Tital

Re, Voilà j'ai mis à jour mes deux logiciels (Acrobat Reader et Java). Concernant les mises à jour Windows, je suppose que c'est parce que c'est réglé sur l'option 'Télécharger les mises à jour mais me laisser choisir s'il convient de les installer' (il est peut etre mieux de faire l'installation automatique, je suppose). Résultats des opérations via OTL (j'ai garder spybot installé mais si cela crée des conflits avec d'autres programmes, je peux toujours le désintaller). En esperant n'avoir rien oublier de copier, voilà le résultat All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PlayNC Launcher deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e39d19a9-baca-11df-86c9-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e39d19a9-baca-11df-86c9-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e39d19a9-baca-11df-86c9-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e39d19a9-baca-11df-86c9-806e6f6e6963}\ not found. File D:\Setup.exe not found. File PTYTEMP] not found. File PTYFLASH] not found. File SETHOSTS] not found. OTL by OldTimer - Version 3.2.22.3 log created on 05202011_184436 Files\Folders moved on Reboot... Registry entries deleted on Reboot...

...la suite... Resultats Extras LogFile OTL Extras logfile created on: 20/05/2011 13:31:42 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Tital\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 67,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 100,00 Gb Total Space | 71,34 Gb Free Space | 71,34% Space Free | Partition Type: NTFS Drive E: | 350,00 Gb Total Space | 284,52 Gb Free Space | 81,29% Space Free | Partition Type: NTFS Drive F: | 481,41 Gb Total Space | 245,18 Gb Free Space | 50,93% Space Free | Partition Type: NTFS Computer Name: TITAL-PC | User Name: Tital | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer "{23170F69-40C1-2702-0917-000001000000}" = 7-Zip 9.17 (x64 edition) "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{7BDBA998-06A2-6FD9-EF93-089D91D529D4}" = AMD Fuel "{80CF423D-D542-40C4-86DF-951CC31B125C}" = Ma-Config.com (64 bits) "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{B45EC3D5-8883-00DC-EE82-E9D9D6FAB256}" = ccc-utility64 "{C5970161-E13E-6661-BBDA-A08268313C83}" = ATI Catalyst Install Manager "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{EE269999-1AB7-7B39-7944-513CF3426CB8}" = AMD Drag and Drop Transcoding "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live "{1A2B20A2-8AC5-592C-CC17-4CFC64322B7A}" = CCC Help English "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java 6 Update 25 "{2D072108-2640-3605-CA6F-89F8AD574CE6}" = Catalyst Control Center Graphics Previews Common "{2DD099EB-DA57-487F-6AA6-38A2C31A7053}" = CCC Help Hungarian "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger "{48291646-52CA-9FF8-EA09-188780B0AA8C}" = CCC Help Portuguese "{49F778FC-54C8-77E0-89A4-529FAC625589}" = CCC Help Spanish "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{55D0CFC8-6269-1F9B-5E7A-CD8DF633A55A}" = CCC Help Polish "{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding "{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI "{6861B6FD-E32A-4DB5-4A4D-48B0B4EBDC9B}" = CCC Help French "{6861BD18-E0B6-0787-16E1-305408D5AFBF}" = CCC Help German "{6B07AB2E-000B-10F6-DBB3-B60CE087F92D}" = Catalyst Control Center Localization All "{7E8C10F9-1C78-709F-407D-9B2FB860F616}" = CCC Help Greek "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial "{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A4D77A09-10EA-4574-8C09-9B6E1A21C95F}" = Virus Guard - powered by BitDefender "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.4 - Français "{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9 "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{C195EE36-14EA-4512-4637-04C45B398C5E}" = ccc-core-static "{D54640A3-2C2B-4CB1-9666-01E55F54E7F5}" = NCsoft Launcher "{D5A91556-8647-1CE9-3205-4C131D0ADEA7}" = CCC Help Italian "{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{EC277079-E66E-4C28-89C3-9A690AA9A6B4}" = Aion "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "ACDSee (version d’évaluation)" = ACDSee (version d’évaluation) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "avast" = avast! Free Antivirus "DAEMON Tools Lite" = DAEMON Tools Lite "eMule" = eMule "GOM Player" = GOM Player "Indeo® Software" = Indeo® Software "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gestionnaire de périphériques de plate-forme "InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad) "Mumble" = Mumble and Murmur "Opera 11.10.2092" = Opera 11.10 "TeamSpeak 3 Client" = TeamSpeak 3 Client "uTorrent" = µTorrent "Veetle TV" = Veetle TV 0.9.18 "Winamp" = Winamp "WinLiveSuite_Wave3" = Installation Windows Live "World of Warcraft" = World of Warcraft ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "090215de958f1060" = Curse Client "Winamp Detect" = Détection de l'application Winamp ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 07/02/2011 12:03:20 | Computer Name = Tital-PC | Source = ATIeRecord | ID = 16389 Description = ATI EEU the creation of a class has failed Error - 08/02/2011 15:54:05 | Computer Name = Tital-PC | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy\DelZip179.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy\DelZip179.dll » à la ligne 8. La valeur « * » de l’attribut « language » de l’élément « assemblyIdentity » n’est pas valide. Error - 26/02/2011 08:58:28 | Computer Name = Tital-PC | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy\DelZip179.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy\DelZip179.dll » à la ligne 8. La valeur « * » de l’attribut « language » de l’élément « assemblyIdentity » n’est pas valide. Error - 18/03/2011 07:31:17 | Computer Name = Tital-PC | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy\DelZip179.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy\DelZip179.dll » à la ligne 8. La valeur « * » de l’attribut « language » de l’élément « assemblyIdentity » n’est pas valide. Error - 20/03/2011 22:07:33 | Computer Name = Tital-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante GOM.exe, version : 2.1.28.5039, horodatage : 0x4cd8f983 Nom du module défaillant : ntdll.dll, version : 6.1.7600.16695, horodatage : 0x4cc7ab86 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00032a7f ID du processus défaillant : 0x980 Heure de début de l’application défaillante : 0x01cbe769b343a6c0 Chemin d’accès de l’application défaillante : C:\PROGRA~2\GRETECH\GOMPLA~1\GOM.exe Chemin d’accès du module défaillant: C:\Windows\SysWOW64\ntdll.dll ID de rapport : fb240222-535f-11e0-9927-485b39ca1caf Error - 21/03/2011 09:34:36 | Computer Name = Tital-PC | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy\DelZip179.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy\DelZip179.dll » à la ligne 8. La valeur « * » de l’attribut « language » de l’élément « assemblyIdentity » n’est pas valide. Error - 22/04/2011 08:39:58 | Computer Name = Tital-PC | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy\DelZip179.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy\DelZip179.dll » à la ligne 8. La valeur « * » de l’attribut « language » de l’élément « assemblyIdentity » n’est pas valide. Error - 01/05/2011 19:06:08 | Computer Name = Tital-PC | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy\DelZip179.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy\DelZip179.dll » à la ligne 8. La valeur « * » de l’attribut « language » de l’élément « assemblyIdentity » n’est pas valide. Error - 12/05/2011 13:58:22 | Computer Name = Tital-PC | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy\DelZip179.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy\DelZip179.dll » à la ligne 8. La valeur « * » de l’attribut « language » de l’élément « assemblyIdentity » n’est pas valide. Error - 19/05/2011 08:55:01 | Computer Name = Tital-PC | Source = VSS | ID = 8194 Description = [ System Events ] Error - 12/05/2011 07:38:22 | Computer Name = Tital-PC | Source = DCOM | ID = 10010 Description = Error - 12/05/2011 07:39:35 | Computer Name = Tital-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x800705b4 : Mise à jour pour Windows 7 pour ordinateurs à processeur x64 (KB2534366). < End of report >

Encore merci pour ton aide! J'avoue avoir tendu le baton pour me faire battre avec certains des fichiers détectés ^^ Ils ont été supprimés dès hier, lorsque je les ai vus dans la liste (surtout que je ne les utilisais pas du tout) Voilà le résultat des scans d'OTL OTL LogFile OTL logfile created on: 20/05/2011 13:31:42 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Tital\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 67,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 100,00 Gb Total Space | 71,34 Gb Free Space | 71,34% Space Free | Partition Type: NTFS Drive E: | 350,00 Gb Total Space | 284,52 Gb Free Space | 81,29% Space Free | Partition Type: NTFS Drive F: | 481,41 Gb Total Space | 245,18 Gb Free Space | 50,93% Space Free | Partition Type: NTFS Computer Name: TITAL-PC | User Name: Tital | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/05/20 13:30:09 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Tital\Desktop\OTL.exe PRC - [2011/05/10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2011/01/20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2010/01/22 12:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2009/03/30 08:32:40 | 000,032,768 | R--- | M] () -- C:\Windows\DAODx.exe PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe ========== Modules (SafeList) ========== MOD - [2011/05/20 13:30:09 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Tital\Desktop\OTL.exe MOD - [2011/05/10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2011/01/24 15:53:36 | 000,420,864 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\x64\maconfservice.exe -- (maconfservice) SRV:64bit: - [2011/01/05 04:57:44 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011/01/04 23:07:10 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2010/06/17 06:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/05/10 13:59:48 | 000,064,344 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2011/04/14 13:21:15 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011/03/21 13:22:06 | 000,452,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011/01/05 05:37:14 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011/01/05 04:19:38 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010/08/30 12:19:54 | 000,015,872 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys -- (driverhardwarev2x64) DRV:64bit: - [2010/08/16 12:42:00 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2010/03/02 13:30:20 | 001,301,504 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2010/01/22 12:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010/01/22 12:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010/01/11 13:28:35 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:64bit: - [2009/10/07 12:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009/10/07 12:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009/09/30 03:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009/07/16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/05 03:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7D CF 7C 2C A1 14 CC 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2011/05/18 22:44:05 | 000,434,608 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 14955 more lines... O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O4 - HKLM..\Run: [Adobe Reader Speed Launcher] E:\Adobe\Reader 9\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [PlayNC Launcher] File not found O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: E&xporter vers Microsoft Excel - E:\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: E&xporter vers Microsoft Excel - E:\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {C044CD87-DFB0-4130-A5E4-49361106FBC8} http://tera.hangame.com/common/activex/HanSetup1040.cab (HanSetupCtrl1010 Class) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab (SysInfo Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{e39d19a9-baca-11df-86c9-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{e39d19a9-baca-11df-86c9-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation) Drivers32: msacm.iac2 - C:\Windows\SysWOW64\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\Windows\SysWow64\ir32_32.dll (Intel® Corporation) Drivers32: vidc.iv32 - C:\Windows\SysWow64\ir32_32.dll (Intel® Corporation) Drivers32: vidc.iv41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation) Drivers32: vidc.yvu9 - C:\Windows\SysWow64\iyvu9_32.dll () CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/05/20 13:30:08 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Tital\Desktop\OTL.exe [2011/05/20 13:20:15 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011/05/19 18:56:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011/05/19 18:56:46 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011/05/19 18:56:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011/05/19 18:56:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011/05/19 14:59:33 | 000,000,000 | ---D | C] -- C:\Users\Tital\amsn [2011/05/12 16:52:20 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2011/05/12 16:52:20 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2011/05/11 13:01:47 | 005,509,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2011/05/11 13:01:47 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2011/05/11 13:01:46 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2011/05/11 13:01:45 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2011/05/11 13:01:45 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2011/04/29 21:14:53 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2011/04/29 21:14:53 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011/04/28 12:45:41 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011/04/28 12:45:41 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011/04/27 13:08:13 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2011/04/27 13:08:13 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2011/04/27 13:08:12 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011/04/27 13:08:12 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011/04/27 13:08:00 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll [2011/04/27 13:08:00 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll [2011/04/27 13:08:00 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2011/04/27 13:07:59 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe [2011/04/27 13:07:59 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe [2011/04/27 13:07:56 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe [2011/04/27 13:07:56 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe ========== Files - Modified Within 30 Days ========== [2011/05/20 13:32:22 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/05/20 13:30:09 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Tital\Desktop\OTL.exe [2011/05/20 13:26:45 | 000,015,008 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/05/20 13:26:45 | 000,015,008 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/05/20 13:25:27 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/05/20 13:25:23 | 001,549,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/05/20 13:25:23 | 000,704,242 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/05/20 13:25:23 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/05/20 13:25:23 | 000,130,548 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/05/20 13:25:23 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/05/20 13:20:15 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011/05/20 13:19:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/05/20 13:19:10 | 3219,779,584 | -HS- | M] () -- C:\hiberfil.sys [2011/05/19 18:23:49 | 000,879,035 | ---- | M] () -- C:\Users\Tital\Desktop\SecurityCheck.exe [2011/05/19 17:10:28 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011/05/18 22:44:05 | 000,434,608 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011/05/18 12:35:46 | 000,000,036 | ---- | M] () -- C:\Users\Tital\AppData\Local\housecall.guid.cache [2011/05/18 03:45:56 | 000,434,100 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110518-224405.backup [2011/05/13 20:06:59 | 000,434,100 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110518-034556.backup [2011/05/10 14:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011/05/10 14:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011/05/10 14:10:44 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011/05/10 14:04:08 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2011/05/10 14:04:07 | 000,287,576 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011/05/10 14:02:41 | 000,053,592 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011/05/10 13:59:59 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011/05/10 13:59:48 | 000,064,344 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011/05/10 13:59:37 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011/05/04 19:32:09 | 000,433,994 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110513-200659.backup [2011/04/30 22:21:06 | 000,433,294 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110504-193209.backup [2011/04/23 11:17:46 | 000,001,635 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011/04/20 20:23:54 | 000,432,840 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110430-222106.backup ========== Files Created - No Company Name ========== [2011/05/20 13:32:22 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/05/20 13:25:27 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/05/19 18:23:49 | 000,879,035 | ---- | C] () -- C:\Users\Tital\Desktop\SecurityCheck.exe [2011/05/18 12:35:46 | 000,000,036 | ---- | C] () -- C:\Users\Tital\AppData\Local\housecall.guid.cache [2010/12/15 21:33:32 | 000,002,975 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010/11/18 16:15:35 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll [2010/10/11 17:53:48 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI [2010/09/08 00:15:25 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010/09/07 23:45:48 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010/09/07 23:45:43 | 000,031,166 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2009/04/02 14:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2009/03/30 08:32:40 | 000,032,768 | R--- | C] () -- C:\Windows\DAODx.exe [2003/04/01 10:58:02 | 000,005,260 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2011/05/20 13:19:10 | 3219,779,584 | -HS- | M] () -- C:\hiberfil.sys [2011/05/20 13:19:12 | 4293,042,176 | -HS- | M] () -- C:\pagefile.sys [2011/05/20 13:32:22 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\drivers\*.sys /90 > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < End of report >

Tout d'abord merci à toi lance_yien de t'etre penché sur mon cas. J'ai donc effectué les opérations de ton post en les suivant pas-à-pas (antivirus/parefeu désactivés). J'aurais du coup deux petites questions supplémentaires: - Je ne possède que le pare-feu intégré de Windows 7. Celui ci est-il suffisamment efficace ou me conseilles-tu d'en prendre un autre à la place? Et dans ce cas, lequel? - J'ai la dernière version d'Avast (6.0.1125) mais comprend t'elle une protection antispyware? (je demande ça comme tu me conseilles de désinstaller Spybot) Enfin bref, voilà les résultats des tests (un bon ménage va s'imposer je pense): Résultats ESET Online Scanner: C:\Users\Tital\AppData\Local\Opera\Opera\cache\g_0028\opr003YQ.tmp Win32/PSW.Agent.NKR cheval de troie C:\Users\Tital\AppData\Local\Opera\Opera\cache\g_0033\opr0053S.tmp Win32/HackTool.Homac cheval de troie C:\Users\Tital\AppData\Local\Opera\Opera\cache\g_0037\opr005GZ.tmp une variante de Win32/Turkojan cheval de troie C:\Users\Tital\AppData\Local\Opera\Opera\cache\g_0039\opr005NF.tmp une variante de Win32/Kryptik.AE cheval de troie C:\Users\Tital\AppData\Local\Opera\Opera\cache\g_0039\opr005OE.tmp Win32/TrojanDropper.VB.NBD cheval de troie C:\Users\Tital\AppData\Local\Opera\Opera\cache\g_0039\opr005OW.tmp Win32/HackTool.Homac cheval de troie C:\Users\Tital\AppData\Local\Opera\Opera\cache\g_0050\opr007XP.tmp Win32/TrojanDropper.Binder.NAD cheval de troie C:\Users\Tital\AppData\Local\Opera\Opera\cache\g_0050\opr007YY.tmp Win32/TrojanDropper.Binder.NAD cheval de troie C:\Users\Tital\AppData\Local\Opera\Opera\cache\g_0051\opr0081B.tmp menaces multiples C:\Users\Tital\Documents\Sauvegarde Jeux\Baldurs Series\Telechargements\habg2tobtrainer.zip Win32/Keylogger.HotKeysHook.A virus E:\Recuperation DD\Documents\Sauvegarde Jeux\Baldurs Series\Telechargements\habg2tobtrainer.zip Win32/Keylogger.HotKeysHook.A virus E:\Setup Téléchargés\Nero.v10.5.10500.Lite.&.Micro.Build.v1.4.Multilingual.WinAll.Regged-DTC.rar Win32/Packed.Autoit.C.Gen application E:\Setup Téléchargés\Cracks\WinRAR_3-11.zip une variante probable de Win32/Agent.GIDVWAW cheval de troie E:\Setup Téléchargés\Download\Adobe_cracks.rar une variante de Win32/Keygen.AO application E:\Setup Téléchargés\Download\Adobe cracks\Adobe Acrobat 3D\keygen.exe une variante de Win32/Keygen.AO application E:\Setup Téléchargés\Download\Adobe cracks\Adobe Premiere Pro 2.0\keygen.exe une variante de Win32/Keygen.AO application E:\Setup Téléchargés\Messageries\MsgPlusLive-460.exe une variante de Win32/Adware.CiDHelp application E:\Setup Téléchargés\Navigation\IncrediMail build 2407 [Par Ratiatum.com].exe une variante probable de Win32/TrojanDownloader.Agent.IIRPHRV cheval de troie F:\Downloads\Hotmail Account Locker.rar menaces multiples Résultats de SecurityCheck Results of screen317's Security Check version 0.99.11 Windows 7 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: avast! Free Antivirus Virus Guard - powered by BitDefender WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: MVPS Hosts File Malwarebytes' Anti-Malware CCleaner Java 6 Update 24 Out of date Java installed! Adobe Flash Player 10.2.159.1 Adobe Reader 9.4.4 - Français Japanese Fonts Support For Adobe Reader 9 Out of date Adobe Reader installed! ```````````````````````````````` Process Check: objlist.exe by Laurent Spybot Teatimer.exe is disabled! Alwil Software Avast5 AvastSvc.exe Alwil Software Avast5 AvastUI.exe ``````````End of Log```````````` Merci d'avance pour toute l'aide que tu pourras m'apporter

Bonjour à tous, M'étant fait dernierement bloqué mon compte hotmail pour 'non respect des conditions d'utilisation' (facon polie de dire que je me suis fais piraté), et avant de recréer une nouvelle adresse, je vous soumet mes logs d'Hijack afin d'etre sur que mon ordinateur ne risque plus rien! --- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:44:56, on 18/05/2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16766) Boot mode: Normal Running processes: C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Windows\DAODx.exe C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Opera\opera.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Adobe\Reader 9\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {C044CD87-DFB0-4130-A5E4-49361106FBC8} (HanSetupCtrl1010 Class) - http://tera.hangame.com/common/activex/HanSetup1040.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\x64\maconfservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8089 bytes Manipulations effectuées avant le scan d'Hijack: Scan antivirus (rien détecté) / scans Spybot + Malwarebytes' Anti-maleware (rien detecté) Ma configuration Windows 7 64bits Merci d'avance pour votre aide