Se connecter / S'enregistrer
Votre question

(RESOLU)Nombreuses pubs

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
7 Mai 2010 21:42:39

Bonjour,

Depuis tout à l'heure, de nombreuses pubs intempestives envahissent mon ordinateur à n'importe quel moment. Serait-il possible de remédier à ce problème ?

Merci d'avance

Autres pages sur : resolu nombreuses pubs

7 Mai 2010 22:35:21

Bonsoir
  • Télécharge OTL (de OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • Enfin, clique sur le bouton Analyse. Le scan ne prendra pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).

    Pour me transmettre les rapports :
  • Clique sur ce lien : http://www.cijoint.fr/
    9 Mai 2010 00:29:17

    Sham_Rock a dit :
    Bonsoir
  • Télécharge OTL (de OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • Enfin, clique sur le bouton Analyse. Le scan ne prendra pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).

    Pour me transmettre les rapports :
  • Clique sur ce lien : http://www.cijoint.fr/





  • bonsoir
    j'ai un double pb dans la mesure où vient d'apparaitre antimalware doctor qui m'empeche douvrir les liens que tu m'envoies me disant que les parametres de sécurité actuels ne permettent pas d'ouvrir la fenêtre...
    Contenus similaires
    9 Mai 2010 00:55:42

    ca yest g télécharger que suis je supposé faire désormais?
    9 Mai 2010 01:08:57

    Dsl après deux ans de médecine j'ai du perdre ET mon cerveau ET l'orthographe...

    OTL Extras logfile created on: 09/05/2010 00:00:07 - Run 1
    OTL by OldTimer - Version 3.2.4.1 Folder = C:\Downloads\Software
    64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18904)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
    8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 454,17 Gb Total Space | 329,75 Gb Free Space | 72,61% Space Free | Partition Type: NTFS
    Drive D: | 11,59 Gb Total Space | 1,55 Gb Free Space | 13,41% Space Free | Partition Type: NTFS
    Drive E: | 465,76 Gb Total Space | 465,66 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-DE-RAHIM
    Current User Name: Rahim
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Include 64bit Scans
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %* File not found
    cmdfile [open] -- "%1" %* File not found
    comfile [open] -- "%1" %* File not found
    exefile [open] -- "%1" %* File not found
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %* File not found
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1" File not found
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S File not found
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "UacDisableNotify" = 1
    "InternetSettingsDisableNotify" = 1
    "AutoUpdateDisableNotify" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
    "VistaSp2" = 52 5F D1 92 A1 CE CA 01 [binary data]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "oobe_av" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{E1A7E60C-E57F-40DC-8BBD-D7057CBDB39C}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{F08E3113-C7AE-42FC-83EA-DEC461C318C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0053FB67-6194-49E2-A5FB-B038CAFA9A35}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{04418E7F-6B8B-4CF7-9BC2-F15C384F5139}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
    "{0BD80F1E-F972-4C65-8A34-47DC0FB4164E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{274D6076-CFDE-45D8-A98B-178B042FFCC6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
    "{48443ACA-F81D-4607-9266-02258FA93499}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
    "{4CB04A03-11AA-4D4B-A3C5-AC62C8FA1184}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
    "{5B301D9F-5E45-4B8C-BB73-3EFE65C246B1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
    "{5C4140F6-8326-4275-8F73-A651187ADD80}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{8559D3C0-7A3A-4FDB-8CB8-B84860FF47B4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
    "{94AB7AC3-BD8D-4B48-BFD2-D194B722AA0D}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
    "{97564B86-8A02-436E-AF91-90BD26E8EDB3}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{AA383D83-D59B-4317-BB30-20E4A3C189FA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
    "{AB7C4BD3-4E4F-454B-A5FB-3471FF4E79DA}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{ABF990D3-D249-4853-9C72-953F9D11AE4F}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
    "{D14D12AF-0E00-4BE7-8CFA-652A6F85D9B1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
    "{DFB105A4-C5C2-41CA-833A-4ABFD7BEA28C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
    "TCP Query User{4C9D73E4-9C68-4DDA-8DE2-2348D4D10B02}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
    "TCP Query User{51659025-2B5C-45A5-9BAB-27AB4F696559}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
    "UDP Query User{6C680B59-37A8-4E5A-9096-413DA493920F}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
    "UDP Query User{AE7C6FA6-12AC-4BB3-B23D-EFF060EE04A8}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{0E6C415F-7708-4A8F-9509-11C98988BDCA}" = Apple Mobile Device Support
    "{3E061CBA-1DBB-45DD-8873-D100072ADCAD}" = Microsoft LifeCam
    "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
    "{5AB0C6D3-E546-44C2-8B63-C9044FCC9AC0}" = iTunes
    "{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
    "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
    "EPSON Printer and Utilities" = EPSON-Drucker-Software
    "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "NVIDIA Drivers" = NVIDIA Drivers
    "OfficeTrial" = Version de démonstration de Microsoft Office Home and Student 2007
    "OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
    "{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1
    "{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
    "{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
    "{13086F8B-2AA9-4488-BC9C-BB6B912A5524}" = muvee autoProducer 6.1
    "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
    "{174D5678-D941-433C-BD23-58A5C7B0D36D}" = Jasc Animation Shop 3
    "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
    "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
    "{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
    "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
    "{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}" = Les Sims™ 2 Double Deluxe
    "{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
    "{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
    "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
    "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
    "{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker
    "{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
    "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
    "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
    "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
    "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
    "{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
    "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
    "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
    "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
    "{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
    "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
    "{AC76BA86-7AD7-1036-7B44-A91000000001}" = Adobe Reader 9.1 - Français
    "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
    "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
    "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
    "{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
    "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
    "{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
    "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
    "{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
    "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
    "{DAE76241-A047-407E-9237-26120C7BA6CE}" = Lea passion Mode
    "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
    "{E0810CC2-4B5B-4439-B1D0-452306AF2D64}" = HP Active Support Library
    "{E1476612-02D6-42A3-BDC1-E292B4115738}" = HP Easy Setup - Frontend
    "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
    "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
    "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
    "Free Download Manager" = Free Download Manager 3.0
    "Google Chrome" = Google Chrome
    "Google Updater" = Outil de mise à jour Google
    "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
    "NAV" = Norton AntiVirus
    "nozthlnpivm" = Performance Solution Hotrevenue
    "NSS" = Norton Security Scan
    "PC-Doctor 5 for Windows" = Outils de diagnostic du matériel
    "PhotoFiltre" = PhotoFiltre
    "PhotoScape" = PhotoScape
    "RealPlayer 12.0" = RealPlayer
    "sp41121" = sp41121
    "WildTangent hp Master Uninstall" = My HP Games
    "WinLiveSuite_Wave3" = Installation Windows Live
    "WinRAR archiver" = Logiciel d'archivage WinRAR
    "Xvid_is1" = Xvid 1.2.2 final uninstall

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Antimalware Doctor" = Antimalware Doctor
    "Gourmania Deluxe" = Gourmania Deluxe
    "UnityWebPlayer" = Unity Web Player

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 19/01/2010 03:49:22 | Computer Name = PC-de-Rahim | Source = WinMgmt | ID = 10
    Description =

    Error - 19/01/2010 07:01:10 | Computer Name = PC-de-Rahim | Source = WinMgmt | ID = 10
    Description =

    Error - 19/01/2010 11:29:03 | Computer Name = PC-de-Rahim | Source = WinMgmt | ID = 10
    Description =

    Error - 19/01/2010 15:27:35 | Computer Name = PC-de-Rahim | Source = WinMgmt | ID = 10
    Description =

    Error - 20/01/2010 03:14:29 | Computer Name = PC-de-Rahim | Source = WinMgmt | ID = 10
    Description =

    Error - 20/01/2010 06:08:39 | Computer Name = PC-de-Rahim | Source = WinMgmt | ID = 10
    Description =

    Error - 20/01/2010 10:45:17 | Computer Name = PC-de-Rahim | Source = WinMgmt | ID = 10
    Description =

    Error - 20/01/2010 15:29:09 | Computer Name = PC-de-Rahim | Source = WinMgmt | ID = 10
    Description =

    Error - 21/01/2010 02:18:35 | Computer Name = PC-de-Rahim | Source = WinMgmt | ID = 10
    Description =

    Error - 21/01/2010 06:14:28 | Computer Name = PC-de-Rahim | Source = WinMgmt | ID = 10
    Description =

    [ System Events ]
    Error - 08/05/2010 14:03:47 | Computer Name = PC-de-Rahim | Source = Service Control Manager | ID = 7026
    Description =

    Error - 08/05/2010 16:14:44 | Computer Name = PC-de-Rahim | Source = Service Control Manager | ID = 7026
    Description =

    Error - 08/05/2010 16:18:36 | Computer Name = PC-de-Rahim | Source = Service Control Manager | ID = 7026
    Description =

    Error - 08/05/2010 16:23:40 | Computer Name = PC-de-Rahim | Source = Service Control Manager | ID = 7026
    Description =

    Error - 08/05/2010 16:31:29 | Computer Name = PC-de-Rahim | Source = Service Control Manager | ID = 7026
    Description =

    Error - 08/05/2010 16:59:24 | Computer Name = PC-de-Rahim | Source = EventLog | ID = 6008
    Description = L'arrêt système précédant à 21:56:42 le 08/05/2010 n'était pas prévu.

    Error - 08/05/2010 17:00:29 | Computer Name = PC-de-Rahim | Source = Service Control Manager | ID = 7026
    Description =

    Error - 08/05/2010 17:09:05 | Computer Name = PC-de-Rahim | Source = Service Control Manager | ID = 7026
    Description =

    Error - 08/05/2010 17:21:15 | Computer Name = PC-de-Rahim | Source = Service Control Manager | ID = 7026
    Description =

    Error - 08/05/2010 17:50:52 | Computer Name = PC-de-Rahim | Source = Service Control Manager | ID = 7026
    Description =


    < End of report >
    9 Mai 2010 01:11:07

    OTL logfile created on: 09/05/2010 00:00:07 - Run 1
    OTL by OldTimer - Version 3.2.4.1 Folder = C:\Downloads\Software
    64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18904)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
    8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 454,17 Gb Total Space | 329,75 Gb Free Space | 72,61% Space Free | Partition Type: NTFS
    Drive D: | 11,59 Gb Total Space | 1,55 Gb Free Space | 13,41% Space Free | Partition Type: NTFS
    Drive E: | 465,76 Gb Total Space | 465,66 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-DE-RAHIM
    Current User Name: Rahim
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Include 64bit Scans
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    ========== Processes (SafeList) ==========

    PRC - C:\Downloads\Software\OTL.exe (OldTimer Tools)
    PRC - C:\Users\Rahim\AppData\Roaming\D808B062346AB3C7186D5CEA16761F32\gotnewupdate000.exe (MS)
    PRC - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    PRC - C:\Program Files (x86)\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.)
    PRC - C:\Program Files (x86)\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe (Symantec Corporation)
    PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
    PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
    PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    PRC - C:\Windows\vVX1000.exe (Microsoft Corporation)
    PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
    PRC - C:\Windows\SysWOW64\explorer.exe (Microsoft Corporation)
    PRC - C:\Windows\SysWOW64\conime.exe (Microsoft Corporation)
    PRC - C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
    PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
    PRC - c:\hp\HPEZBTN\HPBtnSrv.exe ()
    PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
    PRC - C:\Windows\SysWOW64\regsvr32.exe (Microsoft Corporation)
    PRC - C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)


    ========== Modules (SafeList) ==========

    MOD - C:\Downloads\Software\OTL.exe (OldTimer Tools)
    MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
    MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
    SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
    SRV:64bit: - (ezSharedSvc) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
    SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
    SRV - (Norton AntiVirus) -- C:\Program Files (x86)\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe (Symantec Corporation)
    SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
    SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
    SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
    SRV - (Symantec RemoteAssist) -- C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe (Symantec, Inc.)
    SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
    SRV - (HPBtnSrv) -- c:\hp\HPEZBTN\HPBtnSrv.exe ()
    SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2006/11/02 14:34:14 | 000,000,000 | ---D | M]
    SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
    SRV - (VSS) -- C:\Windows\SysWOW64\wbem\vss.mof ()


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - (ccHP) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\ccHPx64.sys (Symantec Corporation)
    DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS (Symantec Corporation)
    DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\SRTSP64.SYS (Symantec Corporation)
    DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NAVx64\1008000.029\SYMEFA64.SYS (Symantec Corporation)
    DRV:64bit: - (BHDrvx64) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\BHDrvx64.sys (Symantec Corporation)
    DRV:64bit: - (SYMTDI) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\SYMTDI.SYS (Symantec Corporation)
    DRV:64bit: - (SYMFW) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\SYMFW.SYS (Symantec Corporation)
    DRV:64bit: - (SYMNDISV) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\SYMNDISV.SYS (Symantec Corporation)
    DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\NAVx64\1008000.029\SRTSPX64.SYS (Symantec Corporation)
    DRV:64bit: - (SymIM) -- C:\Windows\SysNative\DRIVERS\SymIMv.sys (Symantec Corporation)
    DRV:64bit: - (VX1000) -- C:\Windows\SysNative\DRIVERS\VX1000.sys (Microsoft Corporation)
    DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
    DRV:64bit: - (usbaudio) Pilote USB audio (WDM) -- C:\Windows\SysNative\drivers\usbaudio.sys (Microsoft Corporation)
    DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
    DRV:64bit: - (netr7364) -- C:\Windows\SysNative\DRIVERS\netr7364.sys (Ralink Technology, Corp.)
    DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation )
    DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
    DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
    DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100508.003\EX64.SYS (Symantec Corporation)
    DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100508.003\ENG64.SYS (Symantec Corporation)
    DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100505.001\IDSviA64.sys (Symantec Corporation)
    DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
    DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
    DRV - (VX1000) -- C:\Windows\SysWOW64\VX1000.dll (Microsoft Corporation)
    DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
    DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT212432...
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    O1 HOSTS File: ([2006/09/18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll (Google Inc.)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
    O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation)
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
    O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
    O2 - BHO: (hotrevenue browser enhancer) - {BA709C86-F898-FAC1-55D5-B38C922D15E3} - C:\Windows\SysWOW64\ioqeznxszxhk.dll ()
    O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
    O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] File not found
    O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
    O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL (NVIDIA Corporation)
    O4:64bit: - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe File not found
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files (x86)\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe File not found
    O4 - HKLM..\Run: [gcypradzhlvvq] C:\Windows\SysWow64\ioqeznxszxhk.dll ()
    O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
    O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
    O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe (OsdMaestro)
    O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\SysWow64\jureg.exe (Sun Microsystems, Inc.)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
    O4 - HKCU..\Run: [Free Download Manager] C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
    O4 - HKCU..\Run: [gotnewupdate000.exe] C:\Users\Rahim\AppData\Roaming\D808B062346AB3C7186D5CEA16761F32\gotnewupdate000.exe (MS)
    O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [OfferBox] C:\Program Files (x86)\OfferBox\OfferBox.exe (Secure Digital Services)
    O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - HKLM..\RunOnce: [MessengerPlusLiveUninstall] C:\Users\Rahim\AppData\Local\Temp\MsgPlusUninstall.exe (Yuna Software)
    O4 - Startup: C:\Users\Rahim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
    O8:64bit: - Extra context menu item: Télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
    O8:64bit: - Extra context menu item: Télécharger la sélection avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
    O8:64bit: - Extra context menu item: Télécharger la vidéo avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
    O8:64bit: - Extra context menu item: Tout télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
    O8 - Extra context menu item: Télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
    O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
    O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
    O8 - Extra context menu item: Tout télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
    O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O13 - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Ranges: Range1 ([http] in Intranet local)
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/F... (Facebook Photo Uploader 5 Control)
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/direc... (Shockwave ActiveX Control)
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-wind... (Java Plug-in 1.6.0_16)
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-wind... (Java Plug-in 1.6.0_16)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-wind... (Java Plug-in 1.6.0_16)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
    O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\awave.jpg
    O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\awave.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{96c2e49c-d60c-11de-9ed2-001fc6ec1b42}\Shell\AutoRun\command - "" = yudald.bat
    O33 - MountPoints2\{96c2e49c-d60c-11de-9ed2-001fc6ec1b42}\Shell\open\Command - "" = yudald.bat
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/05/08 23:54:42 | 000,000,000 | ---D | C] -- C:\Users\Rahim\AppData\Roaming\widestream
    [2010/05/08 23:54:41 | 000,000,000 | ---D | C] -- C:\Users\Rahim\Documents\WideStream
    [2010/05/08 23:54:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OfferBoxSearch
    [2010/05/08 23:54:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Widestream6
    [2010/05/08 23:53:44 | 000,000,000 | ---D | C] -- C:\Users\Rahim\AppData\Roaming\OfferBox
    [2010/05/08 23:53:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OfferBox
    [2010/05/08 23:52:38 | 000,000,000 | ---D | C] -- C:\Windows\61D3AAE1D5214CD7939B37813DE8F955.TMP
    [2010/05/08 23:49:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    [2010/05/08 23:44:42 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.C.exe
    [2010/05/08 23:44:42 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\o4Patch.exe
    [2010/05/08 23:44:42 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\Agent.OMZ.Fix.exe
    [2010/05/08 23:44:41 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\404Fix.exe
    [2010/05/08 23:44:28 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\VACFix.exe
    [2010/05/08 23:44:27 | 000,289,144 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\VCCLSID.exe
    [2010/05/08 23:44:27 | 000,288,417 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\SrchSTS.exe
    [2010/05/08 23:44:27 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.exe
    [2010/05/08 23:44:27 | 000,079,360 | ---- | C] (SteelWerX) -- C:\Windows\SysWow64\swxcacls.exe
    [2010/05/08 23:44:26 | 000,135,168 | ---- | C] (SteelWerX) -- C:\Windows\SysWow64\swreg.exe
    [2010/05/08 23:44:26 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\SysWow64\Process.exe
    [2010/05/07 19:24:44 | 000,000,000 | ---D | C] -- C:\Users\Rahim\AppData\Roaming\D808B062346AB3C7186D5CEA16761F32
    [2010/04/14 13:01:55 | 004,697,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
    [2010/04/14 13:01:51 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2010/04/14 13:01:50 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
    [2010/04/14 13:01:43 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codecp.acm
    [2010/04/14 13:01:43 | 000,181,760 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codecp.acm
    [2010/04/14 13:01:43 | 000,072,192 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codeca.acm
    [2010/04/14 13:01:43 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codeca.acm
    [2010/04/14 13:00:16 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
    [2010/04/14 13:00:16 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
    [2010/04/14 13:00:12 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
    [2010/04/14 13:00:12 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/05/09 00:04:03 | 003,932,160 | -HS- | M] () -- C:\Users\Rahim\ntuser.dat
    [2010/05/08 23:39:04 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/05/08 23:21:36 | 000,001,012 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
    [2010/05/08 23:11:42 | 001,470,810 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2010/05/08 23:11:42 | 000,669,328 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
    [2010/05/08 23:11:42 | 000,586,980 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2010/05/08 23:11:42 | 000,123,350 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
    [2010/05/08 23:11:42 | 000,101,052 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2010/05/08 22:50:30 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/05/08 22:49:19 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/05/08 22:49:19 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/05/08 22:49:18 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/05/08 22:49:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/05/08 22:21:42 | 000,524,288 | -HS- | M] () -- C:\Users\Rahim\ntuser.dat{5f12f90b-3050-11df-bebc-001fc6ec1b42}.TMContainer00000000000000000001.regtrans-ms
    [2010/05/08 22:21:42 | 000,065,536 | -HS- | M] () -- C:\Users\Rahim\ntuser.dat{5f12f90b-3050-11df-bebc-001fc6ec1b42}.TM.blf
    [2010/05/08 22:21:30 | 000,002,698 | ---- | M] () -- C:\Windows\lsrslt.ini
    [2010/05/08 22:06:03 | 003,860,426 | -H-- | M] () -- C:\Users\Rahim\AppData\Local\IconCache.db
    [2010/05/08 18:40:47 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B770B8A1-AB37-4D36-8498-0632FF80129C}.job
    [2010/05/08 10:45:39 | 000,000,408 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C2C66984-31FD-4D75-95F0-958377763093}.job
    [2010/05/07 20:27:07 | 000,005,390 | ---- | M] () -- C:\Users\Rahim\AppData\Roaming\wklnhst.dat
    [2010/05/07 19:25:43 | 000,050,990 | ---- | M] () -- C:\Windows\SysWow64\nozthlnpivm.exe
    [2010/05/02 18:21:42 | 000,053,760 | ---- | M] () -- C:\Users\Rahim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/04/29 12:41:08 | 000,357,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2010/04/28 20:40:47 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2010/04/26 19:59:59 | 000,000,594 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complète du système - Rahim.job
    [2010/04/23 13:17:30 | 000,385,536 | ---- | M] () -- C:\Windows\SysWow64\ioqeznxszxhk.dll
    [2010/04/18 21:42:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHoouda__.job
    [2010/04/16 22:43:20 | 013,112,832 | ---- | M] () -- C:\Users\Rahim\Desktop\REC0001.WAV
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/05/08 23:54:09 | 000,001,819 | ---- | C] () -- C:\Users\Public\Desktop\Widestream6.lnk
    [2010/05/08 23:44:27 | 000,075,776 | ---- | C] () -- C:\Windows\SysWow64\WS2Fix.exe
    [2010/05/08 23:44:27 | 000,051,200 | ---- | C] () -- C:\Windows\SysWow64\dumphive.exe
    [2010/05/08 23:44:26 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\swsc.exe
    [2010/05/08 18:37:32 | 000,002,698 | ---- | C] () -- C:\Windows\lsrslt.ini
    [2010/05/07 19:25:43 | 000,050,990 | ---- | C] () -- C:\Windows\SysWow64\nozthlnpivm.exe
    [2010/04/23 13:17:30 | 000,385,536 | ---- | C] () -- C:\Windows\SysWow64\ioqeznxszxhk.dll
    [2010/04/16 22:43:18 | 013,112,832 | ---- | C] () -- C:\Users\Rahim\Desktop\REC0001.WAV
    [2009/11/25 16:00:42 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
    [2009/11/25 16:00:00 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2009/07/21 09:24:25 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
    [2009/07/21 09:24:25 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
    [2009/06/26 17:24:18 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
    [2008/06/20 10:39:27 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
    [2008/06/20 10:39:27 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
    [2008/01/21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
    [2002/03/17 01:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000091.DLL

    ========== LOP Check ==========

    [2010/05/08 15:58:41 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\D808B062346AB3C7186D5CEA16761F32
    [2010/05/09 00:02:58 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\Free Download Manager
    [2009/07/21 16:16:51 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\Leadertech
    [2010/05/09 00:03:36 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\OfferBox
    [2009/09/12 00:17:40 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\OpenOffice.org
    [2009/07/14 01:08:20 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\PlayFirst
    [2009/08/01 16:22:09 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\Template
    [2009/08/22 15:28:55 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\Ulead Systems
    [2010/05/08 23:54:45 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\widestream
    [2009/07/03 20:33:39 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\WildTangent
    [2010/01/04 13:35:31 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\WinBatch
    [2009/07/14 01:08:15 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\Zylom
    [2010/05/08 22:21:35 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2010/05/08 18:40:47 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{B770B8A1-AB37-4D36-8498-0632FF80129C}.job
    [2010/05/08 10:45:39 | 000,000,408 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{C2C66984-31FD-4D75-95F0-958377763093}.job

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 64 bytes -> C:\Users\Rahim\Documents\OSS 117 Rio Ne Repond Plus 1H36.avi:TOC.WMV
    < End of report >
    9 Mai 2010 01:12:58

    merci bonne soirée!
    9 Mai 2010 17:36:11

    re
    Vista 64bits... ça va être coton, la moitié des outils ne marchent pas avec cette OS :/ 

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :
  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.


    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à partir de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.
    9 Mai 2010 20:04:32

    RE! voilà le rapport

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Version de la base de données: 4083

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18904

    09/05/2010 20:02:25
    mbam-log-2010-05-09 (20-02-25).txt

    Type d'examen: Examen complet (C:\|D:\|E:\|F:\|H:\|I:\|J:\|K:\|L:\|)
    Elément(s) analysé(s): 377011
    Temps écoulé: 1 heure(s), 56 minute(s), 38 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 2
    Clé(s) du Registre infectée(s): 6
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 5

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\Windows\System32\ioqeznxszxhk.dll (Adware.BHO) -> Delete on reboot.
    C:\Windows\SysWOW64\ioqeznxszxhk.dll (Adware.BHO) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{ba709c86-f898-fac1-55d5-b38c922d15e3} (Adware.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba709c86-f898-fac1-55d5-b38c922d15e3} (Adware.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba709c86-f898-fac1-55d5-b38c922d15e3} (Adware.BHO) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba709c86-f898-fac1-55d5-b38c922d15e3} (Adware.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gcypradzhlvvq (Adware.BHO) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Windows\System32\ioqeznxszxhk.dll (Adware.BHO) -> Delete on reboot.
    C:\Windows\SysWOW64\ioqeznxszxhk.dll (Adware.BHO) -> Delete on reboot.
    C:\Users\Hoouda__\AppData\Local\Temp\iexplore .exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Users\Hoouda__\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
    C:\Users\Hoouda__\Desktop\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
    9 Mai 2010 20:53:15

    parfait... :) 
    comment se comporte ton pc?
    +++++++++++++

    reposte un rapport OTL stp
    9 Mai 2010 22:24:50

    OTL logfile created on: 09/05/2010 22:08:44 - Run 2
    OTL by OldTimer - Version 3.2.4.1 Folder = C:\Downloads\Software
    64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18904)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
    8,00 Gb Paging File | 6,00 Gb Available in Paging File | 73,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 454,17 Gb Total Space | 327,73 Gb Free Space | 72,16% Space Free | Partition Type: NTFS
    Drive D: | 11,59 Gb Total Space | 1,55 Gb Free Space | 13,41% Space Free | Partition Type: NTFS
    Drive E: | 465,76 Gb Total Space | 465,66 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-DE-RAHIM
    Current User Name: Rahim
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Include 64bit Scans
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    ========== Processes (SafeList) ==========

    PRC - C:\Downloads\Software\OTL.exe (OldTimer Tools)
    PRC - C:\Users\Rahim\AppData\Roaming\D808B062346AB3C7186D5CEA16761F32\gotnewupdate000.exe (MS)
    PRC - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    PRC - C:\Program Files (x86)\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.)
    PRC - C:\Program Files (x86)\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe (Symantec Corporation)
    PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
    PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
    PRC - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
    PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    PRC - C:\Windows\vVX1000.exe (Microsoft Corporation)
    PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
    PRC - C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
    PRC - C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
    PRC - c:\hp\HPEZBTN\HPBtnSrv.exe ()
    PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
    PRC - C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)


    ========== Modules (SafeList) ==========

    MOD - C:\Downloads\Software\OTL.exe (OldTimer Tools)
    MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
    MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
    SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
    SRV:64bit: - (ezSharedSvc) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
    SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
    SRV - (Norton AntiVirus) -- C:\Program Files (x86)\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe (Symantec Corporation)
    SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
    SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
    SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
    SRV - (Symantec RemoteAssist) -- C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe (Symantec, Inc.)
    SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
    SRV - (HPBtnSrv) -- c:\hp\HPEZBTN\HPBtnSrv.exe ()
    SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2006/11/02 14:34:14 | 000,000,000 | ---D | M]
    SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
    SRV - (VSS) -- C:\Windows\SysWOW64\wbem\vss.mof ()


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - (ccHP) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\ccHPx64.sys (Symantec Corporation)
    DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS (Symantec Corporation)
    DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\SRTSP64.SYS (Symantec Corporation)
    DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NAVx64\1008000.029\SYMEFA64.SYS (Symantec Corporation)
    DRV:64bit: - (BHDrvx64) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\BHDrvx64.sys (Symantec Corporation)
    DRV:64bit: - (SYMTDI) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\SYMTDI.SYS (Symantec Corporation)
    DRV:64bit: - (SYMFW) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\SYMFW.SYS (Symantec Corporation)
    DRV:64bit: - (SYMNDISV) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\SYMNDISV.SYS (Symantec Corporation)
    DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\NAVx64\1008000.029\SRTSPX64.SYS (Symantec Corporation)
    DRV:64bit: - (SymIM) -- C:\Windows\SysNative\DRIVERS\SymIMv.sys (Symantec Corporation)
    DRV:64bit: - (VX1000) -- C:\Windows\SysNative\DRIVERS\VX1000.sys (Microsoft Corporation)
    DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
    DRV:64bit: - (usbaudio) Pilote USB audio (WDM) -- C:\Windows\SysNative\drivers\usbaudio.sys (Microsoft Corporation)
    DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
    DRV:64bit: - (netr7364) -- C:\Windows\SysNative\DRIVERS\netr7364.sys (Ralink Technology, Corp.)
    DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation )
    DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
    DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
    DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100509.002\EX64.SYS (Symantec Corporation)
    DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
    DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100509.002\ENG64.SYS (Symantec Corporation)
    DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100505.001\IDSviA64.sys (Symantec Corporation)
    DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
    DRV - (VX1000) -- C:\Windows\SysWOW64\VX1000.dll (Microsoft Corporation)
    DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
    DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT212432...
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========


    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/05/09 00:17:06 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/05/09 00:16:42 | 000,000,000 | ---D | M]

    [2010/05/09 00:17:20 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\mozilla\Extensions
    [2010/05/09 11:09:56 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\mozilla\Firefox\Profiles\pl0x6kvf.default\extensions
    [2010/05/09 11:09:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Rahim\AppData\Roaming\mozilla\Firefox\Profiles\pl0x6kvf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2010/05/09 20:07:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2010/04/01 18:07:29 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml
    [2010/04/01 18:07:29 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2010/04/01 18:07:29 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml
    [2010/04/01 18:07:29 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml
    [2010/04/01 18:07:29 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2006/09/18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll (Google Inc.)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
    O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation)
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
    O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
    O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
    O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] File not found
    O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
    O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL (NVIDIA Corporation)
    O4:64bit: - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe File not found
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files (x86)\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe File not found
    O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
    O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
    O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe (OsdMaestro)
    O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\SysWow64\jureg.exe (Sun Microsystems, Inc.)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
    O4 - HKCU..\Run: [Free Download Manager] C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
    O4 - HKCU..\Run: [gotnewupdate000.exe] C:\Users\Rahim\AppData\Roaming\D808B062346AB3C7186D5CEA16761F32\gotnewupdate000.exe (MS)
    O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - Startup: C:\Users\Rahim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
    O8:64bit: - Extra context menu item: Télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
    O8:64bit: - Extra context menu item: Télécharger la sélection avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
    O8:64bit: - Extra context menu item: Télécharger la vidéo avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
    O8:64bit: - Extra context menu item: Tout télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
    O8 - Extra context menu item: Télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
    O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
    O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
    O8 - Extra context menu item: Tout télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
    O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O13 - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Ranges: Range1 ([http] in Intranet local)
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/F... (Facebook Photo Uploader 5 Control)
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/direc... (Shockwave ActiveX Control)
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-wind... (Java Plug-in 1.6.0_16)
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-wind... (Java Plug-in 1.6.0_16)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-wind... (Java Plug-in 1.6.0_16)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
    O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\awave.jpg
    O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\awave.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{96c2e49c-d60c-11de-9ed2-001fc6ec1b42}\Shell\AutoRun\command - "" = yudald.bat
    O33 - MountPoints2\{96c2e49c-d60c-11de-9ed2-001fc6ec1b42}\Shell\open\Command - "" = yudald.bat
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/05/09 17:45:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    [2010/05/09 17:45:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2010/05/09 11:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
    [2010/05/09 00:17:01 | 000,000,000 | ---D | C] -- C:\Users\Rahim\AppData\Roaming\Mozilla
    [2010/05/09 00:17:01 | 000,000,000 | ---D | C] -- C:\Users\Rahim\AppData\Local\Mozilla
    [2010/05/09 00:16:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2010/05/08 23:54:42 | 000,000,000 | ---D | C] -- C:\Users\Rahim\AppData\Roaming\widestream
    [2010/05/08 23:54:41 | 000,000,000 | ---D | C] -- C:\Users\Rahim\Documents\WideStream
    [2010/05/08 23:53:44 | 000,000,000 | ---D | C] -- C:\Users\Rahim\AppData\Roaming\OfferBox
    [2010/05/08 23:52:38 | 000,000,000 | ---D | C] -- C:\Windows\61D3AAE1D5214CD7939B37813DE8F955.TMP
    [2010/05/08 23:49:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    [2010/05/08 23:44:42 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.C.exe
    [2010/05/08 23:44:42 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\o4Patch.exe
    [2010/05/08 23:44:42 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\Agent.OMZ.Fix.exe
    [2010/05/08 23:44:41 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\404Fix.exe
    [2010/05/08 23:44:28 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\VACFix.exe
    [2010/05/08 23:44:27 | 000,289,144 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\VCCLSID.exe
    [2010/05/08 23:44:27 | 000,288,417 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\SrchSTS.exe
    [2010/05/08 23:44:27 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.exe
    [2010/05/08 23:44:27 | 000,079,360 | ---- | C] (SteelWerX) -- C:\Windows\SysWow64\swxcacls.exe
    [2010/05/08 23:44:26 | 000,135,168 | ---- | C] (SteelWerX) -- C:\Windows\SysWow64\swreg.exe
    [2010/05/08 23:44:26 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\SysWow64\Process.exe
    [2010/05/07 19:24:44 | 000,000,000 | ---D | C] -- C:\Users\Rahim\AppData\Roaming\D808B062346AB3C7186D5CEA16761F32
    [2010/04/14 13:01:55 | 004,697,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
    [2010/04/14 13:01:51 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2010/04/14 13:01:50 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
    [2010/04/14 13:01:43 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codecp.acm
    [2010/04/14 13:01:43 | 000,181,760 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codecp.acm
    [2010/04/14 13:01:43 | 000,072,192 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codeca.acm
    [2010/04/14 13:01:43 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codeca.acm
    [2010/04/14 13:00:16 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
    [2010/04/14 13:00:16 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
    [2010/04/14 13:00:12 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
    [2010/04/14 13:00:12 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/05/09 22:11:00 | 000,000,408 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C2C66984-31FD-4D75-95F0-958377763093}.job
    [2010/05/09 22:09:14 | 003,932,160 | -HS- | M] () -- C:\Users\Rahim\ntuser.dat
    [2010/05/09 22:07:06 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/05/09 22:07:06 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/05/09 21:39:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/05/09 21:39:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/05/09 21:16:18 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B770B8A1-AB37-4D36-8498-0632FF80129C}.job
    [2010/05/09 20:10:18 | 000,001,012 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
    [2010/05/09 20:07:07 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/05/09 20:07:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/05/09 20:05:49 | 000,524,288 | -HS- | M] () -- C:\Users\Rahim\ntuser.dat{5f12f90b-3050-11df-bebc-001fc6ec1b42}.TMContainer00000000000000000001.regtrans-ms
    [2010/05/09 20:05:49 | 000,065,536 | -HS- | M] () -- C:\Users\Rahim\ntuser.dat{5f12f90b-3050-11df-bebc-001fc6ec1b42}.TM.blf
    [2010/05/09 20:05:38 | 003,828,251 | -H-- | M] () -- C:\Users\Rahim\AppData\Local\IconCache.db
    [2010/05/09 17:45:08 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/05/09 12:34:32 | 000,018,983 | ---- | M] () -- C:\Users\Rahim\Documents\ass.odt
    [2010/05/09 11:59:48 | 000,018,909 | ---- | M] () -- C:\Users\Rahim\Documents\cvv assia.odt
    [2010/05/09 00:17:07 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
    [2010/05/09 00:16:45 | 000,001,780 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2010/05/08 23:11:42 | 001,470,810 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2010/05/08 23:11:42 | 000,669,328 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
    [2010/05/08 23:11:42 | 000,586,980 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2010/05/08 23:11:42 | 000,123,350 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
    [2010/05/08 23:11:42 | 000,101,052 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2010/05/08 22:21:30 | 000,002,698 | ---- | M] () -- C:\Windows\lsrslt.ini
    [2010/05/07 20:27:07 | 000,005,390 | ---- | M] () -- C:\Users\Rahim\AppData\Roaming\wklnhst.dat
    [2010/05/07 19:25:43 | 000,050,990 | ---- | M] () -- C:\Windows\SysWow64\nozthlnpivm.exe
    [2010/05/02 18:21:42 | 000,053,760 | ---- | M] () -- C:\Users\Rahim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    [2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2010/04/29 12:41:08 | 000,357,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2010/04/28 20:40:47 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2010/04/26 19:59:59 | 000,000,594 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complète du système - Rahim.job
    [2010/04/18 21:42:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHoouda__.job
    [2010/04/16 22:43:20 | 013,112,832 | ---- | M] () -- C:\Users\Rahim\Desktop\REC0001.WAV
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/05/09 17:45:08 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/05/09 12:14:10 | 000,018,983 | ---- | C] () -- C:\Users\Rahim\Documents\ass.odt
    [2010/05/09 00:17:07 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
    [2010/05/09 00:16:45 | 000,001,780 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2010/05/08 23:44:27 | 000,075,776 | ---- | C] () -- C:\Windows\SysWow64\WS2Fix.exe
    [2010/05/08 23:44:27 | 000,051,200 | ---- | C] () -- C:\Windows\SysWow64\dumphive.exe
    [2010/05/08 23:44:26 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\swsc.exe
    [2010/05/08 18:37:32 | 000,002,698 | ---- | C] () -- C:\Windows\lsrslt.ini
    [2010/05/07 19:25:43 | 000,050,990 | ---- | C] () -- C:\Windows\SysWow64\nozthlnpivm.exe
    [2010/04/16 22:43:18 | 013,112,832 | ---- | C] () -- C:\Users\Rahim\Desktop\REC0001.WAV
    [2009/11/25 16:00:42 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
    [2009/11/25 16:00:00 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2009/07/21 09:24:25 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
    [2009/07/21 09:24:25 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
    [2009/06/26 17:24:18 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
    [2008/06/20 10:39:27 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
    [2008/06/20 10:39:27 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
    [2008/01/21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
    [2002/03/17 01:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000091.DLL

    ========== LOP Check ==========

    [2010/05/08 15:58:41 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\D808B062346AB3C7186D5CEA16761F32
    [2010/05/09 22:12:41 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\Free Download Manager
    [2009/07/21 16:16:51 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\Leadertech
    [2010/05/09 00:03:36 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\OfferBox
    [2009/09/12 00:17:40 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\OpenOffice.org
    [2009/07/14 01:08:20 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\PlayFirst
    [2009/08/01 16:22:09 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\Template
    [2009/08/22 15:28:55 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\Ulead Systems
    [2010/05/08 23:54:45 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\widestream
    [2009/07/03 20:33:39 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\WildTangent
    [2010/01/04 13:35:31 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\WinBatch
    [2009/07/14 01:08:15 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\Zylom
    [2010/05/09 20:05:41 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2010/05/09 21:16:18 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{B770B8A1-AB37-4D36-8498-0632FF80129C}.job
    [2010/05/09 22:11:00 | 000,000,408 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{C2C66984-31FD-4D75-95F0-958377763093}.job

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 64 bytes -> C:\Users\Rahim\Documents\OSS 117 Rio Ne Repond Plus 1H36.avi:TOC.WMV
    < End of report >


    Impeccable je n'ai plus de pubs et je t'en remercie par contre j'ai tjrs ce fichu malware doctor qui m'aggace..Saurai tu à nouveau résoudre ce pb ? merci d'avance
    10 Mai 2010 21:02:03

    Bonsoir
    Citation :
    Impeccable je n'ai plus de pubs et je t'en remercie par contre j'ai tjrs ce fichu malware doctor qui m'aggace..Saurai tu à nouveau résoudre ce pb ? merci d'avance

    Il y a des restes...
  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Sous l'onglet Personnalisation (dans le cadre blanc) en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :

    :OTL
    PRC - C:\Users\Rahim\AppData\Roaming\D808B062346AB3C7186D5CEA16761F32\gotnewupdate000.exe (MS)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    O4 - HKCU..\Run: [gotnewupdate000.exe] C:\Users\Rahim\AppData\Roaming\D808B062346AB3C7186D5CEA16761F32\gotnewupdate000.exe (MS)
    O33 - MountPoints2\{96c2e49c-d60c-11de-9ed2-001fc6ec1b42}\Shell\AutoRun\command - "" = yudald.bat
    O33 - MountPoints2\{96c2e49c-d60c-11de-9ed2-001fc6ec1b42}\Shell\open\Command - "" = yudald.bat


    :files
    C:\Users\Rahim\AppData\Roaming\D808B062346AB3C7186D5CEA16761F32
    C:\Windows\61D3AAE1D5214CD7939B37813DE8F955.TMP
    C:\Windows\SysWow64\nozthlnpivm.exe

    :commands
    [emptytemp]
    [reboot]

  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler, redémarre une fois le fix terminé.
  • Poste le rapport qui s'affichera après redémarrage.



    ++++++++++++++++++++++++++


    Télécharge GMER à partir de ce lien : http://www.gmer.net/files.php - clic sur "Download EXE" et télécharge le fichier sur ton bureau.
    Voir le tutorial GMER, ça peut peut-être t'aider : http://www.malekal.com/tutorial_GMER.php

  • Désactive tes logiciels de protection (antivirus, antispyware etc) et ferme tous les programmes ouverts.
  • Double-clique sur le fichier GMER téléchargé.
    IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
  • Clique sur l'onglet "rootkit"
  • A droite, coche seulement Files, Services & Registry.
  • Clique maintenant sur Scan.
  • Lorsque le scan est terminé, clique sur Copy.
  • Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
    Le rapport doit alors apparaître.
  • Enregistre le fichier sur ton Bureau et poste le contenu ici.



    11 Mai 2010 14:06:24


    Bonjour

    voilà pour commencer:

    All processes killed
    ========== OTL ==========
    No active process named gotnewupdate000.exe was found!
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\gotnewupdate000.exe not found.
    File C:\Users\Rahim\AppData\Roaming\D808B062346AB3C7186D5CEA16761F32\gotnewupdate000.exe not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96c2e49c-d60c-11de-9ed2-001fc6ec1b42}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96c2e49c-d60c-11de-9ed2-001fc6ec1b42}\ not found.
    File yudald.bat not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96c2e49c-d60c-11de-9ed2-001fc6ec1b42}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96c2e49c-d60c-11de-9ed2-001fc6ec1b42}\ not found.
    File yudald.bat not found.
    ========== FILES ==========
    File\Folder C:\Users\Rahim\AppData\Roaming\D808B062346AB3C7186D5CEA16761F32 not found.
    File\Folder C:\Windows\61D3AAE1D5214CD7939B37813DE8F955.TMP not found.
    File\Folder C:\Windows\SysWow64\nozthlnpivm.exe not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: AppData

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Hoouda__
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Public

    User: Rahim
    ->Temp folder emptied: 245491 bytes
    ->Temporary Internet Files folder emptied: 24896270 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 4074743 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 434 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 0 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 28,00 mb


    OTL by OldTimer - Version 3.2.4.1 log created on 05112010_133817

    Files\Folders moved on Reboot...
    File\Folder C:\Users\Rahim\AppData\Local\Temp\~DF1AC8.tmp not found!
    File\Folder C:\Users\Rahim\AppData\Local\Temp\~DF1AD9.tmp not found!
    File\Folder C:\Users\Rahim\AppData\Local\Temp\~DF1B2A.tmp not found!
    File\Folder C:\Users\Rahim\AppData\Local\Temp\~DF1B3B.tmp not found!
    File\Folder C:\Users\Rahim\AppData\Local\Temp\~DF1B88.tmp not found!
    File\Folder C:\Users\Rahim\AppData\Local\Temp\~DF1B99.tmp not found!
    C:\Users\Rahim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J2KUBAZ5\293379-11-nombreuses-pubs[1].htm moved successfully.
    C:\Users\Rahim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\90IY3QXH\cdntests_cedexis[2].htm moved successfully.
    C:\Users\Rahim\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
    File\Folder C:\Windows\temp\JETA6B9.tmp not found!

    Registry entries deleted on Reboot...
    11 Mai 2010 14:55:42

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Hoouda__
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Public

    User: Rahim
    ->Temp folder emptied: 245491 bytes
    ->Temporary Internet Files folder emptied: 24896270 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 4074743 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 434 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 0 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 28,00 mb


    OTL by OldTimer - Version 3.2.4.1 log created on 05112010_133817

    Files\Folders moved on Reboot...
    File\Folder C:\Users\Rahim\AppData\Local\Temp\~DF1AC8.tmp not found!
    File\Folder C:\Users\Rahim\AppData\Local\Temp\~DF1AD9.tmp not found!
    File\Folder C:\Users\Rahim\AppData\Local\Temp\~DF1B2A.tmp not found!
    File\Folder C:\Users\Rahim\AppData\Local\Temp\~DF1B3B.tmp not found!
    File\Folder C:\Users\Rahim\AppData\Local\Temp\~DF1B88.tmp not found!
    File\Folder C:\Users\Rahim\AppData\Local\Temp\~DF1B99.tmp not found!
    C:\Users\Rahim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J2KUBAZ5\293379-11-nombreuses-pubs[1].htm moved successfully.
    C:\Users\Rahim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\90IY3QXH\cdntests_cedexis[2].htm moved successfully.
    C:\Users\Rahim\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
    File\Folder C:\Windows\temp\JETA6B9.tmp not found!

    Registry entries deleted on Reboot...


    Ci dessus la suite..bonne journée
    11 Mai 2010 17:59:34

    re
    il y a un souci...
    je pense que c'est ce fichu 64 bits...

    reposte un rapport OTL et pense à me poster le rapport GMER que je t'avais demandé....

    13 Mai 2010 14:16:25

    Bonjour!


    J'ai un problème avec GMER c'est à dire q'après avoir fait un scan puis cliquer sur copy et enfin ouvert le bloc note, rien ne s'affiche! GMER affiche "GMER hasnt found any system modification"

    OTL logfile created on: 13/05/2010 14:08:30 - Run 3
    OTL by OldTimer - Version 3.2.4.1 Folder = C:\Downloads\Software
    64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18904)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 44,00% Memory free
    8,00 Gb Paging File | 6,00 Gb Available in Paging File | 69,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 454,17 Gb Total Space | 315,99 Gb Free Space | 69,58% Space Free | Partition Type: NTFS
    Drive D: | 11,59 Gb Total Space | 1,55 Gb Free Space | 13,41% Space Free | Partition Type: NTFS
    Drive E: | 465,76 Gb Total Space | 465,66 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-DE-RAHIM
    Current User Name: Rahim
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Include 64bit Scans
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    ========== Processes (SafeList) ==========

    PRC - F:\COMMON\PrinterDriver\WINXP64\SETUP.EXE File not found
    PRC - F:\EPSetup.exe File not found
    PRC - C:\Downloads\Software\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    PRC - C:\Program Files (x86)\DivX\DivX Codec\DivXsm.exe (DivX Inc.)
    PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
    PRC - C:\Program Files (x86)\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe (Symantec Corporation)
    PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
    PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
    PRC - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
    PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    PRC - C:\Windows\vVX1000.exe (Microsoft Corporation)
    PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
    PRC - C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
    PRC - C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Microsoft Works\WkCalRem.exe (Microsoft® Corporation)
    PRC - c:\hp\HPEZBTN\HPBtnSrv.exe ()
    PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
    PRC - C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)


    ========== Modules (SafeList) ==========

    MOD - C:\Downloads\Software\OTL.exe (OldTimer Tools)
    MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
    MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
    SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
    SRV:64bit: - (ezSharedSvc) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
    SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
    SRV - (Norton AntiVirus) -- C:\Program Files (x86)\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe (Symantec Corporation)
    SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
    SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
    SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
    SRV - (Symantec RemoteAssist) -- C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe (Symantec, Inc.)
    SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
    SRV - (HPBtnSrv) -- c:\hp\HPEZBTN\HPBtnSrv.exe ()
    SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2006/11/02 14:34:14 | 000,000,000 | ---D | M]
    SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
    SRV - (VSS) -- C:\Windows\SysWOW64\wbem\vss.mof ()


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - (ccHP) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\ccHPx64.sys (Symantec Corporation)
    DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS (Symantec Corporation)
    DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\SRTSP64.SYS (Symantec Corporation)
    DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NAVx64\1008000.029\SYMEFA64.SYS (Symantec Corporation)
    DRV:64bit: - (BHDrvx64) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\BHDrvx64.sys (Symantec Corporation)
    DRV:64bit: - (SYMTDI) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\SYMTDI.SYS (Symantec Corporation)
    DRV:64bit: - (SYMFW) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\SYMFW.SYS (Symantec Corporation)
    DRV:64bit: - (SYMNDISV) -- C:\Windows\SysNative\Drivers\NAVx64\1008000.029\SYMNDISV.SYS (Symantec Corporation)
    DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\NAVx64\1008000.029\SRTSPX64.SYS (Symantec Corporation)
    DRV:64bit: - (SymIM) -- C:\Windows\SysNative\DRIVERS\SymIMv.sys (Symantec Corporation)
    DRV:64bit: - (VX1000) -- C:\Windows\SysNative\DRIVERS\VX1000.sys (Microsoft Corporation)
    DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
    DRV:64bit: - (usbaudio) Pilote USB audio (WDM) -- C:\Windows\SysNative\drivers\usbaudio.sys (Microsoft Corporation)
    DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
    DRV:64bit: - (netr7364) -- C:\Windows\SysNative\DRIVERS\netr7364.sys (Ralink Technology, Corp.)
    DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation )
    DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
    DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
    DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100512.005\EX64.SYS (Symantec Corporation)
    DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100512.005\ENG64.SYS (Symantec Corporation)
    DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
    DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100505.001\IDSviA64.sys (Symantec Corporation)
    DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
    DRV - (VX1000) -- C:\Windows\SysWOW64\VX1000.dll (Microsoft Corporation)
    DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
    DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT212432...
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/05/09 00:17:06 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/05/13 11:17:30 | 000,000,000 | ---D | M]

    [2010/05/09 00:17:20 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\mozilla\Extensions
    [2010/05/13 12:12:17 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\mozilla\Firefox\Profiles\pl0x6kvf.default\extensions
    [2010/05/10 11:19:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Rahim\AppData\Roaming\mozilla\Firefox\Profiles\pl0x6kvf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2010/05/13 12:12:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2010/05/13 11:17:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    [2010/04/01 18:07:29 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml
    [2010/04/01 18:07:29 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2010/04/01 18:07:29 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml
    [2010/04/01 18:07:29 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml
    [2010/04/01 18:07:29 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2006/09/18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll (Google Inc.)
    O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation)
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
    O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
    O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
    O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] File not found
    O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
    O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL (NVIDIA Corporation)
    O4:64bit: - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe File not found
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files (x86)\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe File not found
    O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
    O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
    O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe (OsdMaestro)
    O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\SysWow64\jureg.exe (Sun Microsystems, Inc.)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
    O4 - HKCU..\Run: [Free Download Manager] C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
    O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - Startup: C:\Users\Rahim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
    O8:64bit: - Extra context menu item: Télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
    O8:64bit: - Extra context menu item: Télécharger la sélection avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
    O8:64bit: - Extra context menu item: Télécharger la vidéo avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
    O8:64bit: - Extra context menu item: Tout télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
    O8 - Extra context menu item: Télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
    O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
    O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
    O8 - Extra context menu item: Tout télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
    O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O13 - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Ranges: Range1 ([http] in Intranet local)
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/F... (Facebook Photo Uploader 5 Control)
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/direc... (Shockwave ActiveX Control)
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
    O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\awave.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/05/13 12:47:38 | 000,000,000 | ---D | C] -- C:\Program Files\EPSON
    [2010/05/13 12:46:46 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
    [2010/05/13 11:58:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
    [2010/05/13 11:17:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
    [2010/05/13 11:17:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
    [2010/05/13 11:17:30 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
    [2010/05/13 11:17:30 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
    [2010/05/13 11:17:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
    [2010/05/13 11:17:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
    [2010/05/12 12:36:46 | 000,000,000 | ---D | C] -- C:\Temp
    [2010/05/11 12:37:13 | 000,000,000 | ---D | C] -- C:\_OTL
    [2010/05/09 17:45:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    [2010/05/09 17:45:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2010/05/09 11:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
    [2010/05/09 00:17:01 | 000,000,000 | ---D | C] -- C:\Users\Rahim\AppData\Roaming\Mozilla
    [2010/05/09 00:17:01 | 000,000,000 | ---D | C] -- C:\Users\Rahim\AppData\Local\Mozilla
    [2010/05/09 00:16:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2010/05/08 23:54:42 | 000,000,000 | ---D | C] -- C:\Users\Rahim\AppData\Roaming\widestream
    [2010/05/08 23:54:41 | 000,000,000 | ---D | C] -- C:\Users\Rahim\Documents\WideStream
    [2010/05/08 23:53:44 | 000,000,000 | ---D | C] -- C:\Users\Rahim\AppData\Roaming\OfferBox
    [2010/05/08 23:49:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    [2010/05/08 23:44:42 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.C.exe
    [2010/05/08 23:44:42 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\o4Patch.exe
    [2010/05/08 23:44:42 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\Agent.OMZ.Fix.exe
    [2010/05/08 23:44:41 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\404Fix.exe
    [2010/05/08 23:44:28 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\VACFix.exe
    [2010/05/08 23:44:27 | 000,289,144 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\VCCLSID.exe
    [2010/05/08 23:44:27 | 000,288,417 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\SrchSTS.exe
    [2010/05/08 23:44:27 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.exe
    [2010/05/08 23:44:27 | 000,079,360 | ---- | C] (SteelWerX) -- C:\Windows\SysWow64\swxcacls.exe
    [2010/05/08 23:44:26 | 000,135,168 | ---- | C] (SteelWerX) -- C:\Windows\SysWow64\swreg.exe
    [2010/05/08 23:44:26 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\SysWow64\Process.exe
    [2010/04/14 13:01:55 | 004,697,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
    [2010/04/14 13:01:51 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2010/04/14 13:01:50 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
    [2010/04/14 13:01:43 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codecp.acm
    [2010/04/14 13:01:43 | 000,181,760 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codecp.acm
    [2010/04/14 13:01:43 | 000,072,192 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codeca.acm
    [2010/04/14 13:01:43 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codeca.acm
    [2010/04/14 13:00:16 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
    [2010/04/14 13:00:16 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
    [2010/04/14 13:00:12 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
    [2010/04/14 13:00:12 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll

    ========== Files - Modified Within 30 Days ==========

    [2010/05/13 14:12:06 | 003,932,160 | -HS- | M] () -- C:\Users\Rahim\ntuser.dat
    [2010/05/13 14:10:59 | 000,000,408 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C2C66984-31FD-4D75-95F0-958377763093}.job
    [2010/05/13 13:48:10 | 000,001,012 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
    [2010/05/13 13:39:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/05/13 13:31:04 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/05/13 13:31:04 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/05/13 12:49:27 | 001,470,810 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2010/05/13 12:49:27 | 000,669,328 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
    [2010/05/13 12:49:27 | 000,586,980 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2010/05/13 12:49:27 | 000,123,350 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
    [2010/05/13 12:49:27 | 000,101,052 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2010/05/13 12:46:55 | 000,000,300 | ---- | M] () -- C:\Windows\EPSTPLOG.BAK
    [2010/05/13 12:45:39 | 000,000,767 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
    [2010/05/13 12:45:24 | 000,000,025 | ---- | M] () -- C:\Windows\CDE DX5000EFDG.ini
    [2010/05/13 11:58:07 | 000,001,866 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
    [2010/05/13 11:34:24 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/05/13 11:31:05 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/05/13 11:31:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/05/13 11:29:40 | 000,524,288 | -HS- | M] () -- C:\Users\Rahim\ntuser.dat{5f12f90b-3050-11df-bebc-001fc6ec1b42}.TMContainer00000000000000000001.regtrans-ms
    [2010/05/13 11:29:40 | 000,065,536 | -HS- | M] () -- C:\Users\Rahim\ntuser.dat{5f12f90b-3050-11df-bebc-001fc6ec1b42}.TM.blf
    [2010/05/13 11:09:07 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B770B8A1-AB37-4D36-8498-0632FF80129C}.job
    [2010/05/12 23:34:50 | 003,806,621 | -H-- | M] () -- C:\Users\Rahim\AppData\Local\IconCache.db
    [2010/05/11 21:18:46 | 000,768,663 | ---- | M] () -- C:\Users\Rahim\Documents\Sans nom 2.odp
    [2010/05/11 17:36:08 | 000,058,880 | ---- | M] () -- C:\Users\Rahim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/05/10 20:00:00 | 000,000,594 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complète du système - Rahim.job
    [2010/05/10 12:31:16 | 000,005,482 | ---- | M] () -- C:\Users\Rahim\AppData\Roaming\wklnhst.dat
    [2010/05/09 17:45:08 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/05/09 12:34:32 | 000,018,983 | ---- | M] () -- C:\Users\Rahim\Documents\ass.odt
    [2010/05/09 11:59:48 | 000,018,909 | ---- | M] () -- C:\Users\Rahim\Documents\cvv assia.odt
    [2010/05/09 00:17:07 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
    [2010/05/09 00:16:45 | 000,001,780 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2010/05/08 22:21:30 | 000,002,698 | ---- | M] () -- C:\Windows\lsrslt.ini
    [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    [2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2010/04/29 12:41:08 | 000,357,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2010/04/28 20:40:47 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2010/04/18 21:42:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHoouda__.job
    [2010/04/16 22:43:20 | 013,112,832 | ---- | M] () -- C:\Users\Rahim\Desktop\REC0001.WAV

    ========== Files Created - No Company Name ==========

    [2010/05/13 12:46:55 | 000,000,300 | ---- | C] () -- C:\Windows\EPSTPLOG.BAK
    [2010/05/13 12:45:39 | 000,000,767 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
    [2010/05/13 12:45:24 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX5000EFDG.ini
    [2010/05/13 11:58:07 | 000,001,866 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
    [2010/05/11 21:13:51 | 000,768,663 | ---- | C] () -- C:\Users\Rahim\Documents\Sans nom 2.odp
    [2010/05/09 17:45:08 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/05/09 12:14:10 | 000,018,983 | ---- | C] () -- C:\Users\Rahim\Documents\ass.odt
    [2010/05/09 00:17:07 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
    [2010/05/09 00:16:45 | 000,001,780 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2010/05/08 23:44:27 | 000,075,776 | ---- | C] () -- C:\Windows\SysWow64\WS2Fix.exe
    [2010/05/08 23:44:27 | 000,051,200 | ---- | C] () -- C:\Windows\SysWow64\dumphive.exe
    [2010/05/08 23:44:26 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\swsc.exe
    [2010/05/08 18:37:32 | 000,002,698 | ---- | C] () -- C:\Windows\lsrslt.ini
    [2010/04/16 22:43:18 | 013,112,832 | ---- | C] () -- C:\Users\Rahim\Desktop\REC0001.WAV
    [2009/11/25 16:00:42 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
    [2009/11/25 16:00:00 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2009/07/21 09:24:25 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
    [2009/07/21 09:24:25 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
    [2009/06/26 17:24:18 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
    [2008/06/20 10:39:27 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
    [2008/06/20 10:39:27 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
    [2008/01/21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
    [2002/03/17 01:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000091.DLL

    ========== LOP Check ==========

    [2010/05/13 14:10:13 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\Free Download Manager
    [2009/07/21 16:16:51 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\Leadertech
    [2010/05/09 00:03:36 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\OfferBox
    [2009/09/12 00:17:40 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\OpenOffice.org
    [2009/07/14 01:08:20 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\PlayFirst
    [2009/08/01 16:22:09 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\Template
    [2009/08/22 15:28:55 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\Ulead Systems
    [2010/05/08 23:54:45 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\widestream
    [2009/07/03 20:33:39 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\WildTangent
    [2010/01/04 13:35:31 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\WinBatch
    [2009/07/14 01:08:15 | 000,000,000 | ---D | M] -- C:\Users\Rahim\AppData\Roaming\Zylom
    [2010/05/13 11:29:34 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2010/05/13 11:09:07 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{B770B8A1-AB37-4D36-8498-0632FF80129C}.job
    [2010/05/13 14:10:59 | 000,000,408 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{C2C66984-31FD-4D75-95F0-958377763093}.job

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 64 bytes -> C:\Users\Rahim\Documents\OSS 117 Rio Ne Repond Plus 1H36.avi:TOC.WMV
    < End of report >
    13 Mai 2010 17:11:12

    re
    laisse tomber GMER, je voulais juste vérifier qu'il n'était pas compatible Vista 64 bits... :) 

    J'ai l'impression que tu as passé mon script OTL deux fois, c'est pour ça que j'ai des "not found" dans le rapport...

    comment se comporte ton pc?

    14 Mai 2010 00:54:41

    Re
    je ne comprends pas le problème avec OTL, pourtant je n'ai fait que d'exécuter les instructions :) 
    Mon PC à l'air tt à fait normal d'autant plus que Dr malware a été supprimé.
    Merci de ton aide, sinon qu'est ce qu'il ya de si mal à avoir vista 64 bits??
    Bonne soirée
    14 Mai 2010 20:58:13

    re
    Citation :
    Merci de ton aide, sinon qu'est ce qu'il ya de si mal à avoir vista 64 bits??

    rien, sauf que les outils que nous utilisons d'habitude sont un peu capricieux ;O)

    Supprime tous les programmes installés pour la désinfection.


    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    Lire aussi:
  • Antispyware gratuit : ça sert à rien!


    ~Edite ton premier message et marque [résolu] dans le titre.
    Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.

    :hello: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS