of Heroes - FAKEMSI-->MsiExec.exe /I{99A7722D-9ACB-43F3-A222-ABC7133F159E} Company of Heroes - FAKEMSI-->MsiExec.exe /I{BA801B94-C28D-46EE-B806-E1E021A3D519} Company of Heroes - FAKEMSI-->MsiExec.exe /I{D4D244D1-05E0-4D24-86A2-B2433C435671} Company of Heroes - FAKEMSI-->MsiExec.exe /I{EAF636A9-F664-4703-A659-85A894DA264F} Company of Heroes-->"C:\Program Files\THQ\Company of Heroes\Uninstall_English.exe" CoreAVC Professional Edition (remove only)-->"C:\Program Files\CoreCodec\CoreAVC Professional Edition\CoreAVC Professional Edition-uninstall.exe" CPUID HWMonitor 1.15-->"C:\Program Files\CPUID\HWMonitor\unins000.exe" CSS FULL DZ [Oct 15 2007] v18.1-->C:\Program Files\VALVe\Counter-Strike Source\uninst.exe DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe DHTML Editing Component-->MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9FFD21E2E0} Dragon Age: Origins-->C:\Program Files\Common Files\BioWare\Uninstall Dragon Age.exe Driver Genius Professional Edition-->"C:\Program Files\Driver-Soft\DriverGenius\unins000.exe" EPU-6 Engine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56B83336-FBC1-4C46-8613-90A9E3B440D6}\setup.exe" -l0x40c EVEREST Ultimate Edition v5.02-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe" Grand Dictionnaire Hachette-Oxford-->C:\Program Files\GDHO\Uninstal.exe Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe" Haali Media Splitter-->"C:\Program Files\Haali\MatroskaSplitter\uninstall.exe" HijackThis 2.0.2-->"C:\Users\Mugen\Downloads\HijackThis.exe" /uninstall HydraVision-->MsiExec.exe /X{C6B29F03-4D97-3B4E-D906-70958E6B1448} Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Internet Download Manager-->C:\Program Files\Internet Download Manager\Uninstall.exe IsoBuster 2.6-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe" ISOpen V4.4.1-->"C:\Program Files\ISOpen\unins000.exe" JMicron JMB36X Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x40c -removeonly K-Lite Codec Pack 5.1.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Magic ISO Maker v5.5 (build 0265)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG MagicDisc 2.7.106-->C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669} Microsoft Games for Windows - LIVE-->MsiExec.exe /X{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Mozilla Firefox (3.5.2)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} Nero 8-->MsiExec.exe /X{3C5F1B30-B10B-4579-86DD-D00F662E1036} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NVIDIA PhysX-->MsiExec.exe /X{1C4551A6-4743-4093-91E4-1477CD655043} OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Oxford Advanced Learner's Dictionary - 7th edition-->"C:\Program Files\Oxford\OALD7\uninstall.exe" Panda Global Protection 2010-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{81A25967-DB85-4B48-A8A7-D25AC191DEE4}\SETUP.exe" -l0x40c -removeonly PC Probe II-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\setup.exe" -l0x40c PhotoImpact X3-->C:\Program Files\InstallShield Installation Information\{15803703-25FA-4C01-A062-3F4A59937E87}\setup.exe -runfromtemp -l0x0409 Realtek 8136 8168 8169 Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748} Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} Sound Blaster X-Fi MB-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{818690C7-8DA5-4623-BBA8-A73CFBD44077}\setup.exe" -l0x40c /remove SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe" SPEEDING HDD-->C:\Program Files\SpeedingHDD\Uninstall\setup.exe delpkg Spyware Doctor 7.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357} TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall TurboV EVO-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{491D92A9-69CA-4EB4-81D3-0106F9337957}\setup.exe" -l0x40c VIA Gestionnaire de périphériques de plate-forme-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe Hosts File Missing ======System event log====== Computer Name: Sabaku_No_Mugen Event Code: 134 Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9) Record Number: 532 Source Name: Microsoft-Windows-Time-Service Time Written: 20091109004556.059639-000 Event Type: Warning User: NT AUTHORITY\LOCAL SERVICE Computer Name: Sabaku_No_Mugen Event Code: 134 Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9) Record Number: 530 Source Name: Microsoft-Windows-Time-Service Time Written: 20091109004554.056835-000 Event Type: Warning User: NT AUTHORITY\LOCAL SERVICE Computer Name: Sabaku_No_Mugen Event Code: 134 Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9) Record Number: 527 Source Name: Microsoft-Windows-Time-Service Time Written: 20091109004550.422028-000 Event Type: Warning User: NT AUTHORITY\LOCAL SERVICE Computer Name: Sabaku_No_Mugen Event Code: 134 Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9) Record Number: 525 Source Name: Microsoft-Windows-Time-Service Time Written: 20091109004520.017575-000 Event Type: Warning User: NT AUTHORITY\LOCAL SERVICE Computer Name: 37L4247D28-05 Event Code: 10010 Message: The server {9E175B68-F52A-11D8-B9A5-505054503030} did not register with DCOM within the required timeout. Record Number: 322 Source Name: Microsoft-Windows-DistributedCOM Time Written: 20091109072534.000000-000 Event Type: Error User: =====Application event log===== Computer Name: Sabaku_No_Mugen Event Code: 1530 Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 15 user registry handles leaked from \Registry\User\S-1-5-21-1891825889-2796076080-3759537588-1000: Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000 Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000 Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000 Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000 Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Microsoft\SystemCertificates\Disallowed Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Microsoft\SystemCertificates\SmartCardRoot Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Microsoft\SystemCertificates\My Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Microsoft\SystemCertificates\CA Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Microsoft\SystemCertificates rust Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Microsoft\SystemCertificates\Root Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Policies\Microsoft\SystemCertificates Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Policies\Microsoft\SystemCertificates Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Policies\Microsoft\SystemCertificates Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Policies\Microsoft\SystemCertificates Process 1112 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000\Software\Microsoft\SystemCertificates\TrustedPeople Record Number: 478 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20091109160204.387989-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Sabaku_No_Mugen Event Code: 8194 Message: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {f0bd7e9e-0d9e-44b1-81c3-cf094761c799} Record Number: 464 Source Name: VSS Time Written: 20091109160121.000000-000 Event Type: Error User: Computer Name: Sabaku_No_Mugen Event Code: 1530 Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-1891825889-2796076080-3759537588-1000: Process 460 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-1891825889-2796076080-3759537588-1000 Record Number: 434 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20091109072657.521314-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Sabaku_No_Mugen Event Code: 11 Message: Possible Memory Leak. Application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 808) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (10). User Action: Contact your application vendor for an updated version of the application. Record Number: 421 Source Name: Microsoft-Windows-RPC-Events Time Written: 20091109005517.758931-000 Event Type: Warning User: NT AUTHORITY\LOCAL SERVICE Computer Name: 37L4247D28-05 Event Code: 1008 Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}. Record Number: 86 Source Name: Microsoft-Windows-Search Time Written: 20091109073710.000000-000 Event Type: Warning User: =====Security event log===== Computer Name: Sabaku_No_Mugen Event Code: 4728 Message: A member was added to a security-enabled global group. Subject: Security ID: S-1-5-18 Account Name: WIN-V8O6CTQRT70$ Account Domain: WORKGROUP Logon ID: 0x3e7 Member: Security ID: S-1-5-21-1891825889-2796076080-3759537588-1000 Account Name: - Group: Security ID: S-1-5-21-1891825889-2796076080-3759537588-513 Group Name: None Group Domain: Sabaku_No_Mugen Additional Information: Privileges: - Record Number: 108 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091109004030.381800-000 Event Type: Audit Success User: Computer Name: Sabaku_No_Mugen Event Code: 4616 Message: The system time was changed. Subject: Security ID: S-1-5-18 Account Name: WIN-V8O6CTQRT70$ Account Domain: WORKGROUP Logon ID: 0x3e7 Process Information: Process ID: 0x394 Name: C:\Windows\System32\oobe\msoobe.exe Previous Time: ?2009?-?11?-?09T07:40:42.643488300Z New Time: ?2009?-?11?-?09T00:40:30.257000000Z This event is generated when the system time is changed. It is normal for the Windows Time Service, which runs with System privilege, to change the system time on a regular basis. Other system time changes may be indicative of attempts to tamper with the computer. Record Number: 107 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091109004030.257000-000 Event Type: Audit Success User: Computer Name: Sabaku_No_Mugen Event Code: 4738 Message: A user account was changed. Subject: Security ID: S-1-5-18 Account Name: WIN-V8O6CTQRT70$ Account Domain: WORKGROUP Logon ID: 0x3e7 Target Account: Security ID: S-1-5-21-1891825889-2796076080-3759537588-501 Account Name: Guest Account Domain: Sabaku_No_Mugen Changed Attributes: SAM Account Name: Guest Display Name: User Principal Name: - Home Directory: Home Drive: Script Path: Profile Path: User Workstations: Password Last Set: Account Expires: Primary Group ID: 513 AllowedToDelegateTo: - Old UAC Value: 0x215 New UAC Value: 0x215 User Account Control: - User Parameters: SID History: - Logon Hours: All Additional Information: Privileges: - Record Number: 106 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091109074024.204255-000 Event Type: Audit Success User: Computer Name: Sabaku_No_Mugen Event Code: 4738 Message: A user account was changed. Subject: Security ID: S-1-5-18 Account Name: WIN-V8O6CTQRT70$ Account Domain: WORKGROUP Logon ID: 0x3e7 Target Account: Security ID: S-1-5-21-1891825889-2796076080-3759537588-501 Account Name: Guest Account Domain: Sabaku_No_Mugen Changed Attributes: SAM Account Name: Guest Display Name: User Principal Name: - Home Directory: Home Drive: Script Path: Profile Path: User Workstations: Password Last Set: Account Expires: Primary Group ID: 513 AllowedToDelegateTo: - Old UAC Value: 0x215 New UAC Value: 0x215 User Account Control: - User Parameters: SID History: - Logon Hours: All Additional Information: Privileges: - Record Number: 105 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091109074024.204255-000 Event Type: Audit Success User: Computer Name: Sabaku_No_Mugen Event Code: 4738 Message: A user account was changed. Subject: Security ID: S-1-5-18 Account Name: WIN-V8O6CTQRT70$ Account Domain: WORKGROUP Logon ID: 0x3e7 Target Account: Security ID: S-1-5-21-1891825889-2796076080-3759537588-500 Account Name: Administrator Account Domain: Sabaku_No_Mugen Changed Attributes: SAM Account Name: Administrator Display Name: User Principal Name: - Home Directory: Home Drive: Script Path: Profile Path: User Workstations: Password Last Set: 14/07/2009 05:55:45 Account Expires: Primary Group ID: 513 AllowedToDelegateTo: - Old UAC Value: 0x211 New UAC Value: 0x211 User Account Control: - User Parameters: SID History: - Logon Hours: All Additional Information: Privileges: - Record Number: 104 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091109074024.204255-000 Event Type: Audit Success User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;%SYSTEMROOT%\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC;C:\PROGRAM FILES\SMART PROJECTS\ISOBUSTER;C:\Program Files\Panda Security\Panda Global Protection 2010\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 30 Stepping 5, GenuineIntel "PROCESSOR_REVISION"=1e05 -----------------EOF----------------- Le fichier Info

Utilisateur anonyme · Answer

Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent
(car il est detecté a tort comme infection)

&#9654; Télécharge List&Kill'em et enregistre le sur ton bureau

&#9654; Branche clés usb , disques durs externes , mp3 , mp4 , etc..

double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation

coche la case "creer une icone sur le bureau"

une fois terminée , clic sur "terminer" et le programme se lancera seul

choisis la langue puis choisis l'option 1 = Mode Recherche

&#9654; laisse travailler l'outil

à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.

un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.

&#9654; Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"

tu peux supprimer le rapport catchme.log de ton bureau maintenant.

_geNz · Answer

je n'arrive pas à télécharger List&Kill'em à partir de ce lien (peut-être que c'est aussi un lien qui ne s'ouvre pas chez moi)
je vais redémarrer en mode sans échec pour le télécharger.

Utilisateur anonyme · Answer

ok mais en mode sans échec avec PRISE EN CHARGE DU RÉSEAU !

_geNz · Answer

je n'arrive pas à le télécharger ("delai d'attente depassé" quelque soit le mode) ...  il n'y aurait pas une alternative ?

Utilisateur anonyme · Answer

Attend, je reviens dans 1H maxi, je vais faire des trucs ! A+

_geNz · Answer

prends ton temps et merci ;)

Utilisateur anonyme · Answer

Re,

Télécharge ComboFix.exe (par sUBs) sur ton Bureau

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Tutoriel officiel de ComboFix, afin de l’utiliser correctement

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

Désactive ton antivirus, antispyware, et Spybot-S&D (résident) durant l'utilisation de ComboFix. Merci. Tu le réactiveras ensuite, en fin de désinfection.

Voir ici comment désactiver tes protections

https://forum.pcastuces.com/default.asp

Renomme ComboFix.exe (ComboFix) en kiki.exe

Double clique sur kiki.exe (ComboFix)

Tape 1 puis tape sur Entrée

A noter: une fois que ComboFix est lancé, il ne faut pas cliquer dans la fenêtre de ComboFix car cela pourrait entraîner un plantage du programme.

Il est recommandé de laisser l'outil analyser et nettoyer le PC sans utiliser quoi que ce soit d'autre...

A la fin de l’analyse, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse

Si le rapport n'apparaît pas, tu le trouves ici, à la racine de ton Système, en principe : C:\ComboFix.txt (C:\ComboFix)

_geNz · Answer

ComboFix 10-01-22.03 - Mugen 23/01/2010  12:27:21.1.4 - x86
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.33.1033.18.3062.1914 [GMT 1:00]
Lancé depuis: C:\Users\Mugen\Downloads\kiki.exe
.

((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\Help\help
C:\Windows\Help\help\en-US\Help.h1c
C:\Windows\Help\help\en-US\Help.H1T
C:\Windows\Help\help\en-US\Help_AssetId.H1K
C:\Windows\Help\help\en-US\Help_BestBet.H1K
C:\Windows\Help\help\en-US\Help_LinkTerm.H1K
C:\Windows\Help\help\en-US\Help_SubjectTerm.H1K
C:\Windows\Help\help\en-USesources.H1S
C:\Windows\Help\help\en-US\stopwrds.stp
C:\Windows\system32\Data

.
(((((((((((((((((((((((((((((   Fichiers créés du 2009-12-23 au 2010-01-23  ))))))))))))))))))))))))))))))))))))
.

2010-01-23 11:33:05 . 2010-01-23 11:33:12	--------	d-----w-	C:\Users\Mugen\AppData\Local	emp
2010-01-23 11:22:12 . 2010-01-23 11:24:53	--------	d-----w-	C:\32788R22FWJFW
2010-01-23 08:57:16 . 2010-01-23 08:58:34	--------	d-----w-	C:sit
2010-01-23 07:52:03 . 2010-01-23 07:52:03	--------	d-----w-	C:\Users\Mugen\AppData\Local\Threat Expert
2010-01-22 22:09:42 . 2010-01-22 22:09:42	--------	d-----w-	C:\Users\Mugen\AppData\Local\Panda Security
2010-01-22 22:03:03 . 2010-01-22 22:03:03	13880	----a-w-	C:\Windows\system32\drivers\COMFiltr.sys
2010-01-22 22:01:10 . 2009-06-30 09:37:16	28552	----a-w-	C:\Windows\system32\drivers\pavboot.sys
2010-01-22 22:00:48 . 2010-01-22 22:00:48	--------	d-----w-	C:\Program Files\Common Files\Panda Security
2010-01-22 22:00:48 . 2009-06-30 16:17:12	163336	----a-w-	C:\Windows\system32\drivers\PavProc.sys
2010-01-22 22:00:48 . 2008-03-04 14:59:42	41144	----a-w-	C:\Windows\system32\drivers\ShlDrv51.sys
2010-01-22 20:53:45 . 2009-10-08 10:31:46	149456	----a-w-	C:\Windows\SGDetectionTool.dll
2010-01-22 20:53:45 . 2009-10-08 10:31:44	165840	----a-w-	C:\Windows\PCTBDRes.dll
2010-01-22 20:53:45 . 2009-10-08 10:31:44	1636304	----a-w-	C:\Windows\PCTBDCore.dll
2010-01-22 20:53:45 . 2009-10-08 10:31:14	767952	----a-w-	C:\Windows\BDTSupport.dll
2010-01-22 20:53:45 . 2009-10-02 13:19:04	1152470	----a-w-	C:\Windows\UDB.zip
2010-01-22 20:53:45 . 2008-11-26 11:08:42	131	----a-w-	C:\Windows\IDB.zip
2010-01-22 20:33:44 . 2009-09-24 07:55:46	97208	----a-w-	C:\Windows\system32\drivers\pctwfpfilter.sys
2010-01-22 20:33:44 . 2009-09-24 07:55:46	229304	----a-w-	C:\Windows\system32\drivers\pctgntdi.sys
2010-01-22 20:33:27 . 2009-10-06 15:31:30	87784	----a-w-	C:\Windows\system32\drivers\PCTAppEvent.sys
2010-01-22 20:33:27 . 2009-09-23 15:10:06	207280	----a-w-	C:\Windows\system32\drivers\PCTCore.sys
2010-01-22 20:31:52 . 2009-09-03 08:45:12	70408	----a-w-	C:\Windows\system32\drivers\pctplsg.sys
2010-01-22 20:31:47 . 2010-01-23 09:08:55	--------	d-----w-	C:\Program Files\Spyware Doctor
2010-01-22 20:31:47 . 2010-01-22 20:54:12	--------	d-----w-	C:\Program Files\Common Files\PC Tools
2010-01-22 20:31:47 . 2010-01-22 20:31:47	--------	d-----w-	C:\Users\Mugen\AppData\Roaming\PC Tools
2010-01-22 20:31:47 . 2010-01-22 20:31:47	--------	d-----w-	C:\ProgramData\PC Tools
2010-01-22 19:28:41 . 2009-12-19 09:02:55	977920	----a-w-	C:\Windows\system32\wininet.dll
2010-01-20 17:33:27 . 2009-10-19 14:10:20	108544	----a-w-	C:\Windows\system32	2embed.dll
2010-01-20 17:33:27 . 2009-10-19 14:10:06	70656	----a-w-	C:\Windows\system32\fontsub.dll
2010-01-15 10:39:42 . 2010-01-15 10:39:44	198064	----a-w-	C:\Users\firefox 1\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
2010-01-15 10:39:40 . 2010-01-15 10:40:12	--------	d-----w-	C:\Users\firefox 1\AppData\Roaming\DMCache
2010-01-15 10:39:40 . 2010-01-15 10:39:53	--------	d-----w-	C:\Users\firefox 1\AppData\Roaming\IDM
2010-01-14 22:05:13 . 2010-01-15 09:38:59	1	----a-w-	C:\Users\firefox 1\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-01-14 22:04:40 . 2010-01-14 22:04:40	--------	d-----w-	C:\Users\firefox 1\AppData\Roaming\OpenOffice.org
2010-01-14 22:03:47 . 2010-01-15 09:07:35	177024	----a-w-	C:\Users\firefox 1\AppData\Roaming\Mozilla\Firefox\Profiles\qjceelij.default\FlashGot.exe
2010-01-14 22:03:47 . 2008-07-31 02:32:00	43008	----a-w-	C:\Users\firefox 1\AppData\Roaming\Mozilla\Firefox\Profiles\qjceelij.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metricsloader.dll
2010-01-14 22:03:47 . 2008-07-31 02:32:00	43008	----a-w-	C:\Users\firefox 1\AppData\Roaming\Mozilla\Firefox\Profiles\qjceelij.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2010-01-14 22:03:47 . 2008-07-31 02:32:00	245248	----a-w-	C:\Users\firefox 1\AppData\Roaming\Mozilla\Firefox\Profiles\qjceelij.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\metrics-ff2.dll
2010-01-14 22:03:47 . 2008-07-31 02:32:00	243200	----a-w-	C:\Users\firefox 1\AppData\Roaming\Mozilla\Firefox\Profiles\qjceelij.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\metrics-ff3.dll
2010-01-14 22:03:47 . 2008-07-31 02:32:00	239616	----a-w-	C:\Users\firefox 1\AppData\Roaming\Mozilla\Firefox\Profiles\qjceelij.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2010-01-14 22:03:47 . 2008-07-31 02:32:00	233984	----a-w-	C:\Users\firefox 1\AppData\Roaming\Mozilla\Firefox\Profiles\qjceelij.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2010-01-14 22:03:40 . 2007-06-28 15:30:26	28672	----a-w-	C:\Users\firefox 1\AppData\Roaming\Mozilla\Firefox\Profiles\og8aoe48.default\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}\components\mpint.dll
2010-01-14 21:49:42 . 2010-01-14 22:03:14	--------	d-----w-	C:\Users\firefox 1\AppData\Local\Mozilla
2010-01-13 13:45:18 . 2010-01-13 13:45:18	--------	d--h--r-	C:\Users\Mugen\AppData\Roaming\SecuROM
2010-01-09 17:43:06 . 2010-01-09 17:43:06	--------	d-----w-	C:\Program Files\Haali
2010-01-09 17:43:03 . 2010-01-09 17:43:03	--------	d-----w-	C:\Program Files\CoreCodec
2010-01-09 17:40:47 . 2006-04-02 12:47:06	630784	----a-w-	C:\Windows\system32\vp7vfw.dll
2010-01-09 17:40:47 . 2004-05-18 18:16:42	39936	----a-w-	C:\Windows\system32\huffyuv.dll
2010-01-05 23:03:13 . 2010-01-05 23:03:13	--------	d-----w-	C:\Users\Mugen\AppData\Roaming\Ulead Systems
2010-01-05 22:52:22 . 2010-01-05 22:53:16	--------	d-----w-	C:\Program Files\Common Files\Ulead Systems
2010-01-05 22:52:12 . 2010-01-05 22:53:15	--------	d-----w-	C:\ProgramData\Ulead Systems
2010-01-05 22:52:12 . 2010-01-05 22:52:12	--------	d-----w-	C:\Program Files\Corel
2010-01-05 22:50:35 . 2010-01-05 22:50:35	--------	d-----w-	C:\Windows\Downloaded Installations
2010-01-05 20:50:41 . 2009-02-03 12:52:12	102400	----a-w-	C:\Windows\system32\cttele32.dll
2010-01-05 20:50:40 . 2009-05-21 10:15:26	192512	------w-	C:\Windows\system32\AMBSpiE.exe
2010-01-05 20:50:35 . 2009-07-22 16:28:12	2873823	------w-	C:\Windows\system32\Sens_oal.dll
2010-01-05 20:09:39 . 2009-10-29 07:22:37	2048	----a-w-	C:\Windows\system32	zres.dll
2010-01-05 19:41:00 . 2008-01-04 12:34:48	11832	----a-w-	C:\Windows\system32\drivers\AsInsHelp64.sys
2010-01-05 19:41:00 . 2008-01-04 12:34:42	10216	----a-w-	C:\Windows\system32\drivers\AsInsHelp32.sys
2010-01-05 19:39:53 . 2009-09-11 09:48:34	502272	----a-w-	C:\Windows\system32\VIASysFx.dll
2010-01-05 19:39:53 . 2009-08-17 13:17:04	868352	----a-w-	C:\Windows\system32\VIAPropPageExt.dll
2010-01-05 19:39:53 . 2009-06-01 09:10:26	211456	----a-w-	C:\Windows\system32\Dts2APO.dll
2010-01-05 19:39:53 . 2009-01-19 20:30:02	68608	----a-w-	C:\Windows\system32\ViaMicArrayPropPageExt.dll
2010-01-05 19:39:53 . 2009-01-19 20:29:58	181248	----a-w-	C:\Windows\system32\ViaMicArrayAPO.dll
2010-01-05 19:39:53 . 2007-12-04 10:28:00	76288	----a-w-	C:\Windows\system32
QPropPageExt.dll
2010-01-05 19:39:53 . 2007-12-04 10:28:00	71680	----a-w-	C:\Windows\system32
QAPO.dll
2010-01-05 18:58:43 . 2006-10-06 13:17:34	53248	------w-	C:\Windows\Ctregrun.exe
2010-01-04 19:21:11 . 2010-01-04 21:11:01	--------	d-----w-	C:\Users\Mugen\TPx
2010-01-04 19:20:28 . 2010-01-05 06:15:49	--------	d-----w-	C:\Users\Mugen\AppData\Roaming\codeblocks
2010-01-04 19:20:20 . 2010-01-05 06:15:50	--------	d-----w-	C:\Program Files\CodeBlocks
2009-12-26 17:55:23 . 2009-12-26 18:00:21	--------	d-----w-	C:\Users\Mugen\h
2009-12-26 08:34:45 . 2009-12-26 08:34:45	--------	d-----w-	C:\ProgramData\BioWare
2009-12-26 08:14:27 . 2009-12-26 08:14:29	--------	d-----w-	C:\Program Files\AGEIA Technologies
2009-12-26 08:14:27 . 2009-12-26 08:14:27	--------	d-----w-	C:\Windows\system32\AGEIA
2009-12-26 08:14:18 . 2009-12-26 08:14:20	--------	d-----w-	C:\Program Files\Common Files\Wise Installation Wizard
2009-12-26 08:04:34 . 2010-01-11 14:26:36	--------	d-----w-	C:\Program Files\Dragon Age
2009-12-26 08:04:33 . 2010-01-11 14:32:23	--------	d-----w-	C:\Program Files\Common Files\BioWare
2009-12-26 00:25:38 . 2010-01-05 19:38:05	--------	d-----w-	C:\Users\Mugen\x_Ae2

.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-23 11:26:24 . 2010-01-22 22:02:44	176272	----a-w-	C:\Windows\system32\drivers\APPFCONT.DAT.bck
2010-01-23 11:26:24 . 2010-01-22 22:02:44	176272	----a-w-	C:\Windows\system32\drivers\APPFCONT.DAT
2010-01-23 11:26:13 . 2010-01-22 22:02:44	1132	----a-w-	C:\Windows\system32\drivers\APPFLTR.CFG.bck
2010-01-23 11:26:13 . 2010-01-22 22:02:44	1132	----a-w-	C:\Windows\system32\drivers\APPFLTR.CFG
2010-01-23 09:33:52 . 2009-11-11 19:59:10	--------	d-----w-	C:\Users\Mugen\AppData\Roaming\DMCache
2010-01-22 22:02:46 . 2010-01-22 22:02:46	262	----a-w-	C:\Windows\system32\PavCPL.dat
2010-01-22 22:02:24 . 2009-11-09 16:54:32	--------	d-----w-	C:\Program Files\Panda Security
2010-01-22 22:02:11 . 2010-01-22 22:02:11	--------	d-----w-	C:\Users\Mugen\AppData\Roaming\Panda Security
2010-01-22 22:02:11 . 2010-01-22 22:02:11	--------	d-----w-	C:\ProgramData\Panda Security
2010-01-22 22:02:11 . 2009-11-09 16:01:55	--------	d--h--w-	C:\Program Files\InstallShield Installation Information
2010-01-22 21:50:31 . 2009-11-09 16:51:10	--------	d-----w-	C:\Program Files\Malwarebytes' Anti-Malware
2010-01-22 20:26:56 . 2009-11-11 20:34:22	5115824	----a-w-	C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-20 17:35:25 . 2009-11-14 15:12:18	--------	d-----w-	C:\Program Files\Microsoft Silverlight
2010-01-19 17:43:20 . 2009-11-09 17:31:48	--------	d-----w-	C:\Users\Mugen\AppData\Roaming\vlc
2010-01-15 17:52:45 . 2009-11-16 22:01:16	1	----a-w-	C:\Users\Mugen\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-01-14 21:49:31 . 2010-01-14 21:49:31	75464	----a-w-	C:\Users\firefox 1\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-14 21:49:23 . 2010-01-14 21:49:23	--------	d-----w-	C:\Users\firefox 1\AppData\Roaming\ATI
2010-01-14 10:12:06 . 2009-11-11 17:57:57	181120	------w-	C:\Windows\system32\MpSigStub.exe
2010-01-09 17:40:55 . 2009-11-09 16:26:38	--------	d-----w-	C:\Program Files\K-Lite Codec Pack
2010-01-09 17:28:58 . 2009-11-25 15:58:29	--------	d-----w-	C:\Users\Mugen\AppData\Roaming\dvdcss
2010-01-07 15:07:14 . 2009-11-09 16:51:10	38224	----a-w-	C:\Windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07:04 . 2009-11-09 16:51:10	19160	----a-w-	C:\Windows\system32\drivers\mbam.sys
2010-01-05 23:05:26 . 2009-11-09 00:53:47	75464	----a-w-	C:\Users\Mugen\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-05 21:02:50 . 2009-11-09 16:06:11	--------	d-----w-	C:\ProgramData\Creative
2010-01-05 20:50:36 . 2009-11-09 16:07:39	444952	----a-w-	C:\Windows\system32\wrap_oal.dll
2010-01-05 20:50:36 . 2009-11-09 16:07:39	109080	----a-w-	C:\Windows\system32\OpenAL32.dll
2010-01-05 20:50:24 . 2009-11-09 16:06:07	--------	d-----w-	C:\Program Files\Creative
2010-01-05 20:27:29 . 2009-11-11 19:59:10	--------	d-----w-	C:\Users\Mugen\AppData\Roaming\IDM
2010-01-05 20:04:30 . 2009-11-14 14:26:37	--------	d-----w-	C:\Users\Mugen\AppData\Roaming\Skype
2010-01-05 19:42:41 . 2009-11-09 16:01:29	--------	d-----w-	C:\Program Files\VIA
2010-01-05 19:41:00 . 2009-11-09 16:09:36	--------	d-----w-	C:\Program Files\ASUS
2010-01-05 19:04:31 . 2009-11-14 14:28:26	--------	d-----w-	C:\Users\Mugen\AppData\Roaming\skypePM
2009-12-28 21:20:07 . 2009-11-20 22:59:56	--------	d-----w-	C:\Program Files\SpeedFan
2009-12-26 08:14:16 . 2009-11-10 19:21:48	--------	d-----w-	C:\ProgramData\Media Center Programs
2009-11-28 09:29:18 . 2009-11-28 08:55:02	--------	d-----w-	C:\Users\Mugen\AppData\Roaming\DAEMON Tools Lite
2009-11-28 08:55:54 . 2009-11-28 08:55:50	--------	d-----w-	C:\Program Files\DAEMON Tools Toolbar
2009-11-28 08:55:54 . 2009-11-28 08:55:08	--------	d-----w-	C:\Program Files\DAEMON Tools Lite
2009-11-28 08:55:18 . 2009-11-15 17:37:48	691696	----a-w-	C:\Windows\system32\drivers\sptd.sys
2009-11-28 08:55:04 . 2009-11-28 08:54:59	--------	d-----w-	C:\ProgramData\DAEMON Tools Lite
2009-11-25 22:49:23 . 2009-11-25 22:49:23	--------	d-----w-	C:\ProgramData\Creative Labs
2009-11-15 08:56:57 . 2009-11-15 08:56:57	10134	----a-r-	C:\Users\Mugen\AppData\Roaming\Microsoft\Installer\{2573A5FB-0352-4B85-E948-10FFCDD28731}\ARPPRODUCTICON.exe
2009-11-14 14:28:27 . 2009-11-14 14:28:27	56	---ha-w-	C:\Windows\system32\ezsidmv.dat
2009-06-10 21:26:35 . 2009-07-14 02:04:20	9633792	--sha-r-	C:\Windows\Fonts\StaticCache.dat
2009-07-14 01:14:45 . 2009-07-13 23:42:17	396800	--sha-w-	C:\Windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [2009-11-11 19:59:29 2815408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTSyncService"="C:\Program Files\InstallShield Installation Information\{818690C7-8DA5-4623-BBA8-A73CFBD44077}\AMBSPISyncService.exe" [2008-08-12 11:26:42 1233199]
"AMBDef"="AMBDef.exe" [2008-01-23 23:24:14 53248]
"JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe" [2007-03-20 06:36:18 36864]
"TurboV EVO"="C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe" [2009-07-29 15:25:50 7240192]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-25 16:00:32 98304]
"QFan Help"="C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe" [2009-11-16 12:58:24 604672]
"Cpu Level Up"="C:\Program Files\ASUS\AI Suite\CPU Level UPEx\CpuLevelUp.exe" [2009-11-25 15:40:56 1170432]
"VolPanel"="C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" [2009-07-07 12:13:38 241789]
"Malwarebytes' Anti-Malware"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-01-07 15:07:10 429392]
"APVXDWIN"="C:\Program Files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE" [2009-09-25 11:51:04 906496]
"SCANINICIO"="C:\Program Files\Panda Security\Panda Global Protection 2010\Inicio.exe" [2009-08-12 08:23:20 56064]

C:\Users\firefox 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
otify\avldr]
2008-03-18 15:58:10	58672	----a-w-	C:\Windows\System32\avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversionun-]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe /onboot
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
"CTRegRun"=C:\Windows\CTRegRun.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversionun-]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"UpdReg"=C:\Windows\UpdReg.EXE
"ATICustomerCare"="C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
"RunDLLEntry"=C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
"Ulead AutoDetector v2"=C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiSpyWareDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001
"FirewallOverride"=dword:00000001

R0 pavboot;Panda boot driver;C:\Windows\System32\drivers\pavboot.sys [22/01/2010 23:01:10 28552]
R0 PCTCore;PCTools KDS;C:\Windows\System32\drivers\PCTCore.sys [22/01/2010 21:33:27 207280]
R1 AsUpIO;AsUpIO;C:\Windows\System32\drivers\AsUpIO.sys [06/07/2009 03:48:02 11448]
R1 ShldDrv;Panda File Shield Driver;C:\Windows\System32\drivers\ShlDrv51.sys [22/01/2010 23:00:48 41144]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [23/09/2009 23:27:50 172032]
R2 AmFSM;AmFSM;C:\Windows\System32\drivers\amm8660.sys [22/01/2010 23:02:12 49160]
R2 APPFLT;App Filter Plugin;C:\Windows\System32\drivers\APPFLT.SYS [22/01/2010 23:02:31 75016]
R2 Browser Defender Update Service;Browser Defender Update Service;C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe [22/01/2010 21:53:45 112592]
R2 ComFiltr;Panda Anti-Dialer;C:\Windows\System32\drivers\COMFiltr.sys [22/01/2010 23:03:03 13880]
R2 cpuz132;cpuz132;C:\Windows\System32\drivers\cpuz132_x32.sys [20/11/2009 23:59:47 12672]
R2 DSAFLT;DSA Filter Plugin;C:\Windows\System32\drivers\dsaflt.sys [22/01/2010 23:02:40 53128]
R2 FNETMON;NetMon Filter Plugin;C:\Windows\System32\drivers\fnetmon.sys [22/01/2010 23:02:31 22072]
R2 Gwmsrv;Panda Goodware Cache Manager;C:\Windows\system32\svchost -k Panda --> C:\Windows\system32\svchost -k Panda [?]
R2 IDSFLT;Ids Filter Plugin;C:\Windows\System32\drivers\idsflt.sys [22/01/2010 23:02:40 193800]
R2 MBAMService;MBAMService;C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [22/01/2010 21:27:12 236368]
R2 NETFLTDI;Panda Net Driver [TDI Layer];C:\Windows\System32\drivers\NETFLTDI.SYS [22/01/2010 23:02:31 159112]
R2 PavProc;Panda Process Protection Driver;C:\Windows\System32\drivers\PavProc.sys [22/01/2010 23:00:48 163336]
R2 PskSvcRetail;Panda PSK service;C:\Program Files\Panda Security\Panda Global Protection 2010\psksvc.exe [22/01/2010 23:02:26 28928]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30/10/2009 15:05:48 1021256]
R2 WNMFLT;Wifi Monitor Filter Plugin;C:\Windows\System32\drivers\wnmflt.sys [22/01/2010 23:02:40 46728]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [09/11/2009 17:51:10 19160]
R3 NETIMFLT01060039;PANDA NDIS IM Filter Miniport v1.6.0.39;C:\Windows\System32\drivers
eti1639.sys [22/01/2010 23:02:13 199432]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt86win7.sys [09/11/2009 17:08:13 167936]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14/10/2009 07:24:44 10064]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [09/11/2009 17:01:50 1086976]
S0 sptd;sptd;C:\Windows\System32\drivers\sptd.sys [15/11/2009 18:37:48 691696]
S2 AsSysCtrlService;ASUS System Control Service;C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [09/11/2009 17:10:05 90112]
S2 SpeedingHDD;SpeedingHDD;C:\Program Files\SpeedingHDD\XSrvSetup.exe [09/11/2009 19:00:34 69632]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [09/11/2009 17:07:35 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [09/11/2009 17:07:00 79360]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe [26/12/2009 09:10:48 25832]
S3 sdAuxService;PC Tools Auxiliary Service;C:\Program Files\Spyware Doctor\pctsAuxs.exe [22/01/2010 21:31:48 358600]
S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [09/11/2009 17:06:12 79360]
S3 VMfilt;VMfilt;C:\Windows\System32\drivers\VMfilt32.sys [09/11/2009 17:01:50 17920]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
panda	REG_MULTI_SZ   	Gwmsrv

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
.
------- Examen supplémentaire -------
.
IE: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
IE: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
IE: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
FF - ProfilePath - C:\Users\Mugen\AppData\Roaming\Mozilla\Firefox\Profiles	wh4rkae.default\
FF - component: C:\Users\Mugen\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
- - - - ORPHELINS SUPPRIMES - - - -

Toolbar-Locked - (no file)


voilà désolé pour le retard ^^

_geNz · Answer

s'il vous plait, est ce que quelqu'un saurait de quoi il pourrait s'agir et/ou comment régler ce problème.

merci

Utilisateur anonyme · Answer

Réessaye List_Kill'em

_geNz · Answer

toujours le même problème. ça marche pour toi ?

_geNz · Answer

je crois que le lien ne marche pas parce que je viens d'essayer à partir d'un autre ordi et même chose.

Utilisateur anonyme · Answer

Ca marche pour moi !!!

_geNz · Answer

si j'arrive de le télécharger ou si je regle le probleme, je te fais signe. mais je pense que ce ne sera pas pour aujourd'hui. 
jte remercie vraiment beaucoup pour ton aide  ^^ 
bonne soirée ;)

Utilisateur anonyme · Answer

Re, je crois avoir trouver !

Télécharge FindyKill sur ton bureau :

http://pagesperso-orange.fr/NosTools/Chiquitine29/Setup.exe

! Déconnecte toi et ferme toutes applications en cours !

* Double clique sur "FindyKill.exe" pour lancer l'installation et laisse les paramètres d'instalation par défaut .

* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

* Double-clique sur le raccourci FindyKill qui est sur ton bureau pour lancer l'outil .

* Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

* Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]

Laisse travailler l'outil et ne touche à rien ...

--> Poste le rapport qui apparait à la fin , sur le forum ...

( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

_geNz · Answer

FindyKill plante à chaque fois à 80% (peut-être qu'il est pas compatible avec seven). En tous cas, ya pas moyen de finir le scan, j'ai réessayer N fois hier, toujours la même chose, il plante au niveau des fichiers .zip

Certains sites web ne s'ouvrent plus ..

22 réponses

Discussions similaires