Sujet Précédent Sujet Suivant

Virus police et gendarmerie nationale

Fermé
bibiche - 22 juin 2012 à 22:04
 bibiche - 22 juin 2012 à 23:25
Bonjour,
J'ai choper le virus police et gendarmerie nationale? j'ai le rapport de mon pc ? quelqu'un peut-il m'aider merci

OTL logfile created on: 6/22/2012 10:17:21 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,022.00 Mb Total Physical Memory | 822.00 Mb Available Physical Memory | 80.00% Memory free
906.00 Mb Paging File | 850.00 Mb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 90.47 Gb Total Space | 62.76 Gb Free Space | 69.37% Space Free | Partition Type: NTFS
Drive H: | 90.94 Gb Total Space | 51.69 Gb Free Space | 56.84% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

[color=#E56717]========== Win32 Services (SafeList) ==========/color

SRV - [2012/06/14 02:22:35 | 000,935,480 | ---- | M] () [Auto] -- C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)
SRV - [2012/06/13 11:27:26 | 000,792,512 | ---- | M] (Spigot, Inc.) [Auto] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012/04/30 03:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2012/03/11 07:48:36 | 000,931,640 | ---- | M] (Trusteer Ltd.) [Auto] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2012/02/13 22:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/05/20 05:13:26 | 001,055,872 | ---- | M] (France Telecom SA) [Auto] -- C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe -- (Orange update Core Service)
SRV - [2009/08/03 09:20:54 | 000,069,632 | ---- | M] (France Telecom SA) [Auto] -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2005/11/13 19:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 14:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 17:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)


[color=#E56717]========== Driver Services (SafeList) ==========/color

DRV - File not found [Kernel | On_Demand] -- -- (ZD1211U(ZyDAS)) ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2012/05/30 02:55:59 | 000,021,520 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\39624\RapportIaso.sys -- (RapportIaso)
DRV - [2012/04/18 22:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/03/18 23:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/03/11 07:48:52 | 000,071,440 | ---- | M] (Trusteer Ltd.) [Kernel | System] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2012/03/11 07:48:50 | 000,164,112 | ---- | M] (Trusteer Ltd.) [Kernel | System] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2012/03/11 07:48:50 | 000,056,208 | ---- | M] (Trusteer Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2012/02/21 23:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/01/30 22:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 07:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 07:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 07:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 07:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011/12/16 04:08:15 | 000,228,208 | ---- | M] () [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys -- (RapportCerberus_34302)
DRV - [2009/06/12 08:36:56 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2009/06/12 08:36:56 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2009/06/12 08:35:20 | 000,453,120 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WLANUHN.sys -- (NBXN720)
DRV - [2009/03/12 04:42:36 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/03/12 04:42:36 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2006/05/29 12:04:50 | 000,217,088 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sis163u.sys -- (SIS163u)
DRV - [2005/09/22 12:34:00 | 003,727,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/08/02 18:00:36 | 000,232,192 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2005/07/29 13:11:04 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005/07/29 13:11:02 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/07/27 04:42:28 | 000,296,515 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hcw88tse.sys -- (HCW88TSE)
DRV - [2005/07/27 04:42:18 | 000,133,696 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hcw88bda.sys -- (HCW88BDA)
DRV - [2005/07/27 04:42:16 | 000,011,970 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | System] -- C:\WINDOWS\system32\drivers\hcw88aud.sys -- (HCW88AUD)
DRV - [2005/03/09 10:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/03/01 06:43:20 | 000,013,312 | ---- | M] (axalto) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\egate.sys -- (Egatecard)
DRV - [2005/03/01 06:43:20 | 000,011,264 | ---- | M] (axalto) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\egatebus.sys -- (Egatebus)
DRV - [2005/03/01 06:43:20 | 000,010,752 | ---- | M] (axalto) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\egaterdr.sys -- (Egaterdr)
DRV - [2004/01/14 06:30:00 | 000,017,151 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\ZDPNDIS5.sys -- (ZDPNDIS5)
DRV - [2001/08/17 17:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)


[color=#E56717]========== Standard Registry (SafeList) ==========/color


[color=#E56717]========== Internet Explorer ==========/color

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\aziza_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\aziza_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\aziza_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\aziza_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/
IE - HKU\aziza_ON_C\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.9\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKU\aziza_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Fichiers communs\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/06/15 04:54:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/06/08 05:55:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.7\ [2012/06/14 02:23:46 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2004/08/10 16:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.9\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.9\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (barre d'outils Orange) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll (Orange)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\Administrateur_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\aziza_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\aziza_ON_C\..\Toolbar\WebBrowser: (barre d'outils Orange) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll (Orange)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Fichiers communs\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [Update] C:\WINDOWS\system32\jork_0_typ_col.exe (Hynix)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\Administrateur_ON_C..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe ()
O4 - HKU\aziza_ON_C..\Run: [Orange Desktop Search] C:\Program Files\Orange\DesktopSearch\DesktopSearchService.exe (Copernic Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] File not found
O4 - Startup: C:\Documents and Settings\aziza\Menu Démarrer\Programmes\Démarrage\Outil de notification de cadeaux MSN.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrateur_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\aziza_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\aziza_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {A06BE318-C096-11D4-964F-0010A4D06F69} https://tva.dgi.minefi.gouv.fr/activeX/TeleTVA.tva (TeleTVA Control)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Fichiers communs\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/27 08:20:50 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color

[2012/06/21 07:25:23 | 000,248,832 | ---- | C] (Hynix) -- C:\WINDOWS\System32\jork_0_typ_col.exe
[2012/06/21 02:59:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\aziza\Application Data\Search Settings
[2012/06/21 02:58:30 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2012/06/21 02:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Spigot
[2012/06/21 02:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\pdfforge Toolbar
[2012/06/18 03:00:21 | 000,248,832 | ---- | C] (Hynix) -- C:\WINDOWS\System32\wpbt0.dll
[2012/06/15 04:54:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AVG
[2012/06/14 02:23:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2012/06/08 05:57:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\aziza\Local Settings\Application Data\AVG Secure Search
[2012/06/08 05:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\aziza\Application Data\AVG Secure Search
[2012/06/08 05:57:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/06/08 05:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\AVG Secure Search
[2012/06/08 05:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/05/30 09:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\omdhdmqbvxwgnfp
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========/color

[2012/06/22 11:41:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/22 11:41:27 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/22 05:08:17 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/21 07:25:19 | 000,248,832 | ---- | M] (Hynix) -- C:\WINDOWS\System32\wpbt0.dll
[2012/06/21 07:25:18 | 000,248,832 | ---- | M] (Hynix) -- C:\WINDOWS\System32\jork_0_typ_col.exe
[2012/06/21 06:56:28 | 100,611,477 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/06/21 06:55:54 | 000,092,189 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/06/21 03:08:21 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/21 02:52:08 | 000,001,158 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/15 05:43:49 | 000,221,533 | ---- | M] () -- C:\Documents and Settings\aziza\Bureau\letter ABRSM.pdf
[2012/06/15 04:54:07 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\AVG 2012.lnk
[2012/06/15 04:54:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AVG
[2012/06/15 04:39:47 | 000,328,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/14 13:29:58 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/06/11 07:19:51 | 000,034,764 | ---- | M] () -- C:\Documents and Settings\aziza\Local Settings\Application Data\dt.dat
[2012/06/05 04:20:40 | 000,022,210 | ---- | M] () -- C:\Documents and Settings\aziza\Bureau\Europalaces-nouveaux sites 3.rtf
[2012/06/04 12:13:18 | 000,179,100 | ---- | M] () -- C:\Documents and Settings\aziza\Mes documents\analyse sites Europalaces 2011.xml
[2012/06/04 10:11:54 | 000,797,184 | ---- | M] () -- C:\Documents and Settings\aziza\Mes documents\promo-été 3.pub
[2012/06/04 10:11:29 | 000,255,525 | ---- | M] () -- C:\Documents and Settings\aziza\Bureau\promo-été 4.pdf
[2012/06/04 10:08:50 | 000,254,827 | ---- | M] () -- C:\Documents and Settings\aziza\Bureau\promo-été 3.pdf
[2012/06/04 09:42:19 | 000,811,520 | ---- | M] () -- C:\Documents and Settings\aziza\Mes documents\promo-été2.pub
[2012/06/01 04:58:22 | 001,774,419 | ---- | M] () -- C:\Documents and Settings\aziza\Bureau\RA_PATHE_FR10.pdf
[2012/06/01 04:54:07 | 003,898,249 | ---- | M] () -- C:\Documents and Settings\aziza\Bureau\RA_PATHE_2011_FR.pdf
[2012/05/31 09:22:03 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2012/05/30 09:45:46 | 000,000,052 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\ucdoemnshlipzpd
[2012/05/30 07:15:15 | 000,087,366 | ---- | M] () -- C:\Documents and Settings\aziza\Mes documents\analyse sites 2011.xml
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========/color

[2012/06/15 05:43:47 | 000,221,533 | ---- | C] () -- C:\Documents and Settings\aziza\Bureau\letter ABRSM.pdf
[2012/06/11 07:19:51 | 000,034,764 | ---- | C] () -- C:\Documents and Settings\aziza\Local Settings\Application Data\dt.dat
[2012/06/05 04:11:40 | 000,022,210 | ---- | C] () -- C:\Documents and Settings\aziza\Bureau\Europalaces-nouveaux sites 3.rtf
[2012/06/04 10:11:27 | 000,255,525 | ---- | C] () -- C:\Documents and Settings\aziza\Bureau\promo-été 4.pdf
[2012/06/04 10:08:48 | 000,254,827 | ---- | C] () -- C:\Documents and Settings\aziza\Bureau\promo-été 3.pdf
[2012/06/04 09:49:16 | 000,797,184 | ---- | C] () -- C:\Documents and Settings\aziza\Mes documents\promo-été 3.pub
[2012/06/04 09:42:19 | 000,811,520 | ---- | C] () -- C:\Documents and Settings\aziza\Mes documents\promo-été2.pub
[2012/06/01 04:58:22 | 001,774,419 | ---- | C] () -- C:\Documents and Settings\aziza\Bureau\RA_PATHE_FR10.pdf
[2012/06/01 04:54:07 | 003,898,249 | ---- | C] () -- C:\Documents and Settings\aziza\Bureau\RA_PATHE_2011_FR.pdf
[2012/05/30 09:45:46 | 000,000,052 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ucdoemnshlipzpd
[2012/05/30 07:15:51 | 000,179,100 | ---- | C] () -- C:\Documents and Settings\aziza\Mes documents\analyse sites Europalaces 2011.xml
[2012/05/30 07:15:15 | 000,087,366 | ---- | C] () -- C:\Documents and Settings\aziza\Mes documents\analyse sites 2011.xml
[2012/04/20 06:26:28 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2012/02/17 03:22:45 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/08/18 04:59:07 | 000,000,192 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~P1kAlMiG2Kb7Fzr
[2011/08/18 04:59:00 | 000,000,240 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~P1kAlMiG2Kb7Fz
[2011/08/18 04:58:49 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\P1kAlMiG2Kb7Fz
[2010/07/19 13:04:38 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/05/28 03:03:40 | 000,000,012 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\Application Data\vqdlkr.dat
[2010/05/07 06:30:29 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009/04/20 04:42:49 | 000,000,681 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
[2009/03/19 12:27:41 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\aziza\intlname.ols
[2009/03/17 03:02:54 | 000,177,936 | ---- | C] () -- C:\WINDOWS\hpoins29.dat
[2009/03/17 03:02:54 | 000,000,986 | ---- | C] () -- C:\WINDOWS\hpomdl29.dat
[2009/03/12 10:48:29 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\unwlsdrv.exe
[2008/07/31 13:53:01 | 000,000,346 | ---- | C] () -- C:\WINDOWS\System32\CRUNX.BIN
[2008/07/31 13:52:27 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2008/07/31 13:51:25 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin040c.exe
[2008/07/31 13:46:57 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/07/31 13:29:22 | 000,001,944 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2008/07/31 13:26:22 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\aziza\Local Settings\Application Data\fusioncache.dat
[2008/07/31 13:25:23 | 000,000,137 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\fusioncache.dat
[2008/07/31 12:38:12 | 000,278,528 | ---- | C] () -- C:\Program Files\Fichiers communs\FDEUnInstaller.exe
[2005/10/24 14:22:38 | 000,001,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2005/10/17 06:31:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005/10/17 06:31:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2005/10/17 06:31:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005/10/17 06:31:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2005/10/17 06:31:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005/10/17 06:31:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005/10/17 06:31:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005/10/17 06:31:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2005/10/17 06:31:00 | 000,393,216 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2005/10/17 06:31:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/10/12 21:43:40 | 000,000,083 | -H-- | C] () -- C:\WINDOWS\alaunch.ini
[2005/09/16 10:14:00 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005/08/05 10:38:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/07/15 12:48:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2005/03/01 06:43:20 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\slbmgpg.dll
[2005/02/02 16:11:40 | 000,008,073 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/01/27 08:46:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/01/27 08:46:06 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/01/27 08:42:44 | 000,328,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/01/27 08:21:14 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2005/01/27 08:20:20 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2005/01/27 08:20:20 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2005/01/27 08:20:20 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2005/01/27 08:20:20 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2005/01/27 08:07:36 | 000,449,740 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2005/01/27 08:07:36 | 000,384,732 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/01/27 08:07:36 | 000,065,602 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2005/01/27 08:07:36 | 000,054,416 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/01/27 08:07:10 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\fusioncache.dat
[2005/01/27 07:53:02 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/01/27 07:50:18 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/12/17 12:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2004/08/10 16:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 16:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2004/08/10 16:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 16:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 16:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 16:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2004/08/10 16:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 16:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 16:00:00 | 000,003,712 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 16:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/10 16:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/03/23 11:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2004/03/18 12:01:20 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2003/08/07 04:51:32 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\reboot.exe
[2003/08/06 14:32:24 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\KCMDNIns.exe
[2003/04/01 04:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/09/23 08:11:24 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\hcwxds.dll
[2002/05/23 21:34:46 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe
[2001/12/26 11:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 18:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/08/25 22:04:08 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/25 22:02:42 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/07/30 11:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 17:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[2001/07/05 20:19:00 | 000,000,164 | -H-- | C] () -- C:\WINDOWS\avrack.ini

[color=#E56717]========== LOP Check ==========/color

[2012/06/21 02:58:59 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater
[2010/06/10 02:32:10 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\pdfforge
[2010/06/10 02:32:11 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\Search Settings
[2011/08/19 17:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Tific
[2012/06/08 05:57:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aziza\Application Data\AVG Secure Search
[2012/01/27 07:48:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aziza\Application Data\AVG2012
[2010/05/07 06:41:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aziza\Application Data\pdfforge
[2012/06/21 02:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aziza\Application Data\Search Settings
[2011/08/19 18:00:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aziza\Application Data\Tific
[2011/01/26 07:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aziza\Application Data\Trusteer
[2008/09/16 09:04:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aziza\Application Data\Xerox
[2012/04/12 10:09:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aziza\Application Data\XnView
[2009/03/17 06:40:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Xerox
[2012/06/14 04:36:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/01/27 08:06:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2008/08/05 11:25:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ciel
[2011/08/19 19:13:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/06/22 04:43:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/05/30 09:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\omdhdmqbvxwgnfp
[2011/07/28 03:12:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Orange
[2009/04/14 02:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2011/01/26 07:33:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2011/09/05 07:06:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[2011/09/05 07:10:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\~0

[color=#E56717]========== Purity Check ==========/color



[color=#E56717]========== Custom Scans ==========/color



[color=#A23BEC]< MD5 for: EXPLORER.EXE >/color
[2004/08/10 16:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008/04/13 22:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/13 22:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
< End of report >

A voir également:

6 réponses

Réponse 1 / 6
Utilisateur anonyme
22 juin 2012 à 22:09
Bonsoir

* Double-clique sur l'icone OTLPE
* quand demandé "Do you wish to load the remote registry", selectionne "Yes"
* quand demandé "Do you wish to load remote user profile(s) for scanning", selectionne "Yes"
* verifier que "Automatically Load All Remaining Users" est sélectionné et presse OK


http://imagesup.org/image

* sous Custom Scan box copie_colle le tout ci dessous et clic RUNFIX

:OTL
IE - HKU\aziza_ON_C\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.9\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.9\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.9\pdfforgeToolbarIE.dll (Spigot, Inc.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Fichiers communs\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
[2012/06/21 02:59:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\aziza\Application Data\Search Settings
[2012/06/21 02:58:30 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2012/06/21 02:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Spigot
[2012/06/21 02:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\pdfforge Toolbar
[2012/06/14 02:23:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2010/05/07 06:41:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aziza\Application Data\pdfforge
[2012/06/21 02:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aziza\Application Data\Search Settings
O4 - HKLM..\Run: [Update] C:\WINDOWS\system32\jork_0_typ_col.exe (Hynix)



tu conserves le rapport qui s'affiche ; et tu le copies et colles dans ta prochaine réponse


@+
0
Réponse 2 / 6
bibiche
22 juin 2012 à 22:55
VOICI CE QUE JE TROUVE


========== OTL ==========
Registry value HKEY_USERS\aziza_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
C:\Program Files\pdfforge Toolbar\IE\5.9\pdfforgeToolbarIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
File C:\Program Files\pdfforge Toolbar\IE\5.9\pdfforgeToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
File C:\Program Files\pdfforge Toolbar\IE\5.9\pdfforgeToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
C:\Program Files\Fichiers communs\Spigot\Search Settings\SearchSettings.exe moved successfully.
C:\Documents and Settings\aziza\Application Data\Search Settings\temp folder moved successfully.
C:\Documents and Settings\aziza\Application Data\Search Settings\res folder moved successfully.
C:\Documents and Settings\aziza\Application Data\Search Settings folder moved successfully.
C:\Program Files\Application Updater folder moved successfully.
C:\Program Files\Fichiers communs\Spigot\Search Settings\Res folder moved successfully.
C:\Program Files\Fichiers communs\Spigot\Search Settings\Lang folder moved successfully.
C:\Program Files\Fichiers communs\Spigot\Search Settings folder moved successfully.
C:\Program Files\Fichiers communs\Spigot folder moved successfully.
C:\Program Files\pdfforge Toolbar\Res\Lang folder moved successfully.
C:\Program Files\pdfforge Toolbar\Res folder moved successfully.
C:\Program Files\pdfforge Toolbar\IE\5.9 folder moved successfully.
C:\Program Files\pdfforge Toolbar\IE folder moved successfully.
C:\Program Files\pdfforge Toolbar folder moved successfully.
C:\WINDOWS\System32\cache folder moved successfully.
C:\Documents and Settings\aziza\Application Data\pdfforge\temp folder moved successfully.
C:\Documents and Settings\aziza\Application Data\pdfforge\res folder moved successfully.
C:\Documents and Settings\aziza\Application Data\pdfforge folder moved successfully.
Folder C:\Documents and Settings\aziza\Application Data\Search Settings\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Update deleted successfully.
C:\WINDOWS\system32\jork_0_typ_col.exe moved successfully.

OTLPE by OldTimer - Version 3.1.48.0 log created on 06222012_235215
0
Réponse 3 / 6
Utilisateur anonyme
22 juin 2012 à 22:58
Re

Essaie de démarrer ton PC normalement.
Tiens moi au courant;merci

@+
0
Réponse 4 / 6
bibiche
22 juin 2012 à 23:13
MERCI BEAUCOUP, cela a l'air de fonctionner corectement. que dois je faire maintenant?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
Utilisateur anonyme
22 juin 2012 à 23:15
Re

1)Met à jour Windows via Windows Update

2)Pour vérifier les mises à jour logiciels à appliquer sur ton PC
https://www.flexera.com/products/operations/software-vulnerability-management.html
Divers liens te seront proposés pour les logiciels non à jour.


Il te faut absolument procéder à ces diverses mises à jour sinon cela se reproduira

Tiens moi au courant

Ce n'est pas fini

@+
0
Réponse 6 / 6
bibiche
22 juin 2012 à 23:25
merci
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Menace "Interpol" après webcam coquine
diego34 -
Panth33ra -

4 réponses
Peut-on retrouver un portable avec un N°IMEI
Curly93 -
Hnn -

30 réponses
convocation gendarmerie sans motif
david 38 -
BmV -

27 réponses