Virus "BUNDESPOLIZEI"
Philpuj
Messages postés
3
Statut
Membre
-
Malekal_morte- Messages postés 184347 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Malekal_morte- Messages postés 184347 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Bonsoir,
Même soucis que Yohann avec le virus bundespolizei!!
OTLPE est installé, le scan est fait. J'ai essayé de remplacer les lignes incriminées chez Yohann, mais cela n'a pas fonctionné sur mon PC... Dommage!
Voilà le résultat du scan. Pourriez vous me donner un petit coup de pouce SVP.
D'avance merci.
Philippe.
OTL logfile created on: 12/11/2011 6:49:40 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18241)
Locale: | Country: | Language: | Date Format:
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 84.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 42.37 Gb Total Space | 17.77 Gb Free Space | 41.93% Space Free | Partition Type: NTFS
Drive D: | 50.78 Gb Total Space | 6.77 Gb Free Space | 13.32% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Disabled] -- -- (HidServ)
SRV - [2011/10/18 08:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Auto] -- C:\WINDOWS\System32\mfevtps.exe -- (mfevtp)
SRV - [2011/10/18 08:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2011/10/18 08:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe -- (McShield)
SRV - [2011/10/09 09:02:32 | 000,055,144 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/03/17 09:38:42 | 000,361,712 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/01/27 11:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 11:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 11:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 11:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 11:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 11:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 11:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/11/30 18:03:00 | 004,023,760 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2010/07/21 03:00:33 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/04/13 14:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/11/03 18:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/20 15:18:26 | 000,071,096 | ---- | M] () [Auto] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008/04/07 03:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/03/20 09:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2006/10/26 07:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)
SRV - [2006/10/26 07:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (mfeavfk01)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- -- (cpuz132)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2011/10/15 07:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/10/15 07:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/10/15 07:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/10/15 07:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/10/15 07:16:16 | 000,089,792 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011/10/15 07:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/10/15 07:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2011/10/15 07:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2011/10/15 07:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/10/15 07:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/05/10 01:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/06/17 06:01:39 | 000,278,984 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010/06/17 06:01:39 | 000,025,416 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010/06/17 05:45:19 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/04/28 01:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010/04/13 14:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System] -- C:\WINDOWS\system32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2009/05/25 10:31:32 | 000,252,416 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\VMUVC.sys -- (VMUVC)
DRV - [2009/03/31 03:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/07/01 04:12:32 | 000,398,720 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\vvftUVC.sys -- (vvftUVC)
DRV - [2008/04/13 03:35:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)
DRV - [2008/01/07 07:36:16 | 002,216,064 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Pilote de carte de connexion réseau Intel(R)
DRV - [2007/09/17 09:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/05/06 15:44:16 | 000,034,944 | ---- | M] (None) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\mfpec.sys -- (ALIWEHCD)
DRV - [2005/06/09 08:39:56 | 000,099,712 | ---- | M] (Texas Instruments) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2004/12/30 16:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2004/10/14 09:53:00 | 000,276,480 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\camchal.sys -- (CAMCHALA)
DRV - [2004/10/14 09:52:02 | 000,292,864 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\camcaud.sys -- (CAMCAUD)
DRV - [2004/06/28 05:35:24 | 000,069,760 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/06/10 10:00:06 | 000,200,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2004/06/10 09:58:58 | 000,684,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/10 09:58:24 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.foozir.com/
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=6857266d0000000000000012f056b34f&tlver=1.4.19.19&affID=17162
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\pujofamille_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/410
IE - HKU\pujofamille_ON_C\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\pujofamille_ON_C\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\pujofamille_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\pujofamille_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\pujofamille_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: C:\Program Files\McAfee\MSC\npMcSnFFPl.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\NPMcFFPlg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/02/02 14:47:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/11/11 10:05:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Fichiers communs\McAfee\SystemCore [2011/12/11 05:14:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/26 02:19:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/07 13:11:06 | 000,000,000 | ---D | M]
[2011/11/26 02:19:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/26 02:19:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/14 07:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2004/07/02 08:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32asw.dll
[2011/05/03 21:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/11/07 16:09:10 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2011/09/28 23:45:07 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/04/25 13:10:26 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/09/28 23:45:07 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/09/28 23:45:07 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/09/28 23:45:07 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/09/22 13:11:46 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011/08/23 06:57:46 | 000,002,503 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2011/09/28 23:45:07 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/09/28 23:45:07 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2001/08/28 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Fichiers communs\Mcafee\SystemCore\ScriptSn.20111122191856.dll (McAfee, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\pujofamille_ON_C\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKU\pujofamille_ON_C..\Run: [DaxCtkux] C:\Documents and Settings\pujofamille\Local Settings\Application Data\utgpjkok\daxctkux.exe (BreakPoint Software, Inc.)
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\pujofamille_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\pujofamille_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\pujofamille_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\datamngr.dll) - C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\IEBHO.dll) - C:\Program Files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - HKLM Winlogon: Shell - (C:\Documents and Settings\pujofamille\Application Data\mahmud.exe) - C:\Documents and Settings\pujofamille\Application Data\mahmud.exe (Packard Bell BV)
O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\pujofamille\Local Settings\Application Data\utgpjkok\daxctkux.exe) - C:\Documents and Settings\pujofamille\Local Settings\Application Data\utgpjkok\daxctkux.exe (BreakPoint Software, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/10 03:55:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011/12/11 17:54:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/12/10 15:49:11 | 000,196,608 | ---- | C] (Packard Bell BV) -- C:\Documents and Settings\pujofamille\Application Data\mahmud.exe
[2011/12/09 13:33:05 | 000,000,000 | ---D | C] -- C:\Downloads
[2011/12/09 13:32:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pujofamille\Local Settings\Application Data\iDownloader
[2011/12/09 13:31:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\iDownloader Limited
[2011/12/09 13:31:54 | 000,000,000 | ---D | C] -- C:\Program Files\iDownloader
[2011/12/09 13:31:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\os
[2011/12/09 13:29:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Web Installer
[2011/12/07 14:40:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AVG PC Tuneup 2011
[2011/12/07 14:39:43 | 007,453,528 | ---- | C] (AVG ) -- C:\Documents and Settings\pujofamille\Bureau\avg_pct_stf_all_2011_10.exe
[2011/12/03 02:38:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pujofamille\Local Settings\Application Data\utgpjkok
[2011/12/03 02:38:20 | 000,090,911 | --S- | C] (BreakPoint Software, Inc.) -- C:\Documents and Settings\pujofamille\Menu Démarrer\Programmes\Démarrage\daxctkux.exe
[2011/12/03 02:35:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\McAfee
[2011/12/01 09:24:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pujofamille\Bureau\Photos PC Gladiateur
[2011/11/27 04:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Recuva
[2011/11/27 04:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2011/11/26 03:09:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Earth
[2011/11/14 04:05:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pujofamille\Mes documents\Travaux
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\pujofamille\*.tmp files -> C:\Documents and Settings\pujofamille\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011/12/11 09:46:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/11 09:46:06 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
[2011/12/11 09:45:09 | 000,001,062 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/11 09:45:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/11 07:21:08 | 000,001,172 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1409082233-1177238915-1002UA.job
[2011/12/11 05:54:12 | 000,002,766 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\DME-SETTINGS.xml
[2011/12/11 05:54:12 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\DMEPeriodicTask.job
[2011/12/10 16:01:01 | 000,001,066 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/10 15:49:11 | 000,196,608 | ---- | M] (Packard Bell BV) -- C:\Documents and Settings\pujofamille\Application Data\mahmud.exe
[2011/12/10 14:21:01 | 000,001,120 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1409082233-1177238915-1002Core.job
[2011/12/10 07:21:25 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2011/12/09 13:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HP
[2011/12/09 13:35:57 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\_rgpl
[2011/12/09 13:33:42 | 000,000,044 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\idlut.iso
[2011/12/07 14:40:40 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\pujofamille\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2011/12/07 14:40:40 | 000,000,750 | ---- | M] () -- C:\Documents and Settings\pujofamille\Bureau\AVG PC Tuneup 2011.lnk
[2011/12/07 14:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AVG PC Tuneup 2011
[2011/12/07 14:39:30 | 007,453,528 | ---- | M] (AVG ) -- C:\Documents and Settings\pujofamille\Bureau\avg_pct_stf_all_2011_10.exe
[2011/12/03 02:38:16 | 000,090,911 | --S- | M] (BreakPoint Software, Inc.) -- C:\Documents and Settings\pujofamille\Menu Démarrer\Programmes\Démarrage\daxctkux.exe
[2011/12/03 02:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\McAfee
[2011/11/27 04:23:02 | 000,001,512 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Recuva.lnk
[2011/11/27 04:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Recuva
[2011/11/26 14:38:01 | 000,000,890 | ---- | M] () -- C:\Documents and Settings\pujofamille\Bureau\GovernorofPoker2_PE.exe.lnk
[2011/11/26 03:09:05 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk
[2011/11/26 03:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Earth
[2011/11/15 11:31:38 | 000,000,212 | -HS- | M] () -- C:\boot.ini
[2011/11/14 03:45:08 | 000,614,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uiautomationcore.dll
[2011/11/14 03:45:06 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2011/11/14 03:45:02 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/11/14 03:02:33 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\pujofamille\Application Data\Microsoft\Internet Explorer\Quick Launch\Poste de travail.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\pujofamille\*.tmp files -> C:\Documents and Settings\pujofamille\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011/12/09 13:35:57 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\_rgpl
[2011/12/09 13:31:17 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\idlut.iso
[2011/12/07 14:40:57 | 000,000,446 | ---- | C] () -- C:\WINDOWS\tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
[2011/12/07 14:40:40 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\pujofamille\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2011/12/07 14:40:40 | 000,000,750 | ---- | C] () -- C:\Documents and Settings\pujofamille\Bureau\AVG PC Tuneup 2011.lnk
[2011/11/27 04:23:02 | 000,001,512 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Recuva.lnk
[2011/11/26 14:38:01 | 000,000,890 | ---- | C] () -- C:\Documents and Settings\pujofamille\Bureau\GovernorofPoker2_PE.exe.lnk
[2011/11/26 03:09:05 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk
[2011/11/14 03:02:33 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\pujofamille\Application Data\Microsoft\Internet Explorer\Quick Launch\Poste de travail.lnk
[2011/07/17 13:48:30 | 000,001,052 | R--- | C] () -- \reatogoMenu.ini
[2011/07/17 13:43:36 | 000,000,000 | R--- | C] () -- \WIN51IP.SP2
[2011/07/17 13:43:36 | 000,000,000 | R--- | C] () -- \WIN51IP
[2011/03/20 04:51:42 | 000,002,604 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2011/02/02 14:38:48 | 000,220,432 | ---- | C] () -- C:\WINDOWS\hpoins40.dat
[2011/02/02 14:38:48 | 000,000,992 | ---- | C] () -- C:\WINDOWS\hpomdl40.dat
[2011/01/08 07:36:00 | 000,049,992 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/12/20 14:49:15 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010/12/20 14:49:15 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010/12/20 14:49:04 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\pujofamille\Application Data\$_hpcst$.hpc
[2010/10/04 02:27:17 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2010/07/19 05:06:45 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2010/06/17 06:01:39 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010/06/17 06:01:39 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010/03/28 09:26:03 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/03/10 13:15:07 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\pujofamille\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/05 12:59:03 | 000,023,800 | ---- | C] () -- C:\WINDOWS\hpqins15.dat
[2010/02/15 12:02:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/02/10 04:41:08 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/02/10 04:40:52 | 000,017,920 | ---- | C] () -- C:\WINDOWS\NOTEPAD.EXE
[2010/02/10 04:39:53 | 001,559,520 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/10 04:07:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/02/10 04:07:34 | 000,318,872 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\_inst3.exe
[2010/02/10 04:07:34 | 000,294,145 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\_inst5.exe
[2010/02/10 04:07:34 | 000,242,356 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\_inst2.exe
[2010/02/10 04:07:34 | 000,240,673 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\_inst1.exe
[2010/02/10 04:07:34 | 000,145,495 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\_inst4.exe
[2010/02/10 04:02:36 | 000,074,986 | ---- | C] () -- C:\WINDOWS\System32\Uninstal.exe
[2010/02/10 04:02:30 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/02/10 04:02:26 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010/02/10 04:02:26 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/02/10 04:02:26 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/02/10 04:02:24 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/02/10 03:51:43 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/08/03 08:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 08:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/01/17 17:03:54 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\notepad.exe
[2008/04/13 13:50:22 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007/10/25 11:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2006/12/30 13:27:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/03/24 06:06:41 | 000,000,053 | R--- | C] () -- \AUTORUN.INF
[2005/07/16 16:36:50 | 000,240,128 | R--- | C] () -- \reatogoMenu.exe
[2004/01/13 13:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2001/08/28 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/28 13:00:00 | 000,511,144 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2001/08/28 13:00:00 | 000,442,148 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/28 13:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2001/08/28 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/28 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/28 13:00:00 | 000,085,346 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2001/08/28 13:00:00 | 000,071,646 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/28 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/28 13:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2001/08/28 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[color=#E56717]========== LOP Check ==========[/color]
[2011/11/14 02:59:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\AVG
[2011/03/05 15:46:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\BabylonToolbar
[2011/08/09 07:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\Canneverbe_Limited
[2010/06/17 05:59:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\DAEMON Tools Lite
[2011/04/09 06:29:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\FDRLab
[2011/08/23 06:58:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\FreeAudioPack
[2010/03/05 15:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\HTML Executable
[2010/02/10 04:54:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\Notepad++
[2010/12/20 15:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\PC Suite
[2011/03/19 08:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\Reviversoft
[2010/12/20 15:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\Samsung
[2011/11/11 12:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\searchquband
[2011/11/01 14:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\searchqutoolbar
[2011/09/05 05:19:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\TuneUp Software
[2010/03/23 15:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\uTorrent
[2010/02/10 04:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\ViStart
[2010/10/14 06:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\YoudaGames
[2011/03/15 04:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/08/23 08:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010/06/17 05:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/11/16 09:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Mender
[2011/12/09 13:31:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iDownloader Limited
[2010/12/20 15:00:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011/12/11 09:46:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/09/05 05:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2011/12/09 13:29:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Web Installer
[2011/09/05 05:17:35 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010/06/11 00:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/02/10 04:53:54 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2011/12/11 09:46:06 | 000,000,446 | ---- | M] () -- C:\WINDOWS\Tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
[2011/12/11 05:54:12 | 000,000,312 | ---- | M] () -- C:\WINDOWS\Tasks\DMEPeriodicTask.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 197 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
< End of report >
Bonjour,
Même soucis que Yohann avec le virus bundespolizei!!
OTLPE est installé, le scan est fait. J'ai essayé de remplacer les lignes incriminées chez Yohann, mais cela n'a pas fonctionné sur mon PC... Dommage!
Voilà le résultat du scan. Pourriez vous me donner un petit coup de pouce SVP.
D'avance merci.
Philippe.
OTL logfile created on: 12/11/2011 6:49:40 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18241)
Locale: | Country: | Language: | Date Format:
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 84.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 42.37 Gb Total Space | 17.77 Gb Free Space | 41.93% Space Free | Partition Type: NTFS
Drive D: | 50.78 Gb Total Space | 6.77 Gb Free Space | 13.32% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Disabled] -- -- (HidServ)
SRV - [2011/10/18 08:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Auto] -- C:\WINDOWS\System32\mfevtps.exe -- (mfevtp)
SRV - [2011/10/18 08:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2011/10/18 08:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe -- (McShield)
SRV - [2011/10/09 09:02:32 | 000,055,144 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/03/17 09:38:42 | 000,361,712 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/01/27 11:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 11:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 11:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 11:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 11:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 11:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 11:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/11/30 18:03:00 | 004,023,760 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2010/07/21 03:00:33 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/04/13 14:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/11/03 18:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/20 15:18:26 | 000,071,096 | ---- | M] () [Auto] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008/04/07 03:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/03/20 09:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2006/10/26 07:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)
SRV - [2006/10/26 07:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (mfeavfk01)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- -- (cpuz132)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2011/10/15 07:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/10/15 07:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/10/15 07:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/10/15 07:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/10/15 07:16:16 | 000,089,792 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011/10/15 07:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/10/15 07:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2011/10/15 07:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2011/10/15 07:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/10/15 07:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/05/10 01:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/06/17 06:01:39 | 000,278,984 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010/06/17 06:01:39 | 000,025,416 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010/06/17 05:45:19 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/04/28 01:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010/04/13 14:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System] -- C:\WINDOWS\system32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2009/05/25 10:31:32 | 000,252,416 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\VMUVC.sys -- (VMUVC)
DRV - [2009/03/31 03:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/07/01 04:12:32 | 000,398,720 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\vvftUVC.sys -- (vvftUVC)
DRV - [2008/04/13 03:35:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)
DRV - [2008/01/07 07:36:16 | 002,216,064 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Pilote de carte de connexion réseau Intel(R)
DRV - [2007/09/17 09:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/05/06 15:44:16 | 000,034,944 | ---- | M] (None) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\mfpec.sys -- (ALIWEHCD)
DRV - [2005/06/09 08:39:56 | 000,099,712 | ---- | M] (Texas Instruments) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2004/12/30 16:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2004/10/14 09:53:00 | 000,276,480 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\camchal.sys -- (CAMCHALA)
DRV - [2004/10/14 09:52:02 | 000,292,864 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\camcaud.sys -- (CAMCAUD)
DRV - [2004/06/28 05:35:24 | 000,069,760 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/06/10 10:00:06 | 000,200,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2004/06/10 09:58:58 | 000,684,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/10 09:58:24 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.foozir.com/
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=6857266d0000000000000012f056b34f&tlver=1.4.19.19&affID=17162
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\pujofamille_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/410
IE - HKU\pujofamille_ON_C\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\pujofamille_ON_C\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\pujofamille_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\pujofamille_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\pujofamille_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: C:\Program Files\McAfee\MSC\npMcSnFFPl.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\NPMcFFPlg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/02/02 14:47:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/11/11 10:05:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Fichiers communs\McAfee\SystemCore [2011/12/11 05:14:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/26 02:19:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/07 13:11:06 | 000,000,000 | ---D | M]
[2011/11/26 02:19:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/26 02:19:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/14 07:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2004/07/02 08:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32asw.dll
[2011/05/03 21:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/11/07 16:09:10 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2011/09/28 23:45:07 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/04/25 13:10:26 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/09/28 23:45:07 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/09/28 23:45:07 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/09/28 23:45:07 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/09/22 13:11:46 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011/08/23 06:57:46 | 000,002,503 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2011/09/28 23:45:07 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/09/28 23:45:07 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2001/08/28 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Fichiers communs\Mcafee\SystemCore\ScriptSn.20111122191856.dll (McAfee, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\pujofamille_ON_C\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKU\pujofamille_ON_C..\Run: [DaxCtkux] C:\Documents and Settings\pujofamille\Local Settings\Application Data\utgpjkok\daxctkux.exe (BreakPoint Software, Inc.)
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\pujofamille_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\pujofamille_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\pujofamille_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\datamngr.dll) - C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\IEBHO.dll) - C:\Program Files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - HKLM Winlogon: Shell - (C:\Documents and Settings\pujofamille\Application Data\mahmud.exe) - C:\Documents and Settings\pujofamille\Application Data\mahmud.exe (Packard Bell BV)
O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\pujofamille\Local Settings\Application Data\utgpjkok\daxctkux.exe) - C:\Documents and Settings\pujofamille\Local Settings\Application Data\utgpjkok\daxctkux.exe (BreakPoint Software, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/10 03:55:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011/12/11 17:54:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/12/10 15:49:11 | 000,196,608 | ---- | C] (Packard Bell BV) -- C:\Documents and Settings\pujofamille\Application Data\mahmud.exe
[2011/12/09 13:33:05 | 000,000,000 | ---D | C] -- C:\Downloads
[2011/12/09 13:32:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pujofamille\Local Settings\Application Data\iDownloader
[2011/12/09 13:31:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\iDownloader Limited
[2011/12/09 13:31:54 | 000,000,000 | ---D | C] -- C:\Program Files\iDownloader
[2011/12/09 13:31:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\os
[2011/12/09 13:29:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Web Installer
[2011/12/07 14:40:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AVG PC Tuneup 2011
[2011/12/07 14:39:43 | 007,453,528 | ---- | C] (AVG ) -- C:\Documents and Settings\pujofamille\Bureau\avg_pct_stf_all_2011_10.exe
[2011/12/03 02:38:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pujofamille\Local Settings\Application Data\utgpjkok
[2011/12/03 02:38:20 | 000,090,911 | --S- | C] (BreakPoint Software, Inc.) -- C:\Documents and Settings\pujofamille\Menu Démarrer\Programmes\Démarrage\daxctkux.exe
[2011/12/03 02:35:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\McAfee
[2011/12/01 09:24:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pujofamille\Bureau\Photos PC Gladiateur
[2011/11/27 04:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Recuva
[2011/11/27 04:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2011/11/26 03:09:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Earth
[2011/11/14 04:05:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pujofamille\Mes documents\Travaux
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\pujofamille\*.tmp files -> C:\Documents and Settings\pujofamille\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011/12/11 09:46:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/11 09:46:06 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
[2011/12/11 09:45:09 | 000,001,062 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/11 09:45:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/11 07:21:08 | 000,001,172 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1409082233-1177238915-1002UA.job
[2011/12/11 05:54:12 | 000,002,766 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\DME-SETTINGS.xml
[2011/12/11 05:54:12 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\DMEPeriodicTask.job
[2011/12/10 16:01:01 | 000,001,066 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/10 15:49:11 | 000,196,608 | ---- | M] (Packard Bell BV) -- C:\Documents and Settings\pujofamille\Application Data\mahmud.exe
[2011/12/10 14:21:01 | 000,001,120 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1409082233-1177238915-1002Core.job
[2011/12/10 07:21:25 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2011/12/09 13:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HP
[2011/12/09 13:35:57 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\_rgpl
[2011/12/09 13:33:42 | 000,000,044 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\idlut.iso
[2011/12/07 14:40:40 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\pujofamille\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2011/12/07 14:40:40 | 000,000,750 | ---- | M] () -- C:\Documents and Settings\pujofamille\Bureau\AVG PC Tuneup 2011.lnk
[2011/12/07 14:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AVG PC Tuneup 2011
[2011/12/07 14:39:30 | 007,453,528 | ---- | M] (AVG ) -- C:\Documents and Settings\pujofamille\Bureau\avg_pct_stf_all_2011_10.exe
[2011/12/03 02:38:16 | 000,090,911 | --S- | M] (BreakPoint Software, Inc.) -- C:\Documents and Settings\pujofamille\Menu Démarrer\Programmes\Démarrage\daxctkux.exe
[2011/12/03 02:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\McAfee
[2011/11/27 04:23:02 | 000,001,512 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Recuva.lnk
[2011/11/27 04:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Recuva
[2011/11/26 14:38:01 | 000,000,890 | ---- | M] () -- C:\Documents and Settings\pujofamille\Bureau\GovernorofPoker2_PE.exe.lnk
[2011/11/26 03:09:05 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk
[2011/11/26 03:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Earth
[2011/11/15 11:31:38 | 000,000,212 | -HS- | M] () -- C:\boot.ini
[2011/11/14 03:45:08 | 000,614,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uiautomationcore.dll
[2011/11/14 03:45:06 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2011/11/14 03:45:02 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/11/14 03:02:33 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\pujofamille\Application Data\Microsoft\Internet Explorer\Quick Launch\Poste de travail.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\pujofamille\*.tmp files -> C:\Documents and Settings\pujofamille\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011/12/09 13:35:57 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\_rgpl
[2011/12/09 13:31:17 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\idlut.iso
[2011/12/07 14:40:57 | 000,000,446 | ---- | C] () -- C:\WINDOWS\tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
[2011/12/07 14:40:40 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\pujofamille\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2011/12/07 14:40:40 | 000,000,750 | ---- | C] () -- C:\Documents and Settings\pujofamille\Bureau\AVG PC Tuneup 2011.lnk
[2011/11/27 04:23:02 | 000,001,512 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Recuva.lnk
[2011/11/26 14:38:01 | 000,000,890 | ---- | C] () -- C:\Documents and Settings\pujofamille\Bureau\GovernorofPoker2_PE.exe.lnk
[2011/11/26 03:09:05 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk
[2011/11/14 03:02:33 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\pujofamille\Application Data\Microsoft\Internet Explorer\Quick Launch\Poste de travail.lnk
[2011/07/17 13:48:30 | 000,001,052 | R--- | C] () -- \reatogoMenu.ini
[2011/07/17 13:43:36 | 000,000,000 | R--- | C] () -- \WIN51IP.SP2
[2011/07/17 13:43:36 | 000,000,000 | R--- | C] () -- \WIN51IP
[2011/03/20 04:51:42 | 000,002,604 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2011/02/02 14:38:48 | 000,220,432 | ---- | C] () -- C:\WINDOWS\hpoins40.dat
[2011/02/02 14:38:48 | 000,000,992 | ---- | C] () -- C:\WINDOWS\hpomdl40.dat
[2011/01/08 07:36:00 | 000,049,992 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/12/20 14:49:15 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010/12/20 14:49:15 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010/12/20 14:49:04 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\pujofamille\Application Data\$_hpcst$.hpc
[2010/10/04 02:27:17 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2010/07/19 05:06:45 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2010/06/17 06:01:39 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010/06/17 06:01:39 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010/03/28 09:26:03 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/03/10 13:15:07 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\pujofamille\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/05 12:59:03 | 000,023,800 | ---- | C] () -- C:\WINDOWS\hpqins15.dat
[2010/02/15 12:02:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/02/10 04:41:08 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/02/10 04:40:52 | 000,017,920 | ---- | C] () -- C:\WINDOWS\NOTEPAD.EXE
[2010/02/10 04:39:53 | 001,559,520 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/10 04:07:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/02/10 04:07:34 | 000,318,872 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\_inst3.exe
[2010/02/10 04:07:34 | 000,294,145 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\_inst5.exe
[2010/02/10 04:07:34 | 000,242,356 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\_inst2.exe
[2010/02/10 04:07:34 | 000,240,673 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\_inst1.exe
[2010/02/10 04:07:34 | 000,145,495 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\_inst4.exe
[2010/02/10 04:02:36 | 000,074,986 | ---- | C] () -- C:\WINDOWS\System32\Uninstal.exe
[2010/02/10 04:02:30 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/02/10 04:02:26 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010/02/10 04:02:26 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/02/10 04:02:26 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/02/10 04:02:24 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/02/10 03:51:43 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/08/03 08:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 08:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/01/17 17:03:54 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\notepad.exe
[2008/04/13 13:50:22 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007/10/25 11:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2006/12/30 13:27:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/03/24 06:06:41 | 000,000,053 | R--- | C] () -- \AUTORUN.INF
[2005/07/16 16:36:50 | 000,240,128 | R--- | C] () -- \reatogoMenu.exe
[2004/01/13 13:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2001/08/28 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/28 13:00:00 | 000,511,144 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2001/08/28 13:00:00 | 000,442,148 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/28 13:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2001/08/28 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/28 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/28 13:00:00 | 000,085,346 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2001/08/28 13:00:00 | 000,071,646 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/28 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/28 13:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2001/08/28 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[color=#E56717]========== LOP Check ==========[/color]
[2011/11/14 02:59:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\AVG
[2011/03/05 15:46:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\BabylonToolbar
[2011/08/09 07:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\Canneverbe_Limited
[2010/06/17 05:59:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\DAEMON Tools Lite
[2011/04/09 06:29:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\FDRLab
[2011/08/23 06:58:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\FreeAudioPack
[2010/03/05 15:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\HTML Executable
[2010/02/10 04:54:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\Notepad++
[2010/12/20 15:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\PC Suite
[2011/03/19 08:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\Reviversoft
[2010/12/20 15:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\Samsung
[2011/11/11 12:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\searchquband
[2011/11/01 14:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\searchqutoolbar
[2011/09/05 05:19:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\TuneUp Software
[2010/03/23 15:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\uTorrent
[2010/02/10 04:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\ViStart
[2010/10/14 06:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pujofamille\Application Data\YoudaGames
[2011/03/15 04:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/08/23 08:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010/06/17 05:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/11/16 09:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Mender
[2011/12/09 13:31:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iDownloader Limited
[2010/12/20 15:00:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011/12/11 09:46:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/09/05 05:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2011/12/09 13:29:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Web Installer
[2011/09/05 05:17:35 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010/06/11 00:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/02/10 04:53:54 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2011/12/11 09:46:06 | 000,000,446 | ---- | M] () -- C:\WINDOWS\Tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
[2011/12/11 05:54:12 | 000,000,312 | ---- | M] () -- C:\WINDOWS\Tasks\DMEPeriodicTask.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 197 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
< End of report >
Bonjour,
A voir également:
- Virus "BUNDESPOLIZEI"
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Undisclosed-recipients virus - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Virus informatique - Guide
1 réponse
Salut,
Relance OTL.
o sous Personnalisation, copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction, un rapport apparraitra, copie/colle le contenu ici:
:OTL
[2011/12/10 15:49:11 | 000,196,608 | ---- | C] (Packard Bell BV) -- C:\Documents and Settings\pujofamille\Application Data\mahmud.exe
:reg
[HKLM\SOFTWARE_ON_C\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="explorer.exe"
* redemarre le pc sous windows et poste le rapport ici
Ca doit être bon..
Mais bon t'as Ramnit qui est un virus..
Plus d'autres m*rdes style Bandoo..
Bref avec Ramnit vaut mieux formater...
Ton PC est pourri.
SHUT THE F*C*K UP, WE HAVE OTHER SONGS TOO !!
Relance OTL.
o sous Personnalisation, copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction, un rapport apparraitra, copie/colle le contenu ici:
:OTL
[2011/12/10 15:49:11 | 000,196,608 | ---- | C] (Packard Bell BV) -- C:\Documents and Settings\pujofamille\Application Data\mahmud.exe
:reg
[HKLM\SOFTWARE_ON_C\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="explorer.exe"
* redemarre le pc sous windows et poste le rapport ici
Ca doit être bon..
Mais bon t'as Ramnit qui est un virus..
Plus d'autres m*rdes style Bandoo..
Bref avec Ramnit vaut mieux formater...
Ton PC est pourri.
SHUT THE F*C*K UP, WE HAVE OTHER SONGS TOO !!
