rimas555

Bonjour ! Désolé pour cette réponse tardive, j'étais en weekend prolongé et je viens de rentrer ! je vais m'occuper de l'ordi Je dois m'installer tous les programmes dont tu m'as parlé en une seule fois ? Pour les autres programmes (Java, Adobe, etc) je les désinstalle et je les réinstalle après ?

Bonjour Tomtom, Merci pour ta réponse ! Je vais m'occuper de tout ça demain, ce soir je n'ai pas mon Pc avec moi MErci encore une fois, Bonne soirée

Par contre, quand l'ordi redémarre, il se bloque, juste avant de rentrer mon mot de passe, l'écran devient noir et il ne se passe rien, donc je rebotte, je presse sur F8 pour choisir dans le menu " démarrer avec la dernière configuration connue" et là, il démarre normalement, ( en sachant que j'ai essayé le mode sans echec et ça n'a pas marche, il reste noir) Par contre, une fois allumé, il est parfait, il chauffe plus, il est plus rapide et je n'ai pas l'impression qu'il y a plein de programme qui tourne en veille ! Merci

Quand j'ai redémarré l'ordi, OTL s'est exécuté tout seul et voilà son rapport OTL logfile created on: 29/04/2011 02:19:51 - Run 3 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Samir\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 134,36 Gb Total Space | 59,88 Gb Free Space | 44,57% Space Free | Partition Type: NTFS Computer Name: SAMIR-PC | User Name: Samir | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/04/28 00:25:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Samir\Desktop\OTL-1.exe PRC - [2010/03/04 19:28:08 | 000,658,656 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe PRC - [2009/10/07 01:47:22 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe PRC - [2009/07/14 03:14:31 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\runonce.exe PRC - [2009/06/09 16:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe PRC - [2009/06/05 02:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2009/05/21 15:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe ========== Modules (SafeList) ========== MOD - [2011/04/28 00:25:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Samir\Desktop\OTL-1.exe MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010/10/13 23:28:54 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire) SRV:64bit: - [2010/10/13 23:28:54 | 000,149,032 | ---- | M] (McAfee, Inc.) [unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp) SRV:64bit: - [2010/10/07 22:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS) SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010/08/24 14:57:38 | 000,200,056 | ---- | M] () [unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield) SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service) SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy) SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc) SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn) SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc) SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc) SRV:64bit: - [2009/10/07 01:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64) SRV:64bit: - [2009/07/17 03:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\SysNative\svchost.exe -- (RpcSs) SRV:64bit: - [2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\SysNative\svchost.exe -- (gpsvc) SRV:64bit: - [2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\SysNative\svchost.exe -- (DcomLaunch) SRV:64bit: - [2009/06/29 06:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV) SRV:64bit: - [2009/06/09 16:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService) SRV - [2010/12/21 07:38:22 | 000,350,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/04 19:28:08 | 000,658,656 | ---- | M] (SoftThinks) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/06 02:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2009/06/05 02:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® SRV - [2009/05/21 15:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/03/11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/10/13 23:28:54 | 000,529,128 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk) DRV:64bit: - [2010/10/13 23:28:54 | 000,441,328 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek) DRV:64bit: - [2010/10/13 23:28:54 | 000,283,360 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk) DRV:64bit: - [2010/10/13 23:28:54 | 000,190,136 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk) DRV:64bit: - [2010/10/13 23:28:54 | 000,121,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk) DRV:64bit: - [2010/10/13 23:28:54 | 000,094,864 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet) DRV:64bit: - [2010/10/13 23:28:54 | 000,075,032 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk) DRV:64bit: - [2010/10/13 23:28:54 | 000,062,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids) DRV:64bit: - [2010/09/28 16:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010/06/10 01:01:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009/10/07 08:49:28 | 006,379,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech Webcam 100(UVC) DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon) DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64) DRV:64bit: - [2009/09/28 09:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009/07/17 03:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY) DRV:64bit: - [2009/07/17 03:06:16 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/29 06:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/06/04 12:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/06/03 05:16:56 | 007,333,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/05/08 10:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2009/02/05 13:54:10 | 000,225,328 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:64bit: - [2006/11/01 18:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3 FF - prefs.js..extensions.enabledItems: {6E19037A-12E3-4295-8915-ED48BC341614}:1.3.328.4 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/06/05 12:49:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/01/08 01:11:27 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/01/08 01:11:27 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/01/07 16:16:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/04/14 23:57:05 | 000,000,000 | ---D | M] [2010/12/18 14:37:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samir\AppData\Roaming\Mozilla\Extensions [2010/12/18 14:37:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samir\AppData\Roaming\Mozilla\Firefox\Profiles\yad3kh0d.default\extensions [2011/03/25 19:06:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/07/04 16:36:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/07/29 12:36:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/12/25 03:05:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011/03/25 19:06:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} File not found (No name found) -- C:\PROGRAM FILES (X86)\RELEVANTKNOWLEDGE [2010/06/05 12:49:30 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2010/10/13 23:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll [2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010/12/03 20:04:57 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml [2010/12/03 20:04:57 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/12/03 20:04:57 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml [2010/12/03 20:04:57 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/12/03 20:04:57 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL () O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101105084626.dll (McAfee, Inc.) O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll () O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101105084626.dll (McAfee, Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab (Module de délivrance de certificat MINEFI) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.242 O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - systempropertiesperformance.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/04/29 02:18:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2011/04/29 01:51:08 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{6D08AFFC-4E8A-4C80-BCB7-FBBE49A03357} [2011/04/28 19:59:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Remover [2011/04/28 19:46:29 | 000,000,000 | ---D | C] -- C:\_OTL [2011/04/28 00:24:10 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Samir\Desktop\OTL-1.exe [2011/04/27 19:19:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011/04/27 19:07:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire [2011/04/27 19:07:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FinalWire [2011/04/27 12:10:08 | 002,330,457 | ---- | C] (Nicolas Coolman ) -- C:\Users\Samir\Desktop\ZHPDiag2.exe [2011/04/27 03:56:53 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011/04/27 03:56:52 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011/04/27 03:56:49 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2011/04/27 03:56:49 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2011/04/27 03:56:28 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll [2011/04/27 03:56:28 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll [2011/04/27 03:56:27 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2011/04/27 03:56:26 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe [2011/04/27 03:56:26 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2011/04/27 03:56:25 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2011/04/27 03:56:25 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe [2011/04/27 03:53:37 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe [2011/04/27 03:53:37 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe [2011/04/22 14:17:02 | 000,000,000 | R--D | C] -- C:\Users\Samir\Desktop\Files [2011/04/21 00:43:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2011/04/20 23:22:39 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011/04/20 23:22:39 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011/04/20 23:22:34 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011/04/20 23:22:33 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011/04/20 19:52:40 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\Pays Baltes [2011/04/15 01:58:16 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011/04/15 01:58:16 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011/04/15 01:58:15 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011/04/15 01:58:15 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/04/15 01:58:15 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011/04/15 01:58:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/04/15 01:58:15 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/04/15 01:58:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/04/15 01:58:14 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011/04/15 01:58:14 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011/04/15 01:58:14 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011/04/15 01:58:14 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011/04/15 01:58:14 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011/04/15 01:58:14 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011/04/15 01:57:59 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011/04/15 01:57:59 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011/04/15 01:57:58 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011/04/15 01:57:58 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011/04/15 01:57:56 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2011/04/15 01:57:55 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2011/04/15 01:57:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2011/04/15 01:57:53 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2011/04/15 01:57:52 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2011/04/15 01:57:52 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2011/04/15 01:57:52 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2011/04/15 01:57:45 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011/04/15 01:57:45 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011/04/15 01:57:45 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011/04/15 01:56:18 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2011/04/15 01:56:18 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2011/04/15 01:56:18 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2011/04/15 01:56:18 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2011/04/15 01:56:18 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2011/04/15 01:56:18 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2011/04/15 01:56:18 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2011/04/15 01:54:52 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2011/04/14 23:56:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2011/04/14 09:36:30 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Template [2011/04/13 13:21:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011/04/13 13:20:49 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011/04/13 13:20:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2011/04/13 13:20:49 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011/04/13 13:14:32 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2011/04/13 13:14:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2011/04/07 02:20:10 | 000,000,000 | ---D | C] -- C:\Windows\fr [2011/04/07 01:46:17 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll [2011/04/07 01:46:17 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll [2011/04/07 01:46:16 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll [2011/04/07 01:46:16 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll [2011/03/30 16:02:10 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\Cours EU Rouen Business School ========== Files - Modified Within 30 Days ========== [2011/04/29 02:24:13 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/04/29 02:24:13 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/04/29 02:20:24 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2011/04/29 02:18:10 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/04/29 02:16:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/04/29 02:16:27 | 2384,744,448 | -HS- | M] () -- C:\hiberfil.sys [2011/04/29 01:57:01 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-21577929-1239268693-945661627-1000UA.job [2011/04/29 01:35:01 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/04/28 22:21:11 | 001,577,828 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/04/28 22:21:11 | 000,718,812 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/04/28 22:21:11 | 000,620,290 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/04/28 22:21:11 | 000,135,458 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/04/28 22:21:11 | 000,110,478 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/04/28 22:16:03 | 000,001,129 | ---- | M] () -- C:\Users\Samir\Desktop\Malwarebytes' Anti-Malware.lnk [2011/04/28 19:59:46 | 000,001,893 | ---- | M] () -- C:\Users\Samir\Desktop\AD-R.lnk [2011/04/28 19:57:03 | 000,001,024 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-21577929-1239268693-945661627-1000Core.job [2011/04/28 19:32:54 | 000,173,591 | ---- | M] () -- C:\Users\Samir\Desktop\Kosovo.pdf [2011/04/28 19:32:43 | 000,303,860 | ---- | M] () -- C:\Users\Samir\Desktop\Macédoine.pdf [2011/04/28 19:32:34 | 000,125,198 | ---- | M] () -- C:\Users\Samir\Desktop\Bosnie.pdf [2011/04/28 19:32:21 | 000,182,159 | ---- | M] () -- C:\Users\Samir\Desktop\Serbie.pdf [2011/04/28 00:25:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Samir\Desktop\OTL-1.exe [2011/04/27 20:07:42 | 001,116,672 | ---- | M] () -- C:\Users\Samir\Desktop\RogueKiller (1).exe [2011/04/27 19:19:39 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/04/27 19:07:17 | 000,001,233 | ---- | M] () -- C:\Users\Samir\Desktop\AIDA64 Extreme Edition.lnk [2011/04/27 15:19:57 | 000,007,662 | ---- | M] () -- C:\Users\Samir\AppData\Local\Resmon.ResmonCfg [2011/04/27 12:17:31 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2011/04/27 12:11:13 | 000,001,000 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk [2011/04/27 12:11:09 | 000,000,988 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2011/04/27 12:11:08 | 000,000,993 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk [2011/04/27 03:20:27 | 000,016,872 | ---- | M] () -- C:\Users\Samir\Desktop\accuseReception.pdf [2011/04/26 13:13:41 | 000,188,305 | ---- | M] () -- C:\Users\Samir\Desktop\Claire Gabrielle Talon Le Monde 12 avril 2011.pdf [2011/04/24 23:11:46 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/04/15 09:05:29 | 000,365,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/04/14 23:57:06 | 000,002,025 | ---- | M] () -- C:\Users\Samir\Desktop\Adobe Reader X.lnk [2011/04/14 09:36:52 | 000,000,128 | ---- | M] () -- C:\Users\Samir\AppData\Roaming\wklnhst.dat [2011/04/13 13:21:30 | 000,001,789 | ---- | M] () -- C:\Users\Samir\Desktop\iTunes.lnk [2011/04/13 13:15:12 | 000,002,515 | ---- | M] () -- C:\Users\Samir\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk [2011/04/13 13:15:12 | 000,002,491 | ---- | M] () -- C:\Users\Samir\Desktop\Safari.lnk [2011/04/12 10:30:10 | 009,647,244 | ---- | M] () -- C:\Users\Samir\Desktop\20110412_QUO.pdf [2011/04/07 16:27:27 | 000,001,484 | ---- | M] () -- C:\Users\Samir\Desktop\Windows Live Mail.lnk ========== Files Created - No Company Name ========== [2011/04/28 22:16:03 | 000,001,129 | ---- | C] () -- C:\Users\Samir\Desktop\Malwarebytes' Anti-Malware.lnk [2011/04/28 20:29:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2011/04/28 19:59:46 | 000,001,893 | ---- | C] () -- C:\Users\Samir\Desktop\AD-R.lnk [2011/04/28 19:32:58 | 000,173,591 | ---- | C] () -- C:\Users\Samir\Desktop\Kosovo.pdf [2011/04/28 19:32:47 | 000,303,860 | ---- | C] () -- C:\Users\Samir\Desktop\Macédoine.pdf [2011/04/28 19:32:39 | 000,125,198 | ---- | C] () -- C:\Users\Samir\Desktop\Bosnie.pdf [2011/04/28 19:32:29 | 000,182,159 | ---- | C] () -- C:\Users\Samir\Desktop\Serbie.pdf [2011/04/27 20:07:47 | 001,116,672 | ---- | C] () -- C:\Users\Samir\Desktop\RogueKiller (1).exe [2011/04/27 19:19:39 | 000,001,019 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/04/27 19:07:17 | 000,001,233 | ---- | C] () -- C:\Users\Samir\Desktop\AIDA64 Extreme Edition.lnk [2011/04/27 15:19:57 | 000,007,662 | ---- | C] () -- C:\Users\Samir\AppData\Local\Resmon.ResmonCfg [2011/04/27 12:11:13 | 000,001,000 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk [2011/04/27 12:11:09 | 000,000,988 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2011/04/27 12:11:08 | 000,000,993 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk [2011/04/27 03:20:27 | 000,016,872 | ---- | C] () -- C:\Users\Samir\Desktop\accuseReception.pdf [2011/04/26 13:13:39 | 000,188,305 | ---- | C] () -- C:\Users\Samir\Desktop\Claire Gabrielle Talon Le Monde 12 avril 2011.pdf [2011/04/26 13:03:00 | 009,647,244 | ---- | C] () -- C:\Users\Samir\Desktop\20110412_QUO.pdf [2011/04/24 23:11:46 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/04/14 23:57:06 | 000,002,025 | ---- | C] () -- C:\Users\Samir\Desktop\Adobe Reader X.lnk [2011/04/14 23:57:05 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011/04/14 09:36:27 | 000,000,128 | ---- | C] () -- C:\Users\Samir\AppData\Roaming\wklnhst.dat [2011/04/13 13:21:30 | 000,001,789 | ---- | C] () -- C:\Users\Samir\Desktop\iTunes.lnk [2011/04/13 13:15:12 | 000,002,491 | ---- | C] () -- C:\Users\Samir\Desktop\Safari.lnk [2011/04/07 16:27:27 | 000,001,484 | ---- | C] () -- C:\Users\Samir\Desktop\Windows Live Mail.lnk [2010/11/21 16:42:44 | 000,053,058 | ---- | C] () -- C:\Users\Samir\AppData\Roaming\SQLite3.dll [2010/10/18 22:30:13 | 000,003,584 | ---- | C] () -- C:\Users\Samir\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/04/15 20:10:54 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010/04/15 20:10:53 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010/04/15 20:10:52 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010/04/15 20:10:52 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010/04/15 20:10:49 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010/02/25 11:39:55 | 000,982,220 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2010/02/25 11:39:52 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin [2010/02/25 11:39:52 | 000,092,216 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin [2010/02/25 11:39:47 | 000,433,024 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat End of report >

Merci pour toutes ces réponses !! Voilà, il vient de finir l'analyse, il ne détecte rien ! Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 6465 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 29/04/2011 01:39:06 mbam-log-2011-04-29 (01-39-06).txt Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|) Elément(s) analysé(s): 480292 Temps écoulé: 3 heure(s), 19 minute(s), 39 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Merci, MBAM travaille ! d'autres petites questions : 1.Quelle était la nature de l'infection de mon PC ? pourquoi mon antivirus (pourtant mis à jour et en veille) ne l'a pas détecté ? ni MBAM d'ailleurs qui était installé ! 2. Pourquoi ces infections font chauffer l'ordi et le font tourner à plein régime ? pourtant, je n'ai rien remarqué d'normal ( pas comme un virus qui transforme tous les fichiers en raccourcis ou autre type de problème) 3. Comment j'ai chopé ces infections et comment faire pour ne pas les choper encore ? Merci !

Re bonjour, Voilà le nouveau rapport d'OTL All processes killed ========== OTL ========== ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\{4A3AF989-B165-4BC4-81A6-D7E2F96BBEDD} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4A3AF989-B165-4BC4-81A6-D7E2F96BBEDD}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0a402d70-1f10-4ae7-bec9-286a98240695}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0a402d70-1f10-4ae7-bec9-286a98240695}\ not found. Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}\ scheduled to be deleted on reboot. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}\ not found. Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}\ scheduled to be deleted on reboot. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}\ not found. ========== FILES ========== File\Folder C:\Windows\SysWOW64\wpcer.exe not found. File\Folder C:\Windows\SysWOW64\winfxdocobj.exe not found. File\Folder C:\Windows\system32\TSWbPrxy.exe not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: Samir ->Temp folder emptied: 10511741 bytes ->Temporary Internet Files folder emptied: 50148 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 47535090 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 643 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 242148 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 56,00 mb OTL by OldTimer - Version 3.2.22.3 log created on 04282011_220809 Files\Folders moved on Reboot... C:\Users\Samir\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot. File move failed. C:\Windows\temp\logishrd\LVPrcInj02.dll scheduled to be moved on reboot. Registry entries deleted on Reboot... Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}\ scheduled to be deleted on reboot. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}\ not found. Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}\ scheduled to be deleted on reboot. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}\ not found. Touts ces lignes, ça veut dire que mon PC est encore infecté ? c'est grave ? Je lance MBAM, mais j'en ai pour minimum 3h si j'en juge les dernières fois !

oui pas de soucis, moi je vais sortir manger dehors ! Depuis hier déjà, le PC va mieux, il ne chauffe plus comme avant, c'est déjà ça, mais le ventilo tourne toujours ( je pense que c'est plutot bon signe, ça veut dire qu'il fonctionne) ! Avant, quand je lançais mon anti virus pour MBAM, ça prenait tellement de temps que le PC s'arrêtait tout seul avant la fin des opérations, tellement il était chaud ... là, ça va bcp mieux, je vais lancer MBAM pour voir ! Bon apétit,

Et voilà le 2eme rapport : ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 19:59:53 le 28/04/2011, Mode normal Microsoft Windows 7 Édition Familiale Premium (X64) Samir@SAMIR-PC (Dell Inc. Inspiron 1545) ============== ACTION(S) ============== (!) -- Fichiers temporaires supprimés. ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [3.6.13 (fr)] **** HKCU_MozillaPlugins\@movenetworks.com/Quantum Media Player (x) Components\Scriptff.dll (McAfee, Inc.) HKLM_Extensions|{23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video HKLM_Extensions|{6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa HKCU_Extensions|moveplayer@movenetworks.com - C:\Users\Samir\AppData\Roaming\Move Networks -- C:\Users\Samir\AppData\Roaming\Mozilla\FireFox\Profiles\yad3kh0d.default -- Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.13 ======================================== **** Google Chrome Version [10.0.648.205] **** Extension\fnjbmmemklcjgepojigaapkoodmkgbae (C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx) (?) Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?) Extension\nneajnkjbffgblleaoojgaacokifdkhm (C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx) (?) -- C:\Users\Samir\AppData\Local\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Google" (Activé: true) (?) Preferences - homepage: Preferences - homepage_is_newtabpage: true Plugin - RealJukebox NS Plugin (Activé: true) (C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll) Plugin - Windows Live\u0099 Photo Gallery (Activé: true) (C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll) Plugin - "Windows Live\u0099 Photo Gallery" (Activé: true) Plugin - "Picasa" (Activé: true) Plugin - "RealJukebox NS Plugin" (Activé: true) Preferences - urls_to_restore_on_startup: hxxp://lemonde.fr/ ======================================== **** Internet Explorer Version [8.0.7600.16385] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_SearchScopes\{4A3AF989-B165-4BC4-81A6-D7E2F96BBEDD} - "?" (?) HKCU_Toolbar\WebBrowser|{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} (C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll) HKLM_Toolbar|{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} (C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll) HKCU_ElevationPolicy\{2E422264-6D8A-4ca0-97C7-A2CF868471EA} - C:\Users\Samir\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe (?) HKCU_ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} - C:\Program Files (x86)\Spotify\spotify.exe (Spotify Ltd) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{1FCCD250-A453-4348-86C1-E5EA9B76FADB} - C:\Program Files\McAfee\VirusScan\mcvsmap.exe (McAfee, Inc.) HKLM_ElevationPolicy\{5F17E524-3447-4c7d-8E5F-4EFF31CDE3B7} - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC) HKLM_ElevationPolicy\{64903E32-AE0B-408D-909C-09A08791F28D} - C:\Program Files (x86)\DivX\DivX Plus Web Player\dwpBroker.exe (DivX, LLC) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{A8F94DF3-F6C6-422a-8BFC-7EE0F60A8609} - C:\Program Files\McAfee\VirusScan\mcvsshld.exe (McAfee, Inc.) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) HKLM_ElevationPolicy\{D802E3EF-2513-4661-972E-BAD737EFBA88} - C:\Program Files (x86)\DivX\DivX OVS Helper\OVSHelperBroker.exe (DivX, LLC.) BHO\{27B4851A-3207-45A2-B947-BE8AFE6163AB} - "McAfee Phishing Filter" (c:\progra~1\mcafee\msk\mskapbho.dll) BHO\{326E768D-4182-46FD-9C16-1449A49795F4} - "DivX Plus Web Player HTML5 <video>" (C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll) BHO\{593DDEC6-7468-4cdd-90E1-42DADAA222E9} - "DivX HiQ" (C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll) BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll) BHO\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - "scriptproxy" (C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101105084626.dll) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files (x86)\Ad-Remover\Backup: 14 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 28/04/2011 20:00:15 (5578 Octet(s)) Fin à: 20:03:12, 28/04/2011 ============== E.O.F ==============

Bonjour, Merci pour ton aide Alors, voilà le rapport OTL : All processes killed Error: Unable to interpret <Instructions:> in the current context! ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk moved successfully. File move failed. C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk scheduled to be moved on reboot. Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ deleted successfully. File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ deleted successfully. File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found. File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ deleted successfully. File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0}\ deleted successfully. File {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}\ deleted successfully. File {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully. C:\Users\Samir\Desktop\RK_Quarantine folder moved successfully. C:\Windows\SysNative\SPReview\zh-tw folder moved successfully. C:\Windows\SysNative\SPReview\zh-hk folder moved successfully. C:\Windows\SysNative\SPReview\zh-cn folder moved successfully. C:\Windows\SysNative\SPReview\uk-ua folder moved successfully. C:\Windows\SysNative\SPReview\tr-tr folder moved successfully. C:\Windows\SysNative\SPReview\th-th folder moved successfully. C:\Windows\SysNative\SPReview\sv-se folder moved successfully. C:\Windows\SysNative\SPReview\sr-latn-cs folder moved successfully. C:\Windows\SysNative\SPReview\sl-si folder moved successfully. C:\Windows\SysNative\SPReview\sk-sk folder moved successfully. C:\Windows\SysNative\SPReview\ru-ru folder moved successfully. C:\Windows\SysNative\SPReview\ro-ro folder moved successfully. C:\Windows\SysNative\SPReview\pt-pt folder moved successfully. C:\Windows\SysNative\SPReview\pt-br folder moved successfully. C:\Windows\SysNative\SPReview\pl-pl folder moved successfully. C:\Windows\SysNative\SPReview\nl-nl folder moved successfully. C:\Windows\SysNative\SPReview\nb-no folder moved successfully. C:\Windows\SysNative\SPReview\lv-lv folder moved successfully. C:\Windows\SysNative\SPReview\lt-lt folder moved successfully. C:\Windows\SysNative\SPReview\ko-kr folder moved successfully. C:\Windows\SysNative\SPReview\ja-jp folder moved successfully. C:\Windows\SysNative\SPReview\it-it folder moved successfully. C:\Windows\SysNative\SPReview\hu-hu folder moved successfully. C:\Windows\SysNative\SPReview\hr-hr folder moved successfully. C:\Windows\SysNative\SPReview\he-il folder moved successfully. C:\Windows\SysNative\SPReview\fr-fr folder moved successfully. C:\Windows\SysNative\SPReview\fi-fi folder moved successfully. C:\Windows\SysNative\SPReview\et-ee folder moved successfully. C:\Windows\SysNative\SPReview\es-es folder moved successfully. C:\Windows\SysNative\SPReview\en-us folder moved successfully. C:\Windows\SysNative\SPReview\el-gr folder moved successfully. C:\Windows\SysNative\SPReview\de-de folder moved successfully. C:\Windows\SysNative\SPReview\da-dk folder moved successfully. C:\Windows\SysNative\SPReview\cs-cz folder moved successfully. C:\Windows\SysNative\SPReview\bg-bg folder moved successfully. C:\Windows\SysNative\SPReview\ar-sa folder moved successfully. C:\Windows\SysNative\SPReview folder moved successfully. C:\Users\Samir\AppData\Local\{AD06DFB1-F632-4A14-BA00-3B099C29B359} folder moved successfully. C:\Users\Samir\AppData\Local\{150DEF54-55D3-45BF-9D9D-9A0529AB6493} folder moved successfully. C:\Users\Samir\AppData\Local\{18B6009F-E389-4572-A6DE-81FE8921E863} folder moved successfully. C:\Users\Samir\AppData\Local\{E88AC85E-D79F-4E47-A035-DB6B94494DA8} folder moved successfully. C:\Users\Samir\AppData\Local\{5E5948BA-F2F8-43B7-B889-687835813077} folder moved successfully. C:\Users\Samir\AppData\Local\{A22B97E0-2DCF-467C-B675-05B14689075D} folder moved successfully. C:\Users\Samir\AppData\Local\{18FF9846-BF4D-426A-B8CB-C596505EEBC5} folder moved successfully. C:\Users\Samir\AppData\Local\{5E58811E-2CD9-413E-B347-7B24446E2221} folder moved successfully. C:\Users\Samir\AppData\Local\{97D4FFEE-6F24-4F6D-BF7A-1AC553B3027E} folder moved successfully. C:\Users\Samir\AppData\Local\{1B280B41-8693-465C-AC2A-4AE07A95F491} folder moved successfully. C:\Users\Samir\AppData\Local\{86D1D127-A0CF-41CE-A744-81D8DEFA7D2D} folder moved successfully. C:\Users\Samir\AppData\Local\{3F81CF9E-0E8A-469D-A454-9E796210DBB7} folder moved successfully. C:\Windows\SysNative\drivers\lvuvc.hs moved successfully. C:\ProgramData\ezsidmv.dat moved successfully. ========== FILES ========== C:\Users\Samir\AppData\Roaming\install folder moved successfully. File\Folder C:\program files (X86)\RELEVANTKNOWLEDGE not found. File\Folder C:\Windows\SysNative\drivers\lvuvc.hs not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56502 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: Samir ->Temp folder emptied: 584549 bytes ->Temporary Internet Files folder emptied: 7171196 bytes ->Java cache emptied: 29059903 bytes ->FireFox cache emptied: 3509550 bytes ->Google Chrome cache emptied: 153734842 bytes ->Apple Safari cache emptied: 59637760 bytes ->Flash cache emptied: 63931 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 381256 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50607 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 243,00 mb [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Public User: Samir ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.22.3 log created on 04282011_194629 Files\Folders moved on Reboot... File\Folder C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk not found! C:\Users\Samir\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File move failed. C:\Windows\temp\logishrd\LVPrcInj02.dll scheduled to be moved on reboot. File\Folder C:\Windows\temp\logishrd\LVPrcInj03.dll not found! Registry entries deleted on Reboot...

Bonjour Tomtom95 ! Mon rapport OTL est bon ? j'ai l'impression que je suis toujours infecté ! je n'arrive pas à obtenir le ficiher Extras, il devrait s'ouvrir tout seul, non ? Merci

je te trouve pas le 2eme rapport, il ne s'ouvre pas

Bonjour, Merci voilà le lien vers le 1er rapport Cijoint.fr - Service gratuit de dépôt de fichiers

Pour le bruit et la chaleur, là, depuis que j'ai effectué les opérations que tu m'as demandé, il chauffe un peu moins, mais le ventilo tourne toujours à fond ... pour les poussières, je ne sais pas si je peux ( je sais ? ) l'ouvrir, c'est un portable, il est encore sous garantie, et j'ai peur si je l'ouvre, de perdre la garantie après ? Sinon, quand le PC s'éteint tout seul, il n'y avait aucun message d'erreur, tout d'un coup l'écran devient et le PC s'arrêt net, on n'entend plus rien tourner, et c'était lié à la chaleur, car quand il faisait ça, il était tout brullant et le ventilo tournait à fond ! Merci !

et voilà le 2ème rapport : RogueKiller V4.3.11 [25/04/2011] par Tigzy contact sur Forum Sciences / Forum Informatique - Sur la Toile (SLT) mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/19) Systeme d'exploitation: Windows 7 (6.1.7600 ) 64 bits version Demarrage : Mode normal Utilisateur: Samir [Droits d'admin] Mode: Recherche -- Date : 27/04/2011 20:08:44 Processus malicieux: 0 Entrees de registre: 0 Fichier HOSTS: Termine : << RKreport[1].txt >> RKreport[1].txt